Replying to Avatar Ezofox

Sorry, seeing this in my notifications now.

I agree it’s hard to know what’s newly added to the code without understanding what it does and if it’s malicious in nature.

I often do read through new commits that get tagged into a release for some open source projects, but it hasn’t been the case for ColdCard.

Generally you can’t trust any code until you verify what it does and it’s functional purpose. Open Source by nature doesn’t mean secure or private. It needs audits and validation. However, I think the purpose of the build verification is to add a layer of certainty that the signed build of the firmware is atleast same as what we can build ourselves.
Avatar
dr.fred 2y ago

@ezofox it is impossible to do for the average person who is not a software developer. the average person needs to TRUST that the developer does not push malicious code on your device. what i have read is that the mentioned device, the coldcard has proprietary firmware on the secure element.

there are many malicious attacks possible. with an airgaped system there are even more attacks possible. the camera software can be attacked and even a qr code can push additional code on your device. an airgaped device is not more secure than an usb device, rather the opposite. i have proved it in another message.

you have to TRUST the manufacturer

who do you trust? a very small niche manufacturer who has a few thousand devices on the market or the market leader with deep pockets for security testing and development, who has 6 million devices and who never had a loss of funds of a customer and no backdoor in 8 years.

do not fall for hysteria and false flags

Reply to this note

Please Login to reply.

Discussion

No replies yet.