Author

Topic: Trezor exploit analysis showing thorough fix (Read 549 times)

legendary
Activity: 3122
Merit: 2178
Playgram - The Telegram Casino
August 22, 2017, 01:07:43 PM
#2
Nice writeup, thanks for taking the time to independently analyze SatoshiLabs' bugfix Smiley

It's especially interesting to see how fairly straightforward the fix is. I absolutely agree that open source code and hardware is absolutely necessary to provide a trustworthy hardware wallet. Knowing that there are a lot of talented people out there hacking away makes me definitely feel much safer about Trezor. Especially with SatoshiLabs' fast response time. I remember the side-channel attack that got discovered and fixed some time ago in the early days of Trezor [1]. I doubt it would have been found so quickly if Trezor wouldn't be as tinker-friendly as it is. It would have been found eventually, but probably by less well-meaning people.

[1] https://jochen-hoenicke.de/trezor-power-analysis/
hero member
Activity: 761
Merit: 606
Guys I have spent that last several days examining this newly discussed Trezor exploit.  I have gone line by line and find the newest firmware has taken care of what has been circulating around the net and on this forum.  I will link a small paper, which is on the Trezor site as well, and invite you to take particular interest in the final section where it describes how any exploit to even the older bootloader models is now "bullet proof" against this or any other known exploit.  I would also like you to entertain consideration of another bit of mis-information regarding the "public" chips employed on the Trezor devices.  Here is a two edged sword.  True; use of chips that are NOT proprietary means that all can write to and understand what happens with the chips.  That means that even a meager coder like myself can in fact easily code to these chips.  The beneficial fact is that since code and chips are public and open source, we can all examine the code that is driving the security of our Bitcoins.  I view that as a major plus.  On the other hand similar devices (no names given because this is not an attack on them) with closed system chips are not easily accessible by the public.  A coder with malicious intent would find it more difficult to mess with such a chip, but what happens inside that chip means we MUST trust the mfg.  What if our trust is misplaced?  There is NO way to know until its wayyyyyyyy too late where BTC is concerned.  I strongly contend that public open source coding and many eyes is the better method to maintaining our security.  Just my take on this.  Bottom line: I see no reason to worry about my coins on a Trezor. Common sense dictates that employing BIP39 (extended seed passphrases) with your hardware device is good OPSec!


http://saleemrashid.com/2017/08/17/extracting-trezor-secrets-sram/
Jump to: