1f52b on Nostr: Serial is good in that it’s simple, but a signal to a compromised card that it’s ...
Serial is good in that it’s simple, but a signal to a compromised card that it’s probably taking to a Coldcard given a computer will talk to it using MMC. User would still need to not check the details on signing screen for that attack to work and get you to sign an attacker’s transaction.
Paranoid product idea: USB to SD reader/writer that also only uses serial and makes you check and approve file writes?
Published at
2023-01-20 16:39:11Event JSON
{
"id": "29760029ccc54dd95a3d79b4695a9f5ff47182fe9bb0db650b67832f7efed882",
"pubkey": "1f52b16e5ca201ef2dc030f9b651137672e52de1ab29c0b0f6b72ac80ab23c84",
"created_at": 1674232751,
"kind": 1,
"tags": [
[
"e",
"d5ad24032bbd61757422d7487b6a7e679e2301031c6e716060a0d9f879a24d25"
],
[
"e",
"7427f15ea9b8fb3e7f19593bbd1e64283230a9149ec7c4ec37448871cb00030b"
],
[
"p",
"e88a691e98d9987c964521dff60025f60700378a4879180dcbbb4a5027850411"
]
],
"content": "Serial is good in that it’s simple, but a signal to a compromised card that it’s probably taking to a Coldcard given a computer will talk to it using MMC. User would still need to not check the details on signing screen for that attack to work and get you to sign an attacker’s transaction.\n\nParanoid product idea: USB to SD reader/writer that also only uses serial and makes you check and approve file writes?",
"sig": "b92cfeb2faae0dd38beb134723ad54b19bb372868fa71a964ff6e3ad97d5951941a936f7fb1058ab3133119927f80296c1e5c6897fc55bfb9bf30223e0f1a89e"
}