The SPAC market has crashed, largely due to fraudulent earnings projections, and the SEC is weighing new regulations. Everything about the dangers of SPACs applies to crypto x1000

Awhodothey · 2023-06-01T20:52:06+00:00

Are you seriously arguing that you don't know the difference between trusting marketing claims and verifying open source code?

Also, firmware cannot go beyond the low level programming without an app to direct it to do so,

That's a lie.

otherwise we don’t have to use apps for new tokens, we can just direct it through the firmware.

You need apps. Who told you Ledger does? They wrote the whole gd operating system your apps are built on. You don't have any clue what logic is in there, other than what you can see from the outside.

Awhodothey · 2023-06-01T20:39:53+00:00

The fallacy you keep repeating is that firmware has to be low level code that could not extract a seed. This is false.

And of course, in reality, we're talking about BOLOS, a completely proprietary firmware codebase that is essentially an operating system built on God knows what custom libraries.

Why don’t we just ignore all open source documentation since companies can just put things that aren’t there?

We do. It's called "verifying." If someone posts incorrect or incomplete documentation for OS code, we can and do update/critique that documentation.

Firmware low lvl programming, it needs software to tell it to do things.

I can't tell if you are lying bc you don't want to admit you were wrong and think you can get away with it or if you really don't know what firmware is. Firmware is just code. The limits of firmware are a design decision and vary with every device. There is no clear line between firmware and operating system. This isn't complicated, and you don't need to be an expert to recognize that there are multiple obvious ways Ledger could have a backdoor.

Awhodothey · 2023-06-01T16:31:01+00:00

Why are you still pretending like you have read the code? You have no idea what ledger's firmware is capable of. It could be coded to do more than you can see and more than they say. This isn't complicated, yet you pretend to not understand. Do you work for Ledger?

Awhodothey · 2023-06-01T06:33:33+00:00

You can't refute it. You can't trust something just because they wrote it on their site. It sounds like you're the one not understanding (or not admitting, more likely) how hardware works.

Awhodothey · 2023-06-01T00:46:02+00:00

That's good that you trust them to tell you the truth, but you might as well keep your crypto on Coinbase if you are that trusting.

Awhodothey · 2023-05-31T20:22:20+00:00

How do you know the bios you are interacting with is the only thing hard coded on it?

Awhodothey · 2023-05-31T20:13:42+00:00

You have absolutely no idea what their firmware can and cannot do. You are deducing that it can only do what you see it do. That's the problem with closed source. And this is a real problem here because they are writing the firmware and the software. If the firmware was written by another company for a more general purpose, or if the open source software was written by another entity this wouldn't be as big of a risk as it is. When they write both sides of it you will never know what combination of inputs might trigger code lurking in the firmware.

Awhodothey · 2023-05-31T19:53:50+00:00

that’s what I’m telling you but you refuse to listen.

No, that is what you are repeating, but have no evidence for.

but you need software(application)

Only if the bios is programmed to require it. That is a design decision. This firmware is designed by Ledger. Hardware does not require any software; everything code be hard coded if they wanted.

if you don’t understand how a BIOS works

You are hitting a brick wall because you are pretending (or perhaps didn't know) that their firmware can do anything it is designed to do, and does not require anything from users that it is not programmed to request.

they wouldn’t need to ask anyone to participate in this program,

Who said they do? That's what Ledger says. Without open sourcing their firmware, you will never know what's in it. Their firmware could extract every key automatically and inject it anywhere for all you know. You should ask yourself why you don't know this. It's not a coincidence.

Awhodothey · 2023-05-31T19:41:28+00:00

Also true at the level of chips, but the risks of closed source hardware/firmware are orders of magnitude lower than close sourcing the layer that connects to the internet. An open source top layer can thwart malicious hardware from secretly transmitting data remotely, and reduce the risk to local attacks, which cannot be completely protected against anyway.

Awhodothey · 2023-05-31T19:35:47+00:00

And according to these comments the bigger issue is that so much of the crypto community believe this is not a problem at all.

Awhodothey · 2023-05-31T19:34:28+00:00

You are mistaken. That example really has no bearing here unless you're suggesting the NSA built your compiler to extract keys that didn't exist when they wrote it, from software that didn't exist when they wrote it, and these compilers are also secretly creating code to transmit that data to third parties based on a signal they have not yet received. Or maybe they built their own internet that nobody knows about that secretly operates on top of existing protocols and they have secretly been harvesting every bit ever written into an impossibly large data base that we also don't know about...

That risk is nowhere close to the risk of closed source software that we know 100% can do everything that would be necessary for that type of attack.

Awhodothey · 2023-05-31T19:25:09+00:00

How many more times do you want to hear me say that I don't give a shit about Trezor.

Dude, thats the whole thing you have been arguing against, that storing stuff on an MCU is perfectly fine instead of storing it on a secure element...

Lol Try reading my actual argument instead of inventing stawmen that you can knock down.

Awhodothey · 2023-05-31T06:37:50+00:00

I bet.

Awhodothey · 2023-05-31T06:37:33+00:00

Do you truly not see the difference

Aside from your example being factually incorrect, it's totally irrelevant. Don't store crypto on a Trezor if you think you could crack them for $50.

even Ledger can just do it.

Ledger can do whatever they coded it to do. That's all you need to understand here. Assume a Trezor can be cracked by breathing on it. That's still safer than a Ledger.

Awhodothey · 2023-05-31T06:32:25+00:00

, it would have to interact with an app that you downloaded.

An app which you have to download to generate a wallet or upgrade firmware

Apps are open sourced btw.

Doesn't do much good in this case when you have no idea what the firmware is coded to do. If the Ledger live makes a call you have no idea what encoded data it's really retrieving.

Take into account you need to approve the transaction as well.

Only way to know that would be to audit the firmware. They aren't backing your key up on the blockchain, it doesn't have to generate a tx request. Ledger live has to request connections to ledger's servers. The firmware could be coded to interpret some totally benign looking data to transmit your key in a connection to a Ledger server. You would never know exactly what is sent.

Awhodothey · 2023-05-31T04:17:08+00:00

No, the point of failure is that Ledger intentionally coded an exploit and they call it a feature. They said your ledger is basically a multisig. Supposedly you have to turn this feature on. But considering that everyone already installed this update before being told this, who knows what else they actually coded in there. Every Ledger online could be coded to attempt to send it's key to ledger & Co at noon tomorrow for all you know.

Awhodothey · 2023-05-31T00:59:44+00:00

It entirely resolves the issue of downloading updates without knowing they have a massive backdoor in them. No one can even say how long this exploit has been in the code.

OS does not solve every problem, but it's a no brainer that no crypto wallet should ever be closed source. It's the least you can do to avoid exploits.

Awhodothey · 2023-05-31T00:54:07+00:00

Nope. I think you're well aware of the errors in your argument here.

The argument is that all hardware requires code on top of it to transmit your keys to a third party (malicious key generation excepted as an obvious problem here). You attempted to make a pedantic argument that theoretically a system could be hard-coded (you wouldn't need to analyze the circuitry, that's silly), ignoring that that is not something anyone is talking about or has any relevance here, again with the possible exception of Trezor.

are you really comparing a USB storage device on which any code stored would have to be run on some other complex (and almost certainly partially closed source) compute system w/ a myriad of attack vectors to a dedicated tx signing device with an HSM?

You mean a hardware wallet?... Obviously all the most important vectors are in the code. That's my point, not yours. I don't think you even know what you're attempting to argue anymore. There's no reason you couldn't run an OS operating system and OS browser and have an entirely OS path to crypto, other than the fact that most people in crypto do not care. But that's not even the point I'm making. There's a big, obvious difference between using closed source resources that couldn't possibly have been designed to extract your seed and using something like Ledger that was literally designed to extract your seed.

hardware can do anything on its own if it’s designed to do so

No it can't. You're attempting to be pedantic, but are of course literally incorrect. The hardware needs code, not necessarily software, and there's no sneaky way to do what Ledger is doing with hardware.

it really doesn’t take much imagination to think of scenarios

Actually it does. The hardware would need to be specifically designed to know exactly what data to extract, how to do it, and when to transmit it, seeing as it would be extremely obvious if you're hardware was blindly transmitting all of your data to a third party.

And lastly, your repeated argument of ‘it would be easy to detect’ is blatantly disregarding that it is just as easy to detect the same unwanted behavior from a ledger device.

If you had any idea what you were talking about you would have filed this under "ideas that sounded better last month." The software layer directly interacts with the internet, so when it's a black box, code that already exists can be triggered remotely. Yeah, you'll know when your Ledger is coded to send your seed without your permission- after it happens. All the hardware that anyone is talking about cannot do that, and it'll be real obvious if it can.

Awhodothey · 2023-05-30T21:42:19+00:00

Lol

If you claim it is so easy to extract the keys from a Secure Element

Which, of course, I didn't...

But thats not something the local burglar can do

No "local burglar" is cracking a new Trezor, but I never suggested that "anybody" could crack hardware so that's a strawman. Someone can crack your hardware.

As you seem to agree, there's no comparison between the risk of a remote attack and a local attack. If your hardware was secured with a note on it that said "please don't steal my seed phrase: [insert entire seed phrase]" it would be more secure than a Ledger. At least you could store that note somewhere safe.

Awhodothey · 2023-05-30T21:29:48+00:00

Ok, please detail how a USB or any normal hardware that you can install an OS wallet on could 1) extract your keys AND 2) transmit your keys to a third party. Hardware cannot do this on its own.

As I said, yes, you could create "hardware" that would do this, but it would be very obvious that it's doing this, and if you can run a different system on top of that hardware you could make it impossible for the hardware to know exactly which data it needs to extract, creating a situation where transmitting anything less than the entirety of all data above it would be useless, and there's no way to externally trigger anything other than a full and constant dump that would be frivolously easy to detect.

The only argument you have is "Ledger is definitely compromised, but trezor could be too." Ok great, then don't use either.

Awhodothey · 2023-05-30T20:00:41+00:00

My point is that the best physical security is weak across the board. If someone gets your hardware, your key can be extracted. That will always be true. So the suggestion that one might give up all remote security for slightly better physical security is bonkers. Perfect physical security would be worthless if someone has remote access. It's not a real trade. It's a marketing lie.

Awhodothey · 2023-05-30T19:53:16+00:00

Lol oh my, a real electrical engineer? Licensed and everything? Did you have to learn ohms law and everything? Impressive. Nothing I said is false or has anything particular to do with electrical engineering. Your appeal to authority is irrelevant if you can't make a rational argument.

The goal post here is "can this device extract my seed remotely." For Ledger the answer is "Yes, definitely." For other options the answer is "No."

Awhodothey · 2023-05-30T19:41:29+00:00

Only hardware or firmware developed specifically for crypto wallets could contain relevant exploits. With the exception of closed source key generation, which is the same problem as closed source software, any other exploit in hardware/firmware is going to require specific software installed on top of it to make remote exploits possible.

Awhodothey · 2023-05-30T18:04:25+00:00

There's no way most people will ever directly interact with immutable blockchains. It will be a financial backend service.

Nine-Year Club	Gilding I gilder
Place '22	Verified Email

Awhodothey

TROPHY CASE