Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It does uncover a vulnerability about Trezor that allows attackers to fake a Trezor without the user knowing it. It should have been defended via attestation, and software downloaded from the official website should have checked the attestation signature so they know the firmware hasn’t been tampered with.


Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: