21
|
Bitcoin / Hardware wallets / Re: Foundation Passport (FE) hardware wallet review and walkthrough
|
on: May 15, 2022, 09:11:26 PM
|
Does the Foundation ever consider sending the devices themselves from the EU, e.g. to Austria, Switzerland, etc.? Then you don't have to trust the reseller.
Yes, they ship international. But you can not deliver the package to the parcel lockers. Because of customs etc. there are problems. For example, Keystone has recently started to deliver directly from Europe.
|
|
|
22
|
Bitcoin / Hardware wallets / Re: Foundation Passport (FE) hardware wallet review and walkthrough
|
on: May 15, 2022, 10:01:26 AM
|
There are a few potential attacks if it were possible to remove the PIN, one of the most trivial to understand being the supply chain attack. Someone could resell a used unit as new by resetting the device and resealing everything. They could buy the device, flash a modified (insecure) firmware, remove the PIN and sell it to a victim. As far as I know, you need to set it up once (thus also seting a PIN) to flash a custom firmware. How does a non-technical person verify that it's a genuine Foundation Passport hardware wallet with a genuine firmware? You mentioned supply chain attacks, and since I only have experience with Ledger, I know that a fake Ledger device can't connect to official Ledger servers. So if someone in the supply chain replaced the HW with a fake one or made modifications to it, I wouldn't be able to use it with the official software. How does it work with Foundation's HW? You can read about it at 11.1 Passport Supply Chain Validation. https://github.com/Foundation-Devices/passport-firmware/blob/main/SECURITY/SECURITY.mdDoes the Foundation ever consider sending the devices themselves from the EU, e.g. to Austria, Switzerland, etc.? Then you don't have to trust the reseller.
|
|
|
24
|
Bitcoin / Hardware wallets / Re: How can you verify the firmware's source code?
|
on: April 30, 2022, 07:34:23 PM
|
I personally still often do recommend (open source!!) hardware wallets, even if the secure elements are closed source, since they are very practical to use (and I'm a big 'using Bitcoin' advocate).
I just want to clarify here that some secure elements like ATECC608 have Open Source hardware certifications since September 2020, and that is why it is possible to reproduce code for some hardware wallets like Passport. Note that this doesn't mean there is no NDA signed between microchip manufacturer and hardware wallet manufacturer, but it is still much better than what other chips are doing. Design of hardware is Open Source and here is one example of this chip being used by CERN with GPL license and documentation with datasheet is clearly available: https://github.com/ElectronicCats/ATECC608A-CroquettePassport hardware wallet is listed and certified by OSHWA UID US002005 in open source hardware association website: https://certification.oshwa.org/us002005.htmlEDIT: Trezor is certified as well: https://certification.oshwa.org/cz000005.htmlWhat about the ATECC608B?
|
|
|
26
|
Local / Projektentwicklung / Re: Bitcoin FullNode - Sammelthread
|
on: April 29, 2022, 07:17:08 PM
|
Danke. Dein Gehäuse sieht schick aus, aber meiner Meinung nach viel zu groß für mich. Du hast geschrieben gehabt, dass dir das Paket per DHL zugestellt wurde? Lieferung zur Packstation möglich?
|
|
|
28
|
Bitcoin / Hardware wallets / Re: Trezor mailing list breached
|
on: April 17, 2022, 10:44:02 PM
|
Am I the only one who thinks they're quickly becoming Ledger 2.0? Ledger took it one step further because they got hacked twice. They weren't at fault that Shopify got hacked. Well, their mistake was using Shopify, but not the hack itself. The second breach was the hack of one of their servers. They should be blamed for the second one. Someone posted a tweet not that long ago coming from Passport representatives in which they said that they are hosting the customer data on their own servers. They aren't using a service company like MailChimp. Probably dkbit98 since he is the thread started of the thread about Passport HW. Either way, it's a game of bingo. A game of who will get hacked next, not will it happen. ...and I'm sure they'll try to downplay the whole scandal the same way Ledger tried. Trezor's reddit page is relatively calm and we don't see the same shitstorm that the leak of Ledger's database caused. At least that's good. They still use a provider. Read the comments from @god_of_bitcoin's here: https://twitter.com/FOUNDATIONdvcs/status/1506353091305684995We self host our marketing software, which stores our email list and composes+automates emails.
We do use an SMTP service, which is pretty much impossible to avoid, but the provider purges each email from the log after 5 days. You can read it here: https://twitter.com/FOUNDATIONdvcs/status/1506353091305684995https://twitter.com/zachherbert/status/1508507819489824770
|
|
|
30
|
Bitcoin / Hardware wallets / Re: Thoughts about Passport hardware wallet
|
on: April 10, 2022, 02:59:20 PM
|
However, BitBox02 does not trust the secure element and therefore does not store any important information there, such as the seed. So far I only know the BitBox that has such a method. For example, the ledger stores the seed in the secure element. Maybe I expressed myself wrong or maybe I didn't understand it correctly.
Ah I see now what you wanted to say, they are using different method by encrypting seed words on main microprocessor and they use secure element for key derivation and for random number generator. Some people would argue that this is inferior model compared to other hardware wallets, because RNG number generator is not really random and if encryption is broken seed words can be easier broken on main processor. I would much ratter generate my own seed words offline using dices and then import them in Bitbox02 wallet, instead of thrusting some chip to do it for me. Many thanks for your response. What can you say about this criticism regarding air-gapped hardware wallet?. I'd appreciate it if you could say something about that. The seed can, for example, be extracted bit-by-bit via SD card (separate file, additional data in the PSBT or as an entry in FAT 1. A true Airgap system should also not read SD cards that were in an online computer. The communication between the hardware wallet and the computer is a bit slower, but not more secure.
This is also possible using QR codes. If you check the content of each QR code with a separate device, a lot can be ruled out, but subtle possibilities are also conceivable. If certain HWW now advertise with “encrypted QR codes”, the code naturally loses all transparency. The seed can potentially even be hidden in the bitcoin transactions themselves. The BitBox02 is the first hardware wallet that protects against this "nonce covered channel attack 9.
The fact that the BitBox02 is primarily made of plastic (and has no glass cover, for example) is a security feature. It is bonded internally with military grade epoxy and will be destroyed upon opening.
We publish all hardware schematics 4 (including Bill of Material 2) and an x-ray 13 of the BitBox02. If you want to check your BitBox02 yourself, you can have it x-rayed by a dentist and check that there are no additional chips inside.
Only signed firmware runs on the BitBox: several developers must sign the firmware, otherwise it will not run on the BitBox. We independently compile the release and compare the firmware checksum.
|
|
|
31
|
Bitcoin / Hardware wallets / Re: Thoughts about Passport hardware wallet
|
on: April 06, 2022, 08:42:35 PM
|
Passport Batch 2 using Microchip 608a secure element and BitBox02 ATECC608B?
Does Passport have a "dual chip" security concept like BitBox02 too?
Passport batch 2 hardware wallet is using same chips like previous batch_one device, that is ATECC608A + STM32H753. STM32 is general purpose microchip, ATECC608A is secure element used for storing seed phrases, and ATECC608B secure element is just improved version with security fixes. As far as I know only BitBox02 hardware wallet is using B version of that secure element in combination with microchip ATSAMD51J20A. To conclude, both hardware wallets are using dual-chip security concept, like most other hardware wallets available today that use secure elements. Thanks for your answer. The BitBox02 security architecture is designed towards these goals. We use two chips, a general purpose MCU and a secure chip in parallel, both with their unique strengths. Instead of running Bitcoin firmware directly on the secure chip, we run it on the MCU, meaning the code is fully open-source and auditable by anyone. Secrets are also stored on the MCU, but encrypted using multiple keys, including a key stored on the secure chip that can only be accessed using dedicated key derivation functions (KDF).
Compared to only using an MCU, this setup provides additional security features:
Reading the encrypted data directly from the MCU is useless in itself Enforcing a delay during each unlock attempt to slow down brute-force attacks Limiting the maximum number of unlock attempts over the whole lifespan A true random number generator (RNG), without the need to trust it Secure storage of a unique attestation keys to ensure only officially signed firmware can be used
Again, we don’t want to trust the secure chip. This is why our security architecture makes sure that the secure chip can never learn any cryptocurrency-related secrets. In the unlikely case that the secure chip is compromised and behaves maliciously, the overall security degrades to the security level of not using a secure chip in the first place, still securing your secrets using the user password and the MCU key.
However, BitBox02 does not trust the secure element and therefore does not store any important information there, such as the seed. So far I only know the BitBox that has such a method. For example, the ledger stores the seed in the secure element. Maybe I expressed myself wrong or maybe I didn't understand it correctly.
|
|
|
33
|
Local / Deutsch (German) / Re: Ledger (Live) - Angebote / Diskussion / Hilfe
|
on: April 01, 2022, 09:47:34 PM
|
Wenn es bisher noch kein offizielles Schreiben oder eine Mitteilung von Ledger gab, hat nicht mal einer Lust, die anzuschreiben? Also wer dort Kunde ist?
Email sent by Ledger to one of Hackread.com’s team members (Image credit: Hackread.com Erst auf Nachfrage gab es eine Antwort drauf. Quelle: https://www.hackread.com/hubspot-data-breach-cryptocurrency-companies-impacted/We are in regular communication with the Hubspot team and at this time we have no full confirmation that Ledger users are affected by the data breach. Das ist schon traurig aber, wer das glaubt Swan und BlockFi gaben schon an das Namen, E-Mail-Adressen und Telefonnummern gespeichert waren beziehungsweise betroffen sind.
|
|
|
35
|
Local / Deutsch (German) / Re: Ledger (Live) - Angebote / Diskussion / Hilfe
|
on: March 26, 2022, 01:16:25 PM
|
Die meisten Besitzer von etwas Bitcoin oder anderen Kryptowährungen werden sich für Kleckerbeträge kaum ein HArdware Wallet zulegen. Aber wer einen Gegenwert von ein paar Tausend Euro hat, denkt hier schon sicherlich anders und bestellt sich so ein Teil. Ja und jetzt wird man schon zum zweiten Mal deswegen ungewollt zur Zielscheibe Genau da is das Problem.. Ich denke/hoffe das die hauseigenen Serer von Ledger genauso Sicher in wie die Hardwarewallets selbst, denn diese Problematik ist denen ja ganz sicher auch bewusst. Eigentlich hilft es nur richtig Geld in die Hand zu nehmen und auf externe Dienstleister zu verzichten, denn eine Zusicherung eines dritten, das alles sicher läuft ist ja wie wir nun erneut sehen nichts Wert. Allerdings ist dies auch nicht eben mal schnell nebenher alles selbst in die Hand genommen, das es alles In-House funktioniert und vor allen auch (dauerhaft) sicher ist. Das wäre ein gewaltiger Schritt den Ledger gehen müsste, aber m.M.n. eigentlich der einzigst richtige bei solch sensiblen Daten. Auch wenn man es dann nicht mehr auf Drittanbieter schieben kann, wenn es in Zukunft unter diesem Szenario doch noch mal nen Leak gäbe und ein Shitstorm dann nochmals um Welten größer wäre. Warum werden die sensiblen Daten/Informationen solange aufbewahrt? Als Beispiel Bitbox: Wenn du bei uns kaufst, müssen wir dir unsere Produkte zusenden können. Du gibst uns die Versandadresse in unserem eigenen, selbst gehosteten Webshop an. Aus betrieblichen Gründen speichern wir diese Daten bis zu 30 Tage. Nach diesem Zeitraum werden die Informationen anonymisiert, d.h. alle persönlich identifizierbaren Daten werden aus unserem Shopsystem gelöscht.
Aufgrund gesetzlicher Vorgaben müssen wir die Rechnungsbelege für bis zu zehn Jahre aufbewahren: diese Kopien bewahren wir auf einem verschlüsselten Archivspeicher auf, welcher für Drittdienste nicht zugänglich ist. Quelle: https://shiftcrypto.ch/blog/wie-shift-crypto-deine-personlichen-daten-schutzt/Update: Bisher haben sich nur Swan, Unchained und NYDIG zu dem Hack gemeldet. Ob sich Ledger überhaupt noch meldet??? Kann jedem nur dringend davon abraten, sich bei dem Unternehmen was zu kaufen.
|
|
|
37
|
Local / Deutsch (German) / Re: Ledger (Live) - Angebote / Diskussion / Hilfe
|
on: March 24, 2022, 08:43:18 PM
|
- They never fail to disappoint their users [at least they're consistent] They have to be idiots to release new devices like this without proper testing, but do you know whats even more interesting? Surprise surprise and NEW breach and data leak happened with ledger AGAIN, and that is confirmed officially by ledger team, this time because they uses bloody Hubspot that got hacked on March 18. Let's get ready for millions of new spam emails and letters delivered to ledger customers... oh it must be so much ''fun'' to be a ledger user (not) I am standing by my words, ledger is the WORST hardware wallet company in the world. source: ledger.com Suggestion from legder is .... to ... stay..... c a l m... Weitere Quelle: https://www.hackread.com/hubspot-data-breach-cryptocurrency-companies-impacted/
|
|
|
39
|
Bitcoin / Hardware wallets / Re: Secure Element in Hardware Wallets
|
on: December 16, 2021, 11:43:50 AM
|
Trezor releasing their new device with SE in 2022? Any ETA?
Nobody knows exact date and time especially with global chips shortage and problems with supply chain, but it is planned for the end of 2022. You can follow Trezor Tropic Square for news, and I will probably post any new information I hear in due time here. Important thing here is that this would be the first open source secure element, without secret NDAs signed.
List is updated and new secure element ST33K1M5C added for ledger Nano S Plus device that is not yet officially released. I also made separate entries for currently available ledger hardware wallets because they all have different secure elements. Thank you.
|
|
|
|