Cryptocurrencies hardware wallets Ledger Security Technology Trezor

Ledger Reignites Trezor Beef With ‘Dishonest’ Report on Crypto Wallet Hardware

Ledger Reignites Trezor Beef With 'Dishonest' Report on Crypto Wallet Hardware



Cryptocurrency hardware wallet manufacturer Ledger has reignited an old feud with competitor Trezor, in a blog post dated Feb. 13 highlighting the claimed benefits of its internal Secure Element chips. Trezor co-founder and CEO of SatoshiLabs, Marek “Slush” Palatinus, hit straight back, in a tweet accusing the post of being “dishonest” and not telling the “whole story.”

The Ledger post compared the three internal chip types common to hardware wallet devices: Microcontroller Units (MCU), Safe Memory chips and its own Secure Elements.

It claimed that the MCUs found in Trezor wallets were intended for general devices such as microwaves and TV remotes, and had no embedded countermeasures against physical security attacks.

Furthermore, it stated that Safe Memory chips, used in certain other manufacturers’ hardware wallets, were not third-party tested, and were vulnerable to side-channel attacks as the private keys were passed to the MCU.

Only part of the story

Palatinus retweeted the post, claiming that Ledger was being “dishonest” and “point[ing] out only part of the whole story.”

A non-disclosure agreement (NDA) for Secure Elements chip vendors prevents wallet manufacturers from discussing security issues, according to the tweet:

“Trezor is using nonNDA chips so we can be fully transparent and act in your best interest.”

Palatinus promised to talk more about the implications of NDAs to end-user security at the Bitcoin 2020 conference in March.

Bad blood

Ledger previously clashed with Trezor last March, when it published a report disclosing five supposed vulnerabilities in Trezor hardware wallets.

As Cointelegraph reported, Trezor was quick to respond, pointing out that none of the vulnerabilities were critical for hardware wallets. Furthermore, none of the weaknesses could be exploited remotely, with all requiring physical access to the device.

Things seemed to have calmed down since then, but with this latest post, Ledger may well have reignited an old beef.





Source link

Related posts

Facebook Stresses Libra’s Compliance With FinCEN at Senate Hearing

newicotelegraph

Coinbase Custody to Support Telegram’s GRM Token at Launch

newicotelegraph

Binance Will Support Newly Announced Ethereum Muir Glacier Upgrade

newicotelegraph