|
drazvan
|
 |
October 30, 2013, 12:51:44 PM |
|
What I've described is not a matter of CAs, it's a matter of backwards compatibility. Since merchants are not forced to use the protocol, some of them will not use it (at least at first). So the Trezor must be able to deal with these situations and allow you to sign transactions even if the merchant did not use the payment protocol. But this also means that malware running on your computer could simply replace the Bitcoin address and claim the merchant does not run the protocol, effectively making you pay someone else entirely. Of course, if you know the merchant and you know they do implement the payment protocol, you'll notice if they appear to have suddenly stopped using it for your transaction.
|
|
|
|
|
|
rampalija
|
|
October 30, 2013, 03:05:15 PM |
|
What I've described is not a matter of CAs, it's a matter of backwards compatibility. Since merchants are not forced to use the protocol, some of them will not use it (at least at first). So the Trezor must be able to deal with these situations and allow you to sign transactions even if the merchant did not use the payment protocol. But this also means that malware running on your computer could simply replace the Bitcoin address and claim the merchant does not run the protocol, effectively making you pay someone else entirely. Of course, if you know the merchant and you know they do implement the payment protocol, you'll notice if they appear to have suddenly stopped using it for your transaction.
I agree with all you said |
|
|
|
Carlton Banks
Legendary
 Offline
Activity: 3430
Merit: 3074
|
|
October 30, 2013, 04:45:55 PM |
|
Not to worry, the a new way of verifying the identities of websites over SSL can be established in conjunction with the proposed Identity Protocol. Payments Protocol could be secured from MITM compromised certificate style attacks with an extension to the current Identity Protocol specification.
|
Vires in numeris
|
|
|
|
drazvan
|
|
October 30, 2013, 05:11:21 PM |
|
Unless everyone suddenly implements the protocol (any of the protocols described here), the Trezor must still account for merchants that don't. If the user has paid before at that merchant, he will notice if the connection is no longer authenticated/secure/etc, but if it's their first time there they might simply assume that the merchant does not implement it yet and go right ahead and pay. The Trezor should probably display a message saying "We could not confirm that the address you are paying to belongs to the merchant, proceed at your own risk" and leave it to the user to determine if the address is correct.
Maybe the Trezor should also indicate that the user should contact the merchant offline (phone call?) and ask if they use the Payment Protocol and if they don't, suggest that they implement it in order to securely receive payments.
I really don't see a way to have both backwards compatibility and full security against malware - but I'd love to be proven wrong.
|
|
|
|
|
|
cor
|
|
October 31, 2013, 02:50:11 AM |
|
This might have been answered before (if it has, I couldn't find it): can the Trezor help in the case of malware that simply modifies the destination Bitcoin address (for instance when you browse to an online shop, it silently changes the Bitcoin address that you're supposed to send funds to to one that it generates). The user then visually checks that the address displayed by the Trezor is the one that he sees on the website but he has no idea that the address belongs to the attacker. I understand how the Trezor protects against malware trying to modify the address you're paying to by displaying it on the Trezor itself before signing, but I don't see how it can protect against the malware simply modifying the address shown on the web page. Also, given that receiving addresses are supposed to be one-shot, they will change on each payment so the user has no chance of whitelisting or visually recognizing the correct one. A rogue Chrome extension for instance could just do a quick find/replace on the page (Bitcoin addresses are easily identifiable, not many words start with 1 and are 27-34 characters long  ) and change all Bitcoin addresses to the ones of the attacker. If anyone is interested, I could probably write one as a proof of concept. Any ideas? TREZOR is payment protocol ready (BIP70) which adresses exactly this issue. |
|
|
|
|
cor
|
 |
October 31, 2013, 02:59:01 AM |
|
|
|
|
|
|
dillpicklechips
|
|
October 31, 2013, 03:55:15 AM |
|
Sweet! And to your question at the bottom of the page: it's both!  |
|
|
|
|
TheButterZone
Legendary
Offline
Activity: 3010
Merit: 1031
RIP Mommy
|
|
October 31, 2013, 05:32:02 AM |
|
Appears to be the metal version. Is that the only one in the 2 for 1 (3 BTC for 2), or is the plastic 2 for 1 BTC too? |
Saying that you don't trust someone because of their behavior is completely valid.
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
October 31, 2013, 07:02:53 AM |
|
Can't help but to feel a bit punished for ordering early. |
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
marci003
Newbie
Offline
Activity: 13
Merit: 0
|
|
October 31, 2013, 07:36:25 AM |
|
Can't help but to feel a bit punished for ordering early. Same here.. But I'm actually thinking about ordering two more devices, so if this applies to plastic versions, I will probably live with that |
|
|
|
|
marci003
Newbie
Offline
Activity: 13
Merit: 0
|
 |
October 31, 2013, 07:45:01 AM |
|
I'm wondering..
Does Trezor provides also protection from malicious client code (modified source code of electrum or any other bitcoin client)? So, technically, as I see it, there is no way for someone to hack into github and modify electrum source code and steal someone's bitcoins as long as you have 'watching-only' wallet and you have to sign every transaction with Trezor (and be able to check a destination address on the screen of the device). Is that correct?
This would add a whole new level of security as you don't even have to trust source code of a client.
|
|
|
|
|
|
lemonte
|
|
October 31, 2013, 08:56:14 AM |
|
If the 2 for 1 applies to the plastic version, does anyone fancy going halves with me? Preferably someone in the UK, incase we cant split the order for shipping.
|
|
|
|
|
xeroc
|
|
October 31, 2013, 10:08:59 AM |
|
Can't help but to feel a bit punished for ordering early. Same here... As I preordered a Steal Case for 3BTC .. a second one would be very nice ... any chance to get a free plastic one as I pre-ordered (and paid) the steal one?!? |
|
|
|
|
|
drazvan
|
|
October 31, 2013, 10:12:44 AM |
|
TREZOR is payment protocol ready (BIP70) which adresses exactly this issue.
I understand that, and that is fine as long as the user expects the merchant to use the protocol. As far as I understand, the Payment Protocol starts by having a Pay Now button/link with the URL bitcoin:merchantaddress?request=url_of_request . The wallet opens that, sees the "request" parameter and goes there to fetch the payment request. Malware running on the computer could simply rewrite all bitcoin:merchantaddress?request=url_of_request URLs to bitcoin:hackeraddress in the browser (that is rewrite the destination and disable the Payment Request protocol). The user will then pay the attacker instead of the merchant. Of course, when everyone starts using the protocol, the user will be wary of sites that do not implement it (just like a shop that doesn't use HTTPS nowadays will not get much business). |
|
|
|
|
timewaster
Newbie
Offline
Activity: 42
Merit: 0
|
|
October 31, 2013, 11:05:25 AM |
|
Can't help but to feel a bit punished for ordering early. I don't know how the exchange rate was when you ordered, but bitcoin is worth more about twice as many dollars now compared to when I ordered. If the price was set in USD, this price would be standard - not just a special offer. |
|
|
|
|
|
stick
|
|
October 31, 2013, 12:36:57 PM |
|
Appears to be the metal version. Is that the only one in the 2 for 1 (3 BTC for 2), or is the plastic 2 for 1 BTC too?
It's both plastic and metallic version. |
|
|
|
|
hephaist0s
|
|
October 31, 2013, 01:52:25 PM |
|
Can't help but to feel a bit punished for ordering early. Yeah. I ordered early to show support... but now I just feel like I'm missing out. |
Tips graciously accepted on my behalf by Mr. Pig. | object2212.com | BTC:1H78y8FVeQrWY6KnxA6WLFQGUoajCuiMAu | ETH:0x3c1bC39EC7F3f6b26ACb6eeeEFe7dE2f486a72E9 |
|
|
|
chrisrico
|
|
October 31, 2013, 03:03:14 PM
Last edit: October 31, 2013, 04:18:56 PM by chrisrico |
|
Stick and Slush, why did you take a page from the BFL playbook?
At the very last minute, with no warning, you say there will be a three month delay. Then, you offer new customers a better deal than your original supporters?
I guess our community needs a PR agency that accepts bitcoin, so you can be told "No, don't do that! It's stupid and you'll alienate your customers."
|
|
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
October 31, 2013, 03:06:06 PM |
|
Stick and Slush, why did you take a page from the BFL playbook?
At the very last minute, with no warning, you say there will be a three month delay. Then, you offer new customers a better deal than you're original supporters?
Actually, compared to having bought your first on Jun 16th like me (when Bitcoin was around $110) it's not a better deal. |
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
|
chrisrico
|
|
October 31, 2013, 04:19:15 PM |
|
Actually, compared to having bought your first on Jun 16th like me (when Bitcoin was around $110) it's not a better deal. If you're pricing in dollars, which they are not. I paid 1 bitcoin for a Trezor, when if I had ordered today, I could have paid 1 bitcoin for 2 Trezors. I assumed being an early supporter would offer greater benefit than being a late supporter. I was wrong. I thought Stick and Slush would be different than BFL. I was wrong. I'm done pre-ordering anything related to bitcoin. |
|
|
|
|
|
