I get this question at least twice a week, what do I think of xyz hardware wallet. From the nanos to just about every brand you can think of they all have a single goal, to keep your private key(s) off of your computer. So isn't that a good thing?

Overly complex

For most people the added stress of trying to configure their software wallet and hardware wallet for each coin is the main reason I find hardware wallets not very useful. If you learn to properly secure your private keys, the added benefits of all this complexity actually opens you up to more vulnerabilities.

In computer security, the goal is reducing the number of moving parts, reducing the amount of code running, reducing the levels involved, since each level of code and hardware CAN, not only have human errors in using them, but also introduce more chances that a bug exists! Every time you add more to a system it becomes harder to track problems, this is not an ideal solution..

Backups and recovery

You probably are saying by now, the ability to recover your keys is built into the hardware wallet. That being the case means you are now trusting the hardware vendor with your private keys instead of an exchange or your computer. Think about this, if you can recover your private keys from my server after loosing your device, are they really YOUR "PRIVATE" keys? The answer becomes no, you just are trusting the hardware wallet vendor instead of your exchange or another third party!

Expensive

I see hardware wallets that are hyped going for over $100 USD! This is insane! The fact that they are always sold out leads to a re-sale market which is even more inflated. The FUD spread to drive new users to purchase these devices is in itself a scam. VERY few people gain any REAL added security from a hardware wallet. Unless you are using multi-sig and really understand your hardware wallet is just one piece of the security, not the end all be all, you are just wasting your money!

Potential for backdoors

This is my personal favorite reason and why I use linux. I like to know what the software is and hardware is that I am using. I also like to be able to inspect that the vendor did not include a backdoor (to the best ability possible). Most of these hardware wallets are not open source and do not disclose their complete hardware configurations. The potential for a backdoor to be hidden in one of these devices is a very real possibility. A simple backdoor could either sign a transaction stealing your funds or just steal the private key all together! Either way a backdoor is the worse case scenario but a very real concern!

Potential for vulnerabilities

And the scariest of them all. If you have been paying any attention in the tech world you probably are aware of the Metldown and Spectre security flaws that have been discovered effecting nearly every cpu in the world!

Spectre affects Intel, AMD, and ARM processors, broadening its reach to include mobile phones, embedded devices, and pretty much anything with a chip in it. Which, of course, is everything from thermostats to baby monitors now.
...
Because Meltdown and Spectre are flaws at the architecture level, it doesn’t matter whether a computer or device is running Windows, OS X, Android, or something else — all software platforms are equally vulnerable.

• https://techcrunch.com/2018/01/03/kernel-panic-what-are-meltdown-and-spectre-the-bugs-affecting-nearly-every-computer-and-device/

Imagine what happens when EVERY hardware wallet using the same flawed design, storing billions of dollars of cryptocurrencies, all are exploited at the same time! Not because of a software flaw, not even because of a backdoor, but because of the chips themselves have a flaw! Worse yet, since this is a hardware flaw not a software bug, it is next to impossible to fix without buying new hardware!

While this all may still be theoretical, as no hardware wallets have been exploited to my understanding yet using a hardware flaw, it still is a very real potential. Remember this, a hardware wallet was supposed to make you sleep better at night, now you have to worry IT is the weak point and results in a loss of funds!

Where do I keep my private keys then!?

Short answer and the most cost effective is learn to use cold storage techniques such as Paper Wallets and/or offline air gaped computers.

A paper wallet does not run on a circuit or chip, it is exactly what it sounds like, a simple piece of paper that has your private key(s) written on to it. Generating this offline in a secure manner ensures no one can get access to your private key using the internet.

I will do a follow up article outlining my steps for securing cryptocurrencies. Simple, fast, and for under $1 you too can have peace of mind at night knowing your coins are safe from hackers!