pailakapo on Nostr: What are the biggest threat vectors when using krux seed signer on yahboom like this: ...
What are the biggest threat vectors when using krux seed signer on yahboom like this:
- only connected to computer once, to flash firmware
- generate “good” entropy from camera (700k+)
- print QR code with attached printer.
- scan to get private key on boot up
- sign pbst from sd card
- transfer signed transaction on SD card to pc
- broadcast from sparrow on pc
Paranoid threat I see is:
- stuxnet attached to usb any time it was connected, so krux could get infected
- wrench attack until I multisig
Published at
2024-08-11 04:43:30Event JSON
{
"id": "f1656627933c72e5866221f9dea39f37884fb85a14179f95d9bf0fd5c2655301",
"pubkey": "f61c8e88842f6f87a78ac43e0f9dd4c40c8f7843eed6518b3f7948c33072b2b2",
"created_at": 1723351410,
"kind": 1,
"tags": [],
"content": "What are the biggest threat vectors when using krux seed signer on yahboom like this:\n\n- only connected to computer once, to flash firmware \n- generate “good” entropy from camera (700k+)\n- print QR code with attached printer.\n- scan to get private key on boot up \n- sign pbst from sd card\n- transfer signed transaction on SD card to pc\n- broadcast from sparrow on pc\n\nParanoid threat I see is:\n- stuxnet attached to usb any time it was connected, so krux could get infected \n- wrench attack until I multisig",
"sig": "344a70e2f9ba50c5859d42a59a827c6097f6c48876a9cd233cf551aa28e94ff54c9bde55f12050627fdef6892676f0d9f0749786db084348abf0659db8c7a9e7"
}