When buying a trezor, how can you be sure it doesnt get reprogrammed or something on the way here?
I believe there's no firmware present in a freshly-unpacked TREZOR. This means that, in order to be able to use it, you must download the firmware from SatoshiLabs (the creators of TREZOR) and program the device yourself. During this process, a digital fingerprint is displayed on the device's screen, that should exactly match the one shown on the computer screen. After doing all this, your TREZOR is supposed to be tamper-proof and ready to securely manage your keys.
They come with preinstalled fw (or at least they did in the past). But afaik the bootloader is read-only and is responsible to check the digital signature of any fw about to be installed.




