Yes, but it doesn't mean they know your personal info; you might also have asked a friend to buy the device. It's long time I don't use ledger live, using the device through metamask.
Interesting take. Is there any information you can share now about how your solution differs in terms of hardware and software?GrapheneOS and its predecessor CopperheadOS are AOSP derivatives.
CalyxOS is a fork of LineageOS.
Our further comments are impartial even though we have a business involved with tailor made closed source secure O/S and application ecosystem development.
We are not going to discuss security of AOSP and it's derivatives vs iOS vs Ubuntu touch and similar.
Security is a result of preferences - a choices and decisions. Regarding O/S development, we must differ original contributions vs simple changes of present code and rebranding those.
GrapheneOS advertizes certain features as comparative advantages
GrapheneOS features overview
Overview of GrapheneOS features differentiating it from the Android Open Source Project (AOSP).grapheneos.org
We'll offer an analysis for a glimpse.
The password maximum lenght is an arbitrary value in AOSP source code with default
MAX_PASSWORD_LENGTH = 16
The number 16 can be changed to any other value, up to the maximum value for a 32-bit signed integer which is 2.147.483.647.
The default number of user profiles is 4 in AOSP, where GrapheneOS simply changes that arbitrary value in "default.xml" and "config.xml" in source code with 32.
The encryption is an AOSP default, FBE (file based encryption) with identical cryptographic primitives.
Regarding sandboxing, there is no difference between AOSP, LineageOS or other derivates compared to GrapheneOS. By installing Google application ecosystem on GrapheneOS in advertized sandboxed manner, the end user defeats the purpose of his original intent to use supposedly O/S that offers security and privacy.
By changing Google's services and servers for location, the end user simply switches one dependancy for another.
As we test every competitor's product on forensic platforms both our in-house and commercial ones such as Cellebrite, we know from which vendors and commercial or open source O/S platforms is possible to perform (forensic) data acquisition.
Quite unfortunately, it is possible to compromise GrapheneOS, CalyxOS and LineageOS platform with spyware and perform separate data extraction. We assume that specific set of both vendor and user preferences downgrades effective security.
We'll offer selected resources regarding security, privacy and anonymity in time to come.
How old is the bank you're using and when was the last time there was a leak? Your hypothetical scenarios are just that, hypothetical. Can you be less paranoid please? If the accountant you're dealing with needs to sell your information then try hiring someone who doesn't sell themselves through Craigs List (?). And yes, I am sure my name does not show up on any tool, including those of Arkham Intelligence, there's a limit to how intelligent intelligence can be.
There's nothing paranoid in checking points of failure... a crypto holder is actually sleeping with his money under the mattress.
This is just you exposing that you don't understand crypto, theres no "accountant" lurking in your self hosted wallet.
Sleep with one eye opened if you are sure that someone knows your millionaire self hosted wallet's address and where you live (maybe the accountant is a good guy, but what about the random IT consultants who maintain his databases containing your info? Just to make an example).
www.bbc.com
And how are you going to explain to the crypto-bank about the first deposit on your newly created wallet when you need to cash out?
I do not get your made up scenario, is it that your own accountant would go behind your back and sell your info? Because thats the only guy that would realistically have that info, the wallet providers themselves do not and your keys are generated locally. Then I don't see what your concern is and its not really a problem with crypto itself, he could just as well leak your other investments.Sleep with one eye opened if you are sure that someone knows your millionaire self hosted wallet's address and where you live (maybe the accountant is a good guy, but what about the random IT consultants who maintain his databases containing your info? Just to make an example).
Man convicted after cryptocurrency robbery
Police say they traced up to £1.2m worth of Bitcoin to John Ross-D'Alfonso's account.
And how are you going to explain to the crypto-bank about the first deposit on your newly created wallet when you need to cash out?
I see Monero as a source of troubles.
Not interested in anonymity but privacy: two different concepts.
The average Joe knows I have a bank account but he can't see what's in it; but Joe can see what's in my crypto-wallet once he knows the address.
Exactly! 100% this!
Be careful who you interact with! If they tell you to STOP being paranoid and drop your guard, they want you to get knocked out, lose the fight, and lose your purse! (Boxing euphemism)
What did I say that can be interpreted as entrapment? Nothing I've said is illegal to doExactly! 100% this!
PS. All of a sudden, we're getting newly formed users who are acting like Agent Provocateurs
Based on my past personal experience being the IT guy for almost two decades with "the real criminals who wear badges," this is EXACTLY their Modus Operandi!
Caveat Emptor!
I don't mean accountants are bad guys, but they might have weak IT security policies and no knowledge at all of crypto and blockchain: that might be a problem, because the client manages the crypto himself.
No, nobody is going to break into your house in the middle of the night if, for example, they know you have 1 million on your bank account, because the bank doesn't permit you to move all of your money at will.
Ok, I see.
I'm not denying that accountants, bank managers, people working at the tax office can go rogue or get compromised, I just don't agree that its cryptos fault.
And I get your theory now somewhat too, but I'm certain that most if not all told the wrong people that they're rich (hell some even do it on social media) or had a public crypto company and so on, atleast thats what I've seen. I guess you can file your own taxes or become a resident somewhere with no CGT to avoid the scenario you're thinking of but I wouldn't worry about it too much.
Really good reading and people should have a look at it.I am convinced everybody should peruse Jameson Lopp's security wisdom:
Known Physical Bitcoin Attacks. A list of known attacks against Bitcoin / crypto asset owning entities that occurred in *meatspace*. NOTE: this list is not comprehensive; many attacks are not publicly reported.
