Author

Topic: [2018-01-05] Hardware Bitcoin Wallets Not Vulnerable to Spectre Attacks, Funds S (Read 109 times)

legendary
Activity: 2016
Merit: 1107
in what world would they be vulnerable?
they do not have a CPU,come on,people will write articles about anything these days
hey,we discovered that our neighbour's dog is not vulnerable to DDOS and my laptop can't get AIDS
legendary
Activity: 1232
Merit: 1091
You are more likely to have malware steal your coins.

Yes. Paper waller holders in that regard will have far more things to worry about when it comes to importing private keys. As long as they remain offline, they are all safe from external threats, but once people plan to sell or just move them, things get more risky. I have a Trezor myself for quite a long time, and it feels pretty good that even when my system is infected with malware, that I am basically still not exposed to that risk. I plan to get a Nano Ledger S in as well, to spread out my cold wallet holdings a bit more. I don't want to keep everything in just one centered place, which for me is the case right now.
legendary
Activity: 1918
Merit: 1012
★Nitrogensports.eu★
Why need they say that? It is obvious that they don't, they do not have a chip, But you will still need to use a computer if you want to move coins and that computer is vulnerable.

It is because there is a lot of FUD going around, and they would like to clear the air. Although these are worrisome bugs, they are difficult to exploit and no documented instances of exploits has come to light. So worrying about whether your bitcoins are likely to be stolen due to these bugs is a bit extreme. You are more likely to have malware steal your coins.
hero member
Activity: 672
Merit: 526
Why need they say that? It is obvious that they don't, they do not have a chip, But you will still need to use a computer if you want to move coins and that computer is vulnerable.
legendary
Activity: 2310
Merit: 1422
Feels good to own a ledger nano s these days. Thanks for sharing
copper member
Activity: 658
Merit: 284
Hardware Bitcoin Wallets Not Vulnerable to Spectre Attacks, Funds Safe



Trezor
and Ledger, two of the most widely utilized cryptocurrency hardware wallets, have reaffirmed that the recently discovered vulnerabilities on CPUs and the latest Spectre attacks have not affected hardware cryptocurrency wallets.


Hardware wallets not vulnerable

As Cointelegraph previously reported, Pavol Rusnak, the chief technical officer at Satoshi Labs, the parent company of Trezor, wrote:

    “As more people are asking: @TREZOR is not vulnerable to recent Meltdown and Spectre hardware attacks, because it has processor not affected by these. Also our firmware is always signed, so the device never runs untrusted code. Using a hardware wallet is now more important than ever.”

Rusnak emphasized that users should rely on hardware wallets at this specific period of time, because Spectre attacks have drastically impacted the cloud services on which many cryptocurrency exchanges and wallet platforms operate. Earlier today, several cryptocurrency exchanges including Bittrex were taken offline due to the vulnerabilities found in Intel CPUs. These weaknesses affected Azure cloud services offered by Microsoft, and by extension, the exchanges hosted on Azure.

New York Times cybersecurity journalist Nicole Perlroth wrote:

    “Meltdown and Spectre show that it is possible for attackers to exploit these design flaws to access the entire memory contents of a machine. The most visceral attack scenario is an attacker who rents 5 minutes of time from an Amazon or Google or Microsoft cloud server and steals data from other customers renting space on that same cloud server.”

Safekeeping of funds

Hardware cryptocurrency wallet developers and Bitcoin experts have recommended users to move their funds from centralized online platforms to hardware wallets. Jonas Schnelli, a Bitcoin Core developer, stated:

    “The current privileged memory side channel attacks just confirms what many Bitcoin users already know. Don't trust your PC. Don't think applications (and private keys) are shielded. Use a hardware wallet.”

Unlike exchanges, hardware wallets are non-custodial wallets that allow users to remain in full control over their private keys. When users initialize their hardware wallet, they write down 12 - 24 words which comprise a backup for their seed. With this backup, even if the wallet platform gets hacked, users can obtain their funds and move them to another wallet or paper wallets.

But centralized trading platforms and wallets store private keys on behalf of their users. The result is a centralization of private keys, creating a significant security issue.


Don’t use wi-fi

The Ledger development team released a detailed blog post as to why hardware cryptocurrency wallets are not at risk due to Intel, AMD and ARM CPU vulnerabilities. The company wrote:

    “Ledger’s devices are not affected by these attacks. First of all, to exploit these flaws, the attacker has to be able to run arbitrary code. As long as you only use Ledger’s embedded apps (which is strongly recommended), your Nano S / Blue is not vulnerable to these kind of attacks.”

Most importantly, because any modern machine is affected by the Spectre vulnerabilities, it would be wise not to use Wi-Fi while sending and receiving cryptocurrencies.


Source: https://cointelegraph.com/news/hardware-bitcoin-wallets-not-vulnerable-to-spectre-attacks-funds-safe
Jump to: