Imagine the Nazis with their enigma machine, and the cryptographer tells you, look, ...

npub1lnm…rrnt

2025-03-22 08:51:34

Imagine the Nazis with their enigma machine, and the cryptographer tells you, look, you have to trust this black box that is inside, it was given to me by a third party and I don't know how it works, I have to trust its specifications, our encryption security depends on it.

In cryptography you cannot depend on the trust of a third party, otherwise what is the point of cryptography?

You can spin it as much as you want to try to sell your crappy product but no security agency would trust these security schemes, in fact these security schemes are used to attack the enemy through backdoors (bugs), you have many examples like TPM, Intel ME, PSP, Dual_EC_DRBG, Apple T2, Google Titan, Qualcomm TrustZone, etc, do you think that your cheap chip (secure element) of your hardware wallet protects you?

quoting nevent1q…qjkq
Trezor is so aware that secure elements are an element of trust that it has kept the secure sd function in its Trezor 5 model with secure element.

When someone doesn't talk about this transparently it just comes across to me as a scammer.

There are also many critics of Jade because they call their virtual protection secure element mocking that it does not have secure element when it is one of the most elegant solutions in the industry for this problem.

Jade simply uses a multi-signature model to protect the seed (Local + remote server), thus avoiding having to use a secure element.

I never listen to this discussion on podcast.

nevent1q…uaaq

Author Public Key

npub1lnms53w04qt742qnhxag5d6awy7nz6055flnmjkr6jg39hm86dlq7arrnt

Seen on

wss://relay.nostr.net

Show more details

Published at

2025-03-22 08:51:34

Kind type

1 Short Text Note

Event JSON

{ "id": "283819bc530f844bf26fc50a5b123626942f50cd51c1f43a3df8ab808760e142", "pubkey": "fcf70a45cfa817eaa813b9ba8a375d713d3169f4a27f3dcac3d49112df67d37e", "created_at": 1742633494, "kind": 1, "tags": [ [ "e", "3505f6d8a8979985ae10a34d20338958c5d6cd5608839c4ba78d8ce2c856b3a5", "wss://purplepag.es/", "mention" ], [ "r", "wss://purplepag.es/" ], [ "r", "wss://nos.lol/" ], [ "r", "wss://nostr.mom/" ], [ "r", "wss://nostr.bitcoiner.social/" ], [ "r", "wss://nostr.oxtr.dev/" ], [ "r", "wss://nostr-pub.wellorder.net/" ], [ "r", "wss://offchain.pub/" ], [ "r", "wss://premium.primal.net/" ], [ "r", "wss://relay.damus.io/" ], [ "r", "wss://relay.mostr.pub/" ], [ "r", "wss://relay.nostr.net/" ], [ "r", "wss://relay.primal.net/" ], [ "r", "wss://relay.snort.social/" ], [ "r", "wss://relay.nostr.band/" ], [ "r", "wss://purplerelay.com/" ] ], "content": "Imagine the Nazis with their enigma machine, and the cryptographer tells you, look, you have to trust this black box that is inside, it was given to me by a third party and I don't know how it works, I have to trust its specifications, our encryption security depends on it.\n\nIn cryptography you cannot depend on the trust of a third party, otherwise what is the point of cryptography?\n\nYou can spin it as much as you want to try to sell your crappy product but no security agency would trust these security schemes, in fact these security schemes are used to attack the enemy through backdoors (bugs), you have many examples like TPM, Intel ME, PSP, Dual_EC_DRBG, Apple T2, Google Titan, Qualcomm TrustZone, etc, do you think that your cheap chip (secure element) of your hardware wallet protects you? \n\n\nnostr:nevent1qvzqqqqqqypzpl8hpfzul2qha25p8wd63gm46ufax95lfgnl8h9v84y3zt0k05m7qyfhwumn8ghj7ur4wfcxcetsv9njuetn9uqsuamnwvaz7tmwdaejumr0dshsqgp4qhmd32yhnxz6uy9rf5sr8z2cchtv64sgswwyhfud3n3vs44n55hjqjkq ", "sig": "112b04b4199d58b00ad17700b32959c4e564e5031900ae1c5dfb8194dfe4e801df30ac5921824754a3c1b1c3ff3916a5506f29364a42926d386c9047b15b777d" }