Even a insecure Trezor better than storing ur funds on Kraken (any exchange)
I'm a bit tired of these Security-PR-Dunking, #AttackFetish?
Everyone already knew Trezor is an insecure, plenty of security researchers showed that
Maybe less fanfare?
1/5https://twitter.com/krakenfx/status/1223253508956266496 …
-
-
Some examples: - Design the device in a way to increase risk of said device to break under attack. If you break it you can't take the secrets - Add layers of defences to increate the attackers need for more knowhow and complex equipment - At minimum use a basic Secure Element 3/5
Prikaži ovu nit -
Using a closed-source design (ie Ledger) relies on security-by-obscurity, but it does prevent PR FUD attacks by raising the bar of research. And to be fair, Ledger's Closed SE has good amount of hardware protections But IMHO it's a design trade-off I'm not willing to make 4/5
Prikaži ovu nit -
But going back to these Security-PR-Dunking,
#AttackFetish stunts.The industry is spending valuable time on things that aren't meaningfully increasing security (we all knew Trezor was already insecure) It only causes FUD/Panic on users who may hastily move funds insecurely 5/5Prikaži ovu nit -
-
Other consideration, seed generation.Trezor does not have a TRNG or secure MCU & Ledger is closed.I would not be comfortable generating my seed in neither of those devices. Heck I don't trust even the way we make. USE YOUR OWN entropy with dice for examplehttps://twitter.com/COLDCARDwallet/status/1221500551159894017 …
Prikaži ovu nit
Kraj razgovora
Novi razgovor -
-
-
Passphrase fix it
-
Paper wallet would offer the same for cheaper then.
- Još 6 drugih odgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
It took Kraken Security Labs just 15 minutes to hack both of
