Ledger Recovery - Send your (encrypted) recovery phrase to 3rd parties entities

[m2017]

~snip

In fact, it turns out that Ledger first slipped its customers a new firmware version with this damned recovery function and only then announced this function. I don't believe that there was a mistake and the company (in which can’t even sneeze without the consent of the management) mixed up the date of the announcement of such a high-profile feature. Was this done on purpose so that as many users as possible upgraded to version 2.2.1?

Ledger's management are brilliant businessmen: you get verified with KYC and still pay money for it. Simple, ingenious.

Closed source, KYC, dubious collaborations. All this together forms a big alarm signal.

~snip

It's funny to hear calls to believe from a Ledger when they have already seriously screwed up with the personal data of their customers 2 times in the not so distant past. Moreover, both times they got off lightly without incurring any material losses, not to mention reputational ones. But it should have. And after this set-up with the so-called recovery function, Ledger will not lose its position in the eyes of ordinary users who don't really ask themselves where this company is slipping? I think no. Moreover, line up of their clients who are ready to pay those $10/month for a KYC.

Faith has no place in financial matters. Here there is only openness, reliability and security.

This is so bad that i might give them negative feedback if they have account on this forum. And considering this "feature" require ID verification where Ledger already leak user data in past, it feels like disaster waiting to happen. By disaster, i mean your legal document will be leaked and misused by criminal to perform identity theft.

The coming catastrophe may turn out to be something else. Having a user ID thanks to the KYC for $10\month, having the entire history of transactions and wallets thanks to the data received through the Ledger Live, all users of this devices are at a glance. And if pass this information on to governments, which seems quite possible, if measured by the dynamics of changes in the actions of this company, it becomes not fun at all.

The most hypocritical thing is that the Ledger presents all the crap to its users under a plausible pretext, supposedly taking care of the safety of their funds.

"The road to hell is paved with good intentions".

It is precisely along this road that the Ledger has been slide down more and more lately.

[bullrun2024bro]

We are also discussing the Ledger issue in the German board and found a tweet claiming that the Nano Ledger S may not be affected because the device is too old for the the current Ledger Recover firmware update?

Regardless of the fact that you should still look for another hardware wallet company, can anyone with a more technical background comment on whether this information is correct?



Source: https://twitter.com/0xQuit/status/1658596830350036992

[joker_josue]

We are also discussing the Ledger issue in the German board and found a tweet claiming that the Nano Ledger S may not be affected because the device is too old for the the current Ledger Recover firmware update?

That's probably it.
The first step now is to avoid updating at all costs, and then, for those who don't feel comfortable with their wallet, change their money to another one.

[satscraper]

If anyone is wondering how can an entity destroy the concept of their own products - in this case by exporting the seed phrase to outside entities, even if it is encrypted - then wait no more because Ledger will launch their new service, Ledger Recover[1]:

Looks like Vitalik Buterin has been employed by Ledger SAS.

We are also discussing the Ledger issue in the German board and found a tweet claiming that the Nano Ledger S may not be affected because the device is too old for the the current Ledger Recover firmware update?

It is true. Nano s will stay immune. Only X and s+  as well as Stax will suffer

and then, for those who don't feel comfortable with their wallet, change their money to another one.

I have did it two days ago. Moved my stash into Foundation Passport 2.

[noorman0]

We are also discussing the Ledger issue in the German board and found a tweet claiming that the Nano Ledger S may not be affected because the device is too old for the the current Ledger Recover firmware update?

Regardless of the fact that you should still look for another hardware wallet company, can anyone with a more technical background comment on whether this information is correct?

I'm not a technical fan, but is this thought true?
If the Nano S can "dodge" the 2.2.1 update. then it may be able to dodge another update later, then it will eventually be devices with outdated systems that are increasingly vulnerable while at any later higher update it won't exclude all the new features of 2.2.1.

[Zwei]

[HeRetiK]

We are also discussing the Ledger issue in the German board and found a tweet claiming that the Nano Ledger S may not be affected because the device is too old for the the current Ledger Recover firmware update?

Regardless of the fact that you should still look for another hardware wallet company, can anyone with a more technical background comment on whether this information is correct?

I'm not a technical fan, but is this thought true?
If the Nano S can "dodge" the 2.2.1 update. then it may be able to dodge another update later, then it will eventually be devices with outdated systems that are increasingly vulnerable while at any later higher update it won't exclude all the new features of 2.2.1.

It's anyone's guess since part of their code is closed source, but it might very well be that this backdoor can't be integrated into the Nano Ledger S for whatever reason -- why else would they want to miss out on that sweet sweet subscription money? On the other hand they might also just want to entice people to upgrade to their latest hardware wallets, because obviously everyone (and their moms, as we have learned) wants this feature.

Either way, at that point the 2.2.1 update is the vulnerability. If you can live without the GUI features even outdated hardware wallets can stay secure for a very long time (with few exceptions that involve physical access).

[Hispo]

Well. This is something I would have never expected a hardware wallet provider to come up with...
I am not that much into conspiracy theories but this is rather very fitting to the concept of inteligency agencies of being able to move, freeze or seize people's money if they find any "reasonable" excuse to do so.

It is very likely the encryption process of the seed means nothing, there must be some master key so the seed is read and recovered for God knows who.

The fact Ledger is the biggest provider of HW devices in the market only makes this to feel worse. Time to go to the isolated PC and paper. I guess.

[rdluffy]

To answer to your second question, if you had to type your recovery phrases to use this service, it would be even worse than the current solution that they are proposing as you were violating one of the core rules of your funds safety - never share/type your recovery phrases anywhere, not even with your device manufacturer or the Pope.

At this point I believe the worst thing would be to find out that there is a way to extract the seed from the hard wallet, at least in my opinion.
The fact of making a user enter the seed would only be done according to the user and would not be a design flaw, but a "social" flaw, but for me it's still hard to believe that they actually already have this tool to extract the seed.
The Ledger I own is a nano S, which apparently will not be compatible with this technology, so theoretically I am protected
But I'm afraid of how things might escalate from here on out

Yesterday I saw this tweet:

Source

The user claims that Ledger reportedly wrote a tweet saying that Ledger would create another backup phrase, and that no one would have access to seed, but that tweet was deleted.

[o_e_l_e_o]

Tweet by Ledger from 6 months ago:

Hi - your private keys never leave the Secure Element chip, which has never been hacked. The Secure Element is 3rd party certified, and is the same technology as used in passports and credit cards. A firmware update cannot extract the private keys from the Secure Element.

Lol.

[tabas]

No thanks Ledger. I've got my old nano s and good to see that it's not affected by this unimpressive upgrade of theirs. I'm still trying to absorb all of these questions on my mind while reading the entire thread backreading interesting questions that would do concern everybody's worry on this feature they've just made. I hope that there's a bigger company that would poke them and give them a shake on Ledger's head that this is full of bs update and defeat's the purpose of their own product. Say that even if we've got the old nano s but they can still try to do something and do a force update for its firmware, is that right?

[o_e_l_e_o]

Say that even if we've got the old nano s but they can still try to do something and update and force an update for its firmware, is that right?

An update is irrelevant. As I explained earlier in this thread and in the tweet just above, the whole point of Ledger's Secure Element was that the private keys could never leave the Secure Element. We now know that claim is a lie, and has therefore been a lie since day one. A simple piece of code is all that is required to extract your private keys. All Ledger devices are vulnerable whether or not you opt in to this or update to the latest firmware.

[Pmalek]

"Here, the point which is important to remember is that you stay in control…there’s no backdoor, nothing will happen without your consent on the device…in the future, the whole protocol will be open, so you’ll be able to verify how the whole protocol works." - @BTChip

This sounds good on paper, and is apparently supposed to calm down the voices screaming everything is closed-source, but the type of code means nothing in this scenario. The problem is not that we can inspect the code to see that the seed will be divided into 3 parts, encrypted, and then shared with 3 different custodians. The problem is that there is a way for them to do that, and it's a huge security risk combined with a privacy risk since they also require KYC.

Does it mean we can't verify that they have no access to the decryption key used to reconstruct the initial seed?

They claim Ledger Recover will be open-source and you can verify the code. So what? What prevents them or anyone else to still get access to the shards by working with those custodians behind everyone's back. Not to mention that a serious hack could result in shards landing in the wrong hands.

Hi - your private keys never leave the Secure Element chip, which has never been hacked. The Secure Element is 3rd party certified, and is the same technology as used in passports and credit cards. A firmware update cannot extract the private keys from the Secure Element.

That statement is still true today. The keys can't leave the secure element unless you pay $9.99 a month for the pleasure of sharing your keys. It's not a time to joke around, but this is as silly as it gets.

[satscraper]

Say that even if we've got the old nano s but they can still try to do something and update and force an update for its firmware, is that right?

An update is irrelevant. As I explained earlier in this thread and in the tweet just above, the whole point of Ledger's Secure Element was that the private keys could never leave the Secure Element. We now know that claim is a lie, and has therefore been a lie since day one. A simple piece of code is all that is required to extract your private keys. All Ledger devices are vulnerable whether or not you opt in to this or update to the latest firmware.

According to ANSSI  their devices where always vulnerable  in this respect:

The question remains whether their Secure Channel is able to countermeasure that vulnerability

Regardless, two days ago I have moved the whole of my stash to Passport 2.

 

[joker_josue]

An update is irrelevant. As I explained earlier in this thread and in the tweet just above, the whole point of Ledger's Secure Element was that the private keys could never leave the Secure Element. We now know that claim is a lie, and has therefore been a lie since day one. A simple piece of code is all that is required to extract your private keys. All Ledger devices are vulnerable whether or not you opt in to this or update to the latest firmware.

Honestly, more and more I have the feeling that there was a big miscommunication about how everything was going to work and the sentence still cannot be removed. But, the problem is already done and they will hardly be able to go back.

Once doubts are generated at this level, it will be difficult for anyone to go back to believing that portfolios do not have a back door - especially those that are updated in the future.

[RickDeckard]

Hi - your private keys never leave the Secure Element chip, which has never been hacked. The Secure Element is 3rd party certified, and is the same technology as used in passports and credit cards. A firmware update cannot extract the private keys from the Secure Element.

That statement is still true today. The keys can't leave the secure element unless you pay $9.99 a month for the pleasure of sharing your keys. It's not a time to joke around, but this is as silly as it gets.

I've seen some reports of users on Reddit and Twitter that actually stand besides Ledger in saying that their keys are still safe if they don't opt-in for this program. This baffles me and I can't honestly understand what's the reasoning for such actions. Not only did they lied, as per the information shared by o_e_l_e_o, but they are gaslighting their audience in saying that their keys a copy of their keys ( ) are only shareable if the user decides to which totally goes against the concept of all their products. And they keep saying this over[1], and over[2] and over[3] again[4], which is ridiculous. They never answer the real question - Why is this feature even possible to be activated by either party?

And here's another article where Ledger tries to make sense of this service[5] where, once again, they explain that the original Ledger device isn't needed to "unlock" the original recovery phrase, which is mind-blowing :

If you choose to pay for a subscription, you're still the only one with access to your Secret Recovery Phrase, and you will also have a backup that will be created and accessible only to you. You remain the only one able to pass the identity verification check that is required to fetch back the encrypted fragments and rebuild your Secret Recovery Phrase into another Ledger device—should you need to do so in the future.

[1]https://nitter.it/Ledger_Support/status/1658905804307669008
[2]https://nitter.it/Ledger_Support/status/1658908657482973184
[3]https://nitter.it/Ledger_Support/status/1658905447783440401
[4]https://nitter.it/Ledger_Support/status/1658902661360492553
[5]https://support.ledger.com/hc/en-us/articles/11022833583261

[joker_josue]

~~

I still haven't been able to figure out one aspect (and maybe no one has figured it out yet):
Is the key automatically collected by Ledger for the person paying for this service, or does the user need to provide the key?

[satscraper]

~~

I still haven't been able to figure out one aspect (and maybe no one has figured it out yet):
Is the key automatically collected by Ledger for the person paying for this service, or does the user need to provide the key?

According to their statement

[joker_josue]

According to their statement

Right. But approve what?
Does the person have to repeat the passphrase in order to be registered in this "recovery program"? Or is it just a mere question, which person answers "yes"?

[tabas]

Say that even if we've got the old nano s but they can still try to do something and update and force an update for its firmware, is that right?

An update is irrelevant. As I explained earlier in this thread and in the tweet just above, the whole point of Ledger's Secure Element was that the private keys could never leave the Secure Element. We now know that claim is a lie, and has therefore been a lie since day one. A simple piece of code is all that is required to extract your private keys. All Ledger devices are vulnerable whether or not you opt in to this or update to the latest firmware.

Right on, that's my worry and that's why even I've got the old one I know that if I try to connect and they forcefully require an update then I have no choice. Thanks, I've missed the tweet part as it's just a milliseconds after I've posted and still got to go through with everything, I'm overwhelmed with the info and technicals that's in here.

According to their statement

This kinda give me some biggest concern, as the process everytime we use our Ledgers in doing a transaction, we have to approve it through our devices and this requirement is kind of sick, those that will avail the service should review this first.