(Disclaimer: I'm CEO of Armory)

@ Martin Sip "....this is one of many TREZOR's original innovations"

That's far from an "original innovation". Armory offline wallets have done exactly what you just described for 2 years, long before Trezor came out. I even proposed a protocol fix 1.5 years ago to make this issue go away and make it easier for wallets to achieve similar security with far simpler logic: https://bitcointalk.org/ind...

Seriously, how can anyone write an article about Bitcoin wallet security and not mention Armory? You don't have to interview me/us, but you should at least put a mention in there about the security-focued Bitcoin wallet featured on bitcoin.org. It has consistently innovated security features like cold storage, multi-wallet management, and multi-sig ("Lockboxes").

Armory is an advanced tool, primarily for experts and enterprise users holding large quantities of money. Just because it's not focused on consumers doesn't mean it should be ommitted from an article about Bitcoin security. In fact, I think one of the big innovations for wallet security will be at the enterprise level, so that less-patient users can store their BTC with *insured* third-parties. Without insurance, storing large amounts of money with third-parties is too risky (Gox?), and without proper security, none of them will get insured. But that's all going to change. Armory's cold-multisig interface is a good start.

I completely agree that Armory should be mentioned by this article!

We junkies all appreciate Armory.... Fact is, very few have knowledge of it. People need to be aware of Armory before they can use it!
Why not submit an article here and start an ad campaign?
I'm hoping for development of a portable paper wallet generator myself.

Do you mean a paper wallet printer? Perhaps this might be of use. http://cryptographi.com/

I'd take it as a complement; no talk of evolving for Armory because you evolved long ago!

it does appear that the people here, (at this site) do not really pay that much attention to what is going on.

Thanks for your comments, Alan, however indignant. Incidentally, I've also been publicly called out for not mentioning enterprise HSMs, either. I didn't mention or approach Armory because this article focused more on consumer wallets, as evidenced by the statement that users may not be keeping up with the technology available to them.

I can envisage an article about enterprise-level security in the bitcoin space, especially given some of the institutional thefts that we've seen in the past.

I generally find that a polite comment calling for a new article on a specific subject is far more constructive than any amount of public huffing and puffing.

"Hardware wallets are a great advancement over web and desktop wallets, however the current generation still has to trust a host system for block chain data and payment addresses. It will be great once hardware wallets can run SPV verification and payment protocol validation on the secure device."

This is not necessarily true. TREZOR is actually doing local SPV, i.e. checking the validity of input transaction hashes against amounts. Note that this is one of many TREZOR's original innovations. Currently, there is no known attack against such a validation.

Phishing of payment address should be solved by 2nd channel verification (like SMS) or Bitcoin Payment Protocol (BIP 70), which will be supported by TREZOR in near future.

"Deterministic wallets create addresses using a simple multi-word phrase, randomly created by the user."

This is not necessarily true and a dangerous concept to promote. Using a multi-word phrase created by the user to generate a root key goes against the best security practices. Most users underestimate the necessary length of multi-word phrase to generate a secure root address. Any attacker can use the block chain do a brute force search on all root keys for a particular piece of wallet software. That means if you make a poor selection of phrase for your root key, eventually somebody out there will find it and take your bitcoins.

users arguss is a shill for the banks.... check out the way he trolls every single news article on this site. Its as if his full time job is to shill on here..... Either that or he has a major case of butthurt

All this and I still prefer paper wallets.

ok we have wallet security, when do we get price security, or value security?

It comes with liquidity and liquidity will come with the remmitance market, I believe.

So many wallets, what can you do to pump the sagging BTC price.. I know! produce yet another wallet.
So many wallets, so many empty wallets.

Trolls gonna troll.

Creating new wallets is not going to 'pump' the BTC price, that's a daft assertion. Surely having lots of people creating different wallets is a good thing? It creates competition (a good thing) and it also encourages innovation (also a good thing).