🚀 BR074 - Fountain Podcasting 2.0 on Nostr, SGX Key Extraction, Nunchuk, Mempool, Floresta, + MORE ft. @Oscar Merry, @Rijndael & @DETERMINISTIC OPTIMISM 🌞 Listen to the episode: ➡️ Fountain: https://fountain.fm/episode/meY9nyt70HnirLta6MZC ➡️ Spotify:

Spotify

BR074 - Fountain Podcasting 2.0 on Nostr, SGX Key Extraction, Nunchuk, Mempool, Floresta, + MORE ft. Oscar Merry & Rijndael

Bitcoin.Review Podcast with NVK & Guests · Episode

➡️ Amazon:

BR074 - Fountain Podcasting 2.0 on Nostr, SGX Key Extraction, Nunchuk, Mempool, Floresta, + MORE ft. Oscar Merry & Rijndael-Bitcoin.Review Podcast with NVK & Guests

I'm joined by guests Oscar Merry & Rijndael to go through the list.Full shownotes on the link below.Housekeeping00:01:15 Calling for Ham radio gues...

➡️ Apple:

Apple Podcasts

BR074 - Fountain Podcasting 2.0 on Nostr, SGX Key Extraction, Nunchuk, Mempool, Floresta, + MORE ft. Oscar Merry & Rijndael

Podcast Episode · Bitcoin.Review Podcast with NVK & Guests · August 28, 2024 · 1h 44m

➡️ YouTube: Shownotes: ➡️ Website:

🎙Bitcoin.Review Podcast

Bitcoin Review Podcast BR074 - Fountain Podcasting 2.0 on Nostr, SGX Key Extraction, Nunchuk, Mempool, Floresta, + MORE ft. Oscar Merry & Rijndael

I’m joined by guests Oscar Merry & Rijndael to go through the list.

➡️ Substack:

BR074 - Fountain Podcasting 2.0 on Nostr, SGX Key Extraction, Nunchuk, Mempool, Floresta, + MORE ft. Oscar Merry & Rijndael

I’m joined by guests Oscar Merry & Rijndael to go through the list.

Oscar discusses with NVK how Fountain is seeking to onboard the podcasting industry to nostr, bringing cross app comments and boosts to podcasting 2.0. 👇

PSA: Good quality (and REAL) SD cards cost money! 🫰 Make sure you're using quality memory when it comes to your #bitcoin security. @DETERMINISTIC OPTIMISM 🌞 talks about the true cost of SLC memory in BR073.

The most successful #bitcoin attacks remain the simplest: social and phishing attacks designed to get you to reveal your seed. @DETERMINISTIC OPTIMISM 🌞 and Lloyd Fournier discuss these common attacks in BR073.

It's not just the user experience, but also the developer experience that is needed to build tools which improve #bitcoin security. @Rob Hamilton explains the importance of this in BR073.

Could the technology behind FrostSnap prevent (non-social) attacks by utilising security techniques and practices at the protocol level? Lloyd Fournier discusses the goal of FrostSnap in BR073.

🚀 BR073 - Security Challenges in Bitcoin Hardware Wallets: A Technical Overview ft. Lloyd Fournier, @craigraw , @Rob Hamilton , @odudex & @DETERMINISTIC OPTIMISM 🌞 Listen to the episode: ➡️ Fountain:

Bitcoin.Review Podcast with NVK & Guests • BR073 - Security Challenges in Bitcoin Hardware Wallets: A Technical Overview ft. Lloyd Fournier, Craig Raw, Rob Hamilton, odudex & NVK • Listen on Fountain

➡️ Spotify:

Spotify

BR073 - Security Challenges in Bitcoin Hardware Wallets: A Technical Overview ft. Lloyd Fournier, Craig Raw, Rob Hamilton, odudex & NVK

Bitcoin.Review Podcast with NVK & Guests · Episode

➡️ Amazon:

BR073 - Security Challenges in Bitcoin Hardware Wallets: A Technical Overview ft. Lloyd Fournier, Craig Raw, Rob Hamilton, odudex & NVK | Bitcoin.Review Podcast with NVK & Guests Episode on Amazon Music

I'm joined by guests Lloyd Fournier, Craig Raw, Rob Hamilton and odudex to discuss bitcoin wallets and signers.HousekeepingCalling for guests to jo...

➡️ Apple:

Apple Podcasts

BR073 - Security Challenges in Bitcoin Hardware Wallets: A Technical Overview ft. Lloyd Fournier, Craig Raw, Rob Hamilton, odudex & NVK

Podcast Episode · Bitcoin.Review Podcast with NVK & Guests · August 23, 2024 · 2h 26m

➡️ YouTube: Shownotes: ➡️ Website:

🎙Bitcoin.Review Podcast

Bitcoin Review Podcast BR073 - Security Challenges in Bitcoin Hardware Wallets: A Technical Overview ft. Lloyd Fournier, Craig Raw, Rob Hamilton, odudex & NVK

I’m joined by guests Lloyd Fournier, Craig Raw, Rob Hamilton and odudex to discuss bitcoin wallets and signers.

➡️ Substack:

BR073 - Security Challenges in Bitcoin Hardware Wallets: A Technical Overview ft. Lloyd Fournier, Craig Raw, Rob Hamilton, odudex & NVK

I’m joined by guests Lloyd Fournier, Craig Raw, Rob Hamilton and odudex to discuss bitcoin wallets and signers.

Craig shares his thoughts around improving security without compromising usability. 👇

A recent Telegram zero-day exploit allowed malicious APKs to be sent as videos. @DETERMINISTIC OPTIMISM 🌞 , @Rijndael and @Rob Hamilton discuss the exploit and the security questions it raises, in BR072.

A security breach at Indian crypto exchange WazirX resulted in a $230m loss - 45% of their holdings. The payload is suspected to have been altered to grant the attacker wallet control. What lessons can we learn from the this latest hack? @DETERMINISTIC OPTIMISM 🌞 & @Rob Hamilton give their take.

A security breach at a bank linked to Coinbase compromised the personal information of 154 customers, revealing names, bank account numbers, and routing numbers. Could lawsuits against companies lead to a changing of KYC laws? @DETERMINISTIC OPTIMISM 🌞 , @Paul and @Rob Hamilton discuss.

Could some of the 'solutions' to Dark Skippy result in worse security tradeoffs? Using anti-kepto with the current solution requires exposing the signer to USB, the hardware may not be able to verify the nonce, and there's no Core implementation. @DETERMINISTIC OPTIMISM 🌞 breaks down the issues.

What's the next benchmark of security regarding nonces? And how do Schnorr based MPC systems like musig and FROST affect what systems we can and should build? @DETERMINISTIC OPTIMISM 🌞 , @Rijndael and @Rob Hamilton discuss this in BR072.

Dark Skippy has revealed some legitimate security issues which need to be addressed. That said, we don’t need to freak out. There are already a number of mitigations in place (and more on the horizon). @DETERMINISTIC OPTIMISM 🌞 and @Rob Hamilton discuss some of these mitigations in BR072.

Could there be a way to leverage the fact that the signer and the desktop have BI32 keys pre-shared, in order to defend against attacks like Dark Skippy? Developers are already discussing this potential. @DETERMINISTIC OPTIMISM 🌞 and @Rob Hamilton share their thoughts.

How do bad nonces function between computers and hardware wallets? And what are the mitigations on the signer side? @Paul , @DETERMINISTIC OPTIMISM 🌞 & @Rob Hamilton discuss this question in BR072.

What is the anti-klepto protocol, and could a standard which interoperates with PSBTs be the primary security upgrade we need to mitigate against attacks like Dark Skippy? @Rijndael discusses the potential in BR072.

If signing devices want to be evil and have the signing device sign malicious transactions, there are simpler ways than leaking keys through maliciously chosen nonces. @Rijndael explains with @DETERMINISTIC OPTIMISM 🌞 and @Paul why signed firmware matters in BR072. #DarkSkippy

Are hardware wallets perfect? No. But #bitcoin security today is still better than at any point in history. @DETERMINISTIC OPTIMISM 🌞 , @Rob Hamilton & @Rijndael discuss the main considerations for hardware wallets in defending against malicious firmware attacks like Dark Skippy in BR072.

The risk of hidden malicious code is why general purpose computers aren’t suitable for #Bitcoin security. With embedded hardware, you can have much more confidence that the device has not been tampered with, reducing the risk of attacks like Dark Skippy. @DETERMINISTIC OPTIMISM 🌞 explains in BR072.

When it comes to #Bitcoin, verifying the integrity of your signing device is essential. If you can’t trust the firmware, you’re taking a big risk with your private keys. @Rijndael gives the lowdown in light of the recent Dark Skippy attack revelations, in BR072.

When it comes to #Bitcoin, keeping your private key secret is critical. The Dark Skippy attack demonstrates how the nonce, which is required for signatures, could potentially reveal the master secret. @Rob Hamilton breaks down the attack in BR072.