> when the Trezor is powered on, its firmware (basically, the Trezor’s operating system) copies its PIN and 24 seed words into the Trezor’s SRAM [...] in an unencrypted form.
> If you do what is called a “soft reset” on the device—accomplished by delicately shorting two pins on its printed circuit board—you can then install the exploit firmware without wiping the SRAM’s memory. This allows you to see your PIN and seed numbers.
There's the primary vulnerability.
I fear there are other vulnerabilities that could defeat the anti-PIN cracking delays...
Old-school pay-tv hackers (Chris Tarnovsky anyone?) would probably have a field-day with micro-probers and more invasive recovery techniques on these hardware wallets. At $100 and in small volumes (plus the cost of flashy UIs and marketing), who knows how secure the silicon is.
The more I think about it, the more I think PIN-enabled wallets are the wrong way to go for long-term storage. Print your recovery words, store them appropriately (not all with one person and/or in one place, etc.) and then crush the generation device. Hopefully its random numbers can't be predicted.
Treat the hardware wallet as securely as the seed words. The advantage is being able to sign and spend from the addresses on the hardware wallet without exposing to an untrusted computer each time you spend.
Nothing is perfect, but I'd trust it after doing a small trial, and maybe my own conversion mapping (e.g. 1=16, 2=14, 3=15, etc.) just to satisfy some amount of paranoia.
> If you do what is called a “soft reset” on the device—accomplished by delicately shorting two pins on its printed circuit board—you can then install the exploit firmware without wiping the SRAM’s memory. This allows you to see your PIN and seed numbers.
There's the primary vulnerability.
I fear there are other vulnerabilities that could defeat the anti-PIN cracking delays...
Old-school pay-tv hackers (Chris Tarnovsky anyone?) would probably have a field-day with micro-probers and more invasive recovery techniques on these hardware wallets. At $100 and in small volumes (plus the cost of flashy UIs and marketing), who knows how secure the silicon is.
The more I think about it, the more I think PIN-enabled wallets are the wrong way to go for long-term storage. Print your recovery words, store them appropriately (not all with one person and/or in one place, etc.) and then crush the generation device. Hopefully its random numbers can't be predicted.