Ledger Recovery - Send your (encrypted) recovery phrase to 3rd parties entities

[Cricktor]

This is going to be a laughable question. What's safer to use, a consumer laptop used merely for Bitcoin and shitcoining, or a Ledger Nano S+?

There have been comments already to your question. My two cents are: if you use the consumer laptop air-gapped as a cold wallet only, that I'd consider safer than this Ledger crap.

We can't know what the black box firmware of a Ledger does or doesn't. So, you can't verify it, you can't trust it, period! Your trust level is to believe when the Ledger Paris freaks scream at you: it's all safe, trust us, bro!

This is already bad enough and reason to better stay away from Ledger. But it gets worse. This recovery subsciption abomination is activated by a software, Ledger Live, the finest piece of programming craftmanship, full of trackers, cough, cough. And come on, software on a potentially unsafe and vulnerable device can't protect itself from malware. It can't be safe!

Yes, you have to confirm it on your Ledger hardware and it seems, encrypted stuff is exchanged, certainly not too easy to exploit, but who knows. We'll know when it happened.

A malware targeting Ledger Live... what could possibly go wrong? Go figure!

[Meuserna]

Yes, you have to confirm it on your Ledger hardware...

In theory.  Like I keep saying...  there's no way to prove it.  There's no way to prove there isn't a backdoor in Ledger's code for access to a user's keys without confirming it on the user's device.

"There's no backdoor and I obviously can't prove it"

--btchip, Ledger owner & co-founder

Can't prove it?

Can't trust it.

Don't use it.

[Pmalek]

But, OK, let's be more more practical and constructive with the discussion. My next question is, will a "hacker" need to have physical access to the device to hack/steal my private keys, or can he/she steal it remotely? Let's pretend that the device doesn't have the Seed/Wallet Recovery feature on.

Since the sharing of the keys, or more precisely the shards of the keys, happens remotely and over the internet, a hack that captures those shared keys could also be orchestrated over the internet and remotely by a hacker. Ledger claims that no keys can be shared without a user's consent, but how do we know that? They have also said that your keys never leave the device and now we know that they can. A piece of code determines whether or not the key extraction is approved. Even if Ledger did create it in a way where you have to approve key sharing, we can't rule out that a malicious party can't rewrite this and allow key sharing without a user's consent.

The code for Ledger Recover should never be part of the universal firmware. They should never have developed it. But since they did, it should have received its own separate firmware. That way, you would have the standard firmware without Ledger Recover and a special one with Ledger Recover. Each user could decide which way to go, but they didn't do that.

[LoyceV]

The code for Ledger Recover should never be part of the universal firmware. They should never have developed it. But since they did, it should have received its own separate firmware. That way, you would have the standard firmware without Ledger Recover and a special one with Ledger Recover. Each user could decide which way to go, but they didn't do that.

You missed a step: the possibility should never have been built into the hardware. But it's very convenient for them to try and hook millions of existing customers, instead of selling a separate device to leak private keys online.

The fact that it's now only up to software to extract keys, makes Ledger just a software wallet. It doesn't even belong on this board anymore

[Wind_FURY]

This is going to be a laughable question. What's safer to use, a consumer laptop used merely for Bitcoin and shitcoining, or a Ledger Nano S+?

There have been comments already to your question. My two cents are: if you use the consumer laptop air-gapped as a cold wallet only, that I'd consider safer than this Ledger crap.

I already have that, an air-gapped computer that doesn't connect to the internet as my cold-storage set up for my Bitcoins, with an exclusive USB for signing.

I'm merely asking Ledger compared to a computer/laptop with a fresh installation of Linux that's exclusively for using crypto.

We can't know what the black box firmware of a Ledger does or doesn't. So, you can't verify it, you can't trust it, period! Your trust level is to believe when the Ledger Paris freaks scream at you: it's all safe, trust us, bro!

This is already bad enough and reason to better stay away from Ledger. But it gets worse. This recovery subsciption abomination is activated by a software, Ledger Live, the finest piece of programming craftmanship, full of trackers, cough, cough. And come on, software on a potentially unsafe and vulnerable device can't protect itself from malware. It can't be safe!

Yes, you have to confirm it on your Ledger hardware and it seems, encrypted stuff is exchanged, certainly not too easy to exploit, but who knows. We'll know when it happened.

A malware targeting Ledger Live... what could possibly go wrong? Go figure!

I believe no one can prove or disprove BOTH sides of the debate, BUT who wants to buy a brand new Ledger Nano S+? I have one available for sale arriving soon.

   

[Pmalek]

You missed a step: the possibility should never have been built into the hardware.

Many believed it wasn't possible on a hardware level. Ledger claimed numerous times that extracting data from the chips can't be done. Turns out that the only thing preventing data extraction is the accompanying software that wasn't there in the past. Ledger has now created it and included it in their firmware.

What we now know is that key extraction is and has always been possible from secure element chips and the hardware built-into hardware wallets. The developers only needed to write the necessary code. Ledger was the the first company that did that (that we know of), and they introduced a new potential attack vector.

[Meuserna]

You missed a step: the possibility should never have been built into the hardware.

Many believed it wasn't possible on a hardware level. Ledger claimed numerous times that extracting data from the chips can't be done. Turns out that the only thing preventing data extraction is the accompanying software that wasn't there in the past. Ledger has now created it and included it in their firmware.

What we now know is that key extraction is and has always been possible from secure element chips and the hardware built-into hardware wallets. The developers only needed to write the necessary code. Ledger was the the first company that did that (that we know of), and they introduced a new potential attack vector.

Exactly.

This is why I moved on to a different hardware wallet and workflow with the following features:

Open Source.  Never trust closed source code.
Airgapped.  Online hackers can't reach the device.
Stateless.  The seed & wallet aren't saved on the device.
Encrypted Seed QR.  Loading the seed is quick, easy, and safe.

It's actually faster and easier to use an encrypted seed QR to load a seed & wallet than it is to type a PIN to unlock a device that already has your seed.

By not having your seed on the device, there's no threat of a thief extracting your keys manually.

By having no internet connection to the device, there's no threat of internet hackers or malicious coders reaching the keys on the device.  And yes, I do consider the possibility of Ledger's employees (or ex employees?) being malicious.  Or their partner companies employees.  Or their partner companies ex-employees?  There's just too much potential for too many things to go wrong.

I think the combo of airgap/stateless/encrypted seed QR is a much safer way of keeping Bitcoin secure.  And it's actually easier once you set it up.

Krux does all of this natively, on off the shelf K210 devices with touchscreens (the WonderMV K210 is currently the best device for Krux, and it can be found for less than $60).  There's also an excellent SeedSigner fork that adds encrypted seed QR (and the encrypted QRs are compatible with Krux, which is a nice bonus).

[dkbit98]

This is going to be a laughable question. What's safer to use, a consumer laptop used merely for Bitcoin and shitcoining, or a Ledger Nano S+?

Keeping a bunch of shitcoins in hardware wallet is like keeping bananas in safe deposit, you know the outcome.
I would not trust ledger with anything, including rotten bananas, but people like gambling with closed source stuff.

I'm merely asking Ledger compared to a computer/laptop with a fresh installation of Linux that's exclusively for using crypto.

You are asking to compare something that can't be compared.
Nobody knows if Linux was installed correctly, and how are you using this laptop in real life.
Sure, ledger is easier to use, if that is what you want, but new Trezor or Keystone devices are ten times better as multi-coin signing devices.
Even old offline smartphone as secondary signing device with open source wallet is probably better than using just a laptop.

I think the combo of airgap/stateless/encrypted seed QR is a much safer way of keeping Bitcoin secure. 

OP is asking for shitcoin wallet, so this doesn't help him much.
 

[Meuserna]

OP is asking for shitcoin wallet, so this doesn't help him much.

Oops.  I forgot that part of the original question.

[Wind_FURY]

Plus if it could send/leak a user's seed/private key over the internet, could we see those packets of data if we have a traffic sniffer on?

That's probably all encrypted.

Although true, but if it could be proven that the device is sending packets of data to a server, and if we could trace those packets of data going to an I.P. address belonging to Ledger, or worse an unknown entity, then we can safely make a presumption that they are doing "something" with the data, which could be sensitive data - your private keys.

BUT, that's where that question goes. - Is there proof that there are there packets of data that are sent from a Ledger Nano S+ to the internet?

[LoyceV]

Although true, but if it could be proven that the device is sending packets of data to a server, and if we could trace those packets of data going to an I.P. address belonging to Ledger, or worse an unknown entity, then we can safely make a presumption that they are doing "something" with the data, which could be sensitive data - your private keys.

BUT, that's where that question goes. - Is there proof that there are there packets of data that are sent from a Ledger Nano S+ to the internet?

It's just an USB device, I don't see how such a device could get it's own internet access. I know malicious USB cables can pretend to be a keyboard and get access to the computer that way, but I don't think Ledger does that. So it needs Ledger's own software (Ledger Live) to be installed, and when you're running Ledger Live, it connects to Ledger's servers anyway. So you can't know what data it's sending.

[m2017]

Although true, but if it could be proven that the device is sending packets of data to a server, and if we could trace those packets of data going to an I.P. address belonging to Ledger, or worse an unknown entity, then we can safely make a presumption that they are doing "something" with the data, which could be sensitive data - your private keys.

BUT, that's where that question goes. - Is there proof that there are there packets of data that are sent from a Ledger Nano S+ to the internet?

It's just an USB device, I don't see how such a device could get it's own internet access. I know malicious USB cables can pretend to be a keyboard and get access to the computer that way, but I don't think Ledger does that. So it needs Ledger's own software (Ledger Live) to be installed, and when you're running Ledger Live, it connects to Ledger's servers anyway. So you can't know what data it's sending.

Well, if follow this version, then here is the answer to how to avoid possible potential data leakage for ledger users  - don't use software from this company. Or in other words, connect the HW device to third-party wallets, such as electrum (any other), for example, and not Ledger live.

For several years now there have been allegations of vulnerabilities in the transmission of user data through ledger servers, software and devices in general, but no one has yet demonstrated 100% evidence and everything is based only on assumptions. I in no way justify the ledger, but damn, if there is a flaw, then show me, and don't try to convince me only on faith.

It turns out that belief in the vulnerability of ledgeris similar to belief in ghosts and UFOs - no one has seen them, can't prove their existence, but convinced that they definitely exist.

[LoyceV]

Well, if follow this version, then here is the answer to how to avoid possible potential data leakage for ledger users  - don't use software from this company.

I don't think you can setup a Ledger hardware wallet without their software: you need to "install" each coin on the device. But even if we ignore this, avoiding Ledger's software isn't enough if there's a possibility of malware to target the device.

For several years now there have been allegations of vulnerabilities in the transmission of user data through ledger servers, software and devices in general, but no one has yet demonstrated 100% evidence and everything is based only on assumptions. I in no way justify the ledger, but damn, if there is a flaw, then show me, and don't try to convince me only on faith.

That's the wrong approach to look at this: Ledger wants you to have faith in their products, despite the fact they've lied on several occasions about the security of their product.

It turns out that belief in the vulnerability of ledgeris similar to belief in ghosts and UFOs - no one has seen them, can't prove their existence, but convinced that they definitely exist.

You're missing the point: by the time someone proves the device is vulnerable to malware, your funds are gone and it's too late. It's better to avoid that scenario.

[Wind_FURY]

Although true, but if it could be proven that the device is sending packets of data to a server, and if we could trace those packets of data going to an I.P. address belonging to Ledger, or worse an unknown entity, then we can safely make a presumption that they are doing "something" with the data, which could be sensitive data - your private keys.

BUT, that's where that question goes. - Is there proof that there are there packets of data that are sent from a Ledger Nano S+ to the internet?

It's just an USB device, I don't see how such a device could get it's own internet access. I know malicious USB cables can pretend to be a keyboard and get access to the computer that way, but I don't think Ledger does that. So it needs Ledger's own software (Ledger Live) to be installed, and when you're running Ledger Live, it connects to Ledger's servers anyway. So you can't know what data it's sending.

Well, if follow this version, then here is the answer to how to avoid possible potential data leakage for ledger users  - don't use software from this company. Or in other words, connect the HW device to third-party wallets, such as electrum (any other), for example, and not Ledger live.

For several years now there have been allegations of vulnerabilities in the transmission of user data through ledger servers, software and devices in general, but no one has yet demonstrated 100% evidence and everything is based only on assumptions. I in no way justify the ledger, but damn, if there is a flaw, then show me, and don't try to convince me only on faith.

It turns out that belief in the vulnerability of ledgeris similar to belief in ghosts and UFOs - no one has seen them, can't prove their existence, but convinced that they definitely exist.

But we can't also prove that there is no flaw either, and I personally WON'T gamble my Bitcoin savings on it by storing them in a hardware wallet that has closed source firmware. I'll probably use it for shitcoining very small amounts of Bitcoin through Magic Eden Runes market merely because I have already ordered it. But if I remembered this topic before I purchased it, I probably will not buy it.

I learned another lesson, the HARD WAY.

  

[Pmalek]

Sure, ledger is easier to use, if that is what you want, but new Trezor or Keystone devices are ten times better as multi-coin signing devices.

Perhaps, but we also have to account for coin support. Ledger supports most alt and shitcoins out of all the hardware wallets. I have never looked into Keystone, but I doubt they support the same amount of alts as Ledger. I know that Trezor doesn't, plus the support for Trezor is different for each of their devices. One HW might support a certain altcoin while the remaining models don't. Ledger, sadly, has an advantage in this aspect.

BUT, that's where that question goes. - Is there proof that there are there packets of data that are sent from a Ledger Nano S+ to the internet?

The hardware wallet doesn't do the sending. The software, Ledger Live does. It retrieves the keys from the device, divides them into shards, encrypts them, and sends them two three custodial parties over Ledger Live.

Well, if follow this version, then here is the answer to how to avoid possible potential data leakage for ledger users  - don't use software from this company. Or in other words, connect the HW device to third-party wallets, such as electrum (any other), for example, and not Ledger live.

You need Ledger Live during the initial setup. At that point, Ledger would have gotten enough privacy-related information about you from its software.

[Meuserna]

But we can't also prove that there is no flaw either, and I personally WON'T gamble my Bitcoin savings on it by storing them in a hardware wallet that has closed source firmware. I'll probably use it for shitcoining very small amounts of Bitcoin through Magic Eden Runes market merely because I have already ordered it. But if I remembered this topic before I purchased it, I probably will not buy it.

Your way of thinking is exactly right.

Even if there isn't a flaw, there's no way to know if Ledger will leak their code again, giving hackers the chance to reverse engineer it.  And there's no way to know if a future firmware update will introduce a bug that could give hackers access.

With closed source code, there are too many unknowns.

And after a company lies to their users, there's no way to trust them.

I learned another lesson, the HARD WAY.

But you learned it, which makes you wiser than those who never do.

[maxmad]

The hardware wallet doesn't do the sending. The software, Ledger Live does. It retrieves the keys from the device, divides them into shards, encrypts them, and sends them two three custodial parties over Ledger Live.

I think that the encryption part take place inside hardware wallet.

[LoyceV]

I think that the encryption part take place inside hardware wallet.

That would be my guess. And my next guess is the decryption keys are only known to Ledger and/or their "storage partners". That makes me wonder who has a backup, and how they were created. One way or another, it adds a risk that shouldn't exist in hardware wallets.

[Meuserna]

I think that the encryption part take place inside hardware wallet.

That would be my guess. And my next guess is the decryption keys are only known to Ledger and/or their "storage partners". That makes me wonder who has a backup, and how they were created. One way or another, it adds a risk that shouldn't exist in hardware wallets.

And that brings us back to this gem:

A Ledger employee just got phished. DeFi users lost over $600k

Ledger confirmed the attack was the result of a hacker compromising one of its employees via a phishing attack. After gaining access to Ledger’s internal systems, the hacker planted malicious software within the Ledger Connect Kit.

--DLnews, December 14th, 2023
https://www.dlnews.com/articles/defi/a-ledger-employee-got-phished-defi-users-lost-thousands/

Oh, but it gets better.  Ledger changed their story, admitting it was a former employee who got phished:

How a Single Phishing Link Unleashed Chaos on Crypto:
"Ledger has confirmed the attack began because “a former Ledger employee fell victim to a phishing attack.”

--Decrypt
https://decrypt.co/209838/single-phishing-link-unleashed-chaos-on-crypto

How many former Ledger employees still have access to their codebase?  Ledger won't say, not that we could trust any answer they'd give.

[Wind_FURY]

But we can't also prove that there is no flaw either, and I personally WON'T gamble my Bitcoin savings on it by storing them in a hardware wallet that has closed source firmware. I'll probably use it for shitcoining very small amounts of Bitcoin through Magic Eden Runes market merely because I have already ordered it. But if I remembered this topic before I purchased it, I probably will not buy it.

Your way of thinking is exactly right.

Even if there isn't a flaw, there's no way to know if Ledger will leak their code again, giving hackers the chance to reverse engineer it.  And there's no way to know if a future firmware update will introduce a bug that could give hackers access.

With closed source code, there are too many unknowns.

And after a company lies to their users, there's no way to trust them.

I learned another lesson, the HARD WAY.

But you learned it, which makes you wiser than those who never do.

My Ledger JUST ARRIVED! 👀

The box is very nice, the packaging is also very nice, and I like the color I ordered. It would be a waste if I merely throw this away, and it would be very irresponsible to give it to someone.

I will use it and I will send it merely $1,000 as the maximum amount for shitcoining Runes. If my coins are stolen, the people of this topic will be the first people to know.