Wie sicher sind Aktualisierungen (wenn sie böswillig/gefälscht sind)?

[deleted]

Here’s what the bootloader prompt will show if you attempt to load fake firmware:

* [Fake Firmware Bootloader Warning](https://preview.redd.it/jevcvtb2fco81.jpg?width=2104&format=pjpg&auto=webp&s=6539cfab751930a5fb1e2ce6cd66d5c43897a2e9
)

Here’s what the startup screen will look like if you run fake firmware:

* [Fake Firmware Startup Warning](https://preview.redd.it/4cfdvre5fco81.jpg?width=1635&format=pjpg&auto=webp&s=f53c7c6eaa2c2525236de6736d988afdcd8a0047)

I suppose it depends on how likely you are to ignore warning prompts.

This all assumes you get phished deeply enough to be delivered fake firmware to begin with. There are tons of safeguards to prevent that as well.

I think the OP is asking even one step further, i.e. „Would you need to trust Satoshilabs with each firmware update?“ And that question is very valid, given that trust is a time sensitive issue and anybody can theoretically turn malicious. This is why Satoshilabs builds on the foundation of zero trust. The private key is generated on the device and would not be able to leak under any circumstances, even with maliciously formed firmware, I believe.

BTW, boardloader, part of every firmware upgrade check, is stored in a write-protected non-upgradable area.

These comments are exactly what someone pushing bad firmware would say…

Google how to verify download signatures if you want to DIY

They’re* and obviously not safe if malicious.

I am by no expert, but wouldn’t it be more correct to state, that we – **at current point in time** – do not have any knowledge of how to hack a Trezor. Meaning, that some super hacker might be able to.

Thanks.