Ledger Live Liars Data Collection

[dkbit98]

If you are still using ledger live application with your ledger hardware wallet, than I you should really think again about it.
In reality it's impossible to update your device without ledger live application that can be only used on computer, so you are stuck with it at least partially.

You should know what data ledger live collects from users and for how long, because they are not even hiding it, as you can see in their privacy policy page below.
Device session identifier, IP address, clicks, actions, language and region for your operating system, transactions, etc.
They are keeping all this data for ''legal'' reasons and retention period is five years, and they share customer data with their partners.
Knowing that ledger and their partners were hacked and data leaked multiple times, I think it's crazy for anyone to trust ledger with your data for years.

What's even worse is that Ledger chairman and co-founder murzika publicly lies how they don't collect IP addresses.
So now we have proof and confirmation that people who own and work in ledger are liars:


source: https://www.reddit.com/r/ledgerwallet/comments/8xdgfi/warning_ledger_live_collects_information_without/e22jqdi/


source: https://www.ledger.com/privacy-policy
archive: https://web.archive.org/web/20220329104422/https://www.ledger.com/privacy-policy

Best solution for this is to stop using ledger wallet, but temporary fix would be mandatory use of Tor or some good open source vpn like Mullvad.
Don't trust my words, and do your own research about this.

[1714077420]

1714077420

[1714077420]

1714077420

[o_e_l_e_o]

I'm no fan of Ledger's stance on user data and privacy, but this is not unique to them or even unique to hardware wallets. If you use any wallet which goes through any server which is not your own server pointed at your own node, then whoever runs that server will absolutely be able to see your IP address and details of every address you query and every transaction you make, as well as any other unique identifiers the wallet software communicates to them, and can keep that data for as long as they want and share it with anyone that they want.

If you own a Ledger device and need to use Ledger Live to update it (is there no way to do this offline?) then either wipe your seed phrase from the device first (make sure you have a back up handy), or don't actually store any coins on the base seed phrase and only store coins on hidden passphrased wallets. Run Ledger Live over Tor, so all Ledger can collect is the session identifier linked to an empty wallet and an IP address which isn't yours.

[dkbit98]

I'm no fan of Ledger's stance on user data and privacy, but this is not unique to them or even unique to hardware wallets. If you use any wallet which goes through any server which is not your own server pointed at your own node, then whoever runs that server will absolutely be able to see your IP address and details of every address you query and every transaction you make, as well as any other unique identifiers the wallet software communicates to them, and can keep that data for as long as they want and share it with anyone that they want.

This is only partially true, because I can use Electrum or some other wallet that maybe have records of my IP addresses and transactions, but they are not sharing that info with any partners of parties that pay more, and they don't keep this data for five years.
In Trezor hardware wallet used with Trezor Suite app I can disable sending of all information (in settings) and I can enable Tor to hide my IP address.
This is what Trezor can collect if you enable anonymous data collection:
https://docs.trezor.io/trezor-suite/misc/analytics.html

is there no way to do this offline?

There is no way you can update ledger offline and you must use normal computer, not a mobile device for this process.

[Charles-Tim]

There is no single way to privacy, it has to be fought for. Taking it from the light client wallets people are using today, they have no privacy, central servers are linking addresses together and linking it to the IP address used. It is privacy conscious people that know they have to run their own full node and make use of Tor to make this privacy invasion impossible. Another is people buying hardware wallet directly from the manufacturing company, data can be breached by hackers at anytime, people that are privacy conscious still go in a way they do not provide information valid enough to trace their real identity.

[bitmover]

I'm no fan of Ledger's stance on user data and privacy, but this is not unique to them or even unique to hardware wallets. If you use any wallet which goes through any server which is not your own server pointed at your own node, then whoever runs that server will absolutely be able to see your IP address and details of every address you query and every transaction you make, as well as any other unique identifiers the wallet software communicates to them, and can keep that data for as long as they want and share it with anyone that they want.

Exactly. Ledger is probably being bashed because we all know there was a data leak, and they are transparent about this data usage (sharing with partners, etc).

Basically every website and company does that, but they are not so clear about.

Ledger wallet is a device that is useful for security. If you want to use their wallet for convenience (or any other SPV wallet that goes though their server) you are being watched.

If you own a Ledger device and need to use Ledger Live to update it (is there no way to do this offline?)

There is a way.

You can create 2 wallets, using a passphrase. Then, you can use ledger live only in your empty wallet to update the firmware.

When making transactions, go to your other wallet with a passphrase (different pin) and use it in a software where you truste the servers.

[Lucius]

I can’t be surprised at all when it comes to Ledger, because that company proved its incompetence, and then it tried to relativize that whole mess by pretending it wasn’t some big deal. The fact that they continue to collect such sensitive data and share it with partners (or perhaps sell it) proves that nothing has changed in their business philosophy.

In one of the possible new database leaks, hackers may have your coin addresses with balances in addition to your personal data, so they know who the valuable targets are. An old saying goes "fool me once, shame on you; fool me twice, shame on me".

[o_e_l_e_o]

This is only partially true, because I can use Electrum or some other wallet that maybe have records of my IP addresses and transactions, but they are not sharing that info with any partners of parties that pay more, and they don't keep this data for five years.

You have absolutely no way of knowing what the owners of the random Electrum servers you connect to are doing with the data they gather from you. Some servers are being run directly by blockchain analysis companies.

In Trezor hardware wallet used with Trezor Suite app I can disable sending of all information (in settings) and I can enable Tor to hide my IP address.

Even although Trezor say they don't collect these things, you are still using their servers to update your addresses and transactions and so they could keep logs if they wanted. Just like a VPN, you cannot verify what they say. And you can connect any wallet over Tor if you want.

If you want privacy, then you have to run your own node. There is no other way around it.

[dkbit98]

You have absolutely no way of knowing what the owners of the random Electrum servers you connect to are doing with the data they gather from you. Some servers are being run directly by blockchain analysis companies.

I just gave un example and we are not talking about some random people who run servers, we are talking about official wallet developers who openly say what they are doing.
It's well known fact that blockchain analysis companies and government agencies run their servers for tracking, but that is totally different story.
Let's not mix wallet manufacturers with third parties.

Even although Trezor say they don't collect these things, you are still using their servers to update your addresses and transactions and so they could keep logs if they wanted. Just like a VPN, you cannot verify what they say. And you can connect any wallet over Tor if you want.

I guess you can sort off verify it if you know what you are doing, because Trezor and their Trezor Suite application are all open source.
And yes I know running your own bitcoin node is bets option for privacy, it's not even that hard for average Joe to do it.

''Update'' from one more ledger co-founder aka reddit moderators btchip 

[m2017]

If you are still using ledger live application with your ledger hardware wallet, than I you should really think again about it.
In reality it's impossible to update your device without ledger live application that can be only used on computer, so you are stuck with it at least partially.

You should know what data ledger live collects from users and for how long, because they are not even hiding it, as you can see in their privacy policy page below.
Device session identifier, IP address, clicks, actions, language and region for your operating system, transactions, etc.
They are keeping all this data for ''legal'' reasons and retention period is five years, and they share customer data with their partners.
Knowing that ledger and their partners were hacked and data leaked multiple times, I think it's crazy for anyone to trust ledger with your data for years.

What's even worse is that Ledger chairman and co-founder murzika publicly lies how they don't collect IP addresses.
So now we have proof and confirmation that people who own and work in ledger are liars:


source: https://www.reddit.com/r/ledgerwallet/comments/8xdgfi/warning_ledger_live_collects_information_without/e22jqdi/


source: https://www.ledger.com/privacy-policy
archive: https://web.archive.org/web/20220329104422/https://www.ledger.com/privacy-policy

Best solution for this is to stop using ledger wallet, but temporary fix would be mandatory use of Tor or some good open source vpn like Mullvad.
Don't trust my words, and do your own research about this.

Some of this has already been discussed here and in the topic itself, but the information you provided adds to the overall picture of Ledger. In general, those who often look into this section should already have a clear idea about this firm and that you need to stay away from them. Info about Ledger should be posted on as many resources as possible to get the attention of as many people as possible.

In Trezor hardware wallet used with Trezor Suite app I can disable sending of all information (in settings) and I can enable Tor to hide my IP address.
This is what Trezor can collect if you enable anonymous data collection:
https://docs.trezor.io/trezor-suite/misc/analytics.html

Formally, this can be done in Ledger Live settings too, but I have big doubts that this is not a fiction and an illusion for users. After all, we can't find out what actions the app performs because of the closed code.

There is a way.

You can create 2 wallets, using a passphrase. Then, you can use ledger live only in your empty wallet to update the firmware.

When making transactions, go to your other wallet with a passphrase (different pin) and use it in a software where you truste the servers.

Curious find. Need to include this in the list of "magical" actions that are required to interact with Ledger (I could not find the topic where similar Ledger lifehacks were discussed, otherwise I would have added here.)

[PrivacyG]

Something has happened along the years.  The moderator's answer is four years old and the Privacy Policy has been archived today.  Right?

I think what happened is governments put a particular pressure on everything related to Cryptocurrency.  Exchanges, ATM's, wallets, all of it.  See how quickly Know Your Customer became the norm, how quickly Anti Money Laundering became the excuse to remove privacy, how quickly data collection became a general thing.  Ledger is a company and they are part of this too.

I expect this was a government's plan that went two ways.  Ledger either got paid well for doing this or they were just pressured enough to accept the data collection and move on with it now being part of Live.  Every company that is collecting information from Cryptocurrency users for 'legal reasons'.  All this data must be going somewhere.

At this point.  All we have left is fully Open Source and decentralized software and hardware.  This is the way we have to follow.  Purchase Open Source hardware and move away from Closed Source software.  It is clear to me now that any custodial wallet and any Closed Source software is going to collect and sell information about you.  Fuck that.  If we all spent our resources on creating the best of the best Open Source and fully decentralized tools and apps for Cryptocurrencies, we would have our own exchange with Binance like volume and user base.

But even then.  We have some like Wasabi that just turn bad over time.  But if something is Open Source, it can be forked after all.  Fuck data collection.  Fuck hidden interests and plans that are against you.  You are paying someone to sell your information.  All of this is getting clustered up somewhere and it is definitely not your HDD.

-
Regards,
PrivacyG

[o_e_l_e_o]

You can create 2 wallets, using a passphrase. Then, you can use ledger live only in your empty wallet to update the firmware.

I already explained this option in my reply you quoted. I was looking for a way where you can download the update manually and then flash it on an offline computer. It doesn't seem this is possible.

I just gave un example and we are not talking about some random people who run servers, we are talking about official wallet developers who openly say what they are doing.

I appreciate that, but I think the distinction is academic. The outcome in both cases is the same: Some third party is collecting your data, storing it, and sharing it, and if you don't want that to happen, then you need to run your own node.

It is clear to me now that any custodial wallet and any Closed Source software is going to collect and sell information about you.

This is the way. Closed source software such as Windows and centralized services such as Google and Facebook have spent years collecting and selling your data. Why would cryptocurrency be any different, especially when governments are taking such an interest in controlling and monitoring it?

[n0nce]

Basically every website and company does that, but they are not so clear about.

Except that I can put an SD card with a firmware file on it into my Foundation Passport and it updates itself without any data sent to anyone.

This should be the default and relatively easy to implement. BitBox02 has had this for 5+ years now if my memory serves me correctly.

[witcher_sense]

Device session identifier, IP address, clicks, actions, language and region for your operating system, transactions, etc.

It's really funny and even ridiculous: they are lying even about not collecting the information about bitcoin addresses user generates with their Ledger Live application:

Posted by
u/Crypto_Economist42
1 year ago
Does Ledger collect addresses from Ledger Live and associate them with any personal information collected?

btchip
1 yr. ago
Ledger Co-Founder

No. You can check that in the privacy policy you agreed to when using the product.

Their Privacy Policy clearly states that they collect user's information about "currency, time stamp, amount and status of transactions, transaction identifier, identifier used by our partners to identify you."

It has long been known that Ledger guys want to know everything about their customers, which is one of the reasons why they made it so difficult to purchase a Ledger device. Users have to undergo the full process of verification and identification if they want their products. You simply can't buy Ledger anonymously with cryptocurrency. In order to purchase, you have to use either your credit card that is already attached to your real identity and bank account or your verified account on PayPal, Crypto.com, BitPay that also will contain information about your identity. All that means that not only will Ledger know you purchased a hardware wallet from them, but also everyone else should a data breach occur, including your government should it request information from one of these entities.

[DaveF]

I'm no fan of Ledger's stance on user data and privacy, but this is not unique to them or even unique to hardware wallets. If you use any wallet which goes through any server which is not your own server pointed at your own node, then whoever runs that server will absolutely be able to see your IP address and details of every address you query and every transaction you make, as well as any other unique identifiers the wallet software communicates to them, and can keep that data for as long as they want and share it with anyone that they want.

This is only partially true, because I can use Electrum or some other wallet that maybe have records of my IP addresses and transactions, but they are not sharing that info with any partners of parties that pay more, and they don't keep this data for five years.
In Trezor hardware wallet used with Trezor Suite app I can disable sending of all information (in settings) and I can enable Tor to hide my IP address.
This is what Trezor can collect if you enable anonymous data collection:
https://docs.trezor.io/trezor-suite/misc/analytics.html

is there no way to do this offline?

There is no way you can update ledger offline and you must use normal computer, not a mobile device for this process.

Not to be snarky but how do you know what data I am keeping / selling if you connect to my electrum node.
Unless you are running it yourself you really don't know.

Side note, although a magnitude or two or three more difficult and expensive same thing can be done with lightning.
Build enough nodes connected to each other and some major services that use it. Set the fees to 0 so other nodes will route through you and you could get a decent picture to a certain extent of what is going where.
Not perfect, but still.

Back to ledger collecting data if you need an app to update your HW wallet and just can't plug it in and upload a file to it, then yeah you never can trust what they are doing.

-Dave

[NeuroticFish]

If you don't start the Bitcoin app (the one installed inside your HW) in Ledger Live they don't know your xpub. So imho you can update without them knowing everything about you. Am I missing something?!
Of course, if you use their wallet, ... that's entirely your fault.

[The Sceptical Chymist]

OP, you've been critical of Ledger for as long as I can remember, and I used to politely disagree with you (if I recall correctly), but everything you've said stuck in my mind and produced doubts--doubts that kept growing and growing until I finally decided to ditch Ledger a couple of weeks ago. 

I don't like the fact that they use a closed-source code, and I don't like their data collection and privacy practices.  In fact, I'm uncomfortable enough with those things that I moved my coins off my device and into separate wallets (fortunately I don't own that many coins, and the amounts are small anyway).  So I thank you for being the canary in the coalmine for so long, because I have a feeling Ledger's policies are going to backfire on them, but it's their users who are going to get their heads blown off.

Too bad, because I loved the Nano S and X and the fact that they supported so many coins.  If anyone from Ledger ever reads this, tell someone high up to get the company's shit together.

[m2017]

Device session identifier, IP address, clicks, actions, language and region for your operating system, transactions, etc.

It's really funny and even ridiculous: they are lying even about not collecting the information about bitcoin addresses user generates with their Ledger Live application:

Posted by
u/Crypto_Economist42
1 year ago
Does Ledger collect addresses from Ledger Live and associate them with any personal information collected?

btchip
1 yr. ago
Ledger Co-Founder

No. You can check that in the privacy policy you agreed to when using the product.

Their Privacy Policy clearly states that they collect user's information about "currency, time stamp, amount and status of transactions, transaction identifier, identifier used by our partners to identify you."

It seems that Ledger's "right hand" (support department) doesn't know what his "left hand" (programming department) is doing. Constantly confused in their evidence. This immediately causes distrust and doubts about the reliability of this company.

It has long been known that Ledger guys want to know everything about their customers, which is one of the reasons why they made it so difficult to purchase a Ledger device. Users have to undergo the full process of verification and identification if they want their products. You simply can't buy Ledger anonymously with cryptocurrency. In order to purchase, you have to use either your credit card that is already attached to your real identity and bank account or your verified account on PayPal, Crypto.com, BitPay that also will contain information about your identity. All that means that not only will Ledger know you purchased a hardware wallet from them, but also everyone else should a data breach occur, including your government should it request information from one of these entities.

Now we understand their "inner kitchen", but unfortunately it's a little late. This company has sold millions of devices, which means that they have obtained a lot of sensitive information about millions of their customers in a cunning way.

The question is, what will they do with all this data? Will they provide information to governments on demand?

The law will affect exchanges and non-custodial wallets, such as metamask, ledger and trezor, as I explained.

Read more here: Goodbye, privacy, goodbye, it was nice while it lasted.

There are many more surprises ahead of us from Ledger.

[n0nce]

The question is, what will they do with all this data? Will they provide information to governments on demand?
~
There are many more surprises ahead of us from Ledger.

That's not a big question, honestly. Especially financial information is very lucrative on the data market; alone the fact that someone owns any cryptocurrency or not is very valuable.
Have a look at this infographic, for instance.

I also don't believe after following different topics in the forum here, anything coming from Ledger will be really surprising. We can expect data selling, data breaches, low-quality devices and bad customer support, unfortunately.

[o_e_l_e_o]

If you don't start the Bitcoin app (the one installed inside your HW) in Ledger Live they don't know your xpub. So imho you can update without them knowing everything about you. Am I missing something?!

I don't think you can say that for sure. Given that on Ledger devices you can enter a passphrase without opening the bitcoin app, then clearly it can still access the seed phrase and perform operations on it, which will include potentially deriving public keys. Given it is closed source, we can't say for sure this isn't happening.

I think the best option is to have your basic wallet completely empty and only store coins behind additional, temporary passphrases. If you then only unlock your wallet but never enter a passphrase before connecting to Ledger Live for updates, and only open your passphrased wallets when connected to your own Electrum server or similar, then this should (but again, we can't be certain) prevent the public keys from your passphrased wallets being leaked during an update.

Alternatively have a dummy seed phrase which you enter to the device prior to any updates, and then restore your real seed phrase after.

[nopara73]

But even then.  We have some like Wasabi that just turn bad over time.

Wasabi did not turn bad. It's not like anyone is happy with what happened, but the fact is, Wasabi is the most popular privacy solution on Bitcoin, which makes it the most endangered Bitcoin project in existence.