Re: [NEXT GEN ICO] HODLER ULTIMATE HARDWARE WALLET [350 COINS][HIGHEST SECURITY]
Okay, HODLER_TECH, how do you plan on sandboxing the email client, and how will the emails work in a way that prevents you from tampering with them? I don't think it would be feasible to make each device a mail server, so the address would have to be on a central mailserver controlled by you (unless you have some way around it). The emails would not be encryped, so you could easily MITM the address. Also, what prevents code execution from an email?
You got right, we will put mail deamons in our infrastrcuture, not in a wallet itself. By using 7bit ASCII only e-mails (aka plain/text) with hardcoded 255 length limit, exploiting this feature is hard, because there won't by any plugins,images etc. support, so potential attack vector should be based on MITM as you said or exploiting text but without UNICODE support is quite very hard if not impossible. The only threat i know with plain/text is EICAR Test-file, I will post it here, maybe some AV will trigger alert
Code:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
About Man in the Middle thread. Wallet cannot use standard protocols to handle e-mails like SMTP or IMAP, it won't be safe.
To prevent attack, connection between mail application in wallet and "mail server" will be encrypted in safe way, unbreakable without quantum computers.
tl;dr
>RCE prevention due to spartan protocol for emails content and app sandboxing
>MITM prevention with point-to-point safe encryption with signed data
Thanks for a good response, this explains quite a bit. What prevents you (the central server) from changing addresses before relaying the address to the wallet? Others might be unable to MITM, but you would be able to from what I gather, as well as anyone with access to your mailservers.