1f52b on Nostr: Secure Elements are physical chips designed to do one and only one thing, handle a ...
Secure Elements are physical chips designed to do one and only one thing, handle a key and encrypting/signing stuff.
Because of this, companies that make them put a lot of effort into making them secure against remote and physical attack. They’re also very secretive about how they work. So, to an extent you have to trust the manufacturer of the SE chip not to have built in anything shady.
Because SEs are used to secure really important stuff for lots of people, they’d also be a great thing for government agencies to try and attack, so some people are suspicious of SEs and TPMs (trusted platform modules, basically the same thing)
The Coldcard has two SEs in it and stores the private key on them. Many other hardware wallets also use SEs. A SeedSigner uses a Raspberry Pi, which doesn’t have a SE.
The argument seems to be over whether not having a SE matters, or whether a SE is a good thing because it’s actually secured against a lot of attacks and you shouldn’t trust your keys to regular off the shelf hobbyist computer hardware, or a bad thing because you can’t trust SEs and they’re obvious targets for NSA/CIA/FBI/GCHQ/&c. to break
Because of this, companies that make them put a lot of effort into making them secure against remote and physical attack. They’re also very secretive about how they work. So, to an extent you have to trust the manufacturer of the SE chip not to have built in anything shady.
Because SEs are used to secure really important stuff for lots of people, they’d also be a great thing for government agencies to try and attack, so some people are suspicious of SEs and TPMs (trusted platform modules, basically the same thing)
The Coldcard has two SEs in it and stores the private key on them. Many other hardware wallets also use SEs. A SeedSigner uses a Raspberry Pi, which doesn’t have a SE.
The argument seems to be over whether not having a SE matters, or whether a SE is a good thing because it’s actually secured against a lot of attacks and you shouldn’t trust your keys to regular off the shelf hobbyist computer hardware, or a bad thing because you can’t trust SEs and they’re obvious targets for NSA/CIA/FBI/GCHQ/&c. to break