[ESHOP launched] Trezor: Bitcoin hardware wallet - page 167.

JorgeStolfi

hero member

Activity: 910

Merit: 1003

Quote from: DannyElfman on August 05, 2014, 08:24:44 PM

It would be awesome, if one day trezor could additional to BTC transactions also handle all cards needed in your wallet. Credit cards, driverslicense (ok, thats a far stretch Wink

) , state issued ID , loyality store cards, giftcards ect. So instead of having to use multiple cards, RFID/NFD on the trezor is used for that.

Beware that the bigger the code, the more costly it is to validate, and the higher is the risk of an exploitable bug going undetected.

Does the processor inside the Trezor have some sort of memory protection, that would prevent some function from accessing data of an unrelated function?

Can the firmware modify itself?

DannyElfman

sr. member

Activity: 406

Merit: 250

Just discussed Trezor with a good friend of mine.

It would be awesome, if one day trezor could additional to BTC transactions also handle all cards needed in your wallet. Credit cards, driverslicense (ok, thats a far stretch Wink

) , state issued ID , loyality store cards, giftcards ect. So instead of having to use multiple cards, RFID/NFD on the trezor is used for that.

klondike_bar

legendary

Activity: 2128

Merit: 1005

ASIC Wannabe

Quote from: DannyElfman on August 05, 2014, 07:09:34 PM

Quote from: Anon136 on August 05, 2014, 06:31:14 PM

If someone finds your dollar bill laying around on the ground they can spend it. Dollar bills still work just fine. Dont give your trezor to anyone else, problem solved. If you lose it, oh well you only had 100 bucks on it or w/e is the analogue to what you might keep in your regular fiat holding wallet.

You see, here I disagree. Why would anyone buy a trezor for 120 bucks to only carry an average of 100 bucks around. Doesn't sound too practical tbh.

this is looking more to 5+ years from now. when an RFID trezor would be almost as cheap to produce as a creditcard is today.

Your wallet probably costs $25-75 but carries less than $80 in it most of the time. think of the trezor the same way - you might only carry $40 worth of BTC on it at a time, but dozens of times you can refill it with $40 over its lifespan

DannyElfman

sr. member

Activity: 406

Merit: 250

Quote from: kkurtmann on August 05, 2014, 07:47:05 PM

Quote from: DannyElfman on August 05, 2014, 07:09:34 PM

Quote from: Anon136 on August 05, 2014, 06:31:14 PM

If someone finds your dollar bill laying around on the ground they can spend it. Dollar bills still work just fine. Dont give your trezor to anyone else, problem solved. If you lose it, oh well you only had 100 bucks on it or w/e is the analogue to what you might keep in your regular fiat holding wallet.

You see, here I disagree. Why would anyone buy a trezor for 120 bucks to only carry an average of 100 bucks around. Doesn't sound too practical tbh.

you are correct. this is not the intended use I believe. if you lose it, your life savings are protected as good as you protect the seed.

To accomplish the use that anon136 proposes a simple phone app would suffice.

But he has a good point. What about this use case:

We have a trezor with RFID/any near field tech and can connect to our smartphone. Now we have a "hot"wallet on the phone for immediate expenses that can be funded by connecting the trezor and entering all needed security stuff. The amount on the trezor itself stays very well protected while the phone can be used at POS terminals and NFD/RFID terminals for small purchases.
For bigger purchases you could use your smartphone to directly send from your connected trezor to the vendor.

Should be possible right? Anything like that in the making?

Anon136

legendary

Activity: 1722

Merit: 1217

Quote from: DannyElfman on August 05, 2014, 07:09:34 PM

Quote from: Anon136 on August 05, 2014, 06:31:14 PM

If someone finds your dollar bill laying around on the ground they can spend it. Dollar bills still work just fine. Dont give your trezor to anyone else, problem solved. If you lose it, oh well you only had 100 bucks on it or w/e is the analogue to what you might keep in your regular fiat holding wallet.

You see, here I disagree. Why would anyone buy a trezor for 120 bucks to only carry an average of 100 bucks around. Doesn't sound too practical tbh.

Well not for 120 bucks but the free market drives down the price of everything. Someday these things will be in a little basket on the desk of companies free because they have a logo on the back. In intermediate stages between here and there the price will fall dramatically. In a year I bet they will be driven down to 1/4 of the price.

kkurtmann

sr. member

Activity: 475

Merit: 250

Quote from: DannyElfman on August 05, 2014, 07:09:34 PM

Quote from: Anon136 on August 05, 2014, 06:31:14 PM

If someone finds your dollar bill laying around on the ground they can spend it. Dollar bills still work just fine. Dont give your trezor to anyone else, problem solved. If you lose it, oh well you only had 100 bucks on it or w/e is the analogue to what you might keep in your regular fiat holding wallet.

You see, here I disagree. Why would anyone buy a trezor for 120 bucks to only carry an average of 100 bucks around. Doesn't sound too practical tbh.

you are correct. this is not the intended use I believe. if you lose it, your life savings are protected as good as you protect the seed.

DannyElfman

sr. member

Activity: 406

Merit: 250

Quote from: Anon136 on August 05, 2014, 06:31:14 PM

If someone finds your dollar bill laying around on the ground they can spend it. Dollar bills still work just fine. Dont give your trezor to anyone else, problem solved. If you lose it, oh well you only had 100 bucks on it or w/e is the analogue to what you might keep in your regular fiat holding wallet.

You see, here I disagree. Why would anyone buy a trezor for 120 bucks to only carry an average of 100 bucks around. Doesn't sound too practical tbh.

Anon136

legendary

Activity: 1722

Merit: 1217

Quote from: DannyElfman on August 05, 2014, 06:19:22 PM

Quote from: Anon136 on August 05, 2014, 06:09:07 PM

Quote from: DannyElfman on August 05, 2014, 05:58:04 PM

Quote from: klondike_bar on August 05, 2014, 05:52:13 PM

Quote from: DannyElfman on August 05, 2014, 03:27:57 PM

Quote from: Anon136 on August 05, 2014, 03:26:19 PM

Quote from: DannyElfman on August 05, 2014, 03:18:41 PM

Quote from: Anon136 on August 05, 2014, 03:13:16 PM

I asked this question ages ago but i dont think anyone ever responded to it. I think its still a good question so ill ask again.

To make an analogy. If trezor is a male condom, have you guys put any thought into developing a female condom? That is to say, people who use a trezor are completely safe from having their bitcoins stolen, but what about the risk to the merchant when you plug your trezor into his system? Have you put any thought into developing a devise for merchants that would allow customers to plug their trezor into the merchants system with out any risk of a fake trezor compromising the merchant's security?

I don't think trezor is for POS terminals. Atleast that is how I understand it.

Well as it is no. That would be way to much risk to the terminals to plug god knows what into their systems. But with such a devise as was described above, they could be.

Could be implemented yes, but do you really think TREZOR will reach such an adoption that it will be neccessary?

In its current form - no.

but 5 years down the road, an RFID version would be entirely acceptable using a slightly different protocol than the in/out of USB

Sounds better, but then we will even more need the PIN or PW, because of obvious reasons Wink

TREZOR 2.0 would then need some kind of num pad

There is no clear reason to need a pin if we are not talking about huge amounts of money. I mean I dont have to enter a pin to hand someone cash. None the less i have never yet had cash stolen from me.

That would be true if there was a mechanism that would prevent repeated charges. Afaik there is none at this moment. So if you find a TREZOR you could not steal much money at once, but with many small charges your could empty it pretty fast.

Correct me if I am wrong.

If someone finds your dollar bill laying around on the ground they can spend it. Dollar bills still work just fine. Dont give your trezor to anyone else, problem solved. If you lose it, oh well you only had 100 bucks on it or w/e is the analogue to what you might keep in your regular fiat holding wallet.

DannyElfman

sr. member

Activity: 406

Merit: 250

Quote from: Anon136 on August 05, 2014, 06:09:07 PM

Quote from: DannyElfman on August 05, 2014, 05:58:04 PM

Quote from: klondike_bar on August 05, 2014, 05:52:13 PM

Quote from: DannyElfman on August 05, 2014, 03:27:57 PM

Quote from: Anon136 on August 05, 2014, 03:26:19 PM

Quote from: DannyElfman on August 05, 2014, 03:18:41 PM

Quote from: Anon136 on August 05, 2014, 03:13:16 PM

I asked this question ages ago but i dont think anyone ever responded to it. I think its still a good question so ill ask again.

To make an analogy. If trezor is a male condom, have you guys put any thought into developing a female condom? That is to say, people who use a trezor are completely safe from having their bitcoins stolen, but what about the risk to the merchant when you plug your trezor into his system? Have you put any thought into developing a devise for merchants that would allow customers to plug their trezor into the merchants system with out any risk of a fake trezor compromising the merchant's security?

I don't think trezor is for POS terminals. Atleast that is how I understand it.

Well as it is no. That would be way to much risk to the terminals to plug god knows what into their systems. But with such a devise as was described above, they could be.

Could be implemented yes, but do you really think TREZOR will reach such an adoption that it will be neccessary?

In its current form - no.

but 5 years down the road, an RFID version would be entirely acceptable using a slightly different protocol than the in/out of USB

Sounds better, but then we will even more need the PIN or PW, because of obvious reasons Wink

TREZOR 2.0 would then need some kind of num pad

There is no clear reason to need a pin if we are not talking about huge amounts of money. I mean I dont have to enter a pin to hand someone cash. None the less i have never yet had cash stolen from me.

That would be true if there was a mechanism that would prevent repeated charges. Afaik there is none at this moment. So if you find a TREZOR you could not steal much money at once, but with many small charges your could empty it pretty fast.

Correct me if I am wrong.

Anon136

legendary

Activity: 1722

Merit: 1217

Quote from: DannyElfman on August 05, 2014, 05:58:04 PM

Quote from: klondike_bar on August 05, 2014, 05:52:13 PM

Quote from: DannyElfman on August 05, 2014, 03:27:57 PM

Quote from: Anon136 on August 05, 2014, 03:26:19 PM

Quote from: DannyElfman on August 05, 2014, 03:18:41 PM

Quote from: Anon136 on August 05, 2014, 03:13:16 PM

I asked this question ages ago but i dont think anyone ever responded to it. I think its still a good question so ill ask again.

To make an analogy. If trezor is a male condom, have you guys put any thought into developing a female condom? That is to say, people who use a trezor are completely safe from having their bitcoins stolen, but what about the risk to the merchant when you plug your trezor into his system? Have you put any thought into developing a devise for merchants that would allow customers to plug their trezor into the merchants system with out any risk of a fake trezor compromising the merchant's security?

I don't think trezor is for POS terminals. Atleast that is how I understand it.

Well as it is no. That would be way to much risk to the terminals to plug god knows what into their systems. But with such a devise as was described above, they could be.

Could be implemented yes, but do you really think TREZOR will reach such an adoption that it will be neccessary?

In its current form - no.

but 5 years down the road, an RFID version would be entirely acceptable using a slightly different protocol than the in/out of USB

Sounds better, but then we will even more need the PIN or PW, because of obvious reasons Wink

TREZOR 2.0 would then need some kind of num pad

There is no clear reason to need a pin if we are not talking about huge amounts of money. I mean I dont have to enter a pin to hand someone cash. None the less i have never yet had cash stolen from me.

DannyElfman

sr. member

Activity: 406

Merit: 250

Quote from: klondike_bar on August 05, 2014, 05:52:13 PM

Quote from: DannyElfman on August 05, 2014, 03:27:57 PM

Quote from: Anon136 on August 05, 2014, 03:26:19 PM

Quote from: DannyElfman on August 05, 2014, 03:18:41 PM

Quote from: Anon136 on August 05, 2014, 03:13:16 PM

I asked this question ages ago but i dont think anyone ever responded to it. I think its still a good question so ill ask again.

To make an analogy. If trezor is a male condom, have you guys put any thought into developing a female condom? That is to say, people who use a trezor are completely safe from having their bitcoins stolen, but what about the risk to the merchant when you plug your trezor into his system? Have you put any thought into developing a devise for merchants that would allow customers to plug their trezor into the merchants system with out any risk of a fake trezor compromising the merchant's security?

I don't think trezor is for POS terminals. Atleast that is how I understand it.

Well as it is no. That would be way to much risk to the terminals to plug god knows what into their systems. But with such a devise as was described above, they could be.

Could be implemented yes, but do you really think TREZOR will reach such an adoption that it will be neccessary?

In its current form - no.

but 5 years down the road, an RFID version would be entirely acceptable using a slightly different protocol than the in/out of USB

Sounds better, but then we will even more need the PIN or PW, because of obvious reasons Wink

TREZOR 2.0 would then need some kind of num pad

klondike_bar

legendary

Activity: 2128

Merit: 1005

ASIC Wannabe

Quote from: DannyElfman on August 05, 2014, 03:27:57 PM

Quote from: Anon136 on August 05, 2014, 03:26:19 PM

Quote from: DannyElfman on August 05, 2014, 03:18:41 PM

Quote from: Anon136 on August 05, 2014, 03:13:16 PM

I asked this question ages ago but i dont think anyone ever responded to it. I think its still a good question so ill ask again.

To make an analogy. If trezor is a male condom, have you guys put any thought into developing a female condom? That is to say, people who use a trezor are completely safe from having their bitcoins stolen, but what about the risk to the merchant when you plug your trezor into his system? Have you put any thought into developing a devise for merchants that would allow customers to plug their trezor into the merchants system with out any risk of a fake trezor compromising the merchant's security?

I don't think trezor is for POS terminals. Atleast that is how I understand it.

Well as it is no. That would be way to much risk to the terminals to plug god knows what into their systems. But with such a devise as was described above, they could be.

Could be implemented yes, but do you really think TREZOR will reach such an adoption that it will be neccessary?

In its current form - no.

but 5 years down the road, an RFID version would be entirely acceptable using a slightly different protocol than the in/out of USB

DannyElfman

sr. member

Activity: 406

Merit: 250

Quote from: Anon136 on August 05, 2014, 03:36:57 PM

Quote from: DannyElfman on August 05, 2014, 03:27:57 PM

Quote from: Anon136 on August 05, 2014, 03:26:19 PM

Quote from: DannyElfman on August 05, 2014, 03:18:41 PM

Quote from: Anon136 on August 05, 2014, 03:13:16 PM

I asked this question ages ago but i dont think anyone ever responded to it. I think its still a good question so ill ask again.

To make an analogy. If trezor is a male condom, have you guys put any thought into developing a female condom? That is to say, people who use a trezor are completely safe from having their bitcoins stolen, but what about the risk to the merchant when you plug your trezor into his system? Have you put any thought into developing a devise for merchants that would allow customers to plug their trezor into the merchants system with out any risk of a fake trezor compromising the merchant's security?

I don't think trezor is for POS terminals. Atleast that is how I understand it.

Well as it is no. That would be way to much risk to the terminals to plug god knows what into their systems. But with such a devise as was described above, they could be.

Could be implemented yes, but do you really think TREZOR will reach such an adoption that it will be neccessary?

Hard to say. Clearly it is not the case that it would be worth it now. Im just wondering if its on their radar.

It would be even easier than say credit cards. If you had one that was more analogous to your wallet than your savings account you could run it without a pin. Then you could just stick the trezor in a slot and press send if the amount was correct. It could literally be accomplished from start to finish in 2 seconds. Then you add to that all of the other advantages of bitcoin over credit cards. It could really illustrate the value proposition of bitcoin.

You would still need the PIN code. Don't really know if this would be faster.

Interesting nontheless.

Anon136

legendary

Activity: 1722

Merit: 1217

Quote from: DannyElfman on August 05, 2014, 03:27:57 PM

Quote from: Anon136 on August 05, 2014, 03:26:19 PM

Quote from: DannyElfman on August 05, 2014, 03:18:41 PM

Quote from: Anon136 on August 05, 2014, 03:13:16 PM

I asked this question ages ago but i dont think anyone ever responded to it. I think its still a good question so ill ask again.

To make an analogy. If trezor is a male condom, have you guys put any thought into developing a female condom? That is to say, people who use a trezor are completely safe from having their bitcoins stolen, but what about the risk to the merchant when you plug your trezor into his system? Have you put any thought into developing a devise for merchants that would allow customers to plug their trezor into the merchants system with out any risk of a fake trezor compromising the merchant's security?

I don't think trezor is for POS terminals. Atleast that is how I understand it.

Well as it is no. That would be way to much risk to the terminals to plug god knows what into their systems. But with such a devise as was described above, they could be.

Could be implemented yes, but do you really think TREZOR will reach such an adoption that it will be neccessary?

Hard to say. Clearly it is not the case that it would be worth it now. Im just wondering if its on their radar.

It would be even easier than say credit cards. If you had one that was more analogous to your wallet than your savings account you could run it without a pin. Then you could just stick the trezor in a slot and press send if the amount was correct. It could literally be accomplished from start to finish in 2 seconds. Then you add to that all of the other advantages of bitcoin over credit cards. It could really illustrate the value proposition of bitcoin.

klokan

full member

Activity: 120

Merit: 100

Quote from: Anon136 on August 05, 2014, 03:26:19 PM

Quote from: DannyElfman on August 05, 2014, 03:18:41 PM

Quote from: Anon136 on August 05, 2014, 03:13:16 PM

I asked this question ages ago but i dont think anyone ever responded to it. I think its still a good question so ill ask again.

To make an analogy. If trezor is a male condom, have you guys put any thought into developing a female condom? That is to say, people who use a trezor are completely safe from having their bitcoins stolen, but what about the risk to the merchant when you plug your trezor into his system? Have you put any thought into developing a devise for merchants that would allow customers to plug their trezor into the merchants system with out any risk of a fake trezor compromising the merchant's security?

I don't think trezor is for POS terminals. Atleast that is how I understand it.

Well as it is no. That would be way to much risk to the terminals to plug god knows what into their systems. But with such a devise as was described above, they could be.

Keeping the Trezor interface simple (which it is now) is the best tool for merchant protection. It allows them to easily verify all the messages the connected device is sending to them. You can't do much more than that. That is of course, unless you want to work on your own POS terminal and sell them the entire solution.

It seems to me, that the Trezor team's priority for now is to get in the business of secure authentication and message encryption and not into the POS terminal business.

DannyElfman

sr. member

Activity: 406

Merit: 250

Quote from: Anon136 on August 05, 2014, 03:26:19 PM

Quote from: DannyElfman on August 05, 2014, 03:18:41 PM

Quote from: Anon136 on August 05, 2014, 03:13:16 PM

I asked this question ages ago but i dont think anyone ever responded to it. I think its still a good question so ill ask again.

To make an analogy. If trezor is a male condom, have you guys put any thought into developing a female condom? That is to say, people who use a trezor are completely safe from having their bitcoins stolen, but what about the risk to the merchant when you plug your trezor into his system? Have you put any thought into developing a devise for merchants that would allow customers to plug their trezor into the merchants system with out any risk of a fake trezor compromising the merchant's security?

I don't think trezor is for POS terminals. Atleast that is how I understand it.

Well as it is no. That would be way to much risk to the terminals to plug god knows what into their systems. But with such a devise as was described above, they could be.

Could be implemented yes, but do you really think TREZOR will reach such an adoption that it will be neccessary?

Anon136

legendary

Activity: 1722

Merit: 1217

Quote from: DannyElfman on August 05, 2014, 03:18:41 PM

Quote from: Anon136 on August 05, 2014, 03:13:16 PM

I asked this question ages ago but i dont think anyone ever responded to it. I think its still a good question so ill ask again.

To make an analogy. If trezor is a male condom, have you guys put any thought into developing a female condom? That is to say, people who use a trezor are completely safe from having their bitcoins stolen, but what about the risk to the merchant when you plug your trezor into his system? Have you put any thought into developing a devise for merchants that would allow customers to plug their trezor into the merchants system with out any risk of a fake trezor compromising the merchant's security?

I don't think trezor is for POS terminals. Atleast that is how I understand it.

Well as it is no. That would be way to much risk to the terminals to plug god knows what into their systems. But with such a devise as was described above, they could be.

DannyElfman

sr. member

Activity: 406

Merit: 250

Quote from: Anon136 on August 05, 2014, 03:13:16 PM

I asked this question ages ago but i dont think anyone ever responded to it. I think its still a good question so ill ask again.

To make an analogy. If trezor is a male condom, have you guys put any thought into developing a female condom? That is to say, people who use a trezor are completely safe from having their bitcoins stolen, but what about the risk to the merchant when you plug your trezor into his system? Have you put any thought into developing a devise for merchants that would allow customers to plug their trezor into the merchants system with out any risk of a fake trezor compromising the merchant's security?

I don't think trezor is for POS terminals. Atleast that is how I understand it.

Anon136

legendary

Activity: 1722

Merit: 1217

I asked this question ages ago but i dont think anyone ever responded to it. I think its still a good question so ill ask again.

To make an analogy. If trezor is a male condom, have you guys put any thought into developing a female condom? That is to say, people who use a trezor are completely safe from having their bitcoins stolen, but what about the risk to the merchant when you plug your trezor into his system? Have you put any thought into developing a devise for merchants that would allow customers to plug their trezor into the merchants system with out any risk of a fake trezor compromising the merchant's security?

cor

full member

Activity: 121

Merit: 100

Quote from: grau on August 05, 2014, 01:54:19 PM

Quote from: cor on August 05, 2014, 01:16:29 PM

What wallets support Trezor?

myTREZOR (our login-free web wallet)
Electrum (currently there's Electrum fork, but devs confirmed that they'll accept it to Electrum's mainline).
Multibit HD confirmed their work, they already have some integration done.
Armory devs confirmed their work on Trezor integration
GreenAddress.it has already some integration done (see https://twitter.com/GreenAddress/status/479939415088062464)
Wallet32 Andoid app confirmed their work on Trezor integration
Blockchain.info raised their interest in Trezor as well, although we're in early stage there.

Just for the records: myTREZOR is enabled by Bits of Proof, beating them all by at least a half a year and counting.

credit well deserved: BoP does all the miracle of showing your transactions in mytrezor and transmitting the signed tx to the blockchain.
thx BudaPest

Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 167. (Read 966173 times)