With the end of the year 2018, we have got a new hardware wallets hacks in a crypto offline vaults!
We all thought that Ledger Nano S and Trezor were the safest offline wallets but...
WE WERE WRONG!!!
On the 35. of Chaos Computer Club Conference in Germany the experts got into testing and exposing potential dangers of mentioned hardware wallets.
They have tested 3 different vulnerability classes of popular hardware wallets Ledger Nano S and Trezor.
In all three cases, they were 100% successful.
Check for more details of vulnerability classes here - Wallet.fail.
The media like Coindesk and Cointelegraph are also reporting about the results of the hardware wallets testing.
LedgerHQ responded to the testing with a comment that attack on vulnerability class was not "practical" which is not a good argument because of the remaining attack on a vulnerability class. Crypto users usually buy hardware wallets to keep the private keys safe.
The fact is that the attack on vulnerability class remains and it not important if the attack is practical or not. Hackers of the cyberspace day and night search for vulnerabilities on software, OS and hardware on wallets.
The vulnerability on Trezor devices is more critical. The researchers of the test have discovered that device itself stores backup passwords “seed backup words” in RAM memory in completely "plain text".
This kind of vulnerability definitely causes concern in individuals who use mentioned devices and store private keys of their crypto savings.
It is good to know that they found an alternative to the problem.
One alternative in IT and crypto wallet security is a company named "RealSecurity". They are very serious with IT safety and take no compromise when it comes to info storage.
Their product is named BC Vault and it has not been hacked for now.
BC Vault is easy to use. It uses bigger display than other products in the crypto wallet space. So more information is available (addresses, wallet name, etc...).
Their goal is to use it as safekeeping, not for transactions. That is why this hardware wallet was named vault.
Their message on the device itself is affirmation type and it says:
“Wallets are for pocket money. Vaults are for safekeeping"
It is so safe that even computer with infected OS cannot harm BC Vault.
They use boast a feature that is called "FeRAM" which means ferroelectric RAM and stores private keys. They use it for more operations but the most significant of them is more write-erase cycles on device lifetime and also faster write speeds than flash memory.
BC Vault can stand the heat and is made for long term storage.
You can store your currencies on BC Vault at 35°C (95°F) for over 200 years. Now if that isn't safe...
When comes to seed backup words and private keys mentioned in Trezor's weakness BC Vault uses Anonymous Independently Generated Private Keys. It means that if you have more wallets on BC Vault there can't be any link between the wallets or keys.
Security is all. They use protection everywhere. Like password on the computer, PIN on BC Vault and also U2F (Universal 2nd Factor)
For more information about the BC Vault (about setup, use, and transfer of funds) check the link ==> BC Vault.
At the moment BC Vault supports most of the popular cryptocurrencies and more will be added with software upgrades according to RealSecurity.
Supported currencies with over 2,000 simultaneous wallets for:
- Ethereum Classic
- Bitcoin Cash
- Bitcoin Gold
- BINANCE COIN
- Dynamic Trading Rights
The company really believe in their BC Vault's security so they wrote this on the website:
Each and every BC Vault ships pre-loaded with a private key encrypted the exact same way as every other wallet on the device. This private key corresponds to a public address that owns 1.0 BTC. If you break the encryption on it, it's yours!
Cons of BC Vault:
- no XRP support (should come in 2019)
- the lack of mobile support (should come in 2019)
- strange screen display at times
Pros are above ;)
BC Vault will probably open many new possibilities to the competitors and can become much bigger than currently is...