In this thread on Trezor's official forum, a Trezor developer confirms a malicious firmware update could definitely "exfiltrate" seed and record passphrase. Instead of downvoting users' concerns, r/Trezor (and other HWW communities) should learn from the recent Ledger debacle and address this transparently. While open source allows a global community to review updates' integrity, and while hashes and their signatures are intended to confirm software is both authentic and unique, neither eliminates the possibility of an official software release containing code that can harm users. By the time the global community found this out, for some it could be too late and devastating. Nor do we know how governments' attitudes and policies towards cryptocurrency will evolve and what powers they might exert on companies in the future.
This warrants far more community discussion instead of censorship of discussion and dismissal of users' anxiety.
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments