Restoring Seed Phrase Security Question On New Hardware Wallet

[jerry0]

Posted this in other subforum but not getting many replies so want to also post it here.  Say you have to get a new nano ledger s plus or x and say you have the seed to restore.  You then restore it on your laptop while connected to it and use ledger live with it.




1.  Now if your laptop has malware or keylogger or anything like that, could the malware somehow read your seed when you enter it into the new nano ledger screen to restore??  Now what if you have malware in your bios?  Always heard bios malware is the worst?  Always heard because of the firmware of the nano ledger,  it protects your seed phrase and when sending and worst case is they change the btc address you sending to but you are the one to confirm or deny the transaction.  However, does the firmware protect you when you enter your seed phrase to restore in a new nano ledger device?



2.  What about if you have malware in say your usb a ports on your laptop or even a usb a port hub that might been compromised and you connect your nano ledger s plus into it that way?  Imagine your laptop has 0 or 1 usb a port... as many of you are aware many laptops nowadays only have usb-c ports so you have to buy one of those port hubs that give you 1, 4 or 7 or even more usb a ports.  I'm sure you all know what usb a port hubs I am talking about?  Such that your laptop has 0 or 1 usb a ports but you need more usb a ports so you connect one of those.  Thus for your mouse, keyboard etc.  Or say you were to connect one of those thunderbolt docks since those give more usb a ports.  Now is there any security issue if you connect your new nano ledger s plus or x into a usb a port hub that possibly was compromised or not?  My thinking was it won't affect if you are connecting your nano ledger s plus or x to it as long you verify the btc address you are sending to... but what about if you are restoring your seed?  Any way your laptop usb a ports or the port hub or even thunderbolt dock if compromised could read each seed phrase as you are typing each one by one?  Or firmware protects you from that?



3.  Thought i read somewhere it's possible if the nano ledger s plus cable is compromised but also your usb a or usb c ports on your laptop need to as well or not?  But i am specifically talking about when you restore your
seed on a new nano ledger s plus or x and have it connected to your laptop as i feel that has the most threat because that is when you are entering your seed?  But as long as the nano ledger s plus is genuine and the nano ledger s plus cable is genuine, you are fine?  Or someone put something in your usb a or usb c ports, there would be issue?  Such as imagine someone manipulated your usb a or c port on your laptop or even gave you one of those port hubs for more usb a or c ports to use.  Any safety issue with this whether restoring the seed or using it?  For some reason, i feel there is vulnerability when entering the seed if these usb a ports are somehow compromised?  But a fake cable could somehow compromise?  But as long as your nano ledger s plus or x is geniune and so is the cable that as provided by ledger, it doesn't matter if any of your usb a ports or the usb port a hub or thunderbolt dock is compromised somehow?  Again my concern in all this when you are entering your seed on the nano ledger one word at a time.
Rest

[odolvlobo]

The Ledger never allows access to the recovery phrase through the USB cable, so when you enter the recovery phrase directly into the device it is not accessible to any malware unless it is on the device itself. Never buy a hardware wallet second-hand.

[Husires]

If you are skeptical about the feasibility of hardware wallets, it is better to use air-gapped computer or format the current device and burn tails on a USB.

However, does the firmware protect you when you enter your seed phrase to restore in a new nano ledger device?

As long as you do not download firmware from an known source, you are safe. But do not try to seed your screen or try to restore it with any application.

as many of you are aware many laptops nowadays only have usb-c ports so you have to buy one of those port hubs that give you 1, 4 or 7 or even more usb a ports.  I'm sure you all know what usb a port hubs I am talking about?

Using a USB bus should be safe if you bought it directly and its components were not played with.

someone put something in your usb a or usb c ports, there would be issue?  Such as imagine someone manipulated your usb a or c port on your laptop or even gave you one of those port hubs for more usb a or c ports to use.

This type is known as a physical attack, and can do anything, so why not keep the hardware wallet in a safe place and assign a new device to it?

[Husna QA]

-snip-

In my years of using hardware wallets, I have not heard of any cases of malware being able to go that far to read the seed phrases or anything else inputted into the hardware wallet, even if it is connected via a cable to the USB port on the keylogger affected computer.

The risks are more likely to occur when you use a computer infected with malware, e.g., mismatched wallet addresses or anything you copy and paste into the installed software wallet, whether from a hardware wallet or another software wallet. Therefore, double-check the address and others in the hardware wallet for every transaction.

The risk of a hardware wallet firmware being inserted by a trojan tends to be when you buy a fake hardware wallet from an unofficial seller.

You can read several ways to check the authenticity of a hardware wallet on the official website, for example:

- https://coldcard.com/docs/paranoid
- https://support.ledger.com/hc/en-us/articles/4404389367057-Is-my-Ledger-device-genuine-?docs=true
- https://blog.trezor.io/psa-non-genuine-trezor-devices-979b64e359a7

Here is an article that might be useful to add to your insight:
https://www.kaspersky.com/blog/five-threats-hardware-crypto-wallets/47971/