pailakapo on Nostr: What are the biggest threat vectors when using krux seed signer on yahboom like this: ...
What are the biggest threat vectors when using krux seed signer on yahboom like this:
- only connected to computer once, to flash firmware
- generate “good” entropy from camera (700k+)
- print QR code with attached printer.
- scan to get private key on boot up
- sign pbst from sd card
- transfer signed transaction on SD card to pc
- broadcast from sparrow on pc
Paranoid threat I see is:
- stuxnet attached to usb any time it was connected, so krux could get infected
- wrench attack until I multisig
- only connected to computer once, to flash firmware
- generate “good” entropy from camera (700k+)
- print QR code with attached printer.
- scan to get private key on boot up
- sign pbst from sd card
- transfer signed transaction on SD card to pc
- broadcast from sparrow on pc
Paranoid threat I see is:
- stuxnet attached to usb any time it was connected, so krux could get infected
- wrench attack until I multisig