Ledger, the producer of some of the most popular hardware wallet devices, has disclosed several vectors of attack for its chief competitor, Trezor. The potential to unlock the device, or tamper with the electronics, has only been exploited in the lab so far, with no data of actual devices stolen or unlocked.
The first and most trivial vulnerability are insecure or fake Trezor devices. The producer of Trezor spoke in defense of only using the official store, to avoid receiving a fake hardware wallet.
But other vulnerabilities are more complex and involve the design of the devices itself. Ledger explores the vulnerabilities of its own production line, as well as the Trezor devices, thr...