I was more interested in determining the private key. In this section I will therefore look into the key generation. To avoid noise from the display, I set a blank home screen. You can consider this as cheating as changing the home screen requires the PIN. However, an unscrupulous attacker may just break open the case and rip off the display to achieve the same effect. The following graphic shows the computation of the master public key m/44'/0'/0'/0.
The above quote gives me the impression you'll need physical access to the Trezor. You'll also have to disconnect the screen.
Also, if you have passphrase protection, this attack does not work even with firmware 1.3.1, so you may consider adding that, too.
The above quote says that using a passphrase makes the attack pointless
So if you are stupid enough to not use a passphrase, it would be easier and cheaper for the thieve to buy a 5$ wrench (he saves 65$) and kindly ask for the piece of paper that had the seed written on it.
Please correct me if I'm wrong oh mighty stolfi ( I will admit it if I'm wrong, my balls can handle it ) and NO I'M NOT YOUR STUDENT.
PS: The attacker can use his own PC, he does not need an "physically compromised PC"
