"...only needs access to the device for seconds to binary-patch the firmware..." So dramatic, that darn evil maid is at it again.
Nothing new here, just a different type of theoretical attack that requires you to run malicious software on your signer. With our model, users are responsible for making sure they are running good software -- same as it ever was.
nostr:note1w2tmzhkqd7j9uwmr7lzj8muhn8332gn699zfntmrke45vp0kwh9qnukzp8
Well, when initially reviewing the seedsigner I was pretty impressed and thought how the firmware could even be evil if I wanted to, assuming a companion app would detect seed exfiltration. This new hack makes the firmware suddenly very clearly very relevant. Or how could you attack users without an RF module prior to this, with only software?
Thanks for clarifying. Is there a way we can 'shield' the device in storage that you know of? Even as an ultra paranoid prevention?
