|
Title: What keeps trezor to keep the private key? Post by: glub0x on May 27, 2017, 06:59:13 AM So i am very happy with those trezor for everyday spending (no big stash).
Thanks to them i almost double my use of btc over the year. It is much more easy than my multiple small paper wallet. But my father came up with a question i couldn't answer even though it looks obvious: " what guarantee me that they do not have my private key?" Title: Re: What keeps trezor to keep the private key? Post by: ViceOfBTC21 on May 27, 2017, 07:13:06 AM They use open-source software that can be verified and verifiable hardware. It's proven that they software and hardware is safe. They also embedded random RNG in Trezor.
Title: Re: What keeps trezor to keep the private key? Post by: ranochigo on May 27, 2017, 07:16:51 AM Nothing.
They can easily push an update to capture your private key and send it to your server. This requires you to manually accept it. The main thing that is keeping them from stealing it isn't it being opensourced. You cannot blindly trust them. You have to manually review and verify it yourself or there is still a risk. As long as you can verify the code, you are pretty much safe. Title: Re: What keeps trezor to keep the private key? Post by: cryptoheadd on May 27, 2017, 07:31:12 AM Nothing. They can easily push an update to capture your private key and send it to your server. This requires you to manually accept it. The main thing that is keeping them from stealing it isn't it being opensourced. You cannot blindly trust them. You have to manually review and verify it yourself or there is still a risk. As long as you can verify the code, you are pretty much safe. This pretty much explains it. I'd recommend using Trezor with Electrum wallet. (That's what I do.) Title: Re: What keeps trezor to keep the private key? Post by: glub0x on May 27, 2017, 09:44:47 AM ok interesting reading :)
how does an electrum wallet protect from anything? Title: Re: What keeps trezor to keep the private key? Post by: ranochigo on May 27, 2017, 09:58:09 AM ok interesting reading :) Electrum wallet doesnt do anything except to get transaction information and to broadcast transaction. It doesn't help in your security, with that being the main point of hardware wallets to reduce dependent on a device that you use frequently.how does an electrum wallet protect from anything? It does have a nice and easily understandable UI though. Title: Re: What keeps trezor to keep the private key? Post by: fanita on May 27, 2017, 10:18:25 AM They always use verifiable software and hardware.
With this proving that they are using secure software. Title: Re: What keeps trezor to keep the private key? Post by: Iranus on May 28, 2017, 10:51:26 PM Nothing. Actually you can pretty much blindly trust them (without personally checking the code). All you have to do is wait for a week or so after they release an update, then search TREZOR related threads and boards to find if anyone has decided the update is malicious or faulty. If you're not competent at reading through it yourself, there's no point trying too hard with little outcome.They can easily push an update to capture your private key and send it to your server. This requires you to manually accept it. The main thing that is keeping them from stealing it isn't it being opensourced. You cannot blindly trust them. You have to manually review and verify it yourself or there is still a risk. As long as you can verify the code, you are pretty much safe. |