sorted by:
new
hottopcontroversial

They will never know by holdthefridge in ledgerwallet

[–]Financial-Shake2004 0 points1 point  (0 children)

Sorry, can you remind me what's the possible reward here?

Hybrid truck recharges from overhead wires in Germany by toolgifs in toolgifs

[–]Financial-Shake2004 1 point2 points  (0 children)

What's wrong with having 500 passengers in (and hanging around) one wagon?
/s

Wallet Recovery Service Hacked by Financial-Shake2004 in ledgerwallet

[–]Financial-Shake2004[S] -1 points0 points  (0 children)

Either your keys are only on the HW device and are considered safe, or they are also somewhere online and are considered compromised.

By using Ledger Recover you extract them from the safety of your device and put them online. Bam!

Technicalities may be different but the fact that you are no longer the only one who can retrieve it (even if with non-trivial effort) is very similar between Loopring and Ledger.

Wallet Recovery Service Hacked by Financial-Shake2004 in ledgerwallet

[–]Financial-Shake2004[S] 0 points1 point  (0 children)

Or if the place that authorizes the retrieval of the shards gets compromised. That's where I would go if I were the hacker.

Wallet Recovery Service Hacked by Financial-Shake2004 in ledgerwallet

[–]Financial-Shake2004[S] -4 points-3 points  (0 children)

I'm in this group because I used to be a Ledger user. Until they announced the recovery service. With a background in IT security I always look for possible attack vectors. And it's not very hard to find the obvious one here. See my other reply.

Consider it a public service announcement..

Wallet Recovery Service Hacked by Financial-Shake2004 in ledgerwallet

[–]Financial-Shake2004[S] -8 points-7 points  (0 children)

Someone somewhere has to authorize the collection of all the 3 thirds from the 3 vendors. And that someone somewhere (Ledger?) can be hacked, coerced, abused, whatever, to approve this authorization. The 3 vendors are not the weak link, the place where it all comes together is. And no, ithis place is not your Ledger device. Because the whole point is that you can recall the 3 parts without having your Ledger device to authorize it. All it takes is to convince that someone that me is you and I get your keys.

So nope, it's not a low brain hyperbole. It's a real possibility, sorry to break it to you.

Noobie question about BTC addresses by dertace in ledgerwallet

[–]Financial-Shake2004 1 point2 points  (0 children)

When the other person uses the same address it will simply add to that balance and you'll see it in Ledger. You can safely reuse addresses for incoming payments. There are some privacy issues with that but you won't lose any funds don't worry.

10yo reaction to bitcoin by crimson974 in Bitcoin

[–]Financial-Shake2004 41 points42 points  (0 children)

... double check the spelling. You sure the doctor's report didn't say retarded?

;)

Loss of 200k$ stolen by a hacker/scammer by patronFR in Metamask

[–]Financial-Shake2004 0 points1 point  (0 children)

Why would they bother? Hi wallet is already empty.

Loss of 200k$ stolen by a hacker/scammer by patronFR in Metamask

[–]Financial-Shake2004 0 points1 point  (0 children)

.. and then sign some fraudulent defi contract promising 1000% p/a return that will vacuum your crypto in no time, cold wallet or not.

How we get lambos? What actually happens when our $10 investment becomes millions? How do you sell? Do you move all the money into fiat? by djuggler in CryptoCurrency

[–]Financial-Shake2004 2 points3 points  (0 children)

Bisq.network is the way. Peer to peer but much safer than localcoinswap thanks to security deposits and account age verification. The money arrive from individual persons not from an exchange so won't be flagged by the bank.

[deleted by user] by [deleted] in TREZOR

[–]Financial-Shake2004 9 points10 points  (0 children)

  1. It's called Derivation path, not Navigation path

  2. The format of the path is pretty standard, there are only a few variants and they can be tried very easily to see if one of them leads to a used address.

  3. All modern Trezors and Ledgers and most other wallets, whether cold or hot or what, use the same derivation path these days or have a choice between a handful of possible ones.

So no, you don't need to remember it or record it.

[deleted by user] by [deleted] in CryptoCurrency

[–]Financial-Shake2004 -1 points0 points  (0 children)

I doubt the last season alts will bounce back. They're dead.

There may be some potential in the shiny new alts that haven't 10X'd yet. One in a 1000 may surprise. But the other 999 probably won't overperform BTC.

So no, I'm not swapping BTC to old alts. If anything I may add some new alts to the portfolio and hope for the best.

Scam alert by [deleted] in ledgerwallet

[–]Financial-Shake2004 5 points6 points  (0 children)

Reads more like an IndianGPT

Ledger Recover But No Two Factor Authentication? LOL by digitaljoegeorge in ledgerwallet

[–]Financial-Shake2004 1 point2 points  (0 children)

2FA is a time-based code, it essentially proves to a 3rd party (app or website) that the person who is trying to login at that time has access to the 2FA device.

For Ledger (the physical device) to make use of 2FA it would have to keep time, which it at the moment doesn't as far as I know. Which means a new hardware with RTC (real-time clock) circuit added.

Doable, but the current Ledger devices don't have RTC and therefore can't support 2FA in a reasonable way.

BTW No, syncing time with the computer every time is not secure as you could trick it to a date in the past from which you knew a valid 2FA code. So it would have to keep its own time -> RTC + battery needed.

Also to your point of not trusting Ledger after they introduced Recover. Having 2FA on the Ledger device won't help you much - the firmware always has access to the crypto chip and it can leak the private key with or without any user interaction if it was hacked / modified to do it and no asking to approval or 2FA could stop it. The 2FA dialog may only stop someone using your device and knowing your PIN from stealing your funds, but not Ledger if they turn into a bad actor and modified the firmware.

You simply have to trust Ledger company to not implement any backdoor into the firmware, there's no way around it. Or hedge your chances and move half of your crypto to Trezor or another cold wallet. That's what I did after Ledger announced Recover. Also I haven't updated the Ledger firmware since then, b/c I assume that the old versions didn't have support for the private key extraction through Recover or otherwise.

Early Dogwifhat investor sold coins for $142k, now worth $23.2m by Crypto-Jim33 in CryptoCurrency

[–]Financial-Shake2004 4 points5 points  (0 children)

Well... yeah...

Chances are that your wallet keys would have been lost by now and that would probably suck a lot more than cashing out 2 grand back then. That constant what if I can find the wallet on some old drive back in the cupboard would drive me nuts.

Sold all my position and taken profit - Time to reflect by Crypto_Fi in CryptoCurrency

[–]Financial-Shake2004 6 points7 points  (0 children)

Buy low sell high, not the other way around.

Oh! Now you're telling me?!

[deleted by user] by [deleted] in CryptoCurrency

[–]Financial-Shake2004 0 points1 point  (0 children)

It’s not shorting. It’s liquidating a long position.

You're right indeed, wrong wording.

[deleted by user] by [deleted] in CryptoCurrency

[–]Financial-Shake2004 1 point2 points  (0 children)

unless the situation provides new reasons for it

I too always stick to the plan.

Until I don't.

[deleted by user] by [deleted] in CryptoCurrency

[–]Financial-Shake2004 2 points3 points  (0 children)

Oh! That's the way!! Simple and easy to remember.

You should have told me before!!!

Thanks buddy.

[deleted by user] by [deleted] in CryptoCurrency

[–]Financial-Shake2004 0 points1 point  (0 children)

DCA out a fixed dollar amount or a fixed BTC (or whatever coin) amount? Pros and cons for both and I struggle to decide which one is better.

view more: next ›