Crypto Hardware Wallet Trezor Brings Privacy to its Users with CoinJoin & CoinControl

Crypto Hardware Wallet Trezor Brings Privacy to its Users with CoinJoin & CoinControl

Cryptocurrency hardware wallet, Trezor is bringing privacy to its users through CoinJoin.

CoinCoin is a trustless method that combines multiple Bitcoin payments from multiple senders into single transactions making it difficult for outside parties to determine the origin of the coins. Trezor tweeted,

“We always strive to advance your privacy! CoinJoin will obscure the sources and destinations of your transactions.”

However, some are concerned about the fact that cryptocurrency exchanges like Binance and Paxos Global actually discourage the use of the bitcoin mixing services and, in the past, have flagged consumers who have made use of these services. For Trezor, the heart of the matter here is,

“Do you want to use a service that blocks your transaction because you care about your privacy?”

Another step towards maximizing Trezor users’ privacy also includes a CoinControl feature that puts the user in complete charge of compiling their transactions.

When sending BTC to someone, this feature allows you to control which of your addresses sends the coins and, even more specifically, which unspent outputs will be sending inputs.

“In the future, the combination of Tor Switch, CoinControl, and CoinJoin will guarantee you the top level of privacy and security, respected by our customers.”

Besides privacy, Tezos (XTZ) also announced that they are also bringing full node support to its wallet this year. Users will be able to connect their own full node, which allows them to fully validate transactions and blocks and help the network to the Trezor hardware wallet.

In the first stage, they will implement Electrum API integration which will be then followed by Bitcoin Core.

Another addition includes the Trezor Suite Mobile app for Android, which will have most of the Trezor Suite features “bringing accessibility and user experience to the whole new level.”

Read Original/a>
Author: AnTy

Trezor Incorporates ‘Tor Switch’ in its Desktop App for Increased Privacy

The popular hardware wallet, Trezor, is working on providing its users’ privacy.

In its desktop app “Trezor Suite,” the cold wallet service provider has implemented the privacy project Tor to allow its users to obscure their connection.

Tor is an open-source network which has its servers distributed around the world run by volunteers and uses a special protocol that encrypts data at multiple levels. One can now not only enjoy the safety of the hardware wallet but the anonymity of Tor as well on Trezor.

“Tor is the perfect match for users who are concerned about sharing identifying data with a third-party service or anyone who might be observing their communications,” said Trezor in its announcement.

By downloading the latest public beta version of Trezor Suite, one can start using Tor with Bitcoin and other cryptocurrencies. Currently, The Tor switch is only available in the desktop app, located in the top-right of the Suite window.

Used by the likes of whistleblowers such as Julian Assange and Edward Snowden to evade espionage from the US governments and from journalists, security specialists, governments to individuals worldwide, Tor has helped protect human rights and individual freedoms.

Read Original/a>
Author: AnTy

Trezor Hardware Fixes the ‘Critical Flaw’ Found by Kraken Security Labs

  • Kraken Security Labs had been able to extract seeds from both Trezor One and Trezor Model T
  • Kraken discloses the vulnerability to Trezor in Oct. 2019 and as the hardware wallet team had found the fix, Kraken made the flaw public

In shocking news, cryptocurrency exchange Kraken’s Security Labs announced that they were able to find a “critical flaw” in Trezor hardware wallets.

Kraken Security Labs announced on Friday that they have devised a way to extract seeds from both crypto hardware wallets of Trezor One and Trezor Model T.

The attack relies on voltage glitching to extract an encrypted seed that required several hundred dollars of equipment but could be mass-produced at $75. This encrypted seed which is protected by a 1-9 digit PIN, was then cracked which is “trivia to brute force.”

The team reveals that the attack took advantage of inherent flaws within the microcontroller used in Trezor wallets, meaning it is difficult for the Trezor team to do anything about this vulnerability at least without a hardware redesign.

Fix released by the Trezor team

A couple of weeks back, Kraken co-founder and CEO Jesse Powell advised that people shouldn’t store their coins on any cryptocurrency exchange even on Kraken, rather they should use Ledger or Trezor.

And now the Kraken Security Labs has found a vulnerability that means even hardware wallets aren’t safe either.

But there is a solution. Do not allow anyone physical access to your Trezor wallet or you could permanently lose your crypto.

Well, Trezor has found the fix and released it because as Kraken states, they “disclosed the full details of this attack to the Trezor team on October 30, 2019.” It continued,

“We are going public with this vulnerability disclosure now so that the crypto community can protect themselves before a fix is released by the Trezor team.”

Do hardware wallets remain the best option?

The user must enable the BIP39 Passphrase with the Trezor Client because it is not stored on the device, this can prevent the attack.

Passphrase feature is an “exceptionally” secure layer of active protection against physical attacks, said Trezor in its response to the attack.

It is not stored anywhere on the device and is used only temporarily whenever you enter it. The passphrase is case sensitive and it belongs with recovery seed.

However, Crypto Twitter was aghast to hear the news but Trezor tried to calm everyone and clarified,

“Trezor is an open-source hardware wallet: we indeed don’t use a secure element to let anyone verify our code, but that is also why the Passphrase feature exists – to fully mitigate the physical attacks, which are a case for 6-9% of people according to our research.”

While assuage any concerns of having such vulnerability itself, Trezor competitor Ledger stated, “Not to worry: we’re not affected by this as we use a Secure Element.”

Ledger also emphasized that despite this, “Hardware wallets remain the best option for keeping your crypto safe.”

Read Original/a>
Author: AnTy

New Trezor Wallet Phishing Website Surfaces, tlezor.io, to Steal Users Private Keys

A new phishing website, tlezor.io has surfaced that’s imitating the Trezor brand. The website intends to steal the user’s recovery seed which would give scammers control over the user’s funds tied to their Trezor device.

The newest phishing site is one of many that have surfaced over the last couple of weeks. The websites looks like a near-identical clone to the original to and have the same features and functionality.

To make sure you are visiting the correct addresses for Ledger, ensure that the address bar shows ledger.com. For Trezor, the actual site’s address is trezor.io.

Below are some examples of the phishing domains:

  • Leedger.io
  • Ledger.co
  • Tlezor.io
  • Trenor.ml

As Bitcoin Exchange Guide reported earlier this week, scammers are serving up Google ads to direct people to these domains. The scammers will be paid each time a user clicks on the ad, and it’s uncertain how many people have clicked or otherwise fallen victim to this newest scam.

Some users on Twitter have been quick to point out that these domains are being used by scammers and have let both Ledger and Trezor know of their existence.

Read Original/a>
Author: Matthew North

Crypto Warning: Imposter Trezor Bitcoin Wallet Website Targets Users By Using URL Typos

While the developers of trezors argue that Trezor wallet is a safe and secure way to keep your cryptocurrencies from cyber attacks and hackers, the question now arises is it still safe?

A Redditor has apparently spotted an imposter website for Bitcoin hardware wallet Trezor. Imposter scams have become quite common and can vary in the forms that they take place in. Scammers pretend to be someone you trust, and by way of an email or call convince you to send them money.

Such is the case, a Reddit user discovered an imposter website which is trying to steal people’s bitcoin through the trezor wallet. Castorfromtheva – Reddit user, on Oct 4th posted concerning issues regarding the website, that they performed a test on the site to confirm its authenticity, turns out that it wasn’t true. He states –

“I just made a little ‘typo’ test and entered ‘tezor[dot]io’ where I obviously left out the ‘r’. I was instantly redirected to a site called https://trezor[dot]run/start/ which is not the original trezor site (the correct size is http://trezor.io respectively https://trezor.io/start/).”

The Reddit user further explains that when you put a typo error in the URL it would so direct the user to the Trezor scam website probably installing a compromised computer code.

Bitcoin engineer and self-proclaimed BTC maximalist Jameson Lopp took to Twitter

James Lopp, a self-proclaimed BTC extremist also a Bitcoin engineer took to his Twitter account and tweeted –

raising an alert regarding this to pretend website online.

On May 23 as reported by Cointelegrah, there was an app who appeared to be the Trezor wallet. Some scammers were noticed for adding fake cryptocurrencies to their Google Play store. While the app had no Trezor branding, it appeared to have a conventional login display asking users for their credentials.

A warning was passed by the company to its users in Nov 2018 of dummy versions being made of its wallet. Company representatives said they witnessed Trezor dummy’s being released over the past years but this fake Trezor software produced by an unknown seller comes as a shock.

Read Original/a>
Author: Sritanshu Sinha