That's more of a protection against in-transit manipulation of the device.
The evil maid attack is just referring to anyone who has trusted access to your home or wherever you store your device, and who would therefore have opportunity to maliciously flash firmware that could leak your private key, such as the dark skippy attack. It could also be done by someone breaking into your home and gaining physical access to your device, but it's still called the evil maid attack regardless.
With a ColdCard, the indicator light turning red on boot-up is a dead giveaway that firmware that hasn't been signed by the manufacturer is currently running. There is no such safeguard on a SeedSigner.
So, yes. Verifying the signature on firmware you download and install yourself is a great protection when you can be absolutely certain that the firmware running is what you personally installed. But if that device is ever out of your sight, how can you be certain that the firmware is still what you installed?
Dikaios1517
npub1ku…v3lhe
2024-09-26 20:13:41
in reply to nevent1q…l54j
Author Public Key
npub1kun5628raxpm7usdkj62z2337hr77f3ryrg9cf0vjpyf4jvk9r9smv3lheSeen on
wss://relay.damus.ioPublished at
2024-09-26 20:13:41Event JSON
{
"id": "4232da5560012303b5f4c0d7d76ce0bbf8e0a741b3ad9abfbd7a0af620b5cd0e",
"pubkey": "b7274d28e3e983bf720db4b4a12a31f5c7ef262320d05c25ec90489ac99628cb",
"created_at": 1727381621,
"kind": 1,
"tags": [
[
"e",
"7d22e870921953edd1f32d4b98a0bd124be6b48a58ef59b1330486ea81e0540e",
"",
"root"
],
[
"e",
"c48fa477a30d054b8c57b62e93294d3dc56ec0b83b92fc395dd36bcc1810e454",
"",
"reply"
],
[
"p",
"a4a6b5849bc917b3befd5c81865ee0b88773690609c207ba6588ef3e1e05b95b",
"",
"mention"
],
[
"client",
"noStrudel",
"31990:266815e0c9210dfa324c6cba3573b14bee49da4209a9456f9484e5106cd408a5:1686066542546"
]
],
"content": "That's more of a protection against in-transit manipulation of the device.\n\nThe evil maid attack is just referring to anyone who has trusted access to your home or wherever you store your device, and who would therefore have opportunity to maliciously flash firmware that could leak your private key, such as the dark skippy attack. It could also be done by someone breaking into your home and gaining physical access to your device, but it's still called the evil maid attack regardless.\n\nWith a ColdCard, the indicator light turning red on boot-up is a dead giveaway that firmware that hasn't been signed by the manufacturer is currently running. There is no such safeguard on a SeedSigner.\n\nSo, yes. Verifying the signature on firmware you download and install yourself is a great protection when you can be absolutely certain that the firmware running is what you personally installed. But if that device is ever out of your sight, how can you be certain that the firmware is still what you installed?",
"sig": "855fe44f075f0c8d8a388a1b8ed4a479c7147b1ab534f08ddce8b6ee3458fb1050d61796818b3e994150a3ac928d78c277badf0f0563553326e0677acee8cf08"
}