Hacker News new | comments | show | ask | jobs | submit login
Why the PewDiePie Printer Hack Is a Warning for Crypto Investors (ccn.com)
5 points by wglb 10 days ago | hide | past | web | favorite | 4 comments





Bitcoinpaperwallet.com let's you print a paper copy of your keys. You download the JS and it checks to make sure you're offline first.

How do you know if the JS that is downloaded to your browser is the correct untampered version?

What if, after printing, the printer that is disconnected when printing is later exposed to the internet its memory of what was printed is exfiltrated?


The JS has a checksum. Now, the printer's internal memory, that's a good point. Is there even a UI for that? Perhaps a factory reset after printing the keys, but what a pain in the ass.

Unless there is some sort of authenticated encryption associated with the checksum, it can be faked just as easily with modified javascript.



Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: