Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 140. (Read 966173 times)

Ahem, unless the browser only replaces the address when the amount is large enough, only when it is being used for the seonc time in N minutes...

(I assumed that the destination address(es) of every transaction to be signed by the Trezor were always displayed on the Trezor window, so that the client could check them independently of the computer and confirm with one of the two buttons.  I understand from the comment above that this is not always done, is that it?)

I'm still a newbie with my trezor.

Can anyone link me or write a guide on how to use electrum with trezor? File > New/Restore > existing wallet doesnt work for me. It asks for a seed. I'm on Ubuntu 14.04 (but i have mac and windows) and I'm using the latest github update.

Thanks in Advance.

I always do this when I am sending large amounts anyways.   I could be overly neurotic, but I always send just a tiny amount before sending any larger transactions...just to make sure that everything is good...

Yes, they are working on it. I proposed this to them back in May. Meanwhile you can send small amount first and confirm with the receiver that he has received this small amount before sending the rest of the money. You will pay fee (which is quite small anyway) twice, but you will be safe from browser replacing BTC addresses.

Yes, i am agree too but i have one question to stick/slush but they ignore it regulary

I am about fishing changing of addresses for receiving:

https://bitcointalksearch.org/topic/m.8437648

My browser can be affected by virus, but the target is not mytrezor.com may be for example but there could be simple software for changing any Bitcoin address in page (DOM structure) to scam (fishing) address.
What can i do now if this software will appear?

Can stick/slush to add checking option to show current receiving address not only in computer but in the Trezor's screen too and this receiving address should be sent by client software through BIP44 path from computer to the Trezor (the Trezor should simple calculate address by sent BIP44 path from computer)?
It will be ideal solution.
It's my third repeating of this question here. How times should i repeat for attention of developers

But this software will be if Bitcoin will be popular.
This software can be installed hidden in any popular plugin of browser and etc.

Did you think about this?

P.S. Now i use BTCReceive and i imported there xpub key of my Trezor account. I check every address showed to me from myTrezor.com
BUT xpub key to be showed only by browser so i cannot trust by this info too. The xpub key can be easy changed by malware software by scam xpub
How do you think - it's easy to do or not? I think it can be made by super easy! One world, one payment details, one type of money address -> the ideal world for address change fishing.

It would be cool if the trezor web wallet could be updated so that you can also see the wallets balance in USD or Pounds, or Pesos, or whatever your local fiat currency is...

Yes, sorry from me too.

Indeed, sorry.

This is all kind of off-topic I think.

Indeed it is all a matter of degree.  But, for example, there are many people trying to convince people to invest in bitcoin as a hedge against inflation.  No rational analysis could justify that, even in countries like Argentina.  There are plenty of investments that will compensate for inflation and are fairly likely to survive a finacial/monetary crash.  No one knows what will be the price of bitcoin next month, nor how it would behave in a global economic crisis.


I am rooting for the failure of MANY bitcoin companies, because they are, at the very least, misleading customers.  All bitcoin investment funds are in this list.  I used to think that mining companies and makers of mining equipment were  honest -- just making a product that people wanted to buy -- but now I see that several of them are flat-out scams.  Ditto for certain bitcoin exchanges, perhaps all of them.

ALL investing is gambling in a lottery with unknown odds and payoffs.  There are scientific measures of volatility and associated risks, and these are priced in appropriately by the market.

On the other topic, your say you are rooting for bitcoin company failures.  Why? Do you think bitcoin is inherently dangerous for society?  I don't get it.

edit: typo

Just tried to connect my TREZOR to my laptop.

"Device could not be opened. Make sure you don't have myTREZOR running in another tab or browser window!"

Any idea how to solve this? Obviously I only have 1 tab opened. I tried restarting and tried all 3 browers....

I am using a new cable with USB 2.0 and running on a powered USB hub.

Same setup works correctly on my normal PC

start small and play with the trezor. try moving bitcoins between different addresses on it or between seperately password-encrypted wallets on it to become comfortable.

Im sure after a week of use you will know its safe for all your bitcoin storage. Ive got about 10% of mine on it now and am confident enough to move the rest over when i get a chance to sweep the keys from my unsecured paper wallets (no password, so theft protection of them is a concern right now)

The trezor works with electrum and soon many more wallets.

Is it a smart option to move all my bitcoins to trezor?

What happens if mytrezor.com gets shut down or something? How do I access my bitcoins then?

I wouldn't send you Bitcoin if you did not have a Trezor, to protect you from thiefs and hackers. Also, I was talking about a hypothetical situation when Bitcoin would be adopted worldwide. If that is the case, price would not be that volatile. But, that would never happen if there are no guys developing such a great product like Trezor. The wide adoption would not happen today or next week. The Bitcoin will see a couple of price drops before that happens, so your warnings for investors are quite accurate. The point is, you should not dismiss the technology and the BTC as a payment method, because it's not going away.

Summary for new readers:

The trezor is brilliant.

The most secure solution.

The most practical solution.

Easy to back up.

No need for a separate, airgapped computer.

The hierarchical deterministic wallet is brilliant.


Operational problems: You need a good USB-port to operate it. If you have problems, try another port.

Take a look at buytrezor.com -- we already learned and pegged the price in dollars. :-)

An if you were not scolding me for things that you say I would do if I had not avoided to do them, you would be killing baby seals with a railroad share to make leg warmers for your pet unicorn.  What a shame. 


You are welcome.


If you were to send me some bitcoin, I may get 75% of what you spent to buy it a week ago, and it may get stolen by a hacker or a trojan in my computer, unless i get a second computer just to handle it; and if it gets stolen or sent to the wrong address, nothing can be done, it is lost.  Can't you see why people are not rushing to use bitcoin now?

If the device was simpler than it is now, you would have the same comment and ask it to be simpler. You were expecting it to have hundreds of thousands of lines of code, while it has 20k. And your proposition is to make it simpler.
Similarly, if the case was harder to fake, you would again suggest to make it even harder to fake, because there is no unfakeable case. These comments are not helping.
The third and the last proposition about a firmware. When you want to flush it, you need to boot the device into firmware flushing mode (with both buttons pressed when plugging it into computer). It's not possible to hacker flush it whenever he wants. You need to continuously plug it in in special mode and confirm the firmware signature on the screen. User can decide never to update his firmware. In that case you may consider it "read-only".

Since all your improvement propositions were addresses and you warned us about the unfixable ones, then I believe your mission is done here. Thanks.

PS: Investing in any currency is "gambling in a lottery with unknown odds and payoffs" because currencies are not backed by anything these days. Some are more volatile, some are less volatile. Everybody knows that. I'm not "investing" into it myself, but I believe that the technology is extremely interesting and would make for a extremely good payment system if adopted worldwide. Please note the difference between "investment" and "payment system". The thing is that today, in the internet age, if I wanted to send you some brazilian reals for your valuable insight about how to improve this product, it would take at least a week for you to receive it and you would receive at most 95% of the value I sent you. Do you consider the existing payment system optimal? Can't you see some benefits in Bitcoin now?