Bitcoin Forum
September 24, 2018, 02:54:01 AM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: What keeps trezor to keep the private key?  (Read 1339 times)
glub0x
Legendary
*
Offline Offline

Activity: 876
Merit: 1001



View Profile
May 27, 2017, 06:59:13 AM
 #1

So i am very happy with those trezor for everyday spending (no big stash).
Thanks to them i almost double my use of btc over the year. It is much more easy  than my multiple small paper wallet.
But my father came up with a question i couldn't answer even though it looks obvious: " what guarantee me that they do not have my private key?"

The cost of mediation increases transaction costs, limiting the
minimum practical transaction size and cutting off the possibility for small casual transactions

Satoshi Nakamoto : https://bitcoin.org/bitcoin.pdf
Einax Airdrops and Bounties made easy! List your ERC-20 token
FREE
ETH markets launching soon!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1537757641
Hero Member
*
Offline Offline

Posts: 1537757641

View Profile Personal Message (Offline)

Ignore
1537757641
Reply with quote  #2

1537757641
Report to moderator
1537757641
Hero Member
*
Offline Offline

Posts: 1537757641

View Profile Personal Message (Offline)

Ignore
1537757641
Reply with quote  #2

1537757641
Report to moderator
1537757641
Hero Member
*
Offline Offline

Posts: 1537757641

View Profile Personal Message (Offline)

Ignore
1537757641
Reply with quote  #2

1537757641
Report to moderator
ViceOfBTC21
Sr. Member
****
Offline Offline

Activity: 381
Merit: 250


View Profile
May 27, 2017, 07:13:06 AM
 #2

They use open-source software that can be verified and verifiable hardware. It's proven that they software and hardware is safe. They also embedded random RNG in Trezor.
ranochigo
Legendary
*
Offline Offline

Activity: 1554
Merit: 1094


View Profile WWW
May 27, 2017, 07:16:51 AM
 #3

Nothing.

They can easily push an update to capture your private key and send it to your server. This requires you to manually accept it. The main thing that is keeping them from stealing it isn't it being opensourced. You cannot blindly trust them. You have to manually review and verify it yourself or there is still a risk. As long as you can verify the code, you are pretty much safe.

cryptoheadd
Hero Member
*****
Offline Offline

Activity: 840
Merit: 500


View Profile WWW
May 27, 2017, 07:31:12 AM
 #4

Nothing.

They can easily push an update to capture your private key and send it to your server. This requires you to manually accept it. The main thing that is keeping them from stealing it isn't it being opensourced. You cannot blindly trust them. You have to manually review and verify it yourself or there is still a risk. As long as you can verify the code, you are pretty much safe.


This pretty much explains it.
I'd recommend using Trezor with Electrum wallet. (That's what I do.)
glub0x
Legendary
*
Offline Offline

Activity: 876
Merit: 1001



View Profile
May 27, 2017, 09:44:47 AM
 #5

ok interesting reading Smiley
how does an electrum wallet protect from anything?

The cost of mediation increases transaction costs, limiting the
minimum practical transaction size and cutting off the possibility for small casual transactions

Satoshi Nakamoto : https://bitcoin.org/bitcoin.pdf
ranochigo
Legendary
*
Offline Offline

Activity: 1554
Merit: 1094


View Profile WWW
May 27, 2017, 09:58:09 AM
 #6

ok interesting reading Smiley
how does an electrum wallet protect from anything?
Electrum wallet doesnt do anything except to get transaction information and to broadcast transaction. It doesn't help in your security, with that being the main point of hardware wallets to reduce dependent on a device that you use frequently.

It does have a nice and easily understandable UI though.

fanita
Full Member
***
Offline Offline

Activity: 228
Merit: 100


View Profile
May 27, 2017, 10:18:25 AM
 #7

They always use verifiable software and hardware.
With this proving that they are using secure software.

Iranus
Hero Member
*****
Offline Offline

Activity: 518
Merit: 503


View Profile
May 28, 2017, 10:51:26 PM
 #8

Nothing.

They can easily push an update to capture your private key and send it to your server. This requires you to manually accept it. The main thing that is keeping them from stealing it isn't it being opensourced. You cannot blindly trust them. You have to manually review and verify it yourself or there is still a risk. As long as you can verify the code, you are pretty much safe.

Actually you can pretty much blindly trust them (without personally checking the code).  All you have to do is wait for a week or so after they release an update, then search TREZOR related threads and boards to find if anyone has decided the update is malicious or faulty.  If you're not competent at reading through it yourself, there's no point trying too hard with little outcome.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!