Air Gapped-ing Worth It?

Has there ever been a known successful attack on a Trezor device via the USB? Specifically a situation where an air gap would have saved the day?

I’ve only heard of a ledger falling prey to this.


Bonus question…. Is rolling your own dice for your seed really adding significant security?

I don’t think there has ever been pure malware-based, interaction-less attack on the USB device.
IOW, if you leave a Trezor plugged into a totally hacked PC, which you then lock in a room and make sure that nobody enters, then such Trezor would remain secure.

There have been evil maid type attacks on a Trezor that is left plugged into a PC and the attacker can use it while you’re out at lunch. Some of those take advantage of the USB connection, and might not work if there is an airgap. In particular, the “Soft-lock bypass” from here would not work with an airgapped device.

In case of Trezor, basically no.

Rolling your own dice could save your bacon in case (a) the hardware RNG in Trezor’s chip is bad, but the hardware and software is otherwise good, and at the same time (b) your PC is infected by malware which knows this, at the time you are creating your wallet.

This happens either if Trezor is specifically designed to work like this, in which case there is zero reason to believe that “hw and sw is otherwise good” and you should throw it in the garbage… or if a nation-state actor is actively targeting you, in which case you’re basically f***ed either way.

In a typical case, rolling your own dice will probably make the process very slightly less secure: your dice could be imperfect (allowing an attacker to steal them after the fact and make use of the biases), you could make mistakes, there is a much larger window for someone to record you doing it.


Thank you for this response!