Buying a used Ledger... Yay or Nay?

[9thsky]

What's the consensus on buying a used Ledger? I understand it's risky, but if one was to follow all the known precautions, including the the ones listed on Ledger's site, would it still be risky...practically...not theoretically?

Edit: I guess I should mention that I am not in the US. And there are no official Ledger sellers here...or unofficial ones for that matter. Ordering online - besides it costing a boat load more - is not a viable option due to the pandemic. So yeah, appricate input on the specific query being posed.

[mocacinno]

I wouldn't buy one.

A brand new nano S from an official distributor (or ledger directly) costs 59€, and black friday is right around the corner... Why would you risk buying a potentially modified hardware wallet if a new one is so cheap?

[9thsky]

I wouldn't buy one.

A brand new nano S from an official distributor (or ledger directly) costs 59€, and black friday is right around the corner... Why would you risk buying a potentially modified hardware wallet if a new one is so cheap?

1) Cheap is relative.

2) No such thing as black Fridays here.

3) Don't use € here.

4) The question is to find out if the risks could be eliminated.

[mocacinno]

1) Cheap is relative.

2) The question is to find out what the risks are.

1) Well, 59€ if you buy a new one right now, but if you wait untill black friday or cyber monday they usually do promotions. IIR, last year you got 30% off, if they do the same this year you'll  pay a little over 40€ for a ledger nano S.

Really, if you're not willing to spend 40€ for a new hardware wallet, you're probably better of using a desktop wallet instead. I'm a big fan of hardware wallets, but only if you follow the correct procedure. If you're going to buy a pre-owned device from an unknown individual to save $20 and then use this device to store thousands of dollars you might need to rethink your opsec.

2) somebody could have tampered with the hardware or somebody could pre-initialise your device. Also, buying a hardware wallet from an unknown individual might make you more suspectible to a $5 wrench attack. It's not like buying this device from an official vendor reduces this risk to 0, but I'd rather trust ledger or amazon than an unknown individual.

[bob123]

1) Cheap is relative.

That's true.
But during the black friday sale, it will be cheaper than without the sale.

Also, you probably won't get it much cheaper 2nd hand. And if you do, i'd be suspicious.

2) No such thing as black Fridays here.

Ledger does the black friday sale.
It doesn't matter where you live. If you live on planet earth, there is the black friday sale you can make use of.

3) Don't use € here.

Ever heard of currency conversion?

The world works even without every country using the same currency.

4) The question is to find out if the risks could be eliminated.

No, they can't.

You can never eliminate all risks with buying a second-hand hardware wallet.

[mocacinno]

I'd like to add one extra thing that might help you:

If you're really unable or unwilling to buy a new hardware wallet, maybe it's a good idear to learn how to properly generate a paper wallet? Sure, they're not as user-friendly as a hardware wallet. It's a learning curve and you have to follow the correct procedure. But if you know how to properly generate a paper wallet, it's security is about the same as a hardware wallet...

Best thing is: you don't need to buy one... A pc/laptop, an usb stick to boot tails with network disabled, a proper paper wallet generator software and a printer that isn't connected to the network will do.  Odds are you have all 4 of these things laying around, so the cost is equal to the cost of a piece of paper.

If you are interested in paper wallets, do your research first... Then create a paper wallet on the testnet and fund/sweep it, and only then make "real" paper wallets.

An other option is to create an airgapped setup, either by booting from tails with network disabled, or by using an old pc from witch you physically remove the network cards. These setups can be really secure aswell, defenately on-par with a hardware wallet. A bit user-friendlyer than a paper wallet (IMHO), but still not as user-friendly as a hardware wallet.

[The Sceptical Chymist]

Really, if you're not willing to spend 40€ for a new hardware wallet, you're probably better of using a desktop wallet instead.

Agree completely with this, and that should be OP's bottom line answer.  I certainly understand that $51 is a lot of money if you can't afford it, but if that's the case why in the world would you be investing in risky and super-volatile assets like cryptocurrencies anyway if a new Ledger is too much money.  OP sounds like he might be the type of person who invests more than he can afford to lose--but I could be wrong, and I don't mean any offense by that.

As for me, I would never buy a used hardware wallet.  I'm not super paranoid, but I'm paranoid enough not to trust that it hasn't been fiddled with in such a manner that my coins could get stolen.  Generally I don't encourage people to be paranoid either, but in a matter like this....if you want to sleep well at night knowing your crypto is safe, be paranoid enough to buy a new HW wallet. 

If you're really unable or unwilling to buy a new hardware wallet, maybe it's a good idear to learn how to properly generate a paper wallet?

If OP had a lot of altcoins, I don't think that would be convenient.  Sure, you could put them all onto a Coinomi wallet and write down the seed, but they're not 100% secure last I heard and I wouldn't recommend that.  Nor do I know of any other multicoin wallet that has been proven to be safe.  Other than that, I'm all for paper wallets.

[mocacinno]

--snip--
If OP had a lot of altcoins, I don't think that would be convenient.  Sure, you could put them all onto a Coinomi wallet and write down the seed, but they're not 100% secure last I heard and I wouldn't recommend that.  Nor do I know of any other multicoin wallet that has been proven to be safe.  Other than that, I'm all for paper wallets.

I couldn't agree more... I didn't think about altcoins for a moment
Theoretically, you should be able to create a proper paper wallet for your altcoins aswell, but i have to agree that it would be really confusing if you'd have to print several paper wallets for a couple dozen altcoins.

I'd never store funds for a long time on any desktop/mobile wallet, but even if i did, coinomi would defenatly not be in my top-10 of wallets . I've been around when they completely trashed one of their users after he lost his lifesavings when using coinomi (at least, that was his claim). They still put all the blame on him, but to tell you the truth, i wouldn't trust a company that resorted to victim-blaming even if it was the vicim's own fault, and i'm still not 100% sure that it wasn't coinomi's bug that caused him to lose all his money.

[NeuroticFish]

Edit: I guess I should mention that I am not in the US. And there are no official Ledger sellers here...or unofficial ones for that matter. Ordering online - besides it costing a boat load more - is not a viable option due to the pandemic. So yeah, appricate input on the specific query being posed.

This can be a problem. If online ordering is not an option and no official resellers either, I'd look for another option = cold storage or even paper wallet, depending on how often you want to spend from those funds.

Just beware that cold storage has to be carefully made and has to never get online again after it's installed and paper wallets have to be created in a safe manner too. This means that if you go this path you have to understand/know what you're doing.

[sheenshane]

I tend to agree with all suggestions above.  Never use a used hardware wallet because you will never know it is manipulated by installing them an unofficial firmware that could be lead you to a hack and wipe out your entire balance.  It could also have tampered with manipulated malicious firmware or could be trick you using a fake firmware.

If you can't afford hardware wallets, it's better to choose open-source desktop wallet apps that free to download and safe.  Don't hesitate to spend a few Euros just for the safety purpose of your fund, if you have a thousand Bitcoin worth, I rather choose and buy a new one where your fund is safe.  But if that is a few hundred bucks, just choose a desktop wallet and it might good if you start with Electrum.

Even you aren't asking, I share with you this [BIG LIST] Hardware wallets (80+).  There could be a cheap lower than 51 euros upon buying Ledger or Trezor, price it doesn't important if the valuable assets that you feel safe.

Anyway, before making and generating a Bitcoin address, make sure you're the one who holds the keys, not the reseller of used HW.

[FatFork]

I would never buy nor would I recommend anyone to buy a used hardware wallet.

Let me explain why:
It all comes down to the fact that buying a used Ledger will save you a few bucks, right? However, there is no scenario to justify this.
If you don't have a relatively large amount of money to save on your hardware wallet, then you don't even need it. There are other solutions that can give you equal or better convenience (desktop/mobile wallets) or security (paper wallets). If the situation is the opposite and you do have a larger amount of crypto, then by buying a used wallet you lose its biggest advantage, which is the security of your funds. Are you really willing to take that risk?

[TopTort777]

You could always reset Ledger to default factory settings. Then it would be new, but used
Consequences, onsequences… Well, its battery could die faster compared to new one, its body can be scratched. Previous owner could have put boogers on it. I've never heard that Ledgers software were hacked and someone had issues with buying used one.

However, why do you need a used one? If you are short of money, buy a KeepKey for $30. It supports most of crypto you will face.

[9thsky]

Thank you so much guys for all the input. What an awesome community!

I get where you all are coming from...better safe than sorry, right? However, what i'd like to know is; is it indeed unsafe? If it is, what exactly are the risks?

Ledger has been around for some time. We heard of tons of people that got hacked/scammed off their btc...have you heard of any through buying a used Ledger?...even after taking all the precautions suggested by Ledger? All this time, surely there has to be at least 1 reported incident if it were possible.

I get anything is possible...but time travel is also - theoretically - possible. I was looking to make a decision based on facts rather than hypotheticals.
I know, I know...there is a risk to benefit ratio that tips toward getting a new Ledger being a smarter, safer choice, considering the price difference is relatively negligible. But that's from where you stand. From where I stand; big difference and not even possible.

So then you say, look into other options...paper or even desktop. Because that would be a safer route than a tampered Ledger. But then again, we go back to..."is it actually possible for the device to be tampered like that and not know?". I'm interested in the technicalities of it all. I mean, Ledger themselves say as long as you reset, and you could update the firmware, and you follow this, it's safe.

Thoughts?

[mocacinno]

I knew it had happened before, a quick Google search turned up this: https://qz.com/1233401/a-teen-hacker-exposed-a-security-hole-in-ledgers-hardware-wallets/

[TopTort777]

I knew it had happened before, a quick Google search turned up this: https://qz.com/1233401/a-teen-hacker-exposed-a-security-hole-in-ledgers-hardware-wallets/

“ This article is more than 2 years old.” 

Even if that really was possible, Ledger had already made patches to close an option to modify firmware.
The hack describes in the article worked if you keep using used ledger with previous owner settings. Reset disables everything imho.

[mocacinno]

I knew it had happened before, a quick Google search turned up this: https://qz.com/1233401/a-teen-hacker-exposed-a-security-hole-in-ledgers-hardware-wallets/

“ This article is more than 2 years old.”  

Even if that really was possible, Ledger had already made patches to close an option to modify firmware.
The hack describes in the article worked if you keep using used ledger with previous owner settings. Reset disables everything imho.

Does it really matter how old the article is? Sure, there aren't any recent, disclosed vulnerabilitys that aren't patched, but that doesn't matter. It doesn't even matter if this particular one is "fixed" easily
What matters is that both ledger and Trezor have had vulnerabilitys that were exploitable after a malicious actor has had physical access to a hardware wallet.
Are you sure all vulnerabilitys are fixed? I am not... Hence I will not buy a hardware wallet to which a potential malicious person could have had access.

But bitcoin is about freedom. If you want to risk all your holdings by cheaping out of 40 Euro's, be my guest. I will not however.

[FatFork]

I knew it had happened before, a quick Google search turned up this: https://qz.com/1233401/a-teen-hacker-exposed-a-security-hole-in-ledgers-hardware-wallets/

“ This article is more than 2 years old.” 

You should read the original article from Saleem Rashid: Breaking the Ledger Security Model
"An attacker can exploit this vulnerability to compromise the device running firmware 1.3.1 or below..."
I don't think the time the article was published plays any role in this case.

Even if that really was possible, Ledger had already made patches to close an option to modify firmware.
The hack describes in the article worked if you keep using used ledger with previous owner settings. Reset disables everything imho.

I think you might be wrong about this. Resetting the device to factory settings doesn't magically remove compromised firmware from the device. And secondly, since all devices with a faulty firmware could be compromised, how can you be sure that you are buying a device that is already patched?

As I wrote in my previous post, are you willing to take that risk?

[Csmiami]

I'm not an actual Ledger user, but regarding the bogus firmware issue.... didn't Ledger Live check for the authenticity of the firmware once you plug the device in?

I'm particularly interested in this discussion, because even if I wouldn't buy a used HW (I already own a few so no need), I do (re)sell some of them. For example, buying in "bulk" makes the devices cheaper, so I sell the extra ones; always sealed and untouched of course.

[mocacinno]

I'm not an actual Ledger user, but regarding the bogus firmware issue.... didn't Ledger Live check for the authenticity of the firmware once you plug the device in?

I'm particularly interested in this discussion, because even if I wouldn't buy a used HW (I already own a few so no need), I do (re)sell some of them. For example, buying in "bulk" makes the devices cheaper, so I sell the extra ones; always sealed and untouched of course.

It should check the firmware, yes... But, once again: does it really matter if the issue in the blogpost i shared is fixed? The point is: there are attack vectors that have been exploited in the past, and there is no guarantee there are no other existing vulnerability's that are yet unknow (or worse: undisclosed), so my advice would be: better safe than sorry.

My work pc is running windows (a company policy, i don't like it, but i have nothing to say in the matter). Once a month a gazzilion fixes get pushed to my pc automatically on the first day of the month together with the new virus defenitions. Is it a good idear to assume my pc is completely safe on the second day of the month since all known vulnerabilty's have been patched a day before and all virusses should be stopped? Is it OK to start saving all my private keys in plain text on this machine while surfing to unknown sites and installing whatever software i come across? No, offcourse not... Why? Well, I'm 99,99% sure NEW vulnerability's will be found, NEW virusses will be written and UNDISCLOSED vulnerability's are still there ready to be exploited.

Same goes for my hardware wallet: sure, the vulnerability's that were found in the past have been mitigated. Either by better opsec, by checks performed by the wallet software, by changes to the firmware,... But it's not like i'm 100% sure no OTHER vulnerabilty's still exist. What i DO know is that a lot of those vulnerability's required physical access to the hardware wallet, either before it was shipped to the customer, or after it was initialised. Is it such a dumb idear to make sure as little hands touch my devices as humanly possible?
You could be loading a hardware wallet with tens of BTC at a time. We all hope BTC will go to the moon... It's perfectly possible the 10 BTC on your wallet now are worth $1.000.000 in a couple of years. Are you really going to take any extra risk by buying this wallet second hand? Maybe it's a complete fake, maybe somebody tampered with the RNG, maybe somebody found a way to load fake firmware without being detected, maybe it's genuine but the firmware is so old you're at risk when initialising, maybe it's pre-initialised and you forget to wipe it,...


In this case, you keep presenting these arguments
1) the price: C'mon, you're buying a hardware wallet... Decent wallets go for as low as 40€ or less... How much are you going to pay for a used one... 10€ less, 20€ less? Are you really going to risk your holding for 10€ or 20€?

2) there are no black fridays in your country: nor are there in mine... Well, the last couple of years shops start to get on this hype-train, but 4 or 5 years ago they didn't exist. I bought my first black friday promo many, many years ago, because these promotions are global

3) You don't use €: I've presented the price in euro because ledger is a French company. They use Euro's. But you can pay in Bitcoin... I use the €, i buy stuff from china all the time but i haven't touched a Yen (ever) nor do i have a Yen account. I've bought stuff from the US, and i don't have an US bank account (i do have some dollar bills laying around from my last trip to America 20 years ago). I've even bought a new spring for my baikal air rifle straight from russia, but i wouldn't know how a ruble looks like.

4) The question is to find out if the risks could be eliminated: No, not 100%, never 100%. If you buy a hardware wallet from an unknow person, my gut feeling tells me you're 98% safe if you follow all precautions. If you buy a new one, my gut tells me you're 99,9% safe. I've been around for a while, my gut usually makes good decissions. It's up to you if you agree with me or not. And if you agree it's up to you to decide if 98% certainty is good enough or nor. It isn't for me, but i'm a different person than you are.

5) You say because of covid you cannot buy one: Why? Ledger is still shipping, Amazon isn't closing down... If I buy something it still gets delivered... Are you living in a country where all post and delivery services no longer work because of covid? In that case, you might be right...
The only "real" excuse for not being able to buy a HW wallet is living in a country where crypto is illegal IMHO.

[TopTort777]

I knew it had happened before, a quick Google search turned up this: https://qz.com/1233401/a-teen-hacker-exposed-a-security-hole-in-ledgers-hardware-wallets/

“ This article is more than 2 years old.”  

"An attacker can exploit this vulnerability to compromise the device running firmware 1.3.1 or below..."
I don't think the time the article was published plays any role in this case.

Ok, current firmware is 1.6.1.
I just dont understand why frighten people with firmware hack that is no longer works?

It is like saying don't open unknown documents from floppy disk as you might be infected by CIH

I'm not saying that person should buy or should not buy used Ledger. He has his own head to decide. But you guys turn "buying used" here into a plague or a fire that should be avoided.

If the guy has low budget, buy old, reset, update, clean it, use new keys. Why not ? Or buy alternative device.

P.S. Anyone ever bought used car? I guess no one. No one knows how to check true mileage, check accident history, presence of airbags and that the buyer can ran various diagnostics at the dealer.

Here is the same. You are taking a risk of airbags not shooting during accident = taking a risk of loosing crypto because of modded device.