Saturday, July 20, 2019

Ledger Reveals Five Vulnerabilities Of Its Rival; The Trezor Hardware Wallet

Crypto Hardware manufacturer, Ledger revealed five vulnerabilities of its rival’s product. This was revealed in a report published on March 11.

Vulnerabilities Of Trezor’s Hardware Wallets

Ledger noted in the report that the vulnerabilities were discovered by Attack Labs, a department of Ledger that hacks its device as well as competitors’ devices to improve security. Trezor has been addressed repeatedly on the weaknesses in their Trezor One, and Trezor T wallets by ledger before the decision of public disclosure was reached as claimed. At press time Trezor was not available to comment on ledger’s findings.

One of the vulnerabilities is the genuineness of the device. Ledger team noted that the Trezor’s device could be imitated by backdooring the device with malware and then resealing it in its box by faking a tamper-proof sticker, which is reportedly easy to remove. According to Ledger, the vulnerability can only be addressed by overhauling the design of the Trezor wallets and replacing one of the core components with a secure element chip.

The second vulnerability noted is the guessing of the value of the PIN on a Trezor wallet using the side-channel attack. Ledger stated that this was reported to Trezor in late November 2018 which was later solved in the firmware update 1.8.0.

The third and fourth vulnerabilities entail the possibility of stealing confidential data from the device. Ledger noted that an attacker with physical access to Trezor One and Trezor T could extract all the data from the flash memory and have control over the assets stored on the device. Ledger offers to solve this by replacing the core component with a Secure Element chip.

Related Article:  In Bill Harris Opinion, Cryptocurrencies Will Be Worth “Almost Nothing”

Lastly, the fifth vulnerability of Trezor’s wallet that was revealed is related to the security model. Ledger stated that the crypto library of the Trezor One does not contain proper countermeasures against hardware attacks. This means that a hacker with physical access to the wallet can extract the secret key via a side-channel attack.

Open Source Is No Silver Bullet

Recently, CEO of Twitter, Jack Dorsey purchased Trezor wallet for Bitcoin storage. When asked the reason for the choice, he stated that he chose Trezor because of its open source infrastructure. In response to this, Ledger stated that “The security model of hardware is quite complex, and offering open source firmware isn’t a silver bullet.”

Apparently, the vulnerabilities had made Ledger state that. However, the crypto space still awaits the response from the Trezor team.

More Articles

First Violent Robbery Of Bitcoin Registered In Taiwan

The Taiwanese police informed today that two men had been assaulted and coerced to transfer bitcoin in the city of Taichung. This occurred after setting up...

Report Shows That Israeli Startups Have Raised Over $600m...

One Alpha has released the first Isreali Blockchain report, whose data states that Isreali has received funds up to $606 million in ICOs, as at the...

Tron CEO Ready to Save ETH and EOS Developers...

Tron’s CEO, Justin Sun has stated in a tweet that his company will create a fund to save ETH and EOS developers from the...

Amazon and ConsenSys to Introduce Ethereum Marketplace to Boost...

A subordinate of the venture production studio, ConsenSys, called Kaleido is launching an  Ethereum marketplace comprising of plug and play services to aid projects...

Civic Blockchain CEO Says Bitcoin Threatens the Government’s Fiat

Vinny Langham, popular blockchain entrepreneur, analyst and advisor is no stranger to advocating for Bitcoin, and he has once again lent his support to...

XYO Network Forms a Partnership with Esri for Data...

XYO Network, a Geographic Information System (GIS) based on the blockchain technology, has declared its partnership with Esri, a company established in 1969 and...

Sacramento Kings To Mine Cryptocurrency For Charity Programs

The NBA team, Sacramento Kings announced on Wednesday that it will launch cryptocurrency mining to fund various community causes in Sacramento. The program is...

Irish Start-up Plans To Solve Airport Problems Via Blockchain

We all know how irritating it is when flights got delayed and postponed for passengers in the airport. Another thing is the hassle and...

Crypto Canada: From ETFs to ICOs, Visiting the Country...

The comedians are very used to make fun of Canada, reminding neighbors as peaceful simpletons, with the south park as a major example. However,...

Research: Cost of Mining Bitcoin is Three Times that...

A paper titled “Quantification of energy and carbon costs for mining cryptocurrencies,” published on November 5th, 2018 has indicated that the energy cost of...

Vitalik Buterin Sorry for Popularizing the Term “Smart Contracts”

Vitalik Buterin, the co-founder of Ethereum, has chucked in his thoughts on the very-common term, “smart contracts,’ and its constant association with Ethereum, as he fears he adopted the wrong name.

How to Sign Up to Bitcoin

Bitcoin is notoriously known for its volatile nature as its price fluctuation cannot be predicted. Many investors have made a lot of money through...

Latest Articles

Couple Pays For Breakfast Using Bitcoin, Community Finds This...

A Reddit user by the username u/portageco recently made a post in bitcoin's official subreddit. In his post, u/portageco boasts about how he paid...

Australian Woman Leads Adoption, Tours 10 Countries Spending Cryptocurrencies

Who says you can't go around the world spending cryptocurrencies? As many believe, cryptocurrencies are only good for speculations. But with a little research,...

Did A Physical Bitcoin Just Sell For $99k On...

As at the time of reporting, the listing on eBay had closed. This could be because the seller got a buyer or he decided...

Litecoin Now Approved In 30,000+ Stores

As cryptocurrencies gain ground, more and more technology-based firms find ways to incorporate the nascent technology into everyday life. Moon, prior to this time,...

How To Shop on Amazon with Bitcoin – Step-By-Step...

Wondered how to shop on Amazon with bitcoin? Then here's how you can purchase goods on one of the largest e-commerce websites that ships...

How To Buy Bitcoin On Coinbase – Step-By-Step Guide

Buy Bitcoin on Coinbase instantly in the U.S., UK, Canada, or anywhere you are globally. Coinbase cryptocurrency exchange has enabled its customers buy the...

Grayscale Bitcoin Trust Boosts By 300%, Affects Oil &...

The institutional investment product, Grayscale Bitcoin Trust (GBTC), experienced a growth of more than 300% due to its outstanding performance since February, Forbes reports....

How To Create A Coinbase Account – Step-By-Step Guide

Create a Coinbase account with ease. Use this illustrative guide to create a Coinbase account for buying, selling, and storing cryptocurrencies. And you know...

$9.2 Trillion Transferred Using Bitcoins In 2.5 Years

Against present belief that bitcoin is only used for speculation, James McDowall, a crypto investor and advisor shared a metric about Bitcoin that's been...

Malware Posing as Movie File Manipulates Results and Steals...

A new form of malware posing as movie file was discovered last year and was designed to steal cryptocurrency and inject manipulated results into...

No-fee Mobile Trading App Quantfury Increases Crypto Support with...

The no-fees mobile trading app Quantfury has been expanding its crypto services lately, most notably with the addition of the DASH cryptocurrency. The coin...