[venaoy]

Clearly you have no idea how secure or tamper resistant chip technology works. To prevent such brute force approaches, they are designed to limit the maximum number of attempts, before they permanently disable themselves, which prevents you from trying all combinations.

As to liability, I have pointed out in this HN thread multiple instances where customers are in fact held liable (60-day rule, stolen PIN).

[sanswork]

What happens if I forget my pin then?

Your 1 example requires the person to not check their statement for 2 months. That means there is a 2 month safety window. Do you have numbers on how many people actually have that problem vs the numbers for the ones it works fine for? I would put money on the former being less than a hundredth of a percent

Your second one has been debunked where you originally posted it

[venaoy]

> Your second one has been debunked where you originally posted it

Uh no. I gave sources to prove it: https://news.ycombinator.com/item?id=8920067

> What happens if I forget my pin then?

It could be handled the same way as when you forget your credit card PIN. Contact the company who sold you the hardware wallet and who verified your identity when you purchased it, and they could reset it: each wallet could have a rescue passcode that only the company knows. You see, Bitcoin is flexible enough that it lets us develop whatever infrastructure we want on top of it. Even though this service does not exist yet, if it is something people want it will likely be created.

So if your friend Bob wants no one to know his rescue passcode or his identity for ideological reasons then he would himself be responsible for safeguarding the rescue passcode. But if you, sanswork, don't trust yourself to memorize the passcode, buy a hardware wallet from such a company. Either way, you or Bob have a choice of having a wallet work the way you want it to work.

> Your 1 example requires the person to not check their statement for 2 months.

Not necessarily. There are other tactics that scammers use to defeat chargeback protections. For instance they will delay the shipment after you purchase. They will claim multi-weeks long delays due to depleted warehouse stocks. They will ship to a "wrong" address. They will ship the "wrong" item and take time to re-ship the correct one. During all this time they will be all nice and apologetic to make it look like these are simple honest mistakes. After the 60-day limit passes, they cut contact with you, you realize it's a scam, you try to charge back, and you realize you can't! You were not aware of the 60-day limit. The scammers have your money. You are screwed.