Trezor is dead.
https://medium.com/@Zero404Cool/trezor-security-glitches-reveal-your-private-keys-761eeab03ff8
>>3112568
Glad I went for Ledger nano
>>3112568
Welp tike to order a ledger before it goes out of stock forever
and they laughed at me for having my coins insured and in cold storage with coinbase
>>3112568
FUCKKKKK. Good thing I keep mine in a safe and only use it on my home PC.
>>3112568
I was gonna buy one of these, thanks OP
>>3112568
already patched
>>3112682
Link? In OP's link it says there is nothing they can do.
This is fixed and needs physical access not remote access
If you are going to invest money in cryptos you better learn how to use a paper wallet.
>>3112656
Op here, welcome.
>>3112682
As an electronic engineer, nothing can be done for already sold units.
The chip itself has a fault AND the software didn't crypt data on RAM.
So, else if you reprogram it, there is no way to fix already sold unit.
>>3112794
Internal acces not required but simpler than messing with USB power lines.
>>3112568
i just use a cheap offline machine and double encrypted usb sticks (blowfish and aes256)
why not more people just airgap ?
>>3112888
Because spending the coins is a more involved process than simply sticking your hardware wallet in.
But I agree, it's the better option.
>>3112568
All you have to do is turn on encryption, and nobody will be able to steal shit even if they were to do this attack.
https://doc.satoshilabs.com/trezor-user/advanced_settings.html
>>3113051
It have to be tested.
This attack dumps the RAM, not the ROM.
So, data may be encrypted on ROM, if at start, you uncrypt everything and keep it in RAM, it's unsecure.
>>3112568
I really see no purpose in these, why don't people just keep their coins/wallet/keys on truecrypt encrypted USBs?
>>3113115
>truecrypt
Isnt that obselete ?, are you suppose to use veracrypt now
>>3113115
Doesn't make any sense. No security. You would need an offline PC either way to get similiar functionality.
>>3112568
>Dead
>Post medium FUD with wrong information
>Post about old issue that Trezor ALREADY fixed
>Doesn't go out and look at the information
>Just believes what he's told like a good goy
>Doesn't know that if you have a PW you're fine
>Doesn't know that if your wallet is hidden you're fine
>>3112592
>Coinbase
>>3112616
>PC
>>3112771
>Literally can't research on his own
>>3112888
>USB sticks
>>3113115
>truecrypt
The minority of /biz/ are alright but there is a majority of you ignorant fools. You people are going to run crypto straight into the ground if you don't get your shit together.
>>3113197
Fuck you I want to be spoonfed
>>3113197
i just wrote down my public key and the private in safe in bank double encrypted is bad idea? i wont sell out to fuckin whales anyway
>>3113101
the encryption works by turning your passphrase into a 25th word of the seed, and even you cannot get your coins out if you forget that word. The only way to hack it then is to get that word from you. You could literally just tell them your recovery seed, and they still wouldn't be able to do shit.
>>3112568
just do a firmware update, this has been fixed...
>>3113197
Trezor is colluding with blochstream...
Security model is broken by design. ST microcontrolles can't provide the encryption primitives needed to securely store the private keys.
So even if they update the firmware, a forencics specialist could still dump everything.
>>3113197
>>3113342
>>3113501
HOW THE FUCK YOU GUYS AREN'T DOING COLD STORAGE WITH ONE OFFLINE & ONE ONLINE PC: https://www.cryptocompare.com/wallets/guides/how-to-make-a-bitcoin-offline-transaction/
>>3112579
this
who the FUCK needs a "hardware wallet" when you can just use a flash drive
>>3114519
you need a flash drive and an airgapped computer, plus it's annoying as fuck to have to move Txs between your airgapped machine and your internet-connected one
With that said I (sort of) do it that way because I don't trust any of this hardware. I have a $20 pi exposed on my LAN with only port 22 accessible where I sign my Txs and then scp the Tx to my main machine. I keep an encrypted backup of my wallet seed on my main machine and the encryption password in a keepass db. I store the encrypted seed on OneDrive and the encrypted KeePassDB on google drive. I also have two flash drives, one to hold my wallets and the other to hold my keepassdb. I keep one at work and one at home.
Everything women touch turns to shit
>>3114519
At this point I just use paper wallets and create a few backups.
If I can't understand every single possible nuance of it, I'm not using it. I use bitaddress.org only, on an offline computer, have read through the open source and understand all the hashing and all that, and then encrypt that and copy it by hand onto paper wallets because printers store what they print temporarily and I don't want that.
So I'm pretty good here.