Although you need to spend some time setting up + , it still feels good not to use a corporate solution by () with some components.

If you own some , it's a good idea to have a computer under + separate your wallets from the host with .

@TheFuzzStone Do you use Qubes? Because if you run your wallets in a VM and do everything else on the host, your host can get compromised and then virtualization won't help a lot 😉

@gandalf86, No, I don't use Qubes. I use the virtual machine's encrypted images when I need to perform some transaction.

I keep small amounts on Android. I have a couple of wallets that I use on Android that I don't use anywhere else.

I even have a mnemonic phrase generated in 2016 on Android in Mycelium wallet. This kind of test with a couple of bucks in it, but I keep importing that phrase every time I buy a new phone.

@TheFuzzStone Ok that's fine, then you have data encryption at rest. I was just commenting on the "separate your wallets from the host" part ... because, if your host gets compromised, in the sense that an attacker can copy arbitrary data and sniff keyboard strokes, then having a VM running on that host won't help because the attacker will see the password when you type it in.


@gandalf86, with only my wallet password the attacker cannot steal my crypto. He needs to steal either the wallet file or the mnemonic phrase or private keys.

The mnemonic phrase/private keys are inserted only once into your wallet to restore it.

I've been in the crypto community since 2015, and I've never lost a dime because I always use only software. It's not magic, it's . 🙂

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.