Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 90. (Read 966173 times)
Is the backend of the site down again? I cannot see my balance or transactions...it just keeps endlessly refreshing...
It is a little late now, but these trezors would have made great xmas presents
still doable with DHL shipping
It is a little late now, but these trezors would have made great xmas presents
It should be mentioned that any of the attacks currently being discussed will defeat most on-line banking sites and on-line payment systems, web shopping, etc.
If your machines are this compromised you probably should not being doing any kind of money (or personal information ) management with them.
If your machines are this compromised you probably should not being doing any kind of money (or personal information ) management with them.
Yes I exactly agree with this, I was just asking hypothetically, just to get a message how safe the trezor really is for myself and for the others..
It should be mentioned that any of the attacks currently being discussed will defeat most on-line banking sites and on-line payment systems, web shopping, etc.
If your machines are this compromised you probably should not being doing any kind of money (or personal information ) management with them.
If your machines are this compromised you probably should not being doing any kind of money (or personal information ) management with them.
Exactly. AFAIK Trezor plans to implement this BIP once it's accepted (It's in the final draft stage now). But provided that BIP70 is used, device may be able to protect you against address replacing malware.
It is and has been active for a while. Final is final, the reference implementation has been completed and accepted by the community. See here.
To clarify (?):
* No device will protect you, if you got the wrong address to start with.
the discussion was about finding methods to prevent that, BIP70 with a correctly enforced certificate chain being one suggestion, in which the device can help (by enforcing said certificate chain)
Exactly. AFAIK Trezor plans to implement this BIP once it's accepted (It's in the final draft stage now). But provided that BIP70 is used, device may be able to protect you against address replacing malware.
Assuming however that everybody you want to send bitcoins to can be certified in that way. What if the address-switching malware does its trick only on non-secured addresses?
By the way, I do not see in the BIP-70 write-up an analysis explaining why it would be secure against malicious browsers and apps. I see only a claim that it is "more resistant" to them, but no explanation why. Is that obvious?
To clarify (?):
* No device will protect you, if you got the wrong address to start with.
the discussion was about finding methods to prevent that, BIP70 with a correctly enforced certificate chain being one suggestion, in which the device can help (by enforcing said certificate chain)
Exactly. AFAIK Trezor plans to implement this BIP once it's accepted (It's in the final draft stage now). But provided that BIP70 is used, device may be able to protect you against address replacing malware.
To clarify (?):
* No device will protect you, if you got the wrong address to start with.
the discussion was about finding methods to prevent that, BIP70 with a correctly enforced certificate chain being one suggestion, in which the device can help (by enforcing said certificate chain)
Now a weakness of having viruses on your computer could be that the address that you want to send the coins to can be modified before your PC displays it. IE you receive a PM and the virus changes all bitcoin addresses in your webrowser to their address or if you copy/paste it changes the addresses in the clipboard. So then when you THINK you're sending the bitcoins to the right person, it could actually be the wrong address. That is the #1 thing I would watch for.
This is the purpose of the screen, to verify the address and amount are correct before signing. To clarify (?):
* No device will protect you, if you got the wrong address to start with. If you are not a paranoid computer guy, malware could trick you by substituting the thief's address for a merchant's address that you got from email or a website.
* Assuming you have the correct address (and a legitimate Trezor with legitimate bug-free firmware), checking the address on Trezor's screen will protect against malware on the PC.
* As I understand it, the Ledger screen-less device picks some random letters from the address, and asks you to type the corresponding codes that you look up in an table provided with the device. Assuming you have the correct address (and a legitimate Ledger device with legitimate bug-free firmware), this protocol will protect from malware at first. However, as discussed above, after signing enough honest transactions the malware in the PC will get to know the code table; and then it will be able to trick the device into signing a transaction with the thief's address.
I agree that this is an interesting valid use-case. Still, I think that non-BIP70 transactions are a valid use-case for bitcoin as well.
yes of course. I'm just discussing BIP70 as a possible way to make sure that an address hasn't been modified between the sender and the receiver, considering it's already implemented by several wallets.
I don't think that BIP70 is the answer to all these issues. What if I don't want to tie my address to my identity? I cannot use Bitcoin? I believe this would defeat one of the purposes for which Bitcoin was created.
I believe things start to be interesting if you consider your devices identity instead of your identity, and establish trust relationships between devices.
I agree that this is an interesting valid use-case. Still, I think that non-BIP70 transactions are a valid use-case for bitcoin as well.
I don't think that BIP70 is the answer to all these issues. What if I don't want to tie my address to my identity? I cannot use Bitcoin? I believe this would defeat one of the purposes for which Bitcoin was created.
I believe things start to be interesting if you consider your devices identity instead of your identity, and establish trust relationships between devices.
Now a weakness of having viruses on your computer could be that the address that you want to send the coins to can be modified before your PC displays it. IE you receive a PM and the virus changes all bitcoin addresses in your webrowser to their address or if you copy/paste it changes the addresses in the clipboard. So then when you THINK you're sending the bitcoins to the right person, it could actually be the wrong address. That is the #1 thing I would watch for.
I'm sure the trezor team can give you better descriptions, but that's my 2 cents
This is the purpose of the screen, to verify the address and amount are correct before signing.
no, it's not. The only way to guard against such attack (out of having one distinct channel to communicate Bitcoin addresses) is to support BIP 70 payments with properly pinned down certificates (so that the malware wouldn't be able to sign again in the middle with its own key).
I don't think that BIP70 is the answer to all these issues. What if I don't want to tie my address to my identity? I cannot use Bitcoin? I believe this would defeat one of the purposes for which Bitcoin was created.
Now a weakness of having viruses on your computer could be that the address that you want to send the coins to can be modified before your PC displays it. IE you receive a PM and the virus changes all bitcoin addresses in your webrowser to their address or if you copy/paste it changes the addresses in the clipboard. So then when you THINK you're sending the bitcoins to the right person, it could actually be the wrong address. That is the #1 thing I would watch for.
I'm sure the trezor team can give you better descriptions, but that's my 2 cents
This is the purpose of the screen, to verify the address and amount are correct before signing.
no, it's not. The only way to guard against such attack (out of having one distinct channel to communicate Bitcoin addresses) is to support BIP 70 payments with properly pinned down certificates (so that the malware wouldn't be able to sign again in the middle with its own key).
So I have been arguing with my best friend about the trezor. I keep telling that it is safe to use trezor even on compromised machines, but he keeps telling me this cannot be possible. So for the sake of the argument, if I have several malwares on my computer, couple of trojans, keyloggers etc.. are my funds safe by using trezor?
I want to show him the replies on this question and shut his mouth once and for all!
Thanks all!
I want to show him the replies on this question and shut his mouth once and for all!
Thanks all!
Trezor is secure in two important points:
1. It will never share your private keys with a computer no matter how many viruses and troyans are on the computer.
2. When signing a transaction (which is created on computer so it potentialy may be incorrect, missleading or maliciously created), Trezor will display comprehensive information about the transaction and it will ask you to press the confirm button twice. As mentioned above me, this does not protect you against phising attack as described here: http://doc.satoshilabs.com/trezor-faq/threats.html#what-doesn-t-trezor-protect-against-yet but the important point is that Trezor would never sign this transaction without you seeing it and confirming it. So in case you know the address you want to send to, there is no way computer can trick you into signing something else.
Now a weakness of having viruses on your computer could be that the address that you want to send the coins to can be modified before your PC displays it. IE you receive a PM and the virus changes all bitcoin addresses in your webrowser to their address or if you copy/paste it changes the addresses in the clipboard. So then when you THINK you're sending the bitcoins to the right person, it could actually be the wrong address. That is the #1 thing I would watch for.
I'm sure the trezor team can give you better descriptions, but that's my 2 cents
This is the purpose of the screen, to verify the address and amount are correct before signing.
What I'm talking about is a virus giving you the wrong address to send to, which occurs prior to dealing with the Trezor at all. Like if I email you my address which is 1Lyth and the virus changes the HTML/message to read 1Virus and then you send the bitcoins to 1Virus thinking that it's the correct address.
This is what the screen on the Trezor is for. When your computer sends the unsigned tx to the Trezor for signing, you can verify on the Trezor screen that the correct address and amount are shown before clicking confirm on the Trezor. I'm sure all this is covered in the manual.
Well if the changing of the address by the malware is the only problem then we can sleep peacefully.
I will tell him to revisit this thread and to see responses by himself. Of course nobody sane enough will ever have 5 malwares on his machine, but I was just speaking hypothetically. 
Now a weakness of having viruses on your computer could be that the address that you want to send the coins to can be modified before your PC displays it. IE you receive a PM and the virus changes all bitcoin addresses in your webrowser to their address or if you copy/paste it changes the addresses in the clipboard. So then when you THINK you're sending the bitcoins to the right person, it could actually be the wrong address. That is the #1 thing I would watch for.
I'm sure the trezor team can give you better descriptions, but that's my 2 cents
This is the purpose of the screen, to verify the address and amount are correct before signing.
What I'm talking about is a virus giving you the wrong address to send to, which occurs prior to dealing with the Trezor at all. Like if I email you my address which is 1Lyth and the virus changes the HTML/message to read 1Virus and then you send the bitcoins to 1Virus thinking that it's the correct address.
This is what the screen on the Trezor is for. When your computer sends the unsigned tx to the Trezor for signing, you can verify on the Trezor screen that the correct address and amount are shown before clicking confirm on the Trezor. I'm sure all this is covered in the manual.
Now a weakness of having viruses on your computer could be that the address that you want to send the coins to can be modified before your PC displays it. IE you receive a PM and the virus changes all bitcoin addresses in your webrowser to their address or if you copy/paste it changes the addresses in the clipboard. So then when you THINK you're sending the bitcoins to the right person, it could actually be the wrong address. That is the #1 thing I would watch for.
I'm sure the trezor team can give you better descriptions, but that's my 2 cents
This is the purpose of the screen, to verify the address and amount are correct before signing.
What I'm talking about is a virus giving you the wrong address to send to, which occurs prior to dealing with the Trezor at all. Like if I email you my address which is 1Lyth and the virus changes the HTML/message to read 1Virus and then you send the bitcoins to 1Virus thinking that it's the correct address.
Now a weakness of having viruses on your computer could be that the address that you want to send the coins to can be modified before your PC displays it. IE you receive a PM and the virus changes all bitcoin addresses in your webrowser to their address or if you copy/paste it changes the addresses in the clipboard. So then when you THINK you're sending the bitcoins to the right person, it could actually be the wrong address. That is the #1 thing I would watch for.
I'm sure the trezor team can give you better descriptions, but that's my 2 cents
This is the purpose of the screen, to verify the address and amount are correct before signing.
Jump to: