Hardware wallets are generally accepted as the most secure means available to the common public for storing Bitcoin and other cryptocurrencies. These hardware wallets are essentially physical wallets which can be carried around by users on a hardware device akin to a USB drive or external hard disk drive.
Hardware wallets minimise the chances of the private keys being accidentally exposed or compromised by malware on a personal computer or mobile phone. This has become increasingly important after the Spectre and Meltdown vulnerabilities of modern computer chips were made known to the public early this year.
But are hardware wallets really fail-safe?
Not according to a 15-year-old programmer who claims to have discovered a number of vulnerabilities in the Ledger Nano S in November 2017. Ledger CEO Eric Larchevêque seems to have conceded as much while asserting that Ledger had not received any reports of their hardware wallets being compromised as a result of these vulnerabilities.
“All systems have vulnerabilities,” said Larchevêque. “That’s part of the life of any security system. It’s a game of cat and mouse.”
“No one was compromised that we know of,” he said. “We have no knowledge that any device was affected.”
While that may be the case, it does not mean that hardware wallets cannot be compromised, only that the Ledger team has no knowledge of it.
A few months ago, a user lost $34,000 worth of Bitcoin after purchasing a Nano Ledger hardware wallet that had been modified by an unscrupulous reseller. Even before that, in March 2017, a glitch was discovered in Trezor and Keepkey hardware wallets which allowed hackers to obtain the seed code, PIN, and device label as long as they had physical access to the wallet. A new firmware update (version 1.5.2) was released to fix this glitch. Always ensure your hardware wallet is updated to the latest firmware version to prevent potential exploitation of known vulnerabilities or glitches.
So if you are using a hardware wallet, what does this mean?
It means that hardware wallets are no safer or riskier than paper wallets or software wallets. The security of your private keys and your funds are solely your responsibility. If you have never used a hardware wallet before, do your own research. If it is your first time purchasing a hardware wallet or if it had been a gift, you might want to ensure that it hasn't been compromised in any way before entrusting your life savings to it.
As always, stay safe.
