Fuck you ledger

[Hasslong]

I really concerned from the last changes oof ledger and their narratives about they can get your private key  , in addition to they always update software because of their shitcoins ,I finally  moved my fund from ledger wallet to software  cold wallet and learned how to deal with cold wallet and transfer  transactions  partial signing  online and then signing offline and broadcast it 😏 , and   learned some coin control and going to learn some privacy coinjoin , it work so  great , why they don't tell us about cold wallet from begining instead of wasting our money on a fucking signing device ,really I enjoyed the experiment and fuck you ledger ,🖕,, and I want to thank you Gus because you helped me so match

[1714302373]

1714302373

[1714302373]

1714302373

[1714302373]

1714302373

[Learn Bitcoin]

I really concerned from the last changes oof ledger and their narratives about they can get your private key  , in addition to they always update software because of their shitcoins ,I finally  moved my fund from ledger wallet to software  cold wallet and learned how to deal with cold wallet and transfer  transactions  partial signing  online and then signing offline and broadcast it 😏 , and   learned some coin control and going to learn some privacy coinjoin , it work so  great , why they don't tell us about cold wallet from begining instead of wasting our money on a fucking signing device ,really I enjoyed the experiment and fuck you ledger ,🖕,, and I want to thank you Gus because you helped me so match

Nice to know that you have learned many things about cold wallet. But I am unsure if you are talking about Electrum or not. Or how Electrum is related in your post. Because you have created this thread in the Electrum wallet section. Many have a bad impression of Ledger since the last changes. But it's not mandatory anyway. Still, it questions the legitimacy of their honesty and how concerned they are about users' security. I don't know if they think it's a smart move from them or a dumb move from them. I don't know many things about wallets yet. But since I learned about Electrum, I have been using it and I am satisfied with it. I had a plan to buy a hardware wallet but unfortunately, I am unable to buy from my location and they do not deliver to my country as well.

[Hasslong]

Yes it's electrum , l learned lot of stuff here and about cold wallet , really very cool

I really concerned from the last changes oof ledger and their narratives about they can get your private key  , in addition to they always update software because of their shitcoins ,I finally  moved my fund from ledger wallet to software  cold wallet and learned how to deal with cold wallet and transfer  transactions  partial signing  online and then signing offline and broadcast it 😏 , and   learned some coin control and going to learn some privacy coinjoin , it work so  great , why they don't tell us about cold wallet from begining instead of wasting our money on a fucking signing device ,really I enjoyed the experiment and fuck you ledger ,🖕,, and I want to thank you Gus because you helped me so match

Nice to know that you have learned many things about cold wallet. But I am unsure if you are talking about Electrum or not. Or how Electrum is related in your post. Because you have created this thread in the Electrum wallet section. Many have a bad impression of Ledger since the last changes. But it's not mandatory anyway. Still, it questions the legitimacy of their honesty and how concerned they are about users' security. I don't know if they think it's a smart move from them or a dumb move from them. I don't know many things about wallets yet. But since I learned about Electrum, I have been using it and I am satisfied with it. I had a plan to buy a hardware wallet but unfortunately, I am unable to buy from my location and they do not deliver to my country as well.

[The Sceptical Chymist]

Many have a bad impression of Ledger since the last changes. But it's not mandatory anyway.

If you're referring to the firmware update that allowed the Recover "option" to work, it doesn't matter if you sign up for it or not; Ledger admitted they can pinch your private keys out of the secure element at any time, which they had previously said wasn't possible (and someone please correct me if I've got any of that wrong, but what I wrote is my understanding of what Ledger did and how it works).

OP, good for you for dumping Ledger.  I am curious as to what you did exactly with Electrum, because I don't understand based on what you wrote.  I've been wondering myself why hardware wallets are necessary, and the impression I get is that simply using Electrum leaves you vulnerable to getting hacked, which wouldn't be possible when using a HW wallet (or at least much harder if you're paying attention when doing transactions).  If you could elaborate, I'd appreciate it.  If not, I still like to hear "fuck Ledger" as many times as I can.  I'm rooting for them to swirl down the toilet and go bust, because they're just plain dishonest.

[Findingnemo]

Yes it's electrum , l learned lot of stuff here and about cold wallet , really very cool

I hope you know how to make a cold wallet aka air-gapped wallet using electrum on a completely offline device so that you never ever have to come online from the device where seeds are stored which makes it invulnerable to potential attacks.

I wrote how to do it, so take a look at it and see if you did everything right

Download the latest version of Electrum from https://electrum.org/#download and then verify the signatures before installing it.

[GUIDE] How to Safely Download and Verify Electrum

Then copy the downloaded file to your air-gapped device and install it, then restore your wallet with your seeds "Standard Wallet -> I already have a seed".

Then go to  "Wallet -> Info" and get your "Master Public Key"

After this go to your device which is connected to the internet create the "watch-only" wallet (Standard Wallet -> "Use a Master Key)

By this method device will be never connected to the internet so you no need to worry about your seeds being exposed to malware or anything.

[Learn Bitcoin]

Many have a bad impression of Ledger since the last changes. But it's not mandatory anyway.

If you're referring to the firmware update that allowed the Recover "option" to work, it doesn't matter if you sign up for it or not; Ledger admitted they can pinch your private keys out of the secure element at any time, which they had previously said wasn't possible (and someone please correct me if I've got any of that wrong, but what I wrote is my understanding of what Ledger did and how it works).

Did they admit that? If so, how can this be seen as a secured wallet? If I am not wrong, Ledger claims, "Here at Ledger we strongly believe in open source. It's one of our core values, a great philosophy that advocates openness, and verifiability. Open source allows developers and security experts to review the code and ensure it is secure and not malicious. Open source means you don't need to trust" ^[1]

If they are open source, can't developers verify that the Ledger has a chance to steal users' private keys? Did nobody try it? Now, I am curious about it. Do you remember the recent hack of Atomic Wallet, where thousands of users reported that their wallet was hacked and they did not use any phishing? If users did not use phishing, how was their wallet hacked? These wallets are not non-custodial anymore.

[Findingnemo]

.
.
Did they admit that? If so, how can this be seen as a secured wallet? If I am not wrong, Ledger claims, "Here at Ledger we strongly believe in open source. It's one of our core values, a great philosophy that advocates openness, and verifiability. Open source allows developers and security experts to review the code and ensure it is secure and not malicious. Open source means you don't need to trust" ^[1]

If they are open source, can't developers verify that the Ledger has a chance to steal users' private keys? Did nobody try it? Now, I am curious about it. Do you remember the recent hack of Atomic Wallet, where thousands of users reported that their wallet was hacked and they did not use any phishing? If users did not use phishing, how was their wallet hacked? These wallets are not non-custodial anymore.

It's proven that Ledger Live has the ability to extract the recovery seeds from the Hardware wallet also they admitted that they share the details with the third party which isn't right when you expect complete security for your crypto assets.

Discussion : Ledger Recovery Service.

Also, they lied about their status being open source : Ledger Open Source Fakery?!

So whoever wants to keep their crypto now should boycott Ledger as well as Trezor.

[o_e_l_e_o]

learned how to deal with cold wallet and transfer  transactions  partial signing  online and then signing offline and broadcast it

I assume this is simply a translation error. Your transaction should not be "partially signed" online. Indeed, transactions can only be partially signed if you are using a multi-sig set up. With a standard single-sig cold wallet, the only thing that happens on your online machine is you create an unsigned transaction. That unsigned transaction is moved to your cold device to be signed, and then moved back again to be broadcast.

I've been wondering myself why hardware wallets are necessary, and the impression I get is that simply using Electrum leaves you vulnerable to getting hacked, which wouldn't be possible when using a HW wallet (or at least much harder if you're paying attention when doing transactions).

If you simply install Electrum on an internet connected device and use it as a hot wallet, then yes, it will not be as secure as a (good) hardware wallet. But you can also use Electrum as a cold wallet. What this means is that Electrum is installed on a computer which is permanently disconnected (airgapped) from the internet, meaning the device can never download malware and never be attacked via the internet since it is never connected to the internet. This airgapped computer stores your private keys, and your private keys never leave this airgapped computer so are never at risk of being exposed to the internet. You create unsigned transactions on your usual internet connected computer, move the unsigned transaction via a USB drive or QR code to your airgapped computer to be signed with your private keys, and then move the signed transaction back to your usual computer to be broadcast to the network.

[The Sceptical Chymist]

If you simply install Electrum on an internet connected device <snip golden advice>

Ah, thank you!  You all know I just drive the bitcoin automobile without knowing how most things work under the hood, so I can't say I'd know how to do what you described--but it doesn't sound like something I couldn't easily learn, and I appreciate that explanation. 

Did they admit that? If so, how can this be seen as a secured wallet?

Yeah....take a look at the links Findingnemo provided.  This was pretty big news, and I know it caused me to not trust Ledger anymore and left me questioning whether it's worth it to use any HW wallet.  Part of that could be my ignorance of what's under the hood of these devices, but I do believe I read a post by a member whose knowledge I respect saying that in theory private keys could be extracted from any device with a secure element.  It's just not worth it for me (even though I don't exactly have a large amount of crypto to lose).  In any case, most of my bubbling bile was caused by Ledger's treachery.  They are truly scumbags and are likely in bed with multiple government agencies--you could almost call it a governmental gangbang, but I'm just speculating.

[BitcoinGirl.Club]

I really concerned from the last changes oof ledger and their narratives about they can get your private key  , in addition to they always update software because of their shitcoins ,I finally  moved my fund from ledger wallet to software  cold wallet and learned how to deal with cold wallet and transfer  transactions  partial signing  online and then signing offline and broadcast it 😏 , and   learned some coin control and going to learn some privacy coinjoin , it work so  great , why they don't tell us about cold wallet from begining instead of wasting our money on a fucking signing device ,really I enjoyed the experiment and fuck you ledger ,🖕,, and I want to thank you Gus because you helped me so match

I think instead of giving a fuck, you should say thank you Ledger LOL. If they were not offering this revolutionary key recovery feature then you would not want to find an alternative and try to learn all these new skills.

[Z-tight]

If they are open source, can't developers verify that the Ledger has a chance to steal users' private keys? Did nobody try it? Now, I am curious about it. Do you remember the recent hack of Atomic Wallet, where thousands of users reported that their wallet was hacked and they did not use any phishing? If users did not use phishing, how was their wallet hacked? These wallets are not non-custodial anymore.

Ledger is not open source and it wasn't possible to know it was a lie that your seed phrase cannot leave the secure element, that was until they launched the Ledger recovery service, then their lies were exposed as well as many other flaws in the Ledger hardware wallet. Self custodial doesn't automatically mean safe, you have to also make sure the wallet is open source and the code has been widely reviewed, Ledger isn't a recommended hardware wallet and if you have their device, you should switch to other good alternatives.

[BlackHatCoiner]

Nobody should be using Ledger to begin with.

- Closed-source.
- Their email database was leaked in the past, and phishing emails were sent across the globe.
- They support centralized shitcoins.

Recipe for disaster. Now I'm reading they can access private keys? Is that confirmed? Hopefully not. Otherwise, it is officially the worst piece of Bitcoin hardware you can get.

[seek3r]

Nobody should be using Ledger to begin with.

- Closed-source.
- Their email database was leaked in the past, and phishing emails were sent across the globe.
- They support centralized shitcoins.

/sign.

Recipe for disaster. Now I'm reading they can access private keys? Is that confirmed? Hopefully not. Otherwise, it is officially the worst piece of Bitcoin hardware you can get.

There was a big drama because of that a few months ago. That is the big disadvantage of closed-source projects like Ledger. 

They always said that there was no way to get the keys. So users could not do more than believe all that. Then in May they introduced a new feature: Ledger Recover.
The feature allows you to share the seed phrase with a cloud provider by storing a backup there. This is all optional but raises many questions, so sensitive data like the mnemonic phrase can be extracted from the ledger - so you have been lied to by Ledger for years.

Absolute no-go and another reason why you should never trust Ledger anymore. They make one fatal mistake after another, proving that nothing beats open source!

[Synchronice]

Recipe for disaster. Now I'm reading they can access private keys? Is that confirmed? Hopefully not. Otherwise, it is officially the worst piece of Bitcoin hardware you can get.

There was a big drama because of that a few months ago. That is the big disadvantage of closed-source projects like Ledger. 

They always said that there was no way to get the keys. So users could not do more than believe all that. Then in May they introduced a new feature: Ledger Recover.
The feature allows you to share the seed phrase with a cloud provider by storing a backup there. This is all optional but raises many questions, so sensitive data like the mnemonic phrase can be extracted from the ledger - so you have been lied to by Ledger for years.

Ledger uses Secure Element chip. This is the chip that is used in passports and credit cards. Ledger uses Secure Chip to generate and store your private keys. In past, Ledger has said that your private keys never leave the Secure Element chip, that means, it's almost impossible to extract private keys from your wallet. Then they appeared with Ledger Recover news and this is the moment when everyone understood that ledger has been lying about its claims that keys never leave secure chip.
If you read Ledger Recover FAQ, you'll find paradox:
Claim 1 - No access to your private key was made to enable Ledger Recover to work.
Claim 2 - Ledger's Operating System allows access to the private key stored within the Secure Element, but only after you manually approve and confirm it.

My logical question is, how is that? Answer is, Ledger is a liar.

Absolute no-go and another reason why you should never trust Ledger anymore. They make one fatal mistake after another, proving that nothing beats open source!

Actually, Ledger thinks that they didn't make a mistake by implementing Ledger Recover. They think that positive side of Ledger Recover will outweigh the negative sides and it's only a matter of time to see the success of this implementation.

[Lucius]

~snip~
Actually, Ledger thinks that they didn't make a mistake by implementing Ledger Recover. They think that positive side of Ledger Recover will outweigh the negative sides and it's only a matter of time to see the success of this implementation.

For some average user who can hardly understand the risks of such a feature, perhaps such a feature is even positive in the sense that they will feel safer if they lose their device or backup. There should be no doubt that it will be a salvation for some users, but the whole thing should not have been done in such a way as to cast doubt on the company's reputation (or what is left of it).

If they already wanted to do that, they could offer a firmware that would enable such an option and one that would not have such an option, or even better, a completely new device. What they managed to do is that I now feel safer having my private keys in Electrum than in their HW.

[m2017]

My logical question is, how is that? Answer is, Ledger is a liar.

This is easily explained - their marketing department doesn't know what the engineering (development) department  does. The marketing department wanted to present this information as an innovation and as a cool feature for users, but it turned out that this contradicts the very concept of device security and previous public statements by past employees of the marketing department. In general, this “paradox” is a demonstration that ledger simply screwed up.

Actually, Ledger thinks that they didn't make a mistake by implementing Ledger Recover. They think that positive side of Ledger Recover will outweigh the negative sides and it's only a matter of time to see the success of this implementation.

Any company sets itself up for failure the moment it thinks it knows what its customers want. Completely forgetting to ask them about it.

Absolute no-go and another reason why you should never trust Ledger anymore. They make one fatal mistake after another, proving that nothing beats open source!

There is nothing more valuable than the trust of your clients and customers. It is necessary to satisfy their needs, and not pursue their hidden mercantile interests.

[Pmalek]

I finally  moved my fund from ledger wallet to software  cold wallet and learned how to deal with cold wallet and transfer  transactions  partial signing  online and then signing offline and broadcast it

Yeah, this doesn't sound right. Could you tell us a bit more about how you created your offline wallet, and what you did with the OS before you generated your keys on it? To make sure you are doing it properly, how are you signing those transactions?

why they don't tell us about cold wallet from begining instead of wasting our money on a fucking signing device

Is this a serious question? Do you expect a company that relies on the sale of hardware wallets to tell you not to use hardware wallets because you can get the job done with airgapped cold wallets? Even the marketing geniuses at Ledger wouldn't do that.

If you're referring to the firmware update that allowed the Recover "option" to work, it doesn't matter if you sign up for it or not; Ledger admitted they can pinch your private keys out of the secure element at any time, which they had previously said wasn't possible (and someone please correct me if I've got any of that wrong, but what I wrote is my understanding of what Ledger did and how it works).

They also claim that keys can't leave the SE enclosure without your permission, meaning physical confirmation on your hardware wallet with the button presses. I have no idea if that is true or not, and even if it is, there is no publicly verifiable code for them to back up their words. And finally, even if there is, I wouldn't know how to read it and can only hope that those who know take the time to study it properly. Basically, it's a carrousel of fuckery. 

If I am not wrong, Ledger claims, "Here at Ledger we strongly believe in open source. It's one of our core values, a great philosophy that advocates openness, and verifiability. Open source allows developers and security experts to review the code and ensure it is secure and not malicious. Open source means you don't need to trust" ^[1]

Ledger Live is open-source and the crypto applications you install on your wallet are open-source. Some of them are created by third-party developers, some by Ledger in-house. The firmware and hardware isn't open source. You have no way of knowing what the software on your hardware wallet does.

Yeah....take a look at the links Findingnemo provided.  This was but I do believe I read a post by a member whose knowledge I respect saying that in theory private keys could be extracted from any device with a secure element.

Using that same analogy, it would then be even easier to extract keys that aren't protected by a secure element chip. One example is Trezor's unfixable seed extraction vulnerability.

Ledger is not open source and it wasn't possible to know it was a lie that your seed phrase cannot leave the secure element, that was until they launched the Ledger recovery service, then their lies were exposed as well as many other flaws in the Ledger hardware wallet.

They exposed themselves. All everyone had to do was listen.

[1980sFuture]

First off, one aspect of this entire thing that seems to barely ever be discussed which bothers me far more than the concept of a recover feature is the fact that Ledger seems to be quite comfortable attending WEF retreats and rubbing elbows with the same people who want us to own nothing and be happy. I don't feel safe leaving my keys in the hands of a "trust me bro" CEO who attends WEF conferences and refuses to fully open source firmware that's possible of extracting keys from their devices via USB cable through a PC and over the internet.

Secondly, they keep beating the drum about how these shards are encrypted, but if anybody can restore their keys on a brand new ledger than clearly the encryption keys to these shards reside somewhere within Ledger. Where? Who has them? If any device can restore with 2/3 shards then that means it only takes collusion from 2 of these companies that store the shards to have access to every single key out there.

Thirdly, the idea of "just don't use it" may not be that simple as I recall seeing somewhere (I think within the other large thread on this topic) that the claim that you always have to physically press the buttons on a ledger to initiate an operation like sharding and sending your keys via recovery service is actually false, as the device can be updated via firmware to drop this necessity with ease. Somebody (sorry I can't remember who or where) posted evidence that proves the physical button press is not technically required for such an action to be engaged. If anybody knows the technicalities of this or can prove it true or false please reply with such info.

Edit I think it was this post I'm referencing.

In theory, unless you update to the newest firmware that unlocks seed-share and approve it physically by pressing the buttons on your Nano, the feature won't work.

Which is completely irrelevant. Given that a simple software update means the secret element can now export private keys, then a simple software update could make this feature mandatory, or could remove the need for any physical button presses, or could take everyone's private keys without their knowledge or consent. The whole point of the secure element is moot. The entire security of the device hinges on non malicious software.

It's probably worth pointing out that this is also the case for Trezor devices, which everyone on Reddit seems to be keen to move to. If Trezor implement malicious software, then the same thing will happen. The only hardware wallet I would even think about touching right now is a Passport - permanently airgapped and completely open source - but as I said before, airgapped, encrypted, cold storage on an old laptop or similar is far preferable.

So really the fact that its technically possible for Ledger to do this - that isn't the real issue (although their communication and prior marketing was abysmal) - any HW wallet can technically access the priv key if firmware demands it. The real issue is that there are a million things that haven't been answered on a technical level in the excruciating detail necessary for anyone to be able to feel good about this.

[Meuserna]

If you're referring to the firmware update that allowed the Recover "option" to work, it doesn't matter if you sign up for it or not; Ledger admitted they can pinch your private keys out of the secure element at any time, which they had previously said wasn't possible

YES.

Anybody who says you have to use the buttons to confirm actions is assuming that to be true.  Since Ledger's code is closed, no one but Ledger knows for sure what their code actually does.  Even Ledger admitted they can't prove their code doesn't have any backdoors.  They lied, saying "...because you can't disprove a negative," but that's nonsense.  Ledger can't prove their code doesn't have backdoors because Ledger's code isn't open.

Anyone who tells you Ledger's code is safe is making assumptions about their code, and that's very dangerous.

[1980sFuture]

Anybody who says you have to use the buttons to confirm actions is assuming that to be true. 

The key issue here is that even if at this point you do need a physical button press to confirm/deny a Tx or seed sharding, there's is nothing inherent in the architecture of Ledgers hardware that restricts the device to operating this way forever. The required button presses are a firmware update away from not being needed at all. Which means that change could be made with or without your knowledge. "We promise we won't" Back to trust me bro.

Ledger keeps repeating that "all hardware wallets require trust" and people get lost in this because while on one hand it's true to some degree, not every wallet requires as much trust as one that's closed source which also has the ability via firmware to split and send seeds through your USB/Bluetooth connection, through your PC and then stored elsewhere.

"Oh but the shards are encrypted!" This only sounds good until you realize that Ledger themselves say that any device can restore the shards. So the encryption keys are either specific to ledger Hardware (meaning anybody with a Ledger has them) or they're stored at Ledger headquarters (meaning they have them and you have to hope they aren't leaked the way all those addresses and emails were). Any way you slice this it's frightening.