Apparently, that's a bad idea. There's a way of figuring out that passphrases exist for a given Trezor seed, whereas if you don't use a passphrase, then it can be proved that you don't have any passphrased accounts pertaining to the same seed mnemonic.
can you expound upon this further? afaik, using passphrases for Trezor specific accounts is considered best practice. that's one. two,
how can an attacker figure out that passphrases exist for a given seed without you telling him? and third, how can it be proved you don't have any passphrased accounts w/o you telling him?
I don't know what he's talking about either. You can even have diversion accounts with different passphrases and lower amounts of coins, to throw someone off.
I believe he is talking about the fact that you have to
explicitly turn passphrases on with the Trezor... it's in the settings:
Theoretically, if an attacker has your device (and PIN) and they plug your device in open up the Trezor wallet, they will be able to check this setting to see whether or not you have enabled the passphrase protection. It could potentially be a flag that you may have a hidden passphrase that you have not provided. Although, you could argue that you just switched it on to check it out, but never used that feature...
So, while it might indicate that you
might have used passphrases, I wouldn't say that having the setting turned on was "conclusive proof" that you did.