Author

Topic: Are Ledger wallets vulnerable ? (Read 201 times)

sr. member
Activity: 938
Merit: 452
Check your coin privilege
December 31, 2018, 02:54:35 PM
#3
Your thread is kind of a clone to this one : https://bitcointalksearch.org/topic/walletfail-35c3-talk-on-hardware-wallet-vulnerabilities-ledger-trezor-5090440

Just like that blog post you linked is a clone of the wallet.fail website where they explain vulnerabilities on Ledger Nano S, Ledger Blue, and Trezor One. But I'm not bashing you for it, you probably just missed them.

All the vulnerabilities they mentioned require either physical access to the hardware wallet or being close by "a couple of meters" quoted from the video.

So this means that the attacker not only needs to know you have a ledger/trezor on you, but they need to be able to take it away from you without you noticing to try to flash it, or sit near you and intercept your signals while you use it in public. At this point I'm 100% sure it would be more financially viable for them to just beat you up with a stick and force you to tell them the password. Cheesy
staff
Activity: 3500
Merit: 6152
December 31, 2018, 01:13:10 PM
#2
I think the blog post they made speaks out for itself. Clearly, there is nothing that can be 100% secure but the wallet security is more than enough for the average user, besides, the scenarios mentioned are unlikely to occur.
hero member
Activity: 658
Merit: 851
December 28, 2018, 03:54:51 PM
#1
https://www.coindesk.com/security-researchers-break-ledger-wallets-with-simple-antennae

"Radio antennae are the original networking technology, and researchers presenting in Berlin Thursday showed how useful they are as hacking tools.

The hardware researchers set out to find different kinds of vulnerabilities in the most popular hardware wallets used by cryptocurrency holders, from Trezor and Leger. At the Chaos Computer Club Conference in Germany, Dmitry Nedospasov said that he and his collaborators set out to find three different kinds of vulnerabilities and said they succeeded in finding all three. "

https://youtu.be/Y1OBIGslgGM

Ledger published a detailed blog post critiquing each of the attacks presented :

https://www.ledger.fr/2018/12/28/chaos-communication-congress-in-response-to-wallet-fails-presentation/
Jump to: