-
Does Trezor have countermeasures in place against attacks from state-sponsored APT (Advanced Persistent Threat) groups? For example, I’m concerned that incidents similar to recent major supply chain attack could potentially occur on front-ends like Trezor Suite. I’m curious if Trezor is prepared for such scenarios.
-
Is there a possibility that some employees could ship devices with tampered hardware? hardware is more difficult to verify, which makes this a concern for me.
-
Does Trezor natively support BIP39 seed generation in addition to SLIP39? If not, would it be problematic to download bip39-standalone.html from https://github.com/iancoleman/bip39/releases, run it on an offline laptop, and then import the generated seed into a Trezor wallet? Are there any potential issues with this approach? (I’ll use it with passphrase)
Hello! It looks like you are looking for some sort of reassurance.
I’m not going to provide it 
There is no such thing as 100% security – it’s a matter of resource allocation. At Trezor, we try to make it as difficult and expensive as possible for any attacker to break the security of our products.
Unfortunately, a hostile nation-state can vastly outspend any private company, if they choose to do so. Any “expensive to overcome” countermeasures can be overcome, it’s just expensive. As the old adage goes, “if Mossad wants to get you, they will get you”.
Another problem is that you can only protect against an attack that you can envision. Again, Trezor does its best to model possible threats and implement countermeasures. But this does not rule out a novel attack that goes straight through, because nobody thought of it.
With that out of the way:
yes
These are also called “attacks”. APTs don’t use any special kind of APT magic, the difference is in the amount of resources spent.
Trezor tries to implement countermeasures that are cheap to do but expensive to overcome. This raises the barrier to any attack. Whether it’s enough to deter an APT is an open question.
The good news is, Trezor security ultimately relies on your device. If you don’t confirm anything you don’t understand, you are safe from the overwhelming majority of possible front-end attacks.
To that end, stay away from Ethereum and other programmable ecosystems. The Safe hack could never happen with Bitcoin – the issue was that someone confirmed a blob of hex data that they didn’t understand.
You should be asking a different question: could an APT do this? And the answer is, very likely yes.
Hardware security, even more so than software security, is a question of resources spent. An APT spending a lot of money on tampering with your device will just stick a GSM modem inside and stream screenshots from your Trezor while you are writing down the seed words.
Or, you know. A small piece of plastic explosive.
(Is that worth the expense? Maybe if you’re a crypto billionare. If so, don’t rely on a single Trezor to safeguard your wealth.
For the common people though? Nah, they’d never recoup the money spent on the attack.)
(Sure, in theory an employee could ship tampered hardware. But there is no significant advantage to being an employee. A regular person, not backed by a wealthy sponsor, can’t implement the kind of hardware modifications that would be (a) undetectable and (b) useful for an attack.)
completely unrelated, but yes