Exploiting Netgear's Routerlogin.com
A recent tweet about Netgear’s inclusion of private keys for trusted HTTPS certificates in their router firmware sparked a discussion about whether this presents a material security risk. Many security experts concluded that, unlike previous uses of this technique, there was no realistic attack scenario in Netgear’s case. But, in this post, I am going to demonstrate that to be incorrect.
Breaking into the (Digital) BitBox
In this post, I am going to discuss the security issues I discovered in a hardware wallet known as BitBox, formerly known as “Digital Bitbox”. It is important to note that I have not fully audited the device, and these issues were found from a preliminary look at the device.
Breaking the Ledger Security Model
In this post, I’m going to discuss a vulnerability I discovered in Ledger hardware wallets. The vulnerability arose due to Ledger’s use of a custom architecture to work around many of the limitations of their Secure Element.
Multi-signature hardware wallets with Electrum
Hardware wallets are useful but they’re not a panacea. Vulnerabilities have been found in them before and will continue to be found. If you use a single hardware wallet, your private keys could be extracted if it is stolen. Worse still, a remote access vulnerability could be found.
Extracting TREZOR Secrets from SRAM
This is my independent write-up of a vulnerability reported to SatoshiLabs by an anonymous researcher.