Oddbean new post about | logout
semisol | 6 days ago (raw) | root | parent | reply | flag 
 It arguably is one of the few devices in the Bitcoin signing device space that properly explains its threat model, risks and benefits.

If you are wondering, your bank card is more secure than 95% of HWWs.
ynniv | 6 days ago (raw) | root | parent | reply | flag 
 This is why I have a hard time leaving the Apple ecosystem. It's has plenty of flaws, but weak protections isn't one is them. Are there any other consumer systems with seL4-grade firmware?
semisol | 6 days ago (raw) | root | parent | reply | flag 
 Most HWWs are developed using cheap IoT SEs, some with poor track records. These only provide protections against basic attacks and anyone that stole a few HWWs holding 1BTC can easily make a good return on investment.

They also are not developed with security by design: it’s literally “throw shit at a wall until it works”
roostertail | 6 days ago (raw) | root | parent | reply | flag 
 I figured, I'm drawn towards the DIY devices for those reasons. The attacks required to exploit seem extremely advanced

I thought the Crypto guide fork with a Satochip plugin was an interesting twist. 

https://youtu.be/Rhs9z5uL7qg?feature=shared

https://github.com/3rdIteration/seedsigner
Tracking Token Disrespector | 6 days ago (raw) | root | parent | reply | flag 
 🤖 Tracking strings detected and removed!

🔗 Clean URL(s):
https://youtu.be/Rhs9z5uL7qg

❌ Removed parts:
?feature=shared
semisol | 6 days ago (raw) | root | parent | reply | flag 
 I’m intending to be transparent with what my device can and can’t do, unlike most vendors out there.

Also, using a proper SE, same as the ones in a lot of servers + security keys + ID cards etc.
roostertail | 6 days ago (raw) | root | parent | reply | flag 
 Cool. Keep us posted