None of the methods proposed by Trezor would frustrate the attack mentioned in t... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		lxgr on May 16, 2023 \| parent \| context \| favorite \| on: Case study: fake hardware cryptowallet None of the methods proposed by Trezor would frustrate the attack mentioned in the article: Validate the holograms: Most users aren't forensic experts and don't have an authentic physical sample to compare their evaluation target to, only photos of one. Only buy from authorized resellers such as the official Amazon shop: Fake products have been introduced into Amazon's supply chain before [1]. The bootloader validates the firmware and displays a warning otherwise: Sure, but so does the fraudsters' bootloader. [1] https://www.redpoints.com/blog/amazon-commingled-inventory-m...

grumple on May 16, 2023 [–]

From that article, it sounds like this wouldn't be commingled inventory, as it's both private label and an opt in process.

That said the obvious way to avoid amazon commingling conclusively is to buy it directly from the Trezor shop.

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact