crazy_rabbit
Legendary
Offline
Activity: 1204
Merit: 1002
RUM AND CARROTS: A PIRATE LIFE FOR ME
|
|
November 29, 2013, 02:48:36 AM |
|
When I paid for my Trezor on the first of October, Bitcoin was valued at $140.00USD. I felt comfortable buying one for that much fiat, but I would not consider buying one for $800.00USD.
I actually bought two of them- the plastic ones. Stick- would it be possible to 'upgrade' mine to the Metal bodies? Considering the BTC I send is now worth over a $1000? :-)
|
more or less retired.
|
|
|
FlappySocks
|
|
November 29, 2013, 02:59:51 AM |
|
I'm hoping there will be some form of gift to those that paid early. Maybe a free or at least heavily discounted 2ng generation model, whenever that comes out.
It will have NFC built into it hopefully, so it can be used at the checkout, as well as in your mobile.
|
|
|
|
crazy_rabbit
Legendary
Offline
Activity: 1204
Merit: 1002
RUM AND CARROTS: A PIRATE LIFE FOR ME
|
|
November 29, 2013, 03:32:31 AM |
|
I'm hoping there will be some form of gift to those that paid early. Maybe a free or at least heavily discounted 2ng generation model, whenever that comes out.
It will have NFC built into it hopefully, so it can be used at the checkout, as well as in your mobile.
That would be nice too!
|
more or less retired.
|
|
|
jballs
|
|
November 29, 2013, 03:44:23 AM |
|
When I paid for my Trezor on the first of October, Bitcoin was valued at $140.00USD. I felt comfortable buying one for that much fiat, but I would not consider buying one for $800.00USD.
If you sell me ten bitcoins at the April 13 price I will buy your hardware wallet back from you for the current price. Fair enough, right? If the BTC had dropped to $20 you would... ? (I know the real world answer but y'all have a pretty different ethosphere here so I'm actually not sure). Like watching the Weimar Republic in reverse. Pretty cool actually. Totally worth the education if you look at it that way. See: deflationary spiral... cheers...
|
|
|
|
bernard75
Legendary
Offline
Activity: 1316
Merit: 1003
|
|
November 29, 2013, 09:19:03 AM |
|
I'm hoping there will be some form of gift to those that paid early. Maybe a free or at least heavily discounted 2ng generation model, whenever that comes out.
It will have NFC built into it hopefully, so it can be used at the checkout, as well as in your mobile.
That would be nice too! Discouted upgrade would be nice indeed.
|
|
|
|
stick
|
|
November 29, 2013, 09:41:51 PM |
|
I actually bought two of them- the plastic ones. Stick- would it be possible to 'upgrade' mine to the Metal bodies? Considering the BTC I send is now worth over a $1000? :-)
Unfortunately no. Bitcoins were exchanged to Euro to cover productions costs, not held to speculate on exchange rate.
|
|
|
|
chrisrico
|
|
November 30, 2013, 12:26:47 AM |
|
Unfortunately no. Bitcoins were exchanged to Euro to cover productions costs, not held to speculate on exchange rate.
What was the purpose of having the cost a fixed amount of bitcoin, rather than floating against the euro, then?
|
|
|
|
dingrite
Newbie
Offline
Activity: 11
Merit: 0
|
|
November 30, 2013, 01:13:43 AM |
|
I actually bought two of them- the plastic ones. Stick- would it be possible to 'upgrade' mine to the Metal bodies? Considering the BTC I send is now worth over a $1000? :-)
Unfortunately no. Bitcoins were exchanged to Euro to cover productions costs, not held to speculate on exchange rate. You claim your device provides security, could you explain how does it provide security comparable to an airgapped computer? What if malware intercepts wallet sign request and give out a forged request to the device when you legitimately ask it to sign something? The person with the device will have to read the small screen each time to be sure he isn't about to sign away all his bitcoins. How many will do so, especially if the malware is careful and does it only after it detects mass manual transactions when a user is less likely to pay attention for example? You failed to respond to my earlier post, I wonder why.
|
|
|
|
gweedo
Legendary
Offline
Activity: 1498
Merit: 1000
|
|
November 30, 2013, 02:07:33 AM |
|
I actually bought two of them- the plastic ones. Stick- would it be possible to 'upgrade' mine to the Metal bodies? Considering the BTC I send is now worth over a $1000? :-)
Unfortunately no. Bitcoins were exchanged to Euro to cover productions costs, not held to speculate on exchange rate. You claim your device provides security, could you explain how does it provide security comparable to an airgapped computer? What if malware intercepts wallet sign request and give out a forged request to the device when you legitimately ask it to sign something? The person with the device will have to read the small screen each time to be sure he isn't about to sign away all his bitcoins. How many will do so, especially if the malware is careful and does it only after it detects mass manual transactions when a user is less likely to pay attention for example? You failed to respond to my earlier post, I wonder why. These questions have been answered before. Also malware can't forge a request because it shows you the request and you have to enter a pin to sign that transaction. If someone doesn't read the screen then that is their fault and shouldn't be upset if their coins are stolen.
|
|
|
|
dingrite
Newbie
Offline
Activity: 11
Merit: 0
|
|
November 30, 2013, 03:25:26 AM |
|
I actually bought two of them- the plastic ones. Stick- would it be possible to 'upgrade' mine to the Metal bodies? Considering the BTC I send is now worth over a $1000? :-)
Unfortunately no. Bitcoins were exchanged to Euro to cover productions costs, not held to speculate on exchange rate. You claim your device provides security, could you explain how does it provide security comparable to an airgapped computer? What if malware intercepts wallet sign request and give out a forged request to the device when you legitimately ask it to sign something? The person with the device will have to read the small screen each time to be sure he isn't about to sign away all his bitcoins. How many will do so, especially if the malware is careful and does it only after it detects mass manual transactions when a user is less likely to pay attention for example? You failed to respond to my earlier post, I wonder why. These questions have been answered before. Also malware can't forge a request because it shows you the request and you have to enter a pin to sign that transaction. If someone doesn't read the screen then that is their fault and shouldn't be upset if their coins are stolen. They changed it to a pin? Shows only 2 buttons in their video. And it's easy to say those problems were mentioned before, a source would help. It's called social engineering, if you carefully listen for multiple transactions where the user has to sign each one it would be easy to interject your own and have a large fraction of users fall for it. Likewise if it lets you sign multiple transactions at once on that puny screen you just insert your own. Why would people want a device like that? Get an old PC, airgap it, store wallet on it. Sign stuff and propagate signed messages from any online PC. Anything else is asking for malware to steal it, no encryption would help you since the computer at some point has to know your private key to sign a transaction - the moment it knows it malware can get it. And the funny thing is if you are cheap you don't need a second PC even, put an encrypted *nix OS onto a USB with networking disabled, sign transaction, copy onto another usb without any encryption the signed transaction and propagate it from your insecure windows. The more I think about the concept of this device the more it seems to be intended for idiots. All theater, no actual security.
|
|
|
|
FlappySocks
|
|
November 30, 2013, 03:40:07 AM |
|
no encryption would help you since the computer at some point has to know your private key to sign a transaction
I thought the Trazor signed the transaction?
|
|
|
|
dingrite
Newbie
Offline
Activity: 11
Merit: 0
|
|
November 30, 2013, 05:57:51 AM |
|
no encryption would help you since the computer at some point has to know your private key to sign a transaction
I thought the Trazor signed the transaction? It does, I was referring to when you just run a client and then encrypt your wallet in fancy ways. Most of that is useless. The more I think about the concept of this device the more it seems to be intended for idiots. All theater, no actual security.
This is when people will stop answering you, but some of the smartest people in bitcoin endorse this and actually have helped to make it more even more secure. I guess those people are idiots. And you think endorse equals use? I doubt those smart people would care to entrust private keys to a new device. Not to mention they are selling it for so much they all probably got a piece of the pie. But then it's intended for people who know nothing of security. Google "security theater" maybe it will help you realize why you wasted your money.
|
|
|
|
JTrain_51
Member
Offline
Activity: 84
Merit: 10
|
|
November 30, 2013, 06:01:37 AM |
|
Looks real nice I would have no use and im not sure many others will considering the internet is everywhere and they can just use blockchain.info
Also I am pretty sure this was announced in September so I real do not see why this must be announced twice But I still support this product because it looks nice!
|
|
|
|
jojo69
Legendary
Offline
Activity: 3388
Merit: 4755
diamond-handed zealot
|
|
November 30, 2013, 06:42:26 AM |
|
And you think endorse equals use? I doubt those smart people would care to entrust private keys to a new device. Not to mention they are selling it for so much they all probably got a piece of the pie.
But then it's intended for people who know nothing of security. Google "security theater" maybe it will help you realize why you wasted your money.
aaaaaaaaaaaaaaaaaaaaaaaaand ignore engaged
|
This is not some pseudoeconomic post-modern Libertarian cult, it's an un-led, crowd-sourced mega startup organized around mutual self-interest where problems, whether of the theoretical or purely practical variety, are treated as temporary and, ultimately, solvable. Censorship of e-gold was easy. Censorship of Bitcoin will be… entertaining.
|
|
|
dingrite
Newbie
Offline
Activity: 11
Merit: 0
|
|
November 30, 2013, 03:09:03 PM |
|
The more I think about the concept of this device the more it seems to be intended for idiots. All theater, no actual security.
This is when people will stop answering you, but some of the smartest people in bitcoin endorse this and actually have helped to make it more even more secure. I guess those people are idiots. And you think endorse equals use? I doubt those smart people would care to entrust private keys to a new device. Not to mention they are selling it for so much they all probably got a piece of the pie. But then it's intended for people who know nothing of security. Google "security theater" maybe it will help you realize why you wasted your money. I really doubt that people got a piece of pie, considering how expensive it is to develop hardware, plus they converted the bitcoins to fiat. So yeah. Also as for me not knowing anything about security, I have many sites that I have been contracted to do security on them. So yeah. The trezor just fits into my eco-system of bitcoin so I guess it doesn't work for you. Pre-orders aren't for everyone only the people that actually understand what a pre-order means. Looks real nice I would have no use and im not sure many others will considering the internet is everywhere and they can just use blockchain.info
Also I am pretty sure this was announced in September so I real do not see why this must be announced twice But I still support this product because it looks nice!
This is why you probably need it! Blockchain is very unsecure wallet, but they are planning to add trezor support and that would make them very much the most secure web wallet known. What security? Securing PHP against SQL injection and include? Do you know about various buffer overflows and how to exploit them? Do you know about how are ROP chains used to defeat DEP and partial ASLR? We are talking about third party hardware here, one that has to accept various inputs through a USB. It opens such a vast attack surface you probably can't imagine it. So lets ask the developers, are they planning to do complete ASLR on their little device? If not no one should trust it at all. Although no one will probably bother exploiting it if it will have a small user base.
|
|
|
|
NewLiberty
Legendary
Offline
Activity: 1204
Merit: 1002
Gresham's Lawyer
|
|
December 05, 2013, 06:43:30 PM |
|
The more I think about the concept of this device the more it seems to be intended for idiots. All theater, no actual security.
This is when people will stop answering you, but some of the smartest people in bitcoin endorse this and actually have helped to make it more even more secure. I guess those people are idiots. And you think endorse equals use? I doubt those smart people would care to entrust private keys to a new device. Not to mention they are selling it for so much they all probably got a piece of the pie. But then it's intended for people who know nothing of security. Google "security theater" maybe it will help you realize why you wasted your money. I really doubt that people got a piece of pie, considering how expensive it is to develop hardware, plus they converted the bitcoins to fiat. So yeah. Also as for me not knowing anything about security, I have many sites that I have been contracted to do security on them. So yeah. The trezor just fits into my eco-system of bitcoin so I guess it doesn't work for you. Pre-orders aren't for everyone only the people that actually understand what a pre-order means. Looks real nice I would have no use and im not sure many others will considering the internet is everywhere and they can just use blockchain.info
Also I am pretty sure this was announced in September so I real do not see why this must be announced twice But I still support this product because it looks nice!
This is why you probably need it! Blockchain is very unsecure wallet, but they are planning to add trezor support and that would make them very much the most secure web wallet known. What security? Securing PHP against SQL injection and include? Do you know about various buffer overflows and how to exploit them? Do you know about how are ROP chains used to defeat DEP and partial ASLR? We are talking about third party hardware here, one that has to accept various inputs through a USB. It opens such a vast attack surface you probably can't imagine it. So lets ask the developers, are they planning to do complete ASLR on their little device? If not no one should trust it at all. Although no one will probably bother exploiting it if it will have a small user base. I don't know much about how they are planning to do it, but based on just the reading here, I would guess that ASLR is somewhat obviated through the ARM Invariant-timing packets and overflow handling, and FIFO overflow protection. Careful implementation of stall processing can stall the processor until the FIFO buffer is empty. This is a pretty safe defense even against the stack smashing ROP chains, but might still be exploitable through a environmental corner attack, if you can find enough edges. It is possible that they have chosen an architecture that doesn't include FIFOFULL operations. Maybe they will clarify. Or maybe they will leave us guessing and let those that are going to try to break them predictably using this method to their own devices. In that case I guess we will have to buy a few devices to find out.
|
|
|
|
dnaleor
Legendary
Offline
Activity: 1470
Merit: 1000
Want privacy? Use Monero!
|
|
December 20, 2013, 10:39:51 PM |
|
Do you guys have already a shipping date in mind? I can not wait to test this device! And for the critics: this device is designed to be used for non-geeks. There is a lot of potential for investors who are >30 years old and do not want a "live linux USB" or unsderstand how armoury works. It is a GREAT product. I only came across it when BTC was 150 USD and I found it a little too expensive (I am relatively late to the crypto world. Never heard of it although I am interested in programming/computers/economy). But when there was an opportunity to buy 2 for 1 BTC, I jumped in, found someone who also wanted a device and became a supporter since then. I have met a lot of people who are hesitating to buy BTC because the storage issue is so complex. I refer them to a blockchain.info account (which is the most user friendly at the moment in my opinion) but I tell them: even when you take a backup, you do not want a keylogger on your PC because you will loose your coins. Then most of them are scared and ask, is there a better way. And then I tell them that currently, there is NO non-technical easy to use storage option for BTC. But I also tell them to check Bitcoin Trezor
|
|
|
|
FlappySocks
|
|
December 20, 2013, 10:55:55 PM |
|
There is a lot of potential for investors who are >30 years old and do not want a "live linux USB" or unsderstand how armoury works.
>30! Jeez I feel old now.
|
|
|
|
JLM
|
|
December 23, 2013, 01:38:33 PM |
|
Hi. Did you start to deliver devices? Thanks!!!
|
1Hyawq17jkzfpunPC6tTikpgMGSsekd98z
|
|
|
stick
|
|
December 23, 2013, 09:16:32 PM |
|
Hi. Did you start to deliver devices? Thanks!!! current plan is to start delivering in January
|
|
|
|
|