pretty bad jade wallet vulnerability disclosed
Blockstream
Jade Security Disclosure
This disclosure gives more context on the Jade firmware vulnerability and information for our users on how to upgrade and stay safe.
Thread
Login to reply
Replies ()
Thank for the info. Best to stay updated.
When will people finally understand that Blockstream has been compromised since the beginning?
![βββ[Danielsan256]βββ's avatar](https://cdn.nostrcheck.me/7df42aa73a08b5d684c578607de2650ea746e1aa22acf6fe74ceafbe86df934e/7744481a01ec3570e32cc01cfc9fa7bfb4d9d956a9df37b0034b6a5ab514a318.webp)
How so?
Ainβt good.
Memory-safe languages FTW
Color me shocked lol
From the Jade Security Disclosure:
The vulnerable code can only be reached on an initialized and unlocked device, where the device was unlocked using the same interface that the RPC is called on. This means a USB-connected device is only vulnerable to USB-RPC calls, and a Bluetooth connected device is only vulnerable to Bluetooth RPC calls. A device that has been temporarily unlocked is only vulnerable on the interface that was chosen when it is unlocked; QR mode is not vulnerable as it does not expose an RPC interface at all.
It is why I tossed out my Passport. The updates to firmware absolutely sucked,
Why did you toss the passport?
because the micro SD Converter/holder broke in half the 2nd time I tried to use it and I could never figure out how to use the micro SD card to do the software updates. I never could update it. It may have been my favorite device, but the user friendly aspect still was not there.
My Jade was such a liability. Ditched it immediately after I realized I could access my coins WITHOUT the device connected
Care to elaborate?
Jade locked up, wasnβt able to enter my passcode into the device. Opened the green software, entered the pin on the laptop, withdrew all my coins. Jade wasnβt even connected to the laptop
If you restored the seedphrase in another wallet that is by design
lol yeah, never did that
I noticed Adam posting a few times about updating for security lately. Kind of figured
Adspam Back
Oh boy, i am so excited about Blockstream products! So looking forward to using liquid as a scaling solution.
Man, anything Adam Back touches turns to shit!
Ha! I thought BTC had no 3rd party risk. BTC might not have 3rd party but every self custody product is. Every.
View quoted note β
How long has Bitcoin existed now?
You'd think by name someone would have made a user friendly way to spend /store it that doesn't make you vulnerable to thieves or whatever.
Putz ! π