A on Nostr: #ledger #[1] Correct me if I’m wrong but code now exists that opens a door into ...
#ledger
NVK (npub1az9…m8y8)
Correct me if I’m wrong but code now exists that opens a door into the secure element of a ledger device to extract information. Regardless of how that information is handled and processed, there’s a door.
The service being provided isn’t the problem, the problem is the door. People didn’t know it existed, should we have known? Is this normal, do all secure elements have a door that can be accessed with simple firmware update.
I personally thought that physical access was the only way to extract information from the secure element.
NVK (npub1az9…m8y8)
Correct me if I’m wrong but code now exists that opens a door into the secure element of a ledger device to extract information. Regardless of how that information is handled and processed, there’s a door.
The service being provided isn’t the problem, the problem is the door. People didn’t know it existed, should we have known? Is this normal, do all secure elements have a door that can be accessed with simple firmware update.
I personally thought that physical access was the only way to extract information from the secure element.