Trezor Wallets to Receive Firmware Update

Trezor Model T got support for Monero, Cardano, Stellar, Ripple, Tezos, Decred, Groestlcoin, Lisk, Zencash, as well as Zcash Sapling
08 November 2018   221

Trezor hardware wallet developers have introduced new software updates for Model T (2.0.9) and Trezor One (1.7.1). It is noted that many of the changes were implemented by third-party developers from the community.

Trezor Model T got support for Monero, Cardano, Stellar, Ripple, Tezos, Decred, Groestlcoin, Lisk, Zencash, as well as Zcash Sapling.

Note that Trezor One implements support for the WebUSB protocol, which saves users of Trezor Wallet and Trezor Password Manager from having to use the Trezor Brigde software to interact with Google Chrome.

In addition, Trekor One adds support for Lisk and Stellar, and Zcash Sapling hardfork.

Earlier, support for Lisk, Factom, MIX Blockchain, Musicoin, GameCredits, and EtherGem was added to Ledger Nano S.

Trezor to Promise Hardware Update

The update is expected in January; it's going to fix the Wallet Fail vulnerability
29 December 2018   353

As reported earlier, Wallet Fail team was able to hack Trezor's and Ledger's hardware wallets at the  35C3 Refreshing Memories conference.

CTO of SatoshiLabs, creator of Trezor, have finally commented on the situation.

With regards to 35c3 findings about Trezor: we were not informed via our Reponsible Disclosure program beforehands, so we learned about them from the stage. We need to take some time to fix these and we'll be addressing them via a firmware update at the end of January.
 

Pavol Rusnak

CTO, SatoshiLabs

Same group of researchers also claimed during the talk that they were able to install any firmware on a Ledger Nano S, another hardware wallet.

We can send malicious transactions to the ST31 [the secure chip] and even confirm it ourselves [via software,] or we can even go and show a different transaction [not the one that is actually being sent] on the screen.
 

Team Member, Wallet Fail

Additionally, Wallet Fail demonstrated a vulnerability in the Ledger Blue, the most expensive hardware wallet produced by the company, with a color touchscreen. The signals are transported to the screen by an unusually long trace on the motherboard, which is why it leaks those signals as radio waves.