Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 181. (Read 966173 times)

Are you acquainted with, say, the false fronts for ATM machines that steal card data? 

until you stray into life of the universe type probabilities it makes sense to question ... after that you are being irrationally paranoid or simply trolling.

You don't build confidence on a system by having it examined only by people who want it to be declared safe.  

your contortions are getting a little contrived ... and a bit funny too.

The storage area is erased when you upload unofficial firmware.

You have to confirm that you want to run it with unsigned firmware every time you plug it in.

Hm... What if someone get holds of your Trezor without your knowledge, installs malicious firmware that saves your passphrase, returns it to you, then steals it again after you have used it, and downloads the pasphrase?  Or whaterver?

The official procedure is rather nicely shown here: http://doc.satoshilabs.com/trezor-user/updatingfirmware.html

Awesome! I wish I had ordered one during the 0.5BTC promotion. Oh well, I hope you enjoy yours! Makes some pictures and show them to us!

Yes, it can be replaced. The official firmware releases are available from the trezor website and are signed by satoshilabs. you can load unsigned firmware and in this case bootloader will warn you ask you for confirmation that this is really what you want.

I'm not at home, but got a call from my dad. The trezor package arrived! 

Wait, I am confused.  Do you mean that the firmware can be replaced after the device was assembled?  If so, what is the procedure to do that?

The problems you describe (like the anonymity, etc.) are the features of BTC and these are thus inherent to all BTC wallets. Once you are robbed, you can do nothing about it. I agree with you. That is not a bug, that is the feature. I know that this makes BTC attractive to the criminals, but I disagree that this makes this device less secure.

I'm not sure whether you can verify the firmware running on the device, but you can always flash it with the latest firmware from the website or your own build. That said, there is still bootloader that might be hacked, but that would have to happen in production because it cannot be overwritten. That would be equivalent to having a fake one.

Thought someone had sent me some 'safe payment system' condoms! 

Thanks Trezor

As I wrote, using a Trezor is surely safer than entering or storing keys in your PC or laptop, and you may even dare to use it on a random cybercafe computer (which you should never entrust with your keys).

However, users must be aware that the risk of theft is still not negligible, and they must still be very careful when using the Trezor -- even more than when using credit cards or home banking.

Consider the entire process of stealing money from your account or credit card, including what the thief needs to do to get the cash in hand once he has stolen the PIN or passwords, and what you can do once you discover the theft.  Bitcoin makes the theft much simpler and safer for the thief, and he can effectively collect bicoins stolen from thousands of wallets on the same day, without even being logged in at the time.  Bitcoin thefts have proven to be nearly impossible to solve; the stolen coins cannot be blocked or seized, and are easily laundered with little risk.

For those reasons, and more, bitcoin is extremely attractive to professional cybercriminals.  It is no wonder that there are already more bitcoin thefts than credit card thefts, in proportion to the total e-payments.  


Of course it is very important to discuss these issues.  I don't know the details of the hardware & software, but I am sure that its safety can be improved in many ways.

For example, it is still not clear to me whether there is any practical way to check that the firmware that is loaded in a particular Trezor device is the official one.  (This is the fundamental fatal flaw of every all-digital voting machine design, and there is still no known solution for it.)

If there are hidden cameras everywhere, all hardware is NSA hacked and user is not looking at the screen before sending all his money to thief, then the user probably cannot do safe transaction with credit card either.

Don't get me wrong. I think that it is important to talk about these risks and educate users. But if there is nothing what can be done, then engaging in such discussion is useless.

So what can be done that would in your opinion make this safer than your credit card? If I have hacked computer, then thief can steal my money from my bank account. If I have cameras in my appartment, then he might steal from me as well. I have received my computer, credit cards and bank details by post and if NSA or goverment wanted they can block and empty my bank account whenever they wanted.

The added security of this device is that it has to be either bugged or fake or malitious to steal from you and even if it is, then it still needs your computer cooperation, i.e., your computer being hacked, to do it. It is much higher security compared to just storing your keys on your computer. Especially for lumberjack Jack, who never saw linux before.

We prepared a deterministic build environment, so it's easy to compile the firmware from source and produce bit identical binary to ours and compare them (or their hashes).  We'll prepare more materials about how to check this/participate in the signing on the next firmware update.

By "recording" I do not mean just keylogging, but (e.g.) placing a hidden hi-res camera in the right spot.

it's opensource, everybody can check and believe me they are doing that..