A ledger co-founder posted this blog post (below). They admit they had the expertise to pull it off, they let Trezor know, and that a firmware update can’t fix it. Of course, someone would have to care enough to steal your device (past any physical security) AND have the know-how, which likely would never happen unless you bragged on your YouTube channel about how my crypto you had on your Trezor you kept under your pillow and were then targeted. Thoughts?
https://blog.ledger.com/Unfixable-Key-Extraction-Attack-on-Trezor/
Unfixable? What about with sd-protect?
Lord, this is nothing new. You’re bringing up topics that are years old and have known mitigations.
It is known that Trezor is vulnerable to physical attacks. While it’s more vulnerable than others, any device is vulnerable if you have physical access to it.
That is why the passphrase (hidden wallet) is so important. Your seed generates a wallet. A seed plus passphrase generates a whole new (hidden) wallet. Without the passphrase, the seed won’t generate the hidden wallet.
https://www.reddit.com/r/ethereum/comments/c8w6fb/unfixable_seed_extraction_on_trezor_a_practical/?utm_source=share&utm_medium=ios_app&utm_name=ioscss&utm_content=1&utm_term=1
https://trezor.io/learn/a/encrypt-pin-with-microsd-card
Should do the trick right?
A simple passphrase fixes this lol. How about Ledger not creating back doors.
shameless…
Destroyed themselves and now, trying to destroy the competitor….
No words to describe this kind of strategy…