Ledger Live Update and Firmware Update?

[jerry0]

I know the process is the same when you send it to another wallet.  The thing is with how much I used ledger throughout all this time, I just want to stick with it.  The other thing is I don't want to move the crypto from it because when I sent it from electrum a while back, I thought okay it's in a cold wallet now.


The thing is if I get a new device like a trezor and just enter the seed phrase into it, to me that isn't that complicated and I would prefer that.  However, like you said that would be using the same nano ledger seed phrase.  The thing is I don't want to move the crypto from one seed phrase to another.  So whether it's doing this from a ledger to another ledger with a different seed phrase or a ledger to trezor, that would be almost the same.  Like if you ask would I rather get a trezor and just enter the seed phrase to it to transfer the crypto or get another ledger and create a new seed phrase and then send from this ledger to the new ledger, I would choose the 1st option believe it or not. 


Yes I know the coins are not in the ledger and in the blockchain.


I just don't want to try new things.  I am someone that if I use something I want to stick with it.  Like if I was told you should use mac or windows when i use windows or mac, I just don't want to make the change. 


When you do the test and send a tiny amount of bitcoin from ledger to trezor and it works, do most people then just send the rest in one send?  The thing is you didn't mention about testing your trezor seed phrase or resetting the device just to make sure your trezor seed phrase is correct before you send the remaining amount from ledger.  The thing is someone could make a mistake when doing this. 


How many times have you heard of people making a mistake sending crypto when going from one hardware wallet to another or just making a new seed phrase to send to and a mistake happening.  That is why I'm hesistant on just going with a new wallet.  Put it this way.  I wouldn't even feel comfortable using a ledger to do transactions where you have to download metamask and things like that.  If I was to do those type of trading, I would buy a completely new ledger or hardware wallet for that. 

[Meuserna]

How many times have you heard of people making a mistake sending crypto when going from one hardware wallet to another or just making a new seed phrase to send to and a mistake happening.

Fewer times than I've hear of people losing their coins because they stuck with something they were used to.

If you're just going to stick with Ledger, then do it.

Why keep replying if you know you'll be told you're making an unwise decision?

Ledger can't be trusted.  If you stick with them, everything will be fine...  until one day, maybe years from now, when your wallet is empty & you'll start looking for somebody to blame.  When that day comes, stand in front of a mirror and point straight forward.  You were warned.

[jerry0]

Someone said when people start moving their coins a lot, there is a greater chance of something going wrong. 


Well I want to stick with ledger.  The only thing is should I update the firmware or not.  Like if I know I can continue using the nano ledger s plus with the older firmware I have, then I would continue to do it until I cannot.  However, I don't want the firmware to be so old where I can't even update the firmware later on.  The thing is I'm not sure how long before i have to update the firmware before I could use it to send or receive.


Does anyone here have experience with older firmware and then couldn't performed a transaction until you updated firmware?  If so, which nano device was it and how far behind were you in terms of firmware?

[Pmalek]

Jerry, look outside, but do it carefully! Do you see that van? It's the Ledger people. They have come for you. You can recognize them by the vehicle you see parked outside of your house. It's either a black or white van. It could also be a vehicle of any other type and color. The bastards are sneaky. They read this thread and believe that you might be abandoning Ledger, so they want to take you out on a ride and talk to you.

[jerry0]

Well I can use another example.  Imagine someone puts certain items in their security deposit box in the bank.  However, there is talk about how people say the bank might go bankrupt or something negative about the bank.  Now this person could go to their security deposit box in the bank and then move it to another bank.  The issue though is when they do this, they have to be very careful when bringing whatever item is there to another bank during the process.  So this example is obviously not the same.  My point is that I feel ledger is good and I don't want to move it to another hardware wallet.


The thing though is I would feel more comfortable buying a trezor and then entering the seed phrase into it as oppose to buying another nano ledger device and creating a new seed phrase and then transferring the coins from one nano ledger to another.  So what are your thoughts on that then?


I like ledger.  I like it because I don't want to make a mistake transferring coins from ledger to a completely new hardware wallet.  I am just shocked so many people are against ledger. 

[joniboini]

The thing though is I would feel more comfortable buying a trezor and then entering the seed phrase into it as oppose to buying another nano ledger device and creating a new seed phrase and then transferring the coins from one nano ledger to another.  So what are your thoughts on that then?

Is your backup so complicated that you don't want to create a new seed? I dunno man, people explained the risk so many times on different threads on this board, I don't think you should be surprised anymore. If you're that stubborn and don't want to try new things, what do you hope to gain by asking people to try to convince you to stop using Ledger/the same seed phrase?

Just try to use new things. It's not like you have to move your funds right away after you buy or set up a new device. Get yourself familiar with it, prepare the new backup, read the docs, etc. CMIIW.

[jerry0]

Having to create a new seed is going to complicate a lot of things.  I just prefer the way I had set it up.


I know as long as you send it to the correct btc address, it is fine.  But are people here really comfortable whenever they do this and send the entire amount of crypto from a ledger to another hardware wallet?  When you send from one wallet to a new wallet, you should be sending a small test amount to make sure it's there.  But do people all send everything in the 2nd transfer?  Or do people wait a while before they do the rest of the transfer? 


The thing is I would like to continue using ledger as I'm used to it.  The only other wallet I would feel comfortable is the trezor based on what I read.  The thing is ledger is the one I'm most comfortable with.  I guess you can say it's like hey someone uses mac or windows and now they are told they should use the other one and you don't want really want to. 

[jerry0]

If you use ledger with electrum, does that mean you don't have to update the ledger device firmware then?  Or you eventually will have to update the ledger device after many years?

[Meuserna]

You shouldn't be buying Bitcoin if you're struggling THIS MUCH with something so basic.  You don't have the understanding or abilities to do even the most bare bones basic transactions and self custody, which means you're setting yourself up for disaster.

Wow.

Seriously, wow.

If the total value of your Bitcoin is more than $10,000, you should strongly consider selling it and buying into an ETF instead because you have absolutely no idea what you're doing and no understanding at all of...  well...  anything, which means you're going to get hurt when you screw up.  You're going to either lose your coins or get hacked, and the longer you hole, the more I'd bet on you getting hacked because you don't even understand the basics.

This whole conversation is shocking.

Please give serious thought to whether or not you have the ability to do self custody and what you should be doing instead.  You're scared to death of learning, which means all of this is beyond your abilities.  I strongly recommend you consider selling and buying into an ETF instead.

[jerry0]

I am not a newbie.  I have sent/received bitcoin for a while already.  I just get nervous whenever I send or receive unless I'm sending a very tiny amount.  Like if I send a small tiny test amount, I would do another small transfer at least before sending a bigger amount.


The thing is I don't want to send the btc from the nano ledger s plus to a new hardware wallet because this is going to require me to transfer it there.  If I was to enter the seed phrase into a trezor, I would feel much more comfortable doing that.  Transferring is much different for me.  Yes I make sure to check many times of the address when sending but it always gives me a bit of anxiety when doing this.  Now if I was to send to coinbase, I am not that concerned because I transferred there previous but only tiny amounts.  Even if I send to coinbase, I usually do a few transactions.


I heard about ETF but do not want anything to do with that.  I just don't want to move bitcoin from the nano ledger s plus as when everything was sent there, I felt comfortable like I don't need to move it to another wallet.  Does that make sense?  Like imagine having important things in a bank safe deposit box and now people say that the bank isn't safe and to move anything you have there to another bank.  Then you have other people say there isn't a concern.  The thing is you could move your stuff from a bank safety bank to another but during this process, you have to go to that bank and take everything out of your safe deposit bank and safely transfer the things in it to another bank so something wrong could happen during that process.  In this situation, it's a bit similar if you make a mistake with the new hardware wallet.  Like imagine you didn't set it up correctly even though you did.  So if you want to do this, you have to make sure you set the wallet up correctly, then send a tiny amount of btc there.  Then reset that new hardware wallet and make sure the tiny amount of btc is still there before you send the rest of it there.  I mean, I'm sure there are people that probably send several transactions as oppose to one final transfer if sending a big amount to them makes them uncomfortable?

[Pmalek]

The thing is I don't want to send the btc from the nano ledger s plus to a new hardware wallet because this is going to require me to transfer it there.

So then shut the f*** up and stop wasting everyone's time. Come back in a few months to ask us if you should perform a Ledger Live update and update the firmware of your hardware wallet. Then ask how everyone else does it. How many people update immediately, how many wait one week, one month, two months... You know, the usually nutjob questions you ask on this forum. You are staying with Ledger, fine. Case closed! You don't want to and can't learn anything new. Fine. Don't think about it and don't ask questions about it. Forget everything Meuserna has tried to tech you and just do your thing. 

I heard about ETF but do not want anything to do with that.  I just don't want to move bitcoin from the nano ledger s plus as when everything was sent there, I felt comfortable like I don't need to move it to another wallet.  Does that make sense?

Yes, it makes perfect sense if you are schizophrenic and paranoid.

[jerry0]

If you do not want to move your coins from nano ledger s plus, do you recommend updating the firmware or not? 


The answer from everyone is no then right?


The answer is no if you don't plan to do transactions and just hold?


The answer is still more no if you plan to do a few transactions?  It's just you do the firmware update when you have to do a transaction?


The thing is this recover thing makes it hard to decide if one should update the firmware or not.  Lot of people didn't know what to do back then.

[Meuserna]

If you do not want to move your coins from nano ledger s plus, do you recommend updating the firmware or not? 


The answer from everyone is no then right?

Right.

You've been asking the exact same question for a month and you always get the exact same answer, but you keep asking because you're looking for permission to make a bad decision.  We're not going to tell you to do something reckless.

Ledger firmware cannot be trusted.  Ledger, as a company, cannot be trusted.

The answer is no if you don't plan to do transactions and just hold?


The answer is still more no if you plan to do a few transactions?  It's just you do the firmware update when you have to do a transaction?

The answer is no.  Full stop: no.

That firmware cannot be trusted.

Day after day, week after week, post after post, you ask the same questions and get the same answers.  You're looking for permission.  That makes it clear you don't know what you're doing and you don't have the ability to do self custody.  You need to seriously consider switching to an EFT.

At some point, you are going to lose your Bitcoin because the basics of self custody are beyond your abilities.  Before you lose your Bitcoin, you would be wise to sell it and use the money to buy into an ETF.

The thing is this recover thing makes it hard to decide if one should update the firmware or not.

"This Recover Thing" makes it EASY to do decide if one should update the firmware or not.

The answer is NO.

We're talking about hardware wallets here.

It is foolish if not reckless to use firmware which isn't 100% open source.

It is reckless if not just plain crazy to use firmware that has key extraction capability.

It is flat-out stoooooooooooopid to trust closed source firmware that contains key extraction capability written by a company that lies to you.

It is dumber than dumb.

[jerry0]

I want to keep btc in nano ledger s plus because I kept it there for a while and feel having it there is safe.  Then when the recover news came out, I heard about it and many people didn't update firmware and decided to wait to see what happens.  So for me, I have not done any transactions since around that time.  At the time, I remember using firmware 1.1.0.  When the firmware with recover came out, it is 1.1.1.  So normally even if you don't update new firmware for a short while, it isn't a big issue at all.  The thing is when another firmware update came at 1.1.2, my concern was if I continue to not update the firmware, my nano ledger s plus might have an issue where you might not be able to update the firmware anymore if it's too old.  However, you say that probably wouldn't be a concern for now right?  Like if your firmware is say 2 years old or say 3 firmware
versions behind, that is still okay?  Now if your firmware is like 5 years old and like 10 firmware version behind, well obviously that isn't good.


Is this fine then if I don't want to move my coins to another wallet?  Do not update firmware.  If I want to send/receive crypto, then do it but if ledger live doesn't allow me to, then don't do a transaction at all?  What about using electrum with it?  I am just delaying the firmware update for as long as I can.


You believe the chance of a disaster happening is like how much percent then?  Do you believe if something happens, it would be due to something that ledger does or by hackers?  I read that even if something was to happen, don't you still need to sign the transaction?  For some reason, I think a really high percentage of ledger users that still use ledger

[Meuserna]

I want to keep btc in nano ledger s plus because I kept it there for a while and feel having it there is safe.

Prove the firmware on your device has no key extraction code.

You can't.

And the fact that you think it doesn't since it's from before Ledger Recover was announced shows that you don't have enough understanding of the situation to make an informed decision.

It is very likely Ledger already had some of the code required for Recover in their firmware long before Recover was announced.  They had to have been working on it for at least a year.  Probably much longer.  And they lied to their users and their customers so many times about so many things, yet you trust them?  That's crazy.

Then when the recover news came out, I heard about it and many people didn't update firmware and decided to wait to see what happens.

Think about how stupid what you just said is.

Ledger announced key extraction firmware, which they put on users devices without the user's consent, and many people decided to wait and see what happens.  They're going to wait until something goes wrong, at which point it will be too late.

That is shockingly stupid.

Shockingly.

So for me, I have not done any transactions since around that time.  At the time, I remember using firmware 1.1.0.  When the firmware with recover came out, it is 1.1.1.

Prove the firmware on your device has no key extraction code.

You can't.

And the fact that you think it doesn't since it's from before Ledger Recover was announced shows that you don't have enough understanding of the situation to make an informed decision.

It is very likely Ledger already had some of the code required for Recover in their firmware long before Recover was announced.  They had to have been working on it for at least a year.  Probably much longer.  And they lied to their users and their customers so many times about so many things, yet you trust them?  That's crazy.

Is there an echo in here?

So normally even if you don't update new firmware for a short while, it isn't a big issue at all.

If you're treating firmware to secure your Bitcoin the way you treat firmware to update your phone, you really shouldn't be doing self custody.

The thing is when another firmware update came at 1.1.2, my concern was if I continue to not update the firmware, my nano ledger s plus might have an issue where you might not be able to update the firmware anymore if it's too old.  However, you say that probably wouldn't be a concern for now right?

WRONG.

Prove the firmware on your device has no key extraction code.

You can't.

And the fact that you think it doesn't since it's from before Ledger Recover was announced shows that you don't have enough understanding of the situation to make an informed decision.

It is very likely Ledger already had some of the code required for Recover in their firmware long before Recover was announced.  They had to have been working on it for at least a year.  Probably much longer.  And they lied to their users and their customers so many times about so many things, yet you trust them?  That's crazy.

Is there an echo in here?

You believe the chance of a disaster happening is like how much percent then?

Are you honestly asking that?

If the chance isn't zero, you are screwing up.  The entire point of buying a hardware wallet is to secure your Bitcoin with a device that is never connected to the internet.  YOUR device may have key extraction code with the capability to send your keys out of your device, over the internet, to Ledger and other companies.  And you're trying to talk yourself into updating the firmware to a version that absolutely does have key extr...

...oh, good grief.

You should not be doing self custody.  Self custody is beyond your understanding and it is beyond your ability to do safely.

Do you believe if something happens, it would be due to something that ledger does or by hackers?

Does it matter?  Stolen coins are stolen.

I read that even if something was to happen, don't you still need to sign the transaction?

You should not be doing self custody.  Self custody is beyond your understanding and it is beyond your ability to do safely.

In theory, you're supposed to have to click buttons on the device to confirm a transaction.  Please, dear god, please tell me you understand that Ledger's firmware isn't open, so you can't prove the device can't send out your coins or keys without confirmation by you.

The firmware isn't open.  If it gets hacked someday, the hackers aren't going to be, like "Hello Jerry!  How are you today?  We'd like you to allow us to steal your coins.  Please press a button on your Ledger to give us your Bitcoin."

You understand, that's not how it would happen, right?

Wow.

For some reason, I think a really high percentage of ledger users that still use ledger

If that's what you want to do, then do it, and accept the consequences of your decision if anything goes wrong.  You're an adult.

You should not be doing self custody.  Self custody is beyond your understanding and it is beyond your ability to do safely.

[jerry0]

I have been doing self custody for a while already.  When I moved the coins to ledger, I felt much more comfortable than having it in a hot wallet.


The thing is I want to keep my coins in ledger.  I don't want to move it to another hardware wallet.  I'm concerned if I get say a Trezor, I will mess up somewhere along the way.  If I do get a trezor, I obviously would test sending a small amount from ledger and reset the trezor few times and make sure it's correct before I send coins from ledger.  The thing is I just don't want to move from ledger.


So you think there is extraction firmware even on the nano ledger s then?  Yes you are correct we don't know because it's closed source.  I recall you said you it took you several months to think about what to do and in the end, you went with another hardware wallet.  You said you felt like if something was going to happen, it wasn't going to happen soon.  So during that entire time when you were learning and researching on what to do, were you nervous a bit or not really since your coins was in the ledger?  I forgot to ask you but you have a nano ledger s plus or x or another ledger device?


Okay so if I have no plans to move my coins from ledger, at least don't update the firmware from 1.1.0 to 1.1.2 correct?  There is no benefit to it from your perspective right?  However, if you don't keep your firmware updated, there is security issues and things you have to worry about though right?  So it's like if you do firmware update, now you exposing yourself more.  But if you don't, well you might have security issues if using old firmware?  But you say the 1st option of what you suggest of not updating firmware is still better since you won't have recover option on it right?


Did you give an amount of time before you said you had to make a decision?  I remember you said it took you months.  So would you say it's fine just don't update firmware... but what if I have to do a transaction then and ledger live doesn't allow me to do a transaction then?  Either don't do the transaction or use electrum with it then? 


As of now, I do open ledger live from time to time.  I already updated that not long ago but you say don't use that either?

[Meuserna]

The thing is I want to keep my coins in ledger.

Then do it.  You're not a child.  You don't need our permission.  You're making a poor decision, but it's your decision to make.

Be an adult.

Make a decision and if anything bad happens due to your decision, you accept the consequences for your decision.

Be an adult.

So you think there is extraction firmware even on the nano ledger s then?

Yes.  How many times do you need to be told the same answer?

Yes you are correct we don't know because it's closed source.

Then why are you asking?

If you can't prove it's safe, you shouldn't be trusting it.  Period.

I recall you said you it took you several months to think about what to do and in the end, you went with another hardware wallet.

Yes, because I spent my time researching better alternatives.  You're spending yours looking for permission to do nothing.  You're an adult.  Make an adult decision.

You said you felt like if something was going to happen, it wasn't going to happen soon.

Yes.

So during that entire time when you were learning and researching on what to do, were you nervous a bit or not really since your coins was in the ledger?

Oh, wow.

If you don't even understand that your coins are NOT in your hardware wallet, you should not be doing self custody.

You don't know what you're doing.

Your coins are not in your Ledger.  Your coins are on the blockchain.  Your hardware wallet protects your keys and signs your transactions.

Wow.

Oh, dude.  You should not be doing self custody.  You don't even know the basics.


Going back to your question:

So during that entire time when you were learning and researching on what to do, were you nervous a bit or not really since your coins was in the ledger?

The moment I learned that Ledger was working on key extraction firmware, and that they'd lied about it, I stopped using my Ledger devices and I stopped using Ledger Live.

I didn't touch anything made by Ledger because I couldn't trust any of it, and I didn't want to risk my coins.

I forgot to ask you but you have a nano ledger s plus or x or another ledger device?

It doesn't matter.  Even if Ledger says Recover isn't compatible with a specific device, there's no way to prove the device doesn't include any of the Recover code in its firmware since the firmware isn't open source.

Let's say you like eating at a restaurant & one day you find out somebody died there due to eating poisoned chicken.  I'd stop going there.  I'm guessing you'd be, like "I don't order the chicken.  Is it still ok to go there?  Is it still ok?  I feel comfortable there.  Is it ok?  I don't like change.  I want to go there.  So if I'm going to go there is it ok is it ok is it is it is it?

Dude.

Okay so if I have no plans to move my coins from ledger, at least don't update the firmware from 1.1.0 to 1.1.2 correct?

NO.

Oh my god.

Is it safe to update the firmware?  NO.

Is it safe to stick with the current firmware?  ALSO NO.

You can't prove it's safe.

Wow.

But you say the 1st option of what you suggest of not updating firmware is still better since you won't have recover option on it right?

You're doing something foolish.  There is no better option.

Did you give an amount of time before you said you had to make a decision?

Yes, because a deadline keeps me focussed on reaching a goal.  My goal was to find better security.  I  broke it down into chunks of things I wanted to learn: Singlesig vs multisig.  Native Segwit vs Taproot.  BIP85 vs a nondeterministic backup.  Etc.  I'm not recommending any of that for you, because you don't even understand the basics of self custody yet.

I remember you said it took you months.

Yes.  Only because I wasn't just looking for a better hardware wallet.  I was looking for an entirely different and significantly more advanced setup.

So would you say it's fine just don't update firmware...

Wow.

How many times do we need to say this?

Is it safe to update the firmware?  NO.

Is it safe to stick with the current firmware?  ALSO NO.

You can't prove it's safe.  For the short term, you're probably fine, though you can't prove it.  For the long term, why would you stick with a company that lies to you and uses closed source firmware that contains key extraction APIs?!?!?

Wow.

but what if I have to do a transaction then and ledger live doesn't allow me to do a transaction then?  Either don't do the transaction or use electrum with it then?  

You shouldn't be doing self custody.  You are clearly in over your head.  You don't even understand the basics.

As of now, I do open ledger live from time to time.

Ledger Live is loaded with trackers, and you added more of them to your computer by updating it.  That thing is awful.  If you get hacked, do not be surprised if Ledger Live ends up being how hackers find you.  That thing is an info honeypot.

Ledger Live cannot be trusted.