You actually can't update all the firmware. In particular, the portion of the firmware that implements the security logic cannot be modified, it's burned in for good.
If you want to take full control over a Trezor, which would even let you load malware onto it, you can. However, the internal security logic would still wipe all the data in the unit when you did and display a warning each time the unit was started. So you can't use the firmware update path to steal secrets, nor can you trick someone into using a modified Trezor, so long as they watch the startup.
Assuming all this is implemented correctly and has no bugs or defects, that leaves only the possibility of malicious firmware signed by the manufacturer so that it would be accepted by the security firmware without tripping the safeguards. So to some extent, you have to trust the manufacturer. However, if they ever signed "evil firmware", and that firmware got out, their reputation would be ruined.
This link is broken - https://github.com/trezor/trezor-mcu/blob/master/README.rst. Can you please update it with a working link? Thanks @Nick ODell
– Ahmedov – 2018-03-04T10:27:15.053Given that v1.6.1 claims to update the bootloader (without wiping the device), it seems that the above info is incorrect. Do they take advantage of the vulnerability to apply their fix?
– Jonathan Cross – 2018-04-04T04:43:22.223