Pages:
Author

Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 22. (Read 966221 times)

legendary
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
https://www.wired.com/story/i-forgot-my-pin-an-epic-tale-of-losing-dollar30000-in-bitcoin/

hacking a TREZOR by downgrading the firmware to a vulnerable version? is it possible as the article described?

no, it was possible until a mandatory upgrade. and it was only possible when someone had physical access to your trezor.

all good.
I think the answer he is looking for is as follows.  From my current understanding of the vulnerability and the upgrade:

IF (you have upgraded the firmware to the latest) AND (someone gets physical access to your Trezor) THEN:

If they try to install ANY new firmware including old versions, their own hacking code, etc. they no longer have access to the secrets in SRAM because the latest firmware destroys all secrets in SRAM if and when ANY new code is loaded (including all future firmware updates).  Obviously the secrets are still kept in a safe and secure non volatile location, they are just destroyed in SRAM in order to prevent this very attack vector.

Now, his question might have been as as follows:

If someone manages to get physical access to my updated Trezor and then uploads an older version of the firmware (destroying the secrets in SRAM per the new code) is there any possibility that the old code will still put the secrets into SRAM even though the attacker does not have the PIN?  If so then, of course they can then upload a hack and get the secrets.

My assumption is that the old code accidentally left the secrets in SRAM during a code update but did not load them into SRAM until the PIN was correctly entered.  If so, then all is good.

Can TREZOR verify my statements above to be all true?
legendary
Activity: 2338
Merit: 2106
https://www.wired.com/story/i-forgot-my-pin-an-epic-tale-of-losing-dollar30000-in-bitcoin/

hacking a TREZOR by downgrading the firmware to a vulnerable version? is it possible as the article described?

no, it was possible until a mandatory upgrade. and it was only possible when someone had physical access to your trezor.

all good.
legendary
Activity: 2856
Merit: 1520
Bitcoin Legal Tender Countries: 2 of 206
https://www.wired.com/story/i-forgot-my-pin-an-epic-tale-of-losing-dollar30000-in-bitcoin/

hacking a TREZOR by downgrading the firmware to a vulnerable version? is it possible as the article described?
legendary
Activity: 2338
Merit: 2106
Can’t Tolerate This’: TREZOR Ditches BitPay Over SegWit2x ‘Games’

https://cointelegraph.com/news/cant-tolerate-this-trezor-ditches-bitpay-over-segwit2x-games

Bitcoin hardware wallet TREZOR is ending its BitPay integration over what its CTO describes as “playing games” with its API.

In Twitter posts Thursday, Pavol Rusnak said that because BitPay could potentially rename the SegWit2x chain ‘BTC,’ Trezor would no longer display its tickers.

The hardware wallet had adopted a cautious approach to SegWit2x, while BitPay, along with fellow wallet Xapo, said it would potentially treat the 2x chain as ‘BTC’ should it gain sufficient support.

“We're replacing… BitPay exchange rates API in… TREZOR Web Wallet because they plan to play games with the BTC ticker. Can't tolerate this,” Rusak wrote...........

good move. I want my hardware wallet producer to be very cautious when it comes to attacks like segwit2x. my coins are safe, great. thank you trezor team.
staff
Activity: 3500
Merit: 6152
This is very useful, I hope it can be shipped worldwide. -__-

It cannot be shipped worldwide. I wasn't able to ship it to my country even though they offer DHL Express so I used a reship company.

I want to buy something like that. Than  Trezor better than others?

Trezor and Ledger Nano S are the best on the market, choose one of them.
full member
Activity: 182
Merit: 100
This is very useful, I hope it can be shipped worldwide. -__-
newbie
Activity: 2
Merit: 0
I want to buy something like that. Than  Trezor better than others?
legendary
Activity: 1316
Merit: 1021
2009 Alea iacta est
Can’t Tolerate This’: TREZOR Ditches BitPay Over SegWit2x ‘Games’

https://cointelegraph.com/news/cant-tolerate-this-trezor-ditches-bitpay-over-segwit2x-games

Bitcoin hardware wallet TREZOR is ending its BitPay integration over what its CTO describes as “playing games” with its API.

In Twitter posts Thursday, Pavol Rusnak said that because BitPay could potentially rename the SegWit2x chain ‘BTC,’ Trezor would no longer display its tickers.

The hardware wallet had adopted a cautious approach to SegWit2x, while BitPay, along with fellow wallet Xapo, said it would potentially treat the 2x chain as ‘BTC’ should it gain sufficient support.

“We're replacing… BitPay exchange rates API in… TREZOR Web Wallet because they plan to play games with the BTC ticker. Can't tolerate this,” Rusak wrote...........
legendary
Activity: 1806
Merit: 1828
Will Trezor wallet provide access to btcgold after fork?

SatoshiLabs probably has to wait and see the final code for Bitcoin Gold before committing to supporting this or not.
copper member
Activity: 45
Merit: 12
Will Trezor wallet provide access to btcgold after fork?
legendary
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
Finally, I see something from the sales sphere that proves to be useful! Where do I buy it, are there on Amazon?  Sad
Have you ever thought of just going to Amazon and searching for "Trezor".  Wouldn't that be even easier than coming here and asking someone else to do it for you?


Oh, I see, you are just spamming your paid spam signature.
sr. member
Activity: 644
Merit: 250
Guys, just another question.
When I create a legacy address and sign my message after Trezor reconnects my address disappears. But if I click "Add legacy account" the address creates again. Does Trezor wallet not show empty addresses of what?  Huh
sr. member
Activity: 644
Merit: 250
How can I sign a message with Trezor? Do not see options.

Unfortunately, with the new segwit addresses, you cannot sign a message. I don't have my Trezor with me. It may work with the legacy wallet.

 https://blog.trezor.io/rolling-out-trezor-wallet-segwit-segregated-witness-5700269debc5
Quote

Why can’t I sign or verify a message?

While the TREZOR firmware supports signing with SegWit addresses, there are currently no other wallets or services which support the signing feature. Also, there is no agreed standard yet, therefore the compatibility of signature and verification processes cannot be guaranteed. These functions were temporarily removed from TREZOR Wallet.

Edit: It appears that if you select the Legacy wallet, the sign and verify messages are available.
Thank you for clarify  Wink
legendary
Activity: 1596
Merit: 1061
Smile
Finally, I see something from the sales sphere that proves to be useful! Where do I buy it, are there on Amazon?  Sad


trezor.io
full member
Activity: 224
Merit: 100
Finally, I see something from the sales sphere that proves to be useful! Where do I buy it, are there on Amazon?  Sad
legendary
Activity: 1806
Merit: 1828
How can I sign a message with Trezor? Do not see options.

Unfortunately, with the new segwit addresses, you cannot sign a message. I don't have my Trezor with me. It may work with the legacy wallet.

 https://blog.trezor.io/rolling-out-trezor-wallet-segwit-segregated-witness-5700269debc5
Quote

Why can’t I sign or verify a message?

While the TREZOR firmware supports signing with SegWit addresses, there are currently no other wallets or services which support the signing feature. Also, there is no agreed standard yet, therefore the compatibility of signature and verification processes cannot be guaranteed. These functions were temporarily removed from TREZOR Wallet.

Edit: It appears that if you select the Legacy wallet, the sign and verify messages are available.
sr. member
Activity: 644
Merit: 250
How can I sign a message with Trezor? Do not see options.
sr. member
Activity: 644
Merit: 252
I've been using Trezor for a very long time. I really like using the password manager, but there is a question - if I lose it and want to recover by seed, will the data of the password manager be restored or not?
newbie
Activity: 25
Merit: 0
I prefer Bit Go/ I t is realy fast and safety!
legendary
Activity: 1596
Merit: 1061
Smile
Sorry, I'm not interested with this stuff.
coz I haven't yet quite understand thus:)


easy if u want no one to take your precious bitcoin

such as mtgox, cryptsy, US FED(Btc-e)




get a hardware wallet

trezor, (software https://bitcoin.org/en/bitcoin-core/ on your second computer offline), other hardware wallets






Pages:
Jump to: