Cryptocurrency: Ledger Adds Key Exfiltration, Users Launch Smashing Revolt

grarpamp grarpamp at gmail.com
Tue May 16 21:19:42 PDT 2023


Ledger keeps screwing up.
Trezor often seen as better.
In reality, neither, nor any other digital gizmo is needed.


https://v.redd.it/06cyilqto70b1 Old School Sledger Attack


Ledger is officially a hot wallet. It can expose your seed phrase to
third parties! (Confirmed on their sub) (self.CryptoCurrency)

by BusinessBreakfast3

I woke up to shocking news!

TLDR The ledger device actually can expose your seed phrase to the internet.

Initially it was a speculation and people were expecting updates.
Eventually, we got them:

https://np.reddit.com/r/ledgerwallet/comments/13itm7u/is_there_a_backdoor_yes_or_no/jkbyyfp

So yes, it's a service your can opt for for "recovery services", but
the bottom line is that it can expose the seed phrase.

Ultimately, it's a matter of the French government knocking on their
doors and asking for it.

This actually makes your funds at Ledger less safe than on MetaMask.
At least we don't have a confirmation that other hot wallets can
access or keep copies of the seed phrases.

Leger, it was nice while it lasted...

But it's game over.

​

Edit: to the people downvoting my comments: I'm also a Ledger user.
Have been using it for multiple years to store my crypto. I'm not
happy that this happened and I hate the upcoming inconvenience of
buying new wallets and sending crypto back and forth. But
unfortunately, this is the reality. :(

​

Edit 2: Many users say

    but you can choose not to opt-in!!1

You can't opt out of the device being able to leak data to the internet.

You can only opt out of Ledger doing it with intent.

​

Edit 3: They just doubled down on Twitter spaces.

They described the product and didn't address the relevant comments
and concerns. They kept repeating that it's an "opt in service" and
finished by saying that their product is not for people with more than
$50k.

    1640 comments

[–]CryptoMaximalistBitconnect Whale[M] [score hidden] 13 hours ago*
stickied commentlocked comment (14 children)

In situations like this, we try to pin official responses so readers
have both sides of the story. If there is further information from
Ledger, we would be happy to add it here.

Ledger has since posted this FAQ page and the following video:

https://twitter.com/Ledger/status/1658458714771169282

    permalink
    embed
    save
    report
    give award

load more comments (14 replies)

[–]zoomercoomer9000 400 points401 points402 points 18 hours ago* (93 children)

The crazy thing is Ledger didn't provide details about this new
feature on their website or any obvious place. Until recently, you had
to dig under 8 paragraphs on an unrelated article about FTX customers
just to find it.

https://www.wired.co.uk/article/ftx-crypto-investors-hardware-wallets

        Ledger is preparing to launch a new service called Ledger
Recover that splits a wallet recovery phrase—basically, a
human-readable form of the private key—into three encrypted shards and
distributes them to three custodians: Ledger, crypto custody firm
Coincover, and code escrow company EscrowTech.  If somebody loses
their recovery phrase, two of the three shards can be combined—pending
an ID check—to regain access to the locked funds. Essentially, Ledger
Recover is an additional safety net; for the price of $9.99 a month,
it takes the jeopardy out of crypto’s version of stuffing dollars
under the mattress. It’ll be available in the UK, EU, US, and Canada
and come to other territories later in the year.

You would think they'd display this information more prominently,
especially as it concerns something that fundamentally changes their
business model.

    permalink
    embed
    save
    report
    give award
    reply

[–]springdot1Tin 145 points146 points147 points 14 hours ago (33 children)

“ - pending an ID check - “

Well that’s fine then. Not like everybody keeps repeatedly getting
their government issued ID and other info repeatedly exfiltrated from
any company they do business with 🙄

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]KiiaruUneducated Opinion 69 points70 points71 points 13 hours ago
(7 children)

So you can get your identity stolen and your crypto drained all at
once! It's a feature not a bug...

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]conceiv3d-in-lib3rty 28 points29 points30 points 11 hours ago (5 children)

This is absolute bullshit. There’s no way ledger survives this blunder.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (5 replies)

[–]BentPinPlatinum | QC: ETH 38 | MiningSubs 28 5 points6 points7
points 8 hours ago (0 children)

Don't forget to pay for this privilege.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]sweet_tinkerbelle 51 points52 points53 points 13 hours ago (21 children)

so it's just banking with extra steps pshh.

But I have an idea why they are doing this. Must be some people
forgetting or losing their seedphrases and blaming ledger for it like
the idiots they are.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]trancephorm 53 points54 points55 points 13 hours ago (16 children)

No, they almost certanly doing it out of political pressure.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Kodeshii 17 points18 points19 points 10 hours ago (0 children)

Well this makes me scared for the security of my coins on my Ledger now!!

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Legitimate-Source-61Tin | 4 months old 9 points10 points11 points
11 hours ago (2 children)

If it's political, then Trezor will soon follow.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]CaponcapoffstillonSilver | QC: CC 286, DOGE 157, BTC 106 | r/CMS
229 4 points5 points6 points 10 hours ago (0 children)

This, seems like governments are making the companies crack.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

load more comments (12 replies)

[–]DentinQuarantino 25 points26 points27 points 13 hours ago (1 child)

Perhaps you're not as cynical as me... But the underhand way they've
brought this out combined with what they're actually doing makes me
think it's more likely pressured from the authorities to undermine
cryptos power. Whatever the reason I'm glad I haven't got a Ledger!

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

load more comments (2 replies)

[–]zomgitsdukePlatinum | QC: BTC 107, CC 16 | LegalAdvice 167 4
points5 points6 points 13 hours ago* (0 children)

"We are sorry our outsourced workforce mass-approved a series of 100
photoshopped ID photos and handed over your crypto. We are
investigating the now-bankrupt company and will try to sue them for
recovery of your funds. No promises though."

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (2 replies)

[–]Josefumi12 10 points11 points12 points 15 hours ago (1 child)

Another reason to not trust them

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 72
points73 points74 points 18 hours ago (18 children)

Crazy!

They're done. It's game over.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (18 replies)

[–]hadoob024 6 points7 points8 points 14 hours ago (11 children)

Is this an optional service? Are you able to opt out of it? God I hope so

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (11 replies)

load more comments (26 replies)

[–]JeremyBFPlatinum | QC: BTC 311, CC 209 212 points213 points214
points 19 hours ago (39 children)

Wow. WTF! A hardware wallet that CAN broadcast your keys to the
internet. Fucking POINTLESS. Might as well just use a software wallet
then.

    permalink
    embed
    save
    report
    give award
    reply

[–]BiggusDickus-Silver | QC: CC 266, SOL 32, ETH 22 | VET 560 |
TraderSubs 76 23 points24 points25 points 10 hours ago (6 children)

It is a flat out violation of their very directly claim that the seed
cannot physically leave the device under any circumstances. Obviously
that was just a flat out lie.

Perhaps the silver lining is that the blowback will be so hard that
they will make new models that really are that way.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]TheLuckyO1neTin | LRC 14 | Superstonk 259 13 points14 points15
points 5 hours ago (0 children)

As if anyone would trust them now lmao

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (5 replies)

[–]Mr_Bob_FergusonPlatinum | QC: CC 445 49 points50 points51 points 17
hours ago (1 child)

    A hardware wallet

...and not just any hardware wallet, but THE one that is always recommended.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 44
points45 points46 points 18 hours ago (16 children)

Exactly!

And I'm getting downvoted for suggesting that.

Anyway, I'm getting BitBox02 or Coldcard today.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]the_nin_collector 17 points18 points19 points 17 hours ago (2 children)

any reason not to consider a trezor? honestly curious. Haven't
compared wallets in a long time

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (2 replies)

[–]BlockchainFoxTin 5 points6 points7 points 12 hours ago (0 children)

Yeah what about trezor?

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Ur_mothers_keeper 4 points5 points6 points 11 hours ago (3 children)

Do either of those support monero?

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (3 replies)

load more comments (8 replies)

[–]helobro11 2 points3 points4 points 15 hours ago (0 children)

Exactly bro 💯

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (12 replies)

[–]middlemangv 545 points546 points547 points 20 hours ago (212 children)

If this is true, then this is pretty disappointing.

They literally lost the only reason why I wanted to buy them..

    permalink
    embed
    save
    report
    give award
    reply

[–]SkuniMasterMind 269 points270 points271 points 19 hours ago* (40 children)

    hey literally lost the only reason why I wanted to buy them

They really compromised their biggest selling point... for $10 a month

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]emp-sup-bryBronze | QC: CC 22 | LRC 6 48 points49 points50 points
15 hours ago (7 children)

Subscription model preys on the idea that people are overwhelmed
(somewhat by the goddamn number of subscriptions) and will just pay
forever

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]SkuniMasterMind 28 points29 points30 points 15 hours ago (6 children)

Subscription models were just transition from micro-transactions to
not so micro anymore.

Yet - we swallowed it

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]gt4674bTin 7 points8 points9 points 14 hours ago (1 child)

Not sure about that yet. I think people are starting to wake up to the
financial realities and will start making more rational purchase
choices. Maybe.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

load more comments (4 replies)

[–]89timeTin 46 points47 points48 points 18 hours ago (16 children)

Damn, total palmface.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]deathbyfish13Free Range Moon Farmer 16 points17 points18 points 18
hours ago (4 children)

I'm trying to figure out why they would do this but all it's making me
want to do is headwall

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]ice_blade_sorc 9 points10 points11 points 17 hours ago (1 child)

If "money" isn't the answer to your question then I'll wallbang my head myself

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

load more comments (2 replies)

[–]Mr_Bob_FergusonPlatinum | QC: CC 445 17 points18 points19 points 17
hours ago (7 children)

    Damn, total palmface.

As they say... "$10 is $10".

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]MetaploidTin 10 points11 points12 points 17 hours ago (2 children)

A man's gotta eat

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (2 replies)

[–]Aim_SuxPlatinum | QC: ETH 135, CC 346 | TraderSubs 135 5 points6
points7 points 16 hours ago (1 child)

No, $10 is about $3.50

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]user260421Platinum | QC: CC 44, ETH 23 | TraderSubs 10 3 points4
points5 points 16 hours ago (0 children)

Now I totally get their decision! /s

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

load more comments (3 replies)

load more comments (15 replies)

[–]StolenApe 83 points84 points85 points 17 hours ago (16 children)

This seed saving service I think makes sense for a hot wallet, like a
mobile app. People don’t save their seeds, or save them on their
phones and then lose their phone. Lol. Online, encrypted seed saving
is about on par with the risk profile of a mobile hot wallet.

A ledger on the other hand… People who buy one have made the decision
to increase their security to the best possible security available.
Then suggesting those people should compromise the security they have
just purchased by doing the one thing they are never meant to do is
just insane

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (16 replies)

[–]ErmingardiaPlatinum | QC: CC 540 | Unpop.Opin. 50 34 points35
points36 points 18 hours ago (28 children)

I was about to buy one this month, very disappointed...

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Lillica_Golden_SHIBBronze | BANANO 5 | TraderSubs 13 32 points33
points34 points 18 hours ago (15 children)

I bought a new one three or four months ago. Feeling a bit uneasy about it...

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]pjlsnapTin 16 points17 points18 points 15 hours ago (2 children)

Two months ago here, waste of 150$

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (2 replies)

load more comments (12 replies)

[–]Aim_SuxPlatinum | QC: ETH 135, CC 346 | TraderSubs 135 8 points9
points10 points 18 hours ago (8 children)

Might as well as open another Metamask Wallet for free

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (8 replies)

[–]Josefumi12 3 points4 points5 points 18 hours ago (2 children)

You're disappointed but at least you are still saving and not spending
your money.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (2 replies)

[–]Every_Hunt_160Platinum | QC: CC 672 | r/SSB 10 36 points37 points38
points 19 hours ago (11 children)

Ledger asking people for their seed phrase is pretty strange indeed.

Next thing you know KFC is gonna turn to a Broccoli restaurant

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]slasula 13 points14 points15 points 18 hours ago (1 child)

vile weed

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

load more comments (9 replies)

[–]redthepotato 16 points17 points18 points 19 hours ago (26 children)

Well this sucks. Is Trezor better? My ledger isn't even a year old yet.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]bidet_enthusiastTin | Futurology 11 20 points21 points22 points 18
hours ago (17 children)

The trezzor code can also be modified to expose the seed. The problem
seems to be that ledger made this capability into a feature in their
code.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]macethefacePlatinum | QC: LW 92, BTC 45, CC 37 | ADA 15 |
TraderSubs 28 11 points12 points13 points 17 hours ago (1 child)

Belive you need physical access to the Trezor for that hack tho

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]RunsOnJava98 5 points6 points7 points 17 hours ago (3 children)

There was a YouTube video where one person accessed the physical
device and was able to grab the PIN from its RAM after changing a few
things.

But, I don’t think it was the seed phrase.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]ElonMusk0fficialBronze | Pers.Fin. 18 8 points9 points10 points 15
hours ago (0 children)

I wouldn’t consider someone using advanced electronics to listen in on
a hardware level to the chips “changing a few things”. This woikd have
to be a person specific attack where you have access to the physical
wallet itself. I don’t own or recommend any wallet but that attack
isn’t feasible outside of one off attacks where you can get to a
person and access their hardware wallet

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (2 replies)

load more comments (11 replies)

load more comments (8 replies)

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 36
points37 points38 points 20 hours ago (17 children)

Great timing. I have two devices which I'll dispose of soon.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]partymslPlatinum | QC: CC 702 | r/WSB 16 36 points37 points38
points 18 hours ago (7 children)

This decision will really cost them a lot of money.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]blitzlurkerno one knows anything 45 points46 points47 points 18
hours ago (2 children)

Even if they reverse the decision the damage is done. The trust is broken.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]OPTIMUS-PRIME27Tin 5 points6 points7 points 17 hours ago (0 children)

Trust shattered, scars remain - actions speak louder than words.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 22
points23 points24 points 18 hours ago (2 children)

Definitely! I'll spread the word forever.

Although I was a user, I'm still holding a grudge from the data leak. :)

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]StarbugIThey're all dead. Everybody's dead, Dave. 9 points10
points11 points 18 hours ago (0 children)

Agreed, was not impressed at the data leak. This is the icing on the cake.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

load more comments (1 reply)

[–]blitzlurkerno one knows anything 25 points26 points27 points 18
hours ago (3 children)

Kinda pissed off finding this post a day after I ordered one. I doubt
I'll be able to get my cash back but I'll try because an exploit like
this should be a valid reason for a refund.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (3 replies)

[–]Aim_SuxPlatinum | QC: ETH 135, CC 346 | TraderSubs 135 19 points20
points21 points 18 hours ago (3 children)

Boy this move is gonna bite back Ledger right in their asses

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 24
points25 points26 points 18 hours ago (2 children)

First they leaked our data, now they leak our seed phrases.

Let them burn!

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (2 replies)

load more comments (1 reply)

[–]Which-Occasion-9246 7 points8 points9 points 18 hours ago (0 children)

Agreed. Very disappointing... goes against what cold wallet stands for.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (67 replies)

[–]jimmycryptsoSilver | QC: CC 31, BCH 29 | CelsiusNet. 69 72 points73
points74 points 17 hours ago (4 children)

Somehow they managed to survive the massive data leak of customer
info. I don't think they will survive this though.

    permalink
    embed
    save
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 38
points39 points40 points 17 hours ago (1 child)

My email was leaked and I "forgave" them.

Won't do it this time.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]jimmycryptsoSilver | QC: CC 31, BCH 29 | CelsiusNet. 69 4 points5
points6 points 17 hours ago (0 children)

Same. Luckily I used a burner email and no longer have the same
address or phone number.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (2 replies)

[–]rock-island321 250 points251 points252 points 19 hours ago (45 children)

They'll be killing their business if that's true.

    permalink
    embed
    save
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 126
points127 points128 points 19 hours ago (23 children)

Killed it from my perspective.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]rock-island321 52 points53 points54 points 19 hours ago (11 children)

Bitcoin University will be doing a video on that today or tomorrow I
expect. He'll break it down.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]deathbyfish13Free Range Moon Farmer 23 points24 points25 points 18
hours ago (5 children)

I don't see how it's not killing it, this goes against their main selling point.

I'll for sure watch the video when it comes out but I'm not expecting
anything shocking

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Aim_SuxPlatinum | QC: ETH 135, CC 346 | TraderSubs 135 6 points7
points8 points 16 hours ago (4 children)

It's like KFC decided to stop selling fried chicken and started
selling boiled chicken

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (4 replies)

load more comments (5 replies)

load more comments (11 replies)

[–]dorfelsnorfPlatinum | QC: CC 186 | CRO 14 | ExchSubs 14 17 points18
points19 points 17 hours ago (1 child)

What are they thinking. A security focused device that screws up their
security is nothing to have.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]rock-island321 6 points7 points8 points 17 hours ago (0 children)

It could be they are aligning themselves with soon-to-be regulation.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]DerpJungler"CryptoBro" 25 points26 points27 points 18 hours ago (6 children)

I feel bad for everyone who purchased their product.

We now have to be incredibly more sceptical when buying cold wallets..

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]CoronaryAssistanceBronze | QC: CC 21 | r/SSB 12 10 points11
points12 points 13 hours ago (1 child)

Besides ledger and Trezor what other option even is there?

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]SulkyVirusPlatinum | QC: GPUmining 46, CC 35 | Stocks 69 5 points6
points7 points 12 hours ago (1 child)

Just got one and moved everything over a couple months ago... Ugh.

So is this a case where as long as I don't sign up for that service my
seed is still secure? Or did they push and update out and as soon as I
plug my cold wallet in it will compromise my seed?

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

load more comments (2 replies)

[–]The_Lombard_FoxTin 7 points8 points9 points 16 hours ago (0 children)

Kind of defeats the entire purpose of a cold wallet

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Josefumi12 9 points10 points11 points 18 hours ago (1 child)

They're just inverting their own business model /s

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]user260421Platinum | QC: CC 44, ETH 23 | TraderSubs 10 3 points4
points5 points 16 hours ago (1 child)

Maybe they're gonna do the same as paypal when they tried to slip
something in their T&Cs (the ability to fine you 2k if they don't
agree with your views), then they took it back and introduced it later
again when people were paying less attention.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]ArcosimSilver | QC: CC 51 | VET 22 | Technology 39 3 points4
points5 points 15 hours ago (0 children)

It's insane, they were able to turn the name of their company into the
synonymous for cold wallet, and now they did this for a $10 bucks a
month completely unnecessary service.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (6 replies)

[–]Plasticites 176 points177 points178 points 19 hours ago (16 children)

Why did they have to go and screw this up? I used to be able to sleep
at night having my Ledger

    permalink
    embed
    save
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 43
points44 points45 points 19 hours ago (3 children)

Likewise, my friend.

It's really unfortunate!

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (3 replies)

[–]JoNwOrDy 21 points22 points23 points 14 hours ago (1 child)

Ledger Recover: the gift that keeps on giving (to hackers).

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]FAyouPAB 5 points6 points7 points 13 hours ago (0 children)

Greed.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (9 replies)

[–]sw1mhouse 110 points111 points112 points 16 hours ago (18 children)

Would a class action be applicable?! This is ridiculous . . .

    permalink
    embed
    save
    report
    give award
    reply

[–]Josefumi12 51 points52 points53 points 14 hours ago (2 children)

I need refunds

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]sw1mhouse 33 points34 points35 points 14 hours ago (0 children)

I'd gladly take that too. This is absurd . . . They completely
obliterated their use case. We all could have stuck with free hot
wallets

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]LeThaLxdARkSilver | QC: CC 53, BTC 19 | CRO 67 | ExchSubs 72 8
points9 points10 points 10 hours ago (0 children)

Same, got more than only one and not only that, but false
advertisement is illegal and apparently put me at a risk i wasn’t
willing to take with anyone else but myself

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Deep90Platinum | QC: CC 25 | Pers.Fin. 20 6 points7 points8 points
11 hours ago* (5 children)

I would say it's unlikely unless ledger actually experiences a breach.

Also need more information on how all of this works and if it's
actually compromising even if you opt out.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]sw1mhouse 16 points17 points18 points 11 hours ago (3 children)

Agreed but I do think they duped their customer base. I & most others
I'm aware of wanted a cold wallet with no compromises. It's starts
like this & ends in KYC everytime essentially defeating the purpose

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (3 replies)

load more comments (1 reply)

load more comments (9 replies)

[–]TwistedGlassesTin 55 points56 points57 points 18 hours ago (18 children)

Oh come on... I just bought one last month.

    permalink
    embed
    save
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 22
points23 points24 points 18 hours ago (7 children)

It's tough to accept... I have two myself. :(

Security above all, that's it.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]TwistedGlassesTin 12 points13 points14 points 18 hours ago (6 children)

The only thing I'm hoping is the 24 seed phrase must be saved
manually, if some kind of software can retrieve it automatically then
this wallet has lost its purpose.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]chahouaPlatinum | QC: CC 51 | TraderSubs 11 16 points17 points18
points 16 hours ago (0 children)

If it's not done by saving the seed manually then ledger has been
lying to their customers for a long time.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]perfect5-7-with-riceBronze | QC: BTC 21 | CRO 14 | Apple 24 4
points5 points6 points 11 hours ago (3 children)

They confirmed it is loaded from the ledger's secure chip

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (3 replies)

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 8 points9
points10 points 18 hours ago (0 children)

That's the actual problem!

Now, it turned out that the device can. It's not a cold wallet anymore.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (10 replies)

[–]KlemenKisi 206 points207 points208 points 20 hours ago (52 children)

This is some serious customer misleading practice. If I knew this, I
would never buy it in first place. Basically makes my Ledger worthless
now (ok maybe exaggeration, but still I would rather have a normal
free hot wallet instead of spending 150EUR on the physical one)

    permalink
    embed
    save
    report
    give award
    reply

[–]kirtash93The Ash Ketchum of Crypto | Gotta Catch 'Em All 126
points127 points128 points 18 hours ago (15 children)

This "feature" basically breaks the whole point of a cold wallet. I
dont know who is behind this great idea but it is a pretty dumb
mistake.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]KlemenKisi 29 points30 points31 points 18 hours ago (10 children)

I cant believe what were they thinking, they probably dont follow this
subreddit haha

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]VicBear93 40 points41 points42 points 18 hours ago (7 children)

It's honestly like they thought up the worst thing they could do...and did it.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]KlemenKisi 22 points23 points24 points 18 hours ago (3 children)

So someone had this idea, and someone else had to approve it. Double dumb

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]excubitor15379 10 points11 points12 points 18 hours ago (1 child)

In theory it could be the same person

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

load more comments (1 reply)

load more comments (3 replies)

load more comments (2 replies)

[–]Josefumi12 8 points9 points10 points 18 hours ago (0 children)

Seems like my ledger is slowly become hot hard wallet with an extra
pin because of this feature. I don't agree with this even though they
say it is optional.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (3 replies)

[–]_who_is_they_ 36 points37 points38 points 17 hours ago (5 children)

I wonder if lawsuits are in order. I feel scammed.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]KlemenKisi 28 points29 points30 points 16 hours ago (1 child)

Same here. Kinda want my money back

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]pjlsnapTin 9 points10 points11 points 15 hours ago (0 children)

Yup $150

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (3 replies)

[–]redthepotato 28 points29 points30 points 19 hours ago (3 children)

This. I spent money on something I could have gotten for free when it
could have gone through my crypto investment. Isn't this
misrepresenting a product? The co-founder in the thread still ain't
giving up on his stance that nothing changes.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]TrylksJust joking! 8 points9 points10 points 18 hours ago* (0 children)

If it is broken now and “nothing has changed” then it was always broken.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]KlemenKisi 11 points12 points13 points 18 hours ago (0 children)

As consumers we should have been aware of this before purchase.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]89timeTin 10 points11 points12 points 18 hours ago (5 children)

I want cold storage so bad, but stuff like this makes me stick to hot
wallets and CEXs. I hope things change.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]KlemenKisi 7 points8 points9 points 18 hours ago (4 children)

at least you didnt buy it yet

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]89timeTin 5 points6 points7 points 18 hours ago (3 children)

Question is, which wallet to buy now?

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]excubitor15379 7 points8 points9 points 18 hours ago (0 children)

As far as I know trezor is fine so far

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (2 replies)

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 12
points13 points14 points 20 hours ago* (9 children)

Fully agree.

The problem becomes bigger for users that have 6 figures or more. I'm
not comfortable with hot wallets

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]KlemenKisi 12 points13 points14 points 19 hours ago (8 children)

yep, I guess best way to handle crypto is really just having 20
wallets with smaller amounts on them...

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (8 replies)

load more comments (10 replies)

[–]moonpumperSilver|QC:CC58,ETH19,BTC16|GMEJungle97|Superstonk522 119
points120 points121 points 17 hours ago (36 children)

Have they confirmed the device actually exposes the seed phrase or do
you have to enter the seed phrase yourself when signing up for their
back up services?

    permalink
    embed
    save
    report
    give award
    reply

[–]maninthecryptosuitPlatinum | QC: ETH 95, CC 18 90 points91 points92
points 15 hours ago (26 children)

The cofounder Nicola confirmed the seed phrase leaves the secure
element..... interestingly in a reply to the exact question you asked.

https://np.reddit.com/r/ledgerwallet/comments/13itm7u/-/jkbxxhy

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]moonpumperSilver|QC:CC58,ETH19,BTC16|GMEJungle97|Superstonk522 25
points26 points27 points 15 hours ago (0 children)

I saw after some digging. I wish the comment wasn't downvoted into
oblivion so everyone could find out for themselves straight from the
horse's mouth.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (25 replies)

[–]Lobsters_Are_Ugly 22 points23 points24 points 16 hours ago (1 child)

This is a really important point, if it's the former that's just
shocking but I highly doubt ledger would implement that.

Regardless the optics of this is terrible.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]bricarpPlatinum | QC: CC 28 | CRO 22 | ExchSubs 26 8 points9
points10 points 13 hours ago (0 children)

Explicitly confirmed by the co-founder of Ledger. It is indeed the former.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (7 replies)

[–]Snaggletoothlover 29 points30 points31 points 15 hours ago (2 children)

Also Ledger: "Never share your 24-word recovery phrase with anyone-
NOT EVEN LEDGER."

https://www.ledger.com/academy/crypto/what-is-a-recovery-phrase

    permalink
    embed
    save
    report
    give award
    reply

load more comments (2 replies)

[–]hookmanukTin | CRO 7 467 points468 points469 points 19 hours ago
(62 children)

Amazed that OP is being voted down in this thread.

Ledger just announced that they have the technical capability to pull
your seed off your device, and everyone is OK with that?

Crazy.

    permalink
    embed
    save
    report
    give award
    reply

[–]Josefumi12 135 points136 points137 points 19 hours ago (11 children)

Hardwallet should not have the ability to do that. The main reason i
bought hardwallet is to make sure my seed is not exposed and i don't
remember ordering a device that can transmit my seed.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]kirtash93The Ash Ketchum of Crypto | Gotta Catch 'Em All 51
points52 points53 points 18 hours ago* (8 children)

The whole basic point of a cold wallet thrown in the sea. Ledger the
new expensive HOT wallet.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Lillica_Golden_SHIBBronze | BANANO 5 | TraderSubs 13 4 points5
points6 points 18 hours ago (2 children)

Very disappointing. Thank goodness we have other options at least.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]TheRealestLarryDavid 3 points4 points5 points 15 hours ago (1 child)

what is the best option. i have a ledger for a few years and been out
of touch with what's available

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Lillica_Golden_SHIBBronze | BANANO 5 | TraderSubs 13 3 points4
points5 points 15 hours ago (0 children)

I'm thinking about getting a Trezor, gonna start looking at models and
reading reviews.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (5 replies)

load more comments (2 replies)

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 79
points80 points81 points 19 hours ago (11 children)

I'm flabergasted as well.

Trying to save people and they attack you.

Crazy!

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (11 replies)

[–]chance_watersPlatinum | QC: CC 61 | NANO 18 | AvatarTrading 29 32
points33 points34 points 19 hours ago (18 children)

They have not accounced how, at this point it is fully possible you
need to physically enter it for the encryption to occur. There's very
poor communication from them.

These encrypted recovery services are becoming standard though - they
are necessary for adoption. This is on the roadmap for all the
hardware wallets.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]CCNightcoreBronze | Science 11 50 points51 points52 points 18 hours
ago (1 child)

It's a pretty dumb move either way. They should sell it as a different
product and make 2x as much money and not alienate their current
users. Dumbasses

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]WeaselJCDTin | Superstonk 25 13 points14 points15 points 18 hours
ago (7 children)

my comment was deleted, but the founder said in another subreddit that
the devices sends it
"The device sends encrypted shards of your seed to different companies
if you decide to use the service. You can of course still choose to
backup it yourself."
I can't link to it, but you should find it in the ledger subreddit

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (7 replies)

load more comments (8 replies)

load more comments (19 replies)

[–]Fuglypump 23 points24 points25 points 15 hours ago (1 child)

This should turn into a class action lawsuit, I would never have
bought a ledger if I had known they were going to do this.

    permalink
    embed
    save
    report
    give award
    reply

load more comments (1 reply)

[–]UrbanWoodyTin 25 points26 points27 points 14 hours ago (9 children)

They have just posted an update

https://twitter.com/Ledger/status/1658458714771169282

    permalink
    embed
    save
    report
    give award
    reply

load more comments (9 replies)

[–]candlefirez 196 points197 points198 points 19 hours ago (68 children)

Time to build your own hardware wallet. Not your hardware wallet, not
your coins.

    permalink
    embed
    save
    report
    give award
    reply

[–]Questioning-Pen 90 points91 points92 points 16 hours ago (4 children)

If everyone needs to build their own hardware wallets for their coins
to be safe, crypto’s prospects for mass adoption are in severe
trouble.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (4 replies)

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 44
points45 points46 points 19 hours ago (46 children)

I'm on the verge of buying BitBox02 or Coldcard for my Bitcoin, but
what you're saying might be the ultimate truth at the end. Open source
would definitely make me sleep better.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]redkoilSilver | QC: CC 37, ETH 24, BTC 18 | r/SSB 8 | Privacy 10 15
points16 points17 points 16 hours ago (13 children)

Please be aware that Coldcard has the same possibility to export your
private keys out of the device. I'm not going to trust such a device
and it was the reason I went with ledger..

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 8 points9
points10 points 16 hours ago (12 children)

Yup, just found that out as well.

BitBox02 and Trezor for the final competition.

Trezor One is great, but the 25th word (passphrase) needs to be input
on a PC, not on the device itself. That's the only thing I dislike,
but maybe it's okay.

What would you go for?

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]G4METin | PCmasterrace 22 5 points6 points7 points 14 hours ago (0 children)

Go with bitbox it is made by one of the bitcoin core maintainers, you
can have a 25th word which needs to be entered on the bitbox itself.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (11 replies)

[–]Dazzling_Lime2021Platinum | QC: BAT 146 30 points31 points32 points
18 hours ago (18 children)

I think Coldcard is the best possible hardware we have so far. Not
sure if Bitbox does this, but with the Coldcard you can sign
transactions without ever plugging it into a computer. They have an
attachment where it can be powered by a 9 volt battery and you use SD
cards to broadcast transactions. Neat stuff.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 11
points12 points13 points 18 hours ago (6 children)

Oh wow!

I'll watch some videos on that right away!

Not sure if that's a potential risk, but I'll investigate the pros and
cons of both.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Dazzling_Lime2021Platinum | QC: BAT 146 13 points14 points15 points
18 hours ago (4 children)

Yeah I'm actually looking for a second hardware wallet (currently
using Trezor). Almost bought a ledger and I'm glad I didn't now lol.
Might have to check out Bitbox too, the Coldcard is a bit expensive
but it does have a lot of security features. Check out BTC Sessions on
Youtube, he did a good video on it

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Aim_SuxPlatinum | QC: ETH 135, CC 346 | TraderSubs 135 5 points6
points7 points 16 hours ago (3 children)

Whats the best choice for someone who holds coins/tokens on multiple
networks like BTC, ETH, Cosmos...etc ?

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]fnetmaPlatinum | QC: CC 21 | ADA 6 4 points5 points6 points 14
hours ago (1 child)

Probably Trezor

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

load more comments (1 reply)

load more comments (1 reply)

load more comments (11 replies)

[–]poyosoPlatinum | QC: XLM 59, CC 56 | SHIB 16 | AvatarTrading 39 8
points9 points10 points 18 hours ago (5 children)

How can you trust those devices though? How can you be certain that
they also dont leak? Because they said so?

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 21
points22 points23 points 18 hours ago (4 children)

They're open source.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]special_onigiri 6 points7 points8 points 16 hours ago (1 child)

As a software developer, I'll never get tired of saying Open Source is
King. Base is public everyone can contribute and build on top of it,
which means variety, which in turn gives people more options and will
spread thin those who are trying to exploit vulnerabilities and
exploits.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]Mr_Bob_FergusonPlatinum | QC: CC 445 7 points8 points9 points 17
hours ago (1 child)

And to expand on this point further...

Basically all the biggest encryption algorithms used for security in
general are open source.

Open source means that plenty of eyes from various organisations (and
individuals) can look over it.

And just because people can see the code doesn't mean that it any less secure.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

load more comments (7 replies)

load more comments (16 replies)

[–]Maxx3141Platinum | QC: CC 2677 139 points140 points141 points 20
hours ago (54 children)

I think it's still important to share the full details. If I got it
right, the device produces three shards with a concept similar to
Shamir’s Secret Sharing, and shares it with Ledger and two partner
companies. Two of these shards are needed to recover your seed and
knowing one shard gives you no relevant entropy advantage when trying
to brute-force it.

With that being said, I still hate the feature. This still heavily
relies on trust, and the connected PC can at least request the shards
- opening new ways to exploit it with man-in-the-middle or social
engineering attacks.

The best solution would be offering a separate fw without this feature
for the "fundamentalists" - similar to Trezor and Bitbox which offer
BTC-only-firmwares for their devices. Still I'd have a hard time to
recommend a Ledger to newcomers from now on.

    permalink
    embed
    save
    report
    give award
    reply

[–]R0Y-BATTYBronze 53 points54 points55 points 19 hours ago* (13 children)

100% this firmware that allows this feature needs to be optional,
otherwise I’d be out, in reality you never really know what they are
putting on a device when they update firmware so there is always a
matter of trust. But yeah this isn’t a good move by them and a very
odd thing to do for the small amount of people who might want it. I
will wait to see what is said on the coming days before having a
public meltdown like BusinessBreakfast is having, though I share their
concerns.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Qu1bbz 47 points48 points49 points 16 hours ago (1 child)

You realise that it doesn't matter if it's optional right? The fact
that it's even possible to extract your seed literally breaks the
entire purpose of a hardware wallet. As soon as you have to trust
ledger to not extract your seed phrase you might as well use a bank?

Besides ledger themselves this leaves the possibility for your ledger
firmware to be compromised by a 3rd party to be able to extract your
seed.

The firmware is also proprietary, so who knows if this feature didn't
exist already and whether or not they already extracted everyones
keys?

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]grandphubaSilver | QC: CC 56 | ADA 49 | ModeratePolitics 199 38
points39 points40 points 17 hours ago (3 children)

    100% this firmware that allows this feature needs to be optional,
otherwise I’d be out

You don't seem to be grasping the extent of the issue.

The fact the hardware can leak your keys should be more than enough to
put you off, regardless of the firmware.

Firmware and software can be updated, the hardware can't.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (3 replies)

[–]Lillica_Golden_SHIBBronze | BANANO 5 | TraderSubs 13 4 points5
points6 points 18 hours ago (1 child)

I hope they come up with more information on it, although I think it
is very unlikely they actually say anything that makes this situation
look better. Anyway, the simple fact there is a backdoor now makes the
whole thing extremely concerning to me.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]VicBear93 4 points5 points6 points 17 hours ago (0 children)

The Crypto space isn't short of people looking to exploit anything
they can either. If something can be exploited, then someone will find
a way. Its a disaster waiting to happen.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (5 replies)

[–]chestyspankersTin 6 points7 points8 points 13 hours ago (0 children)

I am surprised that in a crypto subreddit, so few people seem to be
aware of Shamir's secret sharing or what an encrypted shard means. To
most it appears they think their seed phrase is leaked directly from
the device with no checks in place.

I agree with your assessment and caveats, I guess I am just shocked
that I had to scroll so far to find a well balanced comment about
encryption on a subreddit that is for enthusiasts about encrypted
currency.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Mr_Bob_FergusonPlatinum | QC: CC 445 4 points5 points6 points 17
hours ago (1 child)

    Still I'd have a hard time to recommend a Ledger to newcomers from now on.

I think we're now going to see an instead dive in recommendations in the sub.

But I think that your other suggestion will also come true, that
they'll offer a version without the feature ...or just remove it
completely.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]SqueezitgirdleSilver | QC: CC 78 | CRO 42 | ExchSubs 43[🍰] 6
points7 points8 points 16 hours ago (2 children)

If you had to provide your key manually to these three companies it
would be fine.

The problem, if I understood correctly, is the fact that it can lift
your key for you automatically if you pay for their service. Ledger
led us to believe that wasn't possible.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (2 replies)

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 31
points32 points33 points 20 hours ago (21 children)

    If I got it right, the device produces three shards...

TLDR It CAN expose your seed. By definition, it's not a cold wallet anymore.

That's all that matters.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Maxx3141Platinum | QC: CC 2677 32 points33 points34 points 20 hours
ago (20 children)

Every hw-wallet can expose your seed once, otherwise you couldn't do a
backup. This still makes them cold wallets because it stays offline.
The ledger won't ever share the seed without you confirming it, and
still I don't want this feature in my hw-wallet at all. I would agree
to call it a "hot hw-wallet" from now on.

There is a chance this feature can only be used once after setup and
will be disabled afterwards, similar to the seed backup. We don't know
the full details for now.

Also I think it's terrible how they just sneakily rolled it out
without a major announcement with technical details.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (20 replies)

load more comments (12 replies)

[–]yuumonadi 14 points15 points16 points 16 hours ago (13 children)

I use a Nano S. am I safe?

    permalink
    embed
    save
    report
    give award
    reply

[–]oximoran 11 points12 points13 points 13 hours ago (2 children)

Looks like S will not support this "feature," but that's not a
guarantee of anything.

    What Ledger devices are compatible with Ledger Recover?

    Currently, Ledger Recover is compatible with Ledger Nano X. In the
near future, it will be compatible with Ledger Nano S Plus and Ledger
Stax as well.

    ⚠️ Ledger Recover isn't compatible with Ledger Nano S.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (2 replies)

[–]MindTheMindForMind 9 points10 points11 points 15 hours ago (3 children)

Same question, they didn’t specify if this feature is only a Nano X thing.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (3 replies)

load more comments (6 replies)

[–]hippofireTin | 4 months old 16 points17 points18 points 20 hours
ago (5 children)

What’s the risk in not updated the firmware ever and just transferring
funds to it?

    permalink
    embed
    save
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 30
points31 points32 points 19 hours ago (2 children)

It's closed source, nobody knows.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (2 replies)

[–]Qu1bbz 13 points14 points15 points 16 hours ago (0 children)

Potential risks:

    It's proprietary software so this feature might already exist and
worst case ledger already backed up your seed and can use your funds
however they please.
    The government confiscated your ledger and can get access to your
seed through the ledger company by making them update your firmware
and extracting the seed.
    A 3rd party might be able to compromise the firmware of your
ledger, extract the seed and steal your funds.

The fact that the possibility to extract the seed even exists is a
fundamental flaw and there is no solution other than not using a
ledger. The point of a hardware wallet is that it SHOULD be impossible
on a hardware-level to extract the seed. If a simple firmware update
is enough... the whole point is gone.

At this point ledger is nothing more than a bank you trust. On top of
this they already got compromised in the past, so good luck to anyone
who actually puts their trust in them.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Zwiebel1Platinum | QC: CC 432, BNB 20 | ExchSubs 20 11 points12
points13 points 19 hours ago (0 children)

You don't know if the functions used in that firmware update existed
before aswell. It might have existed for a long time and just went by
unnoticed. Its only a minor threat to security but are you really
willing to take chances if you bought a cold storage exactly for that
purpose?

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]ToufuNow 40 points41 points42 points 19 hours ago* (9 children)

The big problem here is how would they implement this service. If they
just ask the user to input the seed phrase to the ledger live and send
to them. Then it's just plain stupid but not a threat to an educated
users with basic sanity. However, if they can generate these social
recovery phrases jusy by asking users to connect their ledger to the
ledger live, then it would be a serious problem, as it means they
indeed have a backdoor to extract the seed phrases from the security
chip.

>From my humble opinion, the best solution to implement this (assuming
someone actually need this feature in the first place and there is
really no such backdoor to extract the seed pharse), is to make an app
running on ledger device that requires the user to input the seed
phrases to the ledger again. This app would do the cryptographic
calculation to generate these social recovery phrases and the user can
then submit them to online custody services provided by Ledger. In
this way, Ledger just act as an offline cryptographic calculator
processing the input seed pharse, and has nothing to do with the seed
phrase stored inside the security chip.

    permalink
    embed
    save
    report
    give award
    reply

[–]TrylksJust joking! 8 points9 points10 points 17 hours ago (2 children)

The “security chip” should be generating the social recovery, and the
passphrase never leaving it.

But “security chip” sounds like bullshit, TBH.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (2 replies)

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 26
points27 points28 points 19 hours ago (4 children)

Fully agree. Then it wouldn't be a problem.

Unfortunately, the co-founder confirmed that the device can leak data.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]ToufuNow 18 points19 points20 points 19 hours ago (1 child)

It would be scary if that is the case. The existence of such method to
extract the seed pharse is a serious threat to all Ledger user. Even
if they choose not to use this service, a malicious program lurk in
the computer/smartphone that the Ledger connects to can exploit such
interface and cheat ledger to give out the stored seed phrase.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 10
points11 points12 points 19 hours ago (0 children)

Exactly.

It's game over. I'm buying Trezor and Coldcard today.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (2 replies)

load more comments (1 reply)

[–]RealVoldemortPlatinum | QC: CC 52 32 points33 points34 points 19
hours ago (3 children)

Wtf are they doing. What the actual f

    permalink
    embed
    save
    report
    give award
    reply

[–]partymslPlatinum | QC: CC 702 | r/WSB 16 3 points4 points5 points
18 hours ago (0 children)

Ruining their own business in the pursuit of more profits. Just as all
do at a certain point.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]Mr_Bob_FergusonPlatinum | QC: CC 445 6 points7 points8 points 17
hours ago (0 children)

    Wtf are they doing

It's a really strange decision.

They should know their customer base well enough to know that trust
and security and the major factors that people are looking for.

And now they have ruined it.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

[–]crypteningTin | QC: BTC 28 | BCH critic 8 points9 points10 points
19 hours ago (1 child)

They already leaked everybody's name and home address so this latest
ledger service allows criminals to be less violent towards us.

Thank you ledger;/

    permalink
    embed
    save
    report
    give award
    reply

load more comments (1 reply)

[–]Intelligent_Page2732Platinum | QC: CC 918 20 points21 points22
points 20 hours ago (4 children)

It's a disturbing development, I would immediatly opt out of this,
even the chance that it can expose your seed phrase is already to much
for me.

Besides that, if the French government is knocking down their doors, I
would get out of French if I were Ledger to stay in business.

    permalink
    embed
    save
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 15
points16 points17 points 20 hours ago (1 child)

Too late for all that.

Open source only from now on. As you say, the fact that it CAN is more
than enough.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (1 reply)

load more comments (2 replies)

[–]slasula 8 points9 points10 points 18 hours ago (0 children)

oh ffs I’ve just finished moving everything over to ledger

    permalink
    embed
    save
    report
    give award
    reply

[–]FenweekoooBronze | MiningSubs 15 9 points10 points11 points 15
hours ago (2 children)

sigh.... has trezor fucked up anything i should be aware of in the last bit?

    permalink
    embed
    save
    report
    give award
    reply

load more comments (2 replies)

[–]SandboChangTin | r/AMD 102 6 points7 points8 points 12 hours ago (1 child)

Ledger is officially done for, the damage is irreversible as by
introducing the service they have exposed the fact that their device
can be hacked that way, which was thought to be impossible.

    permalink
    embed
    save
    report
    give award
    reply

load more comments (1 reply)

[–]Alarming_Associate47Tin 6 points7 points8 points 15 hours ago (0 children)

How to wreck you company in seconds 101

    permalink
    embed
    save
    report
    give award
    reply

[–]Knotley-Hunt-Brick 12 points13 points14 points 19 hours ago (5 children)

ummm should i cancel my ledger order and order rasberry pi instead ?

    permalink
    embed
    save
    report
    give award
    reply

[–]helobro11 10 points11 points12 points 15 hours ago (0 children)

Yeah bro

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 12
points13 points14 points 19 hours ago (0 children)

Yes!

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (3 replies)

[–]OutTopTin | 3 months old 6 points7 points8 points 17 hours ago (0 children)

Time to switch

    permalink
    embed
    save
    report
    give award
    reply

[–]RicothebuttonpusherTin | Politics 60 5 points6 points7 points 13
hours ago (0 children)

What’s the next best cold wallet to use? Trezor?

    permalink
    embed
    save
    report
    give award
    reply

[–]Bunker_BeansPlatinum | QC: CC 224, BTC 40 | ADA 18 14 points15
points16 points 18 hours ago (2 children)

Glad I went with Trezor over Ledger.

    permalink
    embed
    save
    report
    give award
    reply

load more comments (2 replies)

[–]EdgeLord19941 10 points11 points12 points 19 hours ago (4 children)

Hope this isn't available on older devices like the nano S?

    permalink
    embed
    save
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 7 points8
points9 points 19 hours ago (3 children)

We will never know.

I have a nano S, but after this news, I don't feel safe.

    permalink
    embed
    save
    parent
    report
    give award
    reply

load more comments (3 replies)

[–]R0Y-BATTYBronze 3 points4 points5 points 19 hours ago (4 children)

Is it only on the Nano - X ?

    permalink
    embed
    save
    report
    give award
    reply

load more comments (4 replies)

[–]CognizantSynapsidPlatinum | QC: CC 42 | r/WSB 43 4 points5 points6
points 13 hours ago (0 children)

This blows. Own two ledgers. The inconvenience continues

    permalink
    embed
    save
    report
    give award
    reply

[–]redbullandranchTin 12 points13 points14 points 17 hours ago* (3 children)

So, we get posts all the time with new users saying they were "hacked"
and lost their stash. Then everybody bombards them with some version
of "you weren't hacked, it's your fault".

This Ledger change makes you think. How long has it been in effect?
Maybe some of those hacks were caused by this because nobody knew
about it. Maybe it's already been compromised...

    permalink
    embed
    save
    report
    give award
    reply

load more comments (3 replies)

[–]neverreddit1984 10 points11 points12 points 18 hours ago (1 child)

Ledger just signed their own obituary.

    permalink
    embed
    save
    report
    give award
    reply

load more comments (1 reply)

[–]VeludoVeludoPlatinum | QC: CC 118 3 points4 points5 points 19 hours
ago (2 children)

Guess I will just memorize my seed phrase and pray telepathy won't
work anytime soon.

    permalink
    embed
    save
    report
    give award
    reply

[–]daken15Bronze 4 points5 points6 points 14 hours ago (1 child)

Just last week a paper came out of a team of researches that could
read a mouse mind and see an image of what the mouse was seeing, so
not far away.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]VeludoVeludoPlatinum | QC: CC 118 3 points4 points5 points 14 hours
ago (0 children)

Fuck... aluminium foil hats it is.

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]TheJustinG2002Silver | QC: CC 86 | LRC 49 3 points4 points5 points
15 hours ago (1 child)

I have a Nano S Plus. I read it's only for the X. It's still an
absolute atrocity but I hope things don't get worse. I'm not looking
to buy a new hardware wallet anytime soon.

    permalink
    embed
    save
    report
    give award
    reply

load more comments (1 reply)

[–]zzzz4xzzzz__Tin 3 points4 points5 points 14 hours ago (0 children)

Mf my life’s money is on my damn ledger fuck! Gotta get a Trezor!

    permalink
    embed
    save
    report
    give award
    reply

[–]SufficientNet9227Tin 3 points4 points5 points 13 hours ago (1 child)

we need a international class action lawsuit for a refund and refund
all the fees to transfer...

    permalink
    embed
    save
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 5 points6
points7 points 13 hours ago (0 children)

Yes, let's do it!

    permalink
    embed
    save
    parent
    report
    give award
    reply

[–]QptimisedTin 7 points8 points9 points 20 hours ago (4 children)

Newbie here. If not Ledger, any other good cold wallets for recommendation?

    permalink
    embed
    save
    report
    give award
    reply

load more comments (4 replies)

[–]BlockChad 2 points3 points4 points 19 hours ago (6 children)

This is optional though right? You have to opt in?

    permalink
    embed
    save
    report
    give award
    reply

[–]BusinessBreakfast3Platinum | QC: BTC 28, CC 22 | CRO 5[S] 11
points12 points13 points 19 hours ago (5 children)

Yes.

But the device can expose data to the internet. That's the scary part.

    permalink
    embed
    save
    parent
    report
    give award
    reply


More information about the cypherpunks mailing list