MITM attack possibility?

trezor / trezord-go

:smiling_imp: Trezor Communication Daemon (written in Go)

GNU Lesser General Public License v3.0

244 stars 146 forks source link

MITM attack possibility? #168

Closed max-mapper closed 5 years ago

max-mapper commented 5 years ago

Hi, I was wondering if this attack vector was possible. Say I have an app that uses http://localhost:21325 to talk to the bridge. Assuming the app process itself is sufficiently sandboxed, could some malware (say a shady VPN client) MITM the unencrypted TCP session and modify the payloads sent to the bridge, and hope the user confirms on the device without noticing?

prusnak commented 5 years ago

This is not a bridge issue. The same malware could MITM the USB connection for example.

At all times the user HAS to check the values shown on the device display and not confirm something that is not right.