|
|
|
|
|
|
by lxgr
1111 days ago
|
|
|
That hardware will ultimately also be running software, and you need to be trusting the vendor/supply chain of both. This is not at all to say that there is no point in hardened/secure execution environments like smartcards, Yubikeys, hardware wallets etc., but the important point is that the statement "hardware is more secure than software" by itself is dangerously misleading. And there is no such thing as (fully) "FOSS hardware". Somebody needs to build a physical thing in the end, and you can't verify every single step of that process. Openness/transparency has its advantages and reduces the chance of nefarious things happening in your supply chain, but this is lightyears away from "trustlessness". |
|
|