Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Hardware wallets
Re: [ESHOP launched] Trezor: Bitcoin hardware wallet
by
JorgeStolfi
on 21/12/2014, 07:15:54 UTC
Quote from: klokan on December 20, 2014, 09:51:53 PM
Quote from: btchip on December 20, 2014, 09:41:41 PM
Quote from: JorgeStolfi on December 20, 2014, 09:17:41 PM

To clarify (?):

* No device will protect you, if you got the wrong address to start with.

the discussion was about finding methods to prevent that, BIP70 with a correctly enforced certificate chain being one suggestion, in which the device can help (by enforcing said certificate chain)


Exactly. AFAIK Trezor plans to implement this BIP once it's accepted (It's in the final draft stage now). But provided that BIP70 is used, device may be able to protect you against address replacing malware.

Assuming however that everybody you want to send bitcoins to can be certified in that way.  What if the address-switching malware does its trick only on non-secured addresses?

By the way, I do not see in the BIP-70 write-up an analysis explaining why it would be secure against malicious browsers and apps.  I see only a claim that it is "more resistant" to them, but no explanation why.  Is that obvious?