Trezor releases Firmware 1.6.1 and Bootloader security update for Trezor One Wallets (important update)

Trezor released Firmware 1.6.1 and a Bootloader update on March 21, 2018 for the Trezor One. The Firmware and Bootloader update closes an exploit that could be used to modify the instructions on a Trezor One before setup.

When you update to the latest Firmware it will also update and secure the bootloader. This exploit is related to a flaw in a chip and how it sets write protection.

Full details: https://blog.trezor.io/trezor-one-firmware-update-1-6-1-eecd0534ab95

Frequently Asked Questions (direct from Trezor)

Is my TREZOR One safe?

There is no evidence that this vulnerability has been used in practice. Nonetheless, we have decided to release this update for preventive reasons, according to our security philosophyand responsible disclosure program.

If your TREZOR One arrived with its packaging intact, then your TREZOR is safe to use. The firmware update will check your bootloader version, its authenticity and update it.

If your TREZOR One arrived with its packaging opened, then your TREZOR might still be safe to use, under certain circumstances. The firmware update will check your bootloader version, its authenticity and update it. If the bootloader passes the authenticity check, your device will run without errors and thus it is safe to use.

If the bootloader does not pass the authenticity check, the firmware will warn you. In this case, please contact our Support Team.

Is TREZOR Model T affected?

The TREZOR Model T is not affected by this vulnerability, because it uses a chip with a different flash controller — STM32F427.

I am about to buy a new TREZOR One. Will it be affected?

If you are buying a TREZOR One directly from TREZOR Shop, we are already shipping out devices with the latest bootloader. These devices are not affected by the issue disclosed in this article.

I bought a TREZOR One yesterday, is it affected?

If your TREZOR One arrived with its packaging intact, then your TREZOR is safe to use. The firmware update will check your bootloader version, its authenticity and update it.

If your TREZOR One arrived with its packaging opened, then your TREZOR might still be safe to use, under certain circumstances. The firmware update will check your bootloader version, its authenticity and update it. If the bootloader passes the authenticity check, your device will run without errors and thus it is safe to use.

If the bootloader does not pass the authenticity check, the firmware will warn you. In this case, please contact our Support Team.

I bought a TREZOR One from an official reseller yesterday, is it affected?

The answer above applies to his case as well. If you need to contact our Support Team, please attach the name of the reseller.

I bought a TREZOR One from an official reseller and initialized it already. Am I at risk?

Please update the device firmware. If the update does not warn you during the bootloader update (second part of the update process), then your device is safe to use.

I have an uninitialized TREZOR One. What next?

If your device is not yet initialized, then please update the firmware first. The firmware update will also update the bootloader, making sure you are starting off with a secure device.

Do I really need to update?

Even though the vulnerability disclosed in this article cannot be exploited to extract private keys from the device, we still recommend keeping your devices up-to-date at all times. Regular firmware updates are the key to a secure product.

Please, go to TREZOR Wallet. If the Wallet tells you your firmware is outdated, please run the update process. The firmware update will update the bootloader as well.

What is the newest firmware and bootloader version of TREZOR One?

Firmware: 1.6.1

Bootloader: 1.4.0

Are other hardware wallets affected?

All hardware wallets using STM32F205/F405 are potentially vulnerable to this attack vector. We have already reached out to other producers of hardware wallets and informed them about the issue.

Why is the issue disclosed in detail on the same day as the update release?

There are multiple reasons why we decided to release a full disclosure today, the most important are:

  1. The vulnerability cannot be exploited to extract private keys out of already-initialized devices, meaning TREZOR One users are not at risk.
  2. The production code of TREZOR One firmware is published publicly as it is open source, so even without technical details, a potential attacker can understand the nature of the vulnerability from the source code.
  3. Our philosophy is rooted in absolute transparency, and therefore we prefer to keep our users informed as soon as possible

Full report of Ledger Nano S exploit

UPDATE 03/20/2018 – FULL REPORT HAS BEEN RELEASED.  Some of the initial speculation regarding the exploit was correct and some was less so.  If you have not updated to the latest firmware, go ahead and do so now.

Full report: https://saleemrashid.com/2018/03/20/breaking-ledger-security-model/

**Ledger has released a firmware update for the Nano S in response to the exploit described in the link.

The Internet of Money: Five Years Later

ProtectingCoin.com will be in attendance  at The Internet of Money: Five Years Later event in Chicago.  If you are not yet familiar with Andres Antonopoulos speeches and books you should take some time to follow him.  Many of his talks can be found on YouTube and he has written several books on Bitcoin and cryptocurrency.

Home

Event details:

The Internet of Money: Five Years Later
We are planning an epic one-night only extravaganza at the historic Music Box Theater in Chicago on April 25th!

Pamela Morgan, one of the two original founders of the B.O.B. community meetup group in Chicago, will emcee this event.

Singer songwriter, Tatiana Moroz, will kick off the evening with a live music performance.

Then, Andreas M. Antonopoulos will take the stage to deliver a keynote talk. After the talk, he’ll take a few questions from the audience and then we’ll have a brief intermission to prepare for the main event.

The main event is a live recording of the 5-year anniversary episode of the Let’s Talk Bitcoin Podcast. All four hosts Adam B. Levine, Stephanie Murphy, Jonathan Mohan, and Andreas M. Antonopoulos will be together on-stage for the first time ever.

 

 

New Product Announcement – ProtectingCoin Case/Skin for the Trezor Model T

We have started our new designs for the ProtectingCoin Case/Skin for the Trezor Model T Hardware Wallet.  The new design will feature full coverage for the body, USB cutout and microSD cutouts.  We have begun design/modeling for prototyping and will be completing molds shortly.  Plans are to launch in Q2 of 2018.  The Model T case will be offered in five unique colors.

Subscribe on https://protectingcoin.com for the latest updates on this exciting new release.

Design Mock-up (actual colors may vary in final product)

PCC_CASE_MODELT2

Trezor Model T – LIBUSB_ERROR_NOT_SUPPORTED

We have been using the newly released Trezor Model T Hardware Wallet for a few days now and wanted to provide a quick update on an error we came across during initial setup.

After unboxing the new Model T (excellent new packaging with the magnetic mount), we took some time to remove all of the Security seal adhesive.  The tamper security seal has been moved to the Trezor Model T body and goes over the USB C connection on the wallet.  (The original Trezor One had two tamper seals on the packaging but none on the wallet).  The adhesive does take some work to get off but rubs off with a little work.  Some have reported using different chemicals to remove the adhesive but we don’t believe that is really needed and some chemicals could react with the plastic body so use caution with chemicals when removing the adhesive.

After the Model T was all cleanup up, we connected to a Windows 10 PC with the provided USB-C cable (approx 12 inch USB-C cable).  Following the 3 simple steps to begin setup we went to trezor.io/start and had the option of setting up a Trezor One or Trezor Model T.trezor_start

Selected the Trezor Model T and the next step was to install the Trezor Bridge.  The Bridge software is used to communicate with the Trezor Wallet and is available for Windows, Linux and Mac.  The Bridge is a small install file and only took a few seconds to download and install.

After the bridge was loaded we were able to install the firmware.  All new devices come without a firmware and this is loaded on initial setup (this is very easy/automated and no technical skills are needed to install the firmware) (current firmware version of of 03/12/18 is 2.0.1)

The next step is where we ran into some issues and received an error in the portal of “Action was interrupted – Error Details: LIBUSB_ERROR_NOT_SUPPORTED”.

Model_T_error2

Started with typical troubleshooting steps of disconnecting and reconnecting the wallet, closed all browser windows and reopened and rebooted PC to make sure no issues with initial install, browser or connection.  All these steps resulted in the same error of LIBUSB_ERROR_NOT_SUPPORTED.  Next, we uninstalled and reinstalled the new bridge software, only to receive the same error.  Spent a little time reviewing error logs and was able to see the step it was failing on but not why.model_t_erro1

At, this point, it was time to hit up the forums and see if anyone else had come across the same error when setting up the new Trezor Model T.  At this point there was only around 1000 or so shipped worldwide so the install base was pretty small at that point.  The forums did point to an email from Trezor support with the same error reported and a note that a box (around 100 units) did make it out of manufacturing with an older version of the bootloader installed and this error is related to the older bootloader and some incompatible issue with some USB ports.  The impacted bootloader was version 2.0.0 and the correct version (without the issue) was 2.0.1.  This issue could impact batch numbers labeled with 08-2018 and 09-2018 (*note, just because you have this batch number it does not mean you will have the older 2.0.0 bootloader as only around 100 units from that batch slipped through shipping).  To confirm your version of the bootloader and firmware, swipe across the Trezor Model T screen right as you connect.

20180309_2320311.jpg

The test confirmed the Model T was already on the most recent version of the bootloader (2.0.1) but there were a few comments in the forums that reinstalling the bootloader resolved the error even when they already  had the latest.

To reinstall the bootloader you will need a microSD card.  Of course in the middle of the night, when you really need one, they will be impossible to find, regardless of how many you have seen in a drawer the week before.  After a quick trip out to buy a $9.88 microSD card with SD card adapter we were ready to go with updating the bootloader.  The process to update the bootloader is relatively simple and only takes a few minutes.

  1. Download the latest bootloader file (2.0.1)
  2. Download and install the free software “Etcher” (this will be used to prepare your microSD card)
  3. Insert the microSD card (you may need to use a card reader or SD card adapter depending on what card slots you have on your PC).
  4. Open Etcher and click “Select Image”etcher.JPG
  5. Locate the bootloader-2.0.1.bin file you downloaded and click open.
  6. You may get a message that it is not a bootable image, just click “Continue”bootable_image
  7. Next you will need to click “Select Drive” and select your microSD card.  (*At this point we had an issue with our brand new $9.88 microSD card where it always said it was write protected no matter the position of the write-protected tab on the card…a little scotch tape took care of this write protection…most would not have that problem but it was just that kind of day and of course we picked up a bad microSD card).
  8. Click finish and this will complete prep of your microSD card.
  9. Disconnect your Trezor Model T and insert the microSD card.  It will only insert in one direction and will fully insert in the Model T.
  10. Reconnect the Model T and the bootloader will begin updating, this takes around 10 seconds.
  11. After the install is completed, disconnect the Model T and eject the microSD card. (the microSD card is spring loaded in the port so push in lightly and it should pop out).
  12. Now you are ready to reconnect your Model T with a fresh install of the bootloader!!!

We connected our Model T, went to the portal and …same error!  A reflash of the bootloader again resulted in the same error.

Taking another look at the logs we started to expect something with the bridge or something conflicting with USB connections.  Reviewing what was installed we discovered two versions of the bridge software was still installed.  Both the new bridge and the older version 1.x bridge software that was used for our Trezor One Wallets.  We uninstalled both version of the bridge and started over with connecting and installing the latest bridge.  IT WORKED!  The whole issue turned out to be an issue with having two versions of the bridge software.  Surprised that installing the new bridge software did not uninstall or overwrite the old version.

The end fix ended up only taking a minute and was not difficult after getting on the right path.  We look at the experience as a positive one (silver lining) though as it presented a learning opportunity to learn how to flash the bootloader using the new microSD slot that has been included with the Model T.  Hopefully this post can help you out if you just received your Model T and encounter an issue with your old bridge software causing a conflict.

Post any questions you may have on the new Model T in the comments and any experiences you may have with the new wallet.