Conversation
Replying to
Trezor Model T has open source firmware, passphrase protection based on a passphrase entered on the device and supports U2F, SSH and GPG in addition to being a Bitcoin wallet. Passphrases are dynamically mixed with the main seed protected by the hardware so there's deniability.
3
1
1
Replying to
1
Replying to
Using a full blown Linux environment would be dramatically less secure from having far larger attack surface and wouldn't resolve hardware attacks based on physical access. This is an attack that needs to be hardened against at the hardware level and can't ever truly be solved.
2
3
4
Replying to
I trust Linux dm-crypt / luks trust full disk encryption more. Once power is off, all bets are on. No compromise reports yet (when using strong passphrases). Can be combined with air gaped computer. ^PS
1
Replying to
The primary attack vector for a hardware wallet is an online attack. Linux has drastically more attack surface for either an online attack or physical attack vector when powered on. Trezor's passphrase feature doesn't store it so it's deniable with any number of hidden keys.
1
1
3
Using Linux for this, especially with the typical userspace, is drastically less secure than running a tiny hardened crypto application in a minimal embedded environment. I don't understand why you would want that. Linux has garbage security even for a general purpose OS...
... and this is a bad use case for a general purpose OS. It also doesn't store data but rather a seed used to generate keys to access data. The passphrase is appended to the seed phrase before deriving the main key from it. Encrypting it with the passphrase would be a downgrade.
1
You linked to a post about a physical attack vector on an SoC which is entirely applicable to a Linux installation. The post is also dishonest and pushing misinformation, but you're misunderstanding it if you think Linux is better. Linux is far more vulnerable to the same attack.
1
Show replies