Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 182. (Read 966173 times)

You don't need a cold offline storage when you have a Trezor. Trezor is an "offline storage" with a transaction signing functionality on top.

When you want to use coins from a cold storage, you have to load your private keys into a wallet. That might be a short moment but enough for a malware to catch it.

Also, a cold storage might require advanced computer skills and understanding of bitcoin. Trezor on the contrary can be easily used by my mom.

Yes, it does solve it. Payment protocol is planned for the future TREZOR releases.

I'm not sure if Trezor supports it already, but shouldn't the payment protocol solve that particular problem?

Ok. Well how about Cold offline storage for most coins and Trezor for the hot wallet, and a few dollars on the smartphone ?

Your bitcoin keys will be safer if stored in a Trezor than in your PC or smartphone, for sure.  However the risk will still be significant.

Even with Trezor, stealing your bitcoins may still be easier than stealing money from your bank account or credit card, and it will certainly be much safer for the thief.  Thus we can be sure that legions of black-hat hackers and criminals will turn their attention to methods of stealing bitcoins from Trezor users.

Even if your Trezor works as it is supposed to, you will still be vulnerable to attacks like address phishing (the hacker tricks you into sending payment to the wrong address) and man-in-the-middle (a compromised PC software displays the correct destination address on the screen, but puts the thief's address in the transaction that it gives Trezor to sign.  While an alert user can notice the substitution by checking the Trezor's display, there will inevitably be users who check only the PC screen, out of laziness or because they are not aware of the risk.)

If you use your Trezor anywhere outside your home,  whatever you do to unlock it (passwords, PIN, voiceprints, secret handshakes...) can be recorded and used by someone who later steals the device.  Even in your home, a burglar, janitor, or trusted visitor may plant a camera or other recording equipment, without you noticing.  (Paranoid physical security measures may actually increase that risk: google the death of banker Edmund Safra for an example.)

Then there is the possibility that the device does not work as intended.  It may have a bug (like the classical buffer overrun) that is discovered by a hacker and can be exploited by a malicious software in the PC to extract the private keys.  Perhaps the designers left a secret backdoor, in case some Russian mobster or the CIA pays them a visit with a Trezor whose keys they really want to get.  If Trezor uses custom chips, perhaps someone switched the tapes on the way to the foundry, or substituted the chips on the way back.  Perhaps someone replaced your Trezor by a compromised one, in transport or anytime after you got it.  (Ask any magician how it can be done under your nose.)  

Even one successful bitcoin theft could net millions of dollars.  Therefore, we cannot ignore some possible theft method (like substituting chips at the factory, or posing as the cable repairman) just because it would require thousands of dollars of investment, or several months of work.

Indeed, the Trezor gadget may have been invented and sold specifically for the purpose of stealing your coins.  (This is only a thoretical risk, of course: from their website we can see that the creators are two young honest-looking bitcoin entrepreneurs, and I could not find in CoinDesk or other bitcoin avocacy sites any mention of young honest-looking bitcoin entrepreneus who turned out to be thieves or scammers.)

if your Trezor device is malicious, buggy, modified, or fake, obviously all bets are off, and there is no point in enumerating all the ways it could steal your bitcoins.

It seems very difficult to check whether your device is legitimate and unmodified, and that the software that it is running is the same that is posted on github. This is the same basic shortcoming of all-electronic voting machines, like the Brazilian one.  The latter has many "security" features, like verifiable cryptographic checksums of the executable code, "tamper-proof" seals, and redundant output reports; and, moreover, at every election some units are picked at random for a public test in parallel with the real voting.  Yet, as experts will tell you, all these measures are worthless because they can be easily bypassed by hackers who can target them from inside the organization.

Not yet. There is a library that allows Android app to communicate with TREZOR here: https://github.com/trezor/trezor-android and BitcoinJ people are working on adding necessary stuff (BIP39, BIP44) to their library so we'll have everything needed to build a TREZOR App for Android.

I'm guessing 50-100 USD. Maybe 100 USD at first because the demand will be huge compared to the size of the first produced batch maybe? Don't know.

Almost certainly, it will cost less than the preorder price, i.e., less than 100USD. If everything is still on track for the end-of-July retail, the price will be anounced in next four days.

how much is this now/going to be...
i see 1BTC pre-order but the OP was posted in 2012...
Very interested in this!

Sorry to nitpik, but one positive example doesn't constitute proof. ;-)


It's fucking secure as hell and very hard to screw up.

As every so often: the human element is the weakest link: here are some ways a person could possibly screw it up:

• get drunk and demo trezor to others in bar, be observed when entereing PIN (and maybe passphrase) and then let the observer steal the trezor when kissing the hot chick. (If you don't think that's easy, consider the hot chick being the attacker)
• be "smart" and make up your own seed (use restore to put it on device, not sure if easily possible, checksum?): "doom doom doom doom doom doom doom doom doom doom doom doom" should be safe, noones going to guess that, but I can easily remember it. boy I'm smart.
• leave seed paper backup in vacation luggage and have luggage stolen when staying in hostel
• leave seed paper backup in safe and have burglar steal it
• leave seed paper backup in bank deposit box and have government confiscate steal it

This kind of stuff cannot be prevented by satoshilabs directly, but they make every effort to educate the user.

EDIT: for max security I suggest using a passphrase. That makes the latter 3 attacks much harder. Of course, it adds a new (very easy) way to fuck up:

• forget passphrase

Yes, I use it for long term storage already (one passphrase for long-term, one for everyday usage). Only with a portion of my stash for now (~10%), but I plan to change that to ~50%.

But first I will need to make sure the seed is safe (from loss, mainly). It's only at one location currently, which is not enough. A fire could burn the handwritten word-list and if the trezor breaks or is lost before I can access the funds, they are lost. I also yet have to verify I wrote down the wordlist correctly. I will do that once I receive my plastic trezors (too dangerous to use the single trezor I have now).

I feel my coins are very safe with trezor. Also rationally they are very safe... I've pondered many attacks and the only ones I can see succeeding at all can be carried out by people very close to me. In fact only one person could do that and it would still be very hard and risky to pull off for her. Also: she wouldn't and even if: she doesn't have the technical expertise or even see the possibility.

Comparing to electrum (I don't use armory): I don't consider my coins very safe on electrum. Their security depends on the security of my linux box. Since I use that box for all kinds of stuff, I cannot rule out malicious software sneaking in and loggin my key and stealing my electrum wallet. Trezor is much safer in this regard. Don't get me wrong: I love electrum and trezor support for it is implemented (crudely), so I will most likely keep using it.

I just got an IOS update for bitWallet, seems it now supports BIP32 hierarchical deterministic (HD) wallets and BIP39 mnemonic sentences.
Does this mean it can be used with trezor?

edit: found the answer few pages back, quote from slush p.74 "To be exact, Trezor needs just BIP32 and BIP39 to be supported by client. BIP44 is needed only if client want to see all accounts, transaction history and balances produced by myTREZOR"

This is very good news indeed!

I've received an email reply from Trezor support that my first edition classic will ship today !

that is exactly what I was expecting

Trezor was designed with these goals
1.  even non-tech users (like me or my mother)
2.  can achieve an ultra-paranoid nerdy level of security,
3.  but actually still worry-free and easy to use.

Proof this has been achieved :
We tested trezor with a girl who hardly knew what IS bitcoin, never saw someone doing a transaction and got no single word of explanation.
Just open the box, run it and when ready I'll send you some coins and you should send them back. And she did it 

For security, you have to ask the ultra-paranoid nerds (or geeks) around here.
Anyway Trezor is using some standards and principles that are being implemented to other wallets yet. But we are patient and looking forward to have most of them compatible with Trezor.

Current wallets have some issues:
web wallets:
operators have to bear a lot of the risk and sometimes fail,
their users compromise on their privacy with providing their emails, passwords..
and give up on their sovereign ownership entrusting their private keys to the 3rd party

desktop wallets
the user has to be quite advanced in order to avoid mistakes with the more secure but elaborate desktop clients,

Trezor eliminates these issues and shifts the perspective, it basically does the heavy security lifting and the wallets can just concentrate on doing the "shopping" (sending/receiving transactions and bringing new additional services. A perfect symbiosis..

wait until it is field tested.

Safer, read the OP and the web site to find out why.

Price of 1 BTC was roundabout 200$  on the day of 2 for 1 promotion.

yes, I ordered more then, but remember the price was extreme in $-terms, even for 2.