Trezor One Attacked by NPM Vulnerabilities? Time to Ditch It? \ stacker news ~bitcoin

pull down to refresh

Trezor One Attacked by NPM Vulnerabilities? Time to Ditch It?

0 sats \ 7 comments \ @spiderman 7h bitcoin

Just read about the NPM supply chain attack on Bitcoin wallets, and unfortunately, I have the bulk of my coins in a Trezor one (whose accompanying suite uses Javascript).

I assume so long as my trezor one is not connected to the internet, it is safe? But, is the company (Trezor) likely to upgrade its suite and firmware to solve the problem? Or is it wise to ditch my Trezor and move on to a different cold wallet (and what would your recommendation be)?

view all related items

0 sats \ 6 replies \ @DarthCoin 5h

If you use it with sparrow and not with their shity software you are ok.

IMHO all hardware wallets are just useless fancy toys. You better make your own: https://darth-coin.github.io/wallets/tails-hodl-cold-wallet-en.html

10 sats \ 1 reply \ @spiderman OP 4h

Hey, I was going through this.

You know what? I have a HODL wallet (Trezor), a cache (on-chain Blockstream green, which I also use to swap in to Lightning) and a Spending wallet (Lightning, Blockstream green).

Does it make sense?

0 sats \ 0 replies \ @DarthCoin 4h

yes 👍

0 sats \ 3 replies \ @spiderman OP 4h

This method IT IS NOT for those very new to this technology and are not so techy. For those I recommend to just buy a hardware wallet and forget about this method.

Your own post says it.

0 sats \ 2 replies \ @DarthCoin 4h

yes, "for those non-techy", that means they have less neurons...

0 sats \ 1 reply \ @spiderman OP 4h

You are really entertaining, LoL

0 sats \ 0 replies \ @DarthCoin 3h

sometimes you have to tell the truth in a funny way so people will get it more easily