Subnostr

Wouldn't touch CuckKite products with a ten inch pole, no FOSS devs will waste their time with this shit & clearly their in house devs aren't great at catching easy to find bugs. The Q1 is a ripoff clone of other devices after NVK said, incorrectly, QR wasn't secure. He now agrees that QR is as secure as using new SD cards for every TX. This shady behavior is not what you want when you're trusting a company with your wealth.

As always, reciepts:

Bounties aren't paid:

https://thecharlatan.ch/Ransom-Coldcard/

2020 vulnerability & poor disclosure:

https://benma.github.io/2020/11/24/coldcard-isolation-bypass.html

2nd link with clearer explanation, can't even trust the testnet:

https://www.coindesk.com/tech/2020/11/25/bypass-attack-in-coldcard-bitcoin-wallet-could-trick-users-into-sending-incorrect-funds/

2021 multisig vulnerability & second known unpaid bounty:

https://benma.github.io/2021/02/09/coldcard-multisig-vulnerability.html

On the same licensing that CuckCard uses:

https://redmonk.com/sogrady/2018/09/10/tragedy-of-the-commons-clause/

₿on 2y ago

But dude the qr scanners just weren't secure until NVK found THEE secure one to use 🥴

Reply to this note

Please Login to reply.

Discussion

No replies yet.