Sort:  

I don't know, but probably it would be a good idea to not use hardware wallets that automatically download software from the internet.

Some hardware wallets have auto-update feature where they regularly download new firmware to the device, this is a huge security flaw.

I'd rather use hardware wallets that just offer you a software wallet which communicates with the hardware wallet, but nothing is downloaded into the hadware wallet.

Basically a read-only hardware wallet. Because we don't want any form of new software being added to the hardware wallet. Whereas the software wallet on the PC can be updated regularly, and a malware infection there doesn't expose the private keys from the hardware walet.

please be more specific.
name names.

Well for example the way I understand Trezor downloads firmware updates to the device, signed by the team with their signing key.

Now if that key were to be shared with the government like how they do in the UK:

Then the government can just easily backdoor that device, and possibly apply civil asset forfeiture even from hardware wallets.


So the hardware wallet must be read only. I don't know which one works like that, I haven't looked into them that deeply yet:

I think this one is decent:

But do your own research, it all depends on the random number generator, and I don't know whether that chip that they use is secure or not.

I have no more idea of the technical aspects than I would the technical aspect of neurosurgery.
that one looks fairly easy...cheap too...and they take bitcoin in payment?

Well I would say it's reasonably safe if used properly, there was also another hardware wallet I don't remember it's name that was also pretty decent, it doesn't just stored the coins safely but it also anonymized it, I don't remember it's name.

my greatest fear is to lock myself out.
too secure.

Then keep backups in secure hidden places that nobody knows about. There are many way to organize a secure storage of some coins, with multiple layers of backups. You just need to be creative.

You don't need hardware wallets at all. Simply create a set of paper wallets (each is a address-key pair) and charge each one with a small amount of coins. If you want to spend something, sweep one of them into a regular wallet like electrum. Since you charge only a fraction of your coins into one key, only this one fraction is at risk at once.