Is “the firmware cannot be upgraded” a feature, not a bug? I paused for a moment at this logic, but minimizing the attack surface does make sense.

View Original
CoinNetwork
According to a message from Bianjie News, in the context of the controversy in which Tangem CTO Andrey Lazutkin disclosed to Ledger’s Security Team that Tangem cards have a physical attack vulnerability and cannot be fixed because the firmware is not upgradeable, he posted to defend Tangem’s minimalist design. He said that the more hardware wallet components there are, the larger the attack surface; therefore, Tangem uses an architecture with no screen, no battery, and firmware that cannot be upgraded. Andrey believes that firmware upgrades themselves are also a long-term code injection entry point, so an immutable design can reduce reliance on the vendor’s ongoing trust—the main security weakness of traditional hardware wallets lies in the seed phrase—while fully publicly disclosing the underlying mechanisms of the security chip could also provide attackers with clues.
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments