Our only URLs are

All other sites are scams – especially be wary of:

benumbs.cards & bennumb.cards & bennumbs.cards & benumb.cc & many more…

(it can be hard to notice the S and extra N if not careful.) 

Welcome to the real deal. 

Please bookmark this link — the other sites have simply copy/pasted our html and don’t actually have any cards to sell. 

They can be easy to fall for if you aren’t cautious!

13 thoughts on “How protected is Ledger/Trezor actually?”

  1. >I know they’re considered cold storage, but aren’t they technically a service that must be relied on?

    No, there is no “service”. The Ledger/Trezor companies can go tits up and your device will continue working.

    Remember that the software like Ledger Live is just one of many software interfaces that are able to communicate with the hardware.

    The sole purpose of the hardware is to store the private key in a way that it cant be retrieved again and allow you to use that key on devices that are compromised without actually compromising the key itself (something regular software wallets alone cant do).

    If you didnt want to use the hardware then you can risk your security and put that private key into any BIP compatible software wallet and use that to move all your crypto without the hardware wallet.

  2. The ones with Bluetooth some people are saying is a hardware vector for loss.

    Other factors are that they use an interface and probably a lookup backend website just to calculate price of the tokens to measure your balance.

    Outside of that, no they’re safe, even if the above was true that their backend goes down and it says you have “0.7 BTC = $0” because it’s erroring on looking up the price, the coins are stored with the seed, and you can just go to another hardware wallet or pop the phrase in a software wallet (with proper verification on it being trusted and secure) and continue on as if nothing happened. They as a company don’t HAVE access to your funds or phrase or keys, it’s just a viewing window and an approve/deny tool.

  3. SW wallets can be hacked remotely, e.g., software update or downloading malicious SW. HW wallets require physical possession in order to be hacked. In both cases keys are saved on paper or other medium.

  4. The devices are fine, they are essentially just signing devices that keep your keys offline. What is problematic is the software they come with, or the web interface, as that uses their node and you leak data to them (and you are also relying on their service).

    What you can do is to use one or more of this hardware wallets with your own node and a software like specter-desktop ([https://github.com/cryptoadvance/specter-desktop](https://github.com/cryptoadvance/specter-desktop)) on top. This way you are completely self sufficient.

    This is also available on things like raspiblitz.

  5. Don’t get a Ledger or a Trezor, get a Coldcard for your signing device and use Sparrow software “wallet”. Create and back up your ordered mnemonic phrase safely and securely, non-digitally. Look into BIP39 passphrases and BIP85 indexes as well. Run your own node over tor and apply the corresponding server settings to Sparrow before importing any keys from the cc. Be free and private.

  6. I would be careful I have lost lots of tokens trying to transfer to ledger make sure you understand before trying to transfer or your coins will end up floating around in a black hole like many of mine have ended up 🙁

  7. Ledger and Trezor are probably way more secure than any Software wallet (as long as you’re not an absolute cyber security expert who knows how to implement some very secure, dedicated, airgapped system but that’s likely not the case). Nonetheless, they are not perfect. The Trezor devices (if i’m correct) dont have secure elements, Ledger devices are not open source design. If you want more peace of mind, there are (imho) better hardware wallets out there, like the Coldcard by Coinkite and also the BitBox by ShiftCrypto. They both are very well designed, open source and have many good features, especially the Coldcard.


Leave a Comment