"Trezor has known about these flaws since designing the wallets." ~ Kraken Labs
I've been a huge fan of the idea of keeping crypto offline since the concept became a possibility.
Trezor was my first hardware wallet and I loved it. I still do love it and still keep the majority of my coinage on it.
There has been some great new hardware wallets and other products that deserve to be recognized, like bitfi for instance and as soon as mine lands on the front porch, I'll be trying it out. Until then, Trezor is still my number one hardware wallet.
I was reading about this flaw in Trezor on Forbes and decided to speak out against the fluffy article I was reading.
First of all, in order to hack your wallet, the hacker would need to have your Trezor in his possession.
Secondly, the hacker would also need to have the technology to be able to crack your wallet to steal your funds.
Thirdly, the hacker/thief would need to have the knowledge and the education to be able to break into your Trezor properly to hack it.
The average thief or hacker isn't going to know how to accomplish these tasks and honestly, how can they unless they have your wallet in their possession?
How Bad is the Flaw?
I know someone who keeps 8 or 9 (maybe more) Bitcoin on his Trezor and keeps it locked away in his safe. Again, since his Trezor is in cold storage, offline and under "lock and key", the possibility that someone would be able to get to his Trezor and also be able to hack it, is pretty slim.
These types of articles, like the one I just read on Forbes might point out a flaw in the wallet but they don't bother pointing out the flaw in their own article. Virtually anything electronic can be hacked. Even a digital watch can be hacked, as long as a hacker has access to it.
The flaw in the article I'm speaking about is the way they portray the hack. Mind you, these are professional hackers working for a firm in Silicon Valley. Not your run of the mill burglar or ex-wife. These are professional hackers, with the tools and the software.
Should you feel safe using Trezor?
Yes. Yes you should. The fact is, if someone does manage to get your wallet, the majority of people wouldn't know what the hell it is to begin with.
The truth is, Trezor is a smart idea. So is Ellipal and so are an assortment of hardware wallets out there. The majority of Crypto enthusiasts don't use the technology but really should. It seems like every other day an exchange is hacked or an online wallet is robbed. We hear about it all the time.
Offline storage though is absolutely the best way to safely guard your funds. Yes there are vulnerabilities but these "flaws" were solely compromised by actual professional hackers. Not the average Joe in a ski mask.
Even if Hackers Get Your Trezor.
"It’s important to note that this attack is viable only if the passphrase feature does not protect the device," Trezor said. "A strong passphrase fully mitigates the possibilities of a successful attack." - This was in response to the hack from Kraken's released findings by Trezor.
So in reality, having a passphrase would nullify this problem completely. Thus, making this hack useless.
What I think is important to make clear is that Trezor is a great product and even though the hype behind this attack is reasonably overdramatic, I believe your funds are still safer with a hardware wallet, than without.
Thanks for reading and as always, please share and tip. If you love what you read, shoot me with BTC ❤: bc1qjygaurjv4vznas8mrhhueclkx4yezudd2jdwm0
As always, if you are a representative of any project I write about, please contact me on Twitter @1cryptopodcast if you would like to be on my show or discuss future articles.