Is the Ledger safe to buy from unofficial resellers?

[juanfernandez]

Hello. Is it safe to buy the Ledger Nano S from an unofficial reseller?
Is there a way to verify that the firmware is official?
What risks can I take? Is there any way to avoid them?

The only information I found per ledger is: https://support.ledger.com/hc/en-us/articles/360002481534-Check-if-device-is-genuine
The conclusion that I draw with the article is that the only risk is that it comes to me with a created phrase. Is that so?

Thank!

[1715151975]

1715151975

[1715151975]

1715151975

[1715151975]

1715151975

[bob123]

Hello. Is it safe to buy the Ledger Nano S from an unofficial reseller?

Define "safe".
There are attacks which might steal your coins.

The question is.. is it worth saving a few bucks risking all of your funds?
If you'd save more than just a few bucks, then there is something fishy anyways.

Is there a way to verify that the firmware is official?

Yes. Ledger Live does that automatically (which requires that you download/install the legit version of ledger live, and not any malware).

What risks can I take? Is there any way to avoid them?

Hardware Attacks.
You could "avoid" them by not buying from a reseller. Or by opening the device (your guarantee expires when doing so) to verify the hardware.

The conclusion that I draw with the article is that the only risk is that it comes to me with a created phrase. Is that so?

Besides manipulated hardware and manipulated firmware (which can only be installed if there is an yet unknown vulnerability), yes.

IMO, it's not worth it.

[juanfernandez]

IMO, it's not worth it.

OK thanks!.
Offtopic: At the same price, is Bitbox02 better than Ledger Nano S? (Taking into account that the cryptos that I use are in Bitbox02)

[The Sceptical Chymist]

IMO, it's not worth it.

It's amazing to me how far Ledger's reputation has sunk in the last month or so.  Every hardware wallet generates your private keys for you, am I right?  Is that actually a security issue?  I'm asking that sincerely, not facetiously, because I don't understand enough about how those keys are generated.  And for that matter, when you create an Electrum wallet you're getting private keys from Electrum....and on and on.  This has all got me a little confused.

Not so long ago, most members recommending secure wallets would have mentioned Ledger and Trezor, usually in that order.  Now it seems as though Ledger is a hot potato.  I've read a few threads about the hack, but do you guys think there's really anything to worry about as far as losing your coins?

And I did buy both Ledgers I have through Amazon, but I think they were through the Ledger store.  I'm not worried about either device being tampered with, but I definitely wouldn't recommend buying any hardware wallet through a 3rd party reseller.

[ranochigo]

It's amazing to me how far Ledger's reputation has sunk in the last month or so.  Every hardware wallet generates your private keys for you, am I right?  Is that actually a security issue?  I'm asking that sincerely, not facetiously, because I don't understand enough about how those keys are generated.  And for that matter, when you create an Electrum wallet you're getting private keys from Electrum....and on and on.  This has all got me a little confused.

Electrum uses the randomness on your computer to generate sufficient entropy before generating the seeds. This allows the seeds being generated to be random enough such that there is a low chance of that key being generated by another person.

Similarly, hardware wallets uses their microcontroller or secure element (mostly) as a source of entropy. For both, you can probably verify that they're generated unpredictably but you definitely need a bit more programming knowledge when inspecting hardware wallets as opposed to Electrum. It'll be fairly easy to see that the wallet is using the randomness generated from urandom for examplle.

Not so long ago, most members recommending secure wallets would have mentioned Ledger and Trezor, usually in that order.  Now it seems as though Ledger is a hot potato.  I've read a few threads about the hack, but do you guys think there's really anything to worry about as far as losing your coins?

No. Ledger's leak doesn't necessarily affects the security of their own devices. It will affect the privacy of their users as people can now tell if you've had someone deliver a Ledger to your house, but it doesn't guarantee that the person still has or has used a Ledger before.

[bob123]

Every hardware wallet generates your private keys for you, am I right?  Is that actually a security issue? 

It's not a security issue if generated properly.

The private keys are derived hierarchically from the seed. It is the seed generation which can be an issue.
Enough entropy is required which is achieved through using secure elements, crypto co-processors, other RNG's. It basically depends on the Random Number Generator.
Certified secure elements and crypto co-processors are secure enough.

And for that matter, when you create an Electrum wallet you're getting private keys from Electrum....and on and on.

With any desktop wallet, the seed (which is the crucial part) is generated from the entropy source of the operating system (/dev/urandom on linux and BCryptGenRandom() (previously CryptGenRandom() on windows).

Not so long ago, most members recommending secure wallets would have mentioned Ledger and Trezor, usually in that order.  Now it seems as though Ledger is a hot potato.  I've read a few threads about the hack, but do you guys think there's really anything to worry about as far as losing your coins?

No, i wouldn't worry at all.

The security of the hardware wallet is not affected at all.
"Only" the database containing the customer data got compromised. This does not affect the hardware wallet or its components.

[dkbit98]

Just don't buy ledger wallet at all, because it is not safe to buy it from anywhere especially from their official village garage, like we saw in recent leak that exposed over 200,000 customer private information.
If you still decide to buy this device you can buy from official retailers or in your local shop, following some advices and suggestions for keeping your privacy:

 - Use Tor or VPN when registering to website and install ad blocking extension like uBlock.
 - Use alternative or disposable e-mail address and new random password for registration.
 - Use alternative prepaid phone number and not your real phone number for registration.
 - Use crypto for payment, not connected with your real ID, or pay with cash in your local authorized reseller.
 - Use alternative or fake name for registration.
 - Use PO boxes or alternative address for delivery.

[Pmalek]

The conclusion that I draw with the article is that the only risk is that it comes to me with a created phrase. Is that so?

If your Ledger device arrives with a pre-created seed it means somebody somewhere already used it or set it up for you. All you would have to do then is to reset and wipe the device by entering the wrong PIN 3 times in a row. You then generate a new recovery phrase and you are ready to go.

As bob123 pointed out, there is currently no known vulnerability where a device with manipulated hardware can connect to Ledger servers and to Ledger Live. To keep this risk as low as possible, buy hardware devices from the manufacturers if possible. Unless you believe they are the ones who will intentionally "hack" the device. In that case it's all gone to shite. 

[sunsilk]

@OP I'd like to share you this story of guy that have bought a second hand Ledger from another guy through ebay.

Life Savings Stolen from Second-hand Ledger Hardware Wallet

https://www.reddit.com/r/btc/comments/7ojvca/i_am_the_guy_that_lost_25000_due_to_ledger_scam/

The only solution to avoid this incident is buying from official resellers or directly from official Ledger wallet's website. There's not that much difference if you will order from the official store/manufacture of Ledger and it's secured than what you think.

For someone knowledgeable and tech-savvy with the phrases and tampering, they could take the risk but for you, to remove the worry, buy from the official/direct store.

[bob123]

It's not good suggestion, you could damage the electronic component and while there are some picture of electronic component, AFAIK there's no documentation about the electronic component used by Ledger Nano S.

The chances are relatively small to damage them by simply just opening the plastic case.
Futher, the majority of hardware attacks which are relatively easy to perform, consist of inserting electronic components into the case. This definitely would be noticeable.

When buying from unofficial reseller (for whatever reason), this would be a good way to be a little bit more on the safe side.

[o_e_l_e_o]

@OP I'd like to share you this story of guy that have bought a second hand Ledger from another guy through ebay.

This attack is 100% avoidable by simply following Ledger's set up guide. This is not a real attack on the hardware device, but rather an attack on the user's carelessness.

Futher, the majority of hardware attacks which are relatively easy to perform, consist of inserting electronic components into the case. This definitely would be noticeable.

What supply chain attacks is a Ledger Nano vulnerable to which would go undetected? As far as I am aware, there is no known supply chain attack (not to say one doesn't exist) which would be able to bypass connecting to Ledger Live and updating the device as you would when you first receive it, which would verify the hardware as well as wipe any malicious code. Given that, and coupled with the fact that handing over your personal details is both a significant privacy and security risk as we have recently seen, then if you cannot order a device under fake credentials is it really a higher risk to buy a device from a third party (assuming you are going to follow the setup guide and verification process properly)?

[bob123]

What supply chain attacks is a Ledger Nano vulnerable to which would go undetected?

I am not aware of one.
But i wouldn't exclude it. I am hesitant when it comes to saying "There are no attacks which...".

As far as I am aware, there is no known supply chain attack (not to say one doesn't exist) which would be able to bypass connecting to Ledger Live and updating the device as you would when you first receive it, which would verify the hardware as well as wipe any malicious code.

Inserting an Antenna, as shown in the wallet.fail presentation, would be such an attack:


Source: wallet.fail presentation (2018)

This allows to trigger the button press to confirm a transaction via RF.
This requires physical co-location, but is a possible attack vector. Together with a compromised machine which sends a malicious transaction to the nano, an attacker can instantly approve it from at least 20-50 meters away (given the attacker owns a powerful antenna).

Since neither the microcontroller nor the firmware is manipulated, since it only works with setting a specific voltage to trigger the "button press" command, it is undetected when doing the ledger genuine check.
However it is very noticeable when opening the case.

Given that, and coupled with the fact that handing over your personal details is both a significant privacy and security risk as we have recently seen, then if you cannot order a device under fake credentials is it really a higher risk to buy a device from a third party (assuming you are going to follow the setup guide and verification process properly)?

Well, this is a tricky question.
It depends on the threat model, i'd say.

A proper verification (including opening the case) already negates the majority of attacks. So that's a pretty secure way i think.
However a second data leak would be pretty unlikely too, i guess (but probably still more likely).
A hardware vulnerability would mean you lose all of your coins. A data leak could mean 1) only your mail address is leaked or 2) your full address data. Whether this results in a higher risk of losing your coins (e.g. through bulgary) is hard to estimate for me.

[PrimeNumber7]

Every hardware wallet generates your private keys for you, am I right?  Is that actually a security issue? 

It's not a security issue if generated properly.

The private keys are derived hierarchically from the seed. It is the seed generation which can be an issue.
Enough entropy is required which is achieved through using secure elements, crypto co-processors, other RNG's. It basically depends on the Random Number Generator.
Certified secure elements and crypto co-processors are secure enough.

In the context of the OP...

If someone were to buy a ledger from an unofficial reseller, there is a risk they are not actually receiving a real ledger HW wallet, but rather a counterfeit that generates seeds in a way that is not random. The seed could be one of a subset of a few billion possible seeds that could be easily brute-forced by an attacker.

[Pmalek]

The only solution to avoid this incident is buying from official resellers or directly from official Ledger wallet's website.

He could have also used that Ledger he bought from Ebay but generated his own seed. The wallet itself wasn't compromised in any way. Read my reply from a few posts above. That particular example is a very costly error, but one the user could have easily avoided if he read the basics about seed generation.

This can happen with any other wallet and is the result of a user's negligence, not that of the manufacturer.