search

trustcrypto / OnlyKey-Firmware

The OnlyKey Firmware runs on the OnlyKey itself and provides the core functionality of OnlyKey.
https://docs.crp.to/firmware.html
212 stars 40 forks source link

Slot's data write protection with touch #122

Closed ealfie closed 3 years ago

ealfie commented 3 years ago

Hi all!

I find it really strange that writing to a slot does not need any physical access.

Is this by design? in that case, why?

If my computer is attacked, someone can overwrite the key and make me lose sensitive data that may or may not have a backup. Moreover I cannot easily detect if that happened, because fake data could be used to overwrite it.

Thank you!

onlykey commented 3 years ago

The short answer is:

What you are describing is a denial of service attack. If someone has access to your computer there are numerous other DoS attacks that could affect USB devices. However, DoS is the least of your worries if someone has access to your computer, the threat model just doesn't fit. Why would an attacker annoy you by wiping your OnlyKey data when they can keylog your passwords, conduct MiTM of web sessions, access your logged in websites etc. Someone DoSing your OnlyKey would be a welcome early warning that you need to quarantine and wipe your compromised system before something really bad happens. With that said you can enable write protection by enabling sysadmin mode.

ealfie commented 3 years ago

Yes, of course that if someone had access to my usb device then everything is pretty screwed. How can I enable write protection from onlykey-cli ?

ealfie commented 3 years ago

My main concern is to prevent myself from accidentally overwriting a slot having a totp secret.

In any case, I know I'm advised to backup all secrets offline