[ 3 / biz / cgl / ck / diy / fa / ic / jp / lit / sci / vr / vt ] [ index / top / reports ] [ become a patron ] [ status ]
2023-11: Warosu is now out of extended maintenance.

/biz/ - Business & Finance

View post   
File: 749 KB, 800x777, trez.png [View same] [iqdb] [saucenao] [google]
14069764 No.14069764 [Reply] [Original]

Trezor BTFO
Ledger masterrace prevails once again

>> No.14069778

>>14069764
I was literally going to buy one on payday, now what?

>> No.14069788

>physical access is necessary

>> No.14069789

>>14069778
>Buy an USB stick
>put wallet on it
>encrypt
>Funds are safu

>> No.14069790

>>14069778
Wait for price drop, buy anyway. Whoever does this could easily break your fingers to find out your passphrase or seed directly

>> No.14069792

>>14069764
>physical access is necessary
pls, do try to get into my house kek, hope you find the ledger before my dogs eat you or i shoot you.

>> No.14069849

>>14069792
>nigger steals your coins
>sells it for crack money to some computer wizard
>u r fuckd homie

>> No.14069877

I know this is trezor only but you don't need to have your wallets "active". Once you have the back up phrase wipe your wallet. Having the wallet + phrase just increases the angles you can be attacked.

>> No.14069882
File: 23 KB, 989x688, tf23me4.jpg [View same] [iqdb] [saucenao] [google]
14069882

>>14069764
>>physical access is necessary

>> No.14069892

>>14069764
I'm cumming

If you spend that much for a glorified USB stick then you deserve to lose all your coins tbf

>> No.14069911

>>14069789
even easier to hack, just needs a trojan on your computer for the next time you unlock it, doesnt need physical access either

>> No.14069926
File: 26 KB, 448x274, security.png [View same] [iqdb] [saucenao] [google]
14069926

Here's some actual source since OP didn't think to include it with his aids infested faggot brain.

Ledger's security report on Trezor:
https://cointelegraph.com/news/ledger-discloses-five-reported-vulnerabilities-in-two-models-of-trezor-hardware-wallets

Trezor's Response:
https://blog.trezor.io/our-response-to-ledgers-mitbitcoinexpo-findings-194f1b0a97d4

tl;dr
Too long, did not read
>Supply Chain Attack: Out-of-scope, affects all hardware in transport, no 100% solution, all companies have different methods to mitigate this
>Software Crappy Attack: Non-exploitable, patched
>Side Channel PIN Attack: Patched
>Side Channel Attack Scalar Multiplication: Non-exploitable, PIN required
>Surprise Concluding Attack: Not disclosed fully, implications for all hardware devices based on ST microchips, mitigated by passphrase
>Starting off, we would like to highlight the fact that none of these attacks are exploitable remotely. All of the demonstrated attack vectors require physical access to the device, specialized equipment, time, and technical expertise.

>> No.14069960

>>14069778
Use a paper wallet like a white male.

>> No.14069961

>>14069911
If you are too stupid to protect your battle station and able to clean it, you shouldn't be allowed to own a pc, simple as that.

>> No.14069990

I don't care, my funds are SAFU on CZ daddy's exchange.

>> No.14070004

>>14069764
holy shit the spiritual successor to print spooler back on top. who could have seen this coming . is it dare i say it /ourspyware/ ?

>> No.14070031

>>14069961
meanwhile, you're running windows 10 (for muh gaymen PC) and have all telemetry enabled.

inb4
>"nuh uh, I have an elaborate encrypted hidden airgapped linux distro running laptop locked up in the basement that I pull out and plug into ethernet on a segregated home network that connects to a private VPN whenever I want to send my friend $5 in Dogecoin, because that's way more secure than your glorified USB stick brainlet!"

>> No.14070033

>>14069960
What if lamenation is impossible?

>> No.14070202

>>14069788
This
You have your private key in plain text anyway

>> No.14070406
File: 7 KB, 232x217, mfw.jpg [View same] [iqdb] [saucenao] [google]
14070406

>>14069764
>physical access is necessary

>> No.14070458

>>14069788
This. Lol. If they're already in your house then you have bigger problems. Also keep a copy somewhere and you can move your shit before they get it.

Also hide your shit well, and they won't in the first place. If you're storing long term you can even wipe your device temporarily, and reset it with your seed each time you use it..

This is nothing. Same as "zomg RAM in PC is vulnerable if the CIA breaks into your house and connects something to your PC within 20 seconds after shut down".

>> No.14070542

The only people that are going to "steal" your crypto are the fucking government, not niggers or some eastern european thugs

They can snap their fingers and freeze/seize every single account you have and seize every bit of your property - and they will hold all of it until "this crypto business is sorted out, you're under suspicion of money laundering"

>> No.14070559

>>14070542
this. just read anything about anyone that cashed out

>> No.14070785

>>14069788
>>14069882
>>14070202
>>14070406
>>14070458

Still a problem. You can break up your recovery phrase and store it in secure locations that you don't have to access frequently, locked in safes around the world, etc. The whole point of a hardware wallet is to use your keys while also keeping it safe. So it is a problem if you get your trezor stolen and anyone can spend $100 on hardware to recover you keys.