Topic: Buying a used Ledger... Yay or Nay? (Read 264 times)

I'm writing on my cellphone, so it's going to be short and filled with errors due to autocorrect.

I'm going to step out of this discussion, because I feel like we're going around in circles...

You ask if it's safe to buy a second hand hw wallet, I say it isn't because several dirty maid, firmware, supply chain vulnerabilitys have been found, and there are likely more of them.
You ask for proof, I post one article of several that can be found with a google search, you say this vulnerability was patched in 2018.
And then everything is repeated over and over again...

I said everything I wanted to say.... You sound like a grown man, dyor. If you want to take the risk, go ahead... The chance you're going to be victimized is small if you take some precautions. But I can guarantee it's safer to buy a new one than it is to buy a second hand.

For me,.a hardware wallet should be as safe as humanly possible. I would never ever buy a hardware wallet if my method of buying it would increase my risk even a little bit... I'd literally lose sleep over buying a device, but putting myself at risk because I saved a couple bucks by buying second hand.

Don't take this the wrong way, but I wonder if you already made up your mind about buying a second hand devices and you just created this thread to convince yourself it is safe. No problem if this is the case, it's actually something a lot of people do... Ask for advice after they already made up their mind for the sole purpose of giving them piece of mind.

Whatever you choose to do: I wish you the best

Is it possible to mod the device and not find out even after taking all the precautions is the question, thou.

Reading the whole thread is like, really?!
I also was wondering before if buying a used hardware wallet is that risky and I came to the following conclusion:
If you cannot afford to buy a new hardware wallet, you don't really need one.
Forget about used ones at all.
Better create a paper wallet instead.

Yes, people buy used houses, boats, cars, cell phones and even clothes and shoes. But have you ever heard of someone buying a used light bulb? Or a used battery?
It all comes down to getting the most value for money. If you think that saving 10 (or 20) bucks for a used hardware wallet will justify the risk of loosing crypto because of a modded device, then go for it.

Everyone has the right to use (lose) their own money as they wish.

Well, i already explained this in my previous (lenghty) post. But since it's tl;dr; => because odds are pretty big there are other, unknown or undisclosed vulnerability's. But most hardware wallet vulnerability's require physical acces. So, it's a good idear not to give anybody physical access to your hardware wallet, hence, buy a new one instead of a second hand one.

Well, it's like saying you don't open unknown documents from the internet because new, unknown virusses get created every day... It's not because your virusscanner is up-to-date that you're protected completely. The fact that CIH exists proves that virusses exist, so it can be used as a cautionary tale. Same as the article from 2018: sure this vulnerability is fixed, but the article is proof that vulnerability's DO exist, so it's a good idear to take into account that other, new, vulnerability's might exist aswell.

Bitcoin is about freedom. If the OP decides to take the risk, nobody is going to stop him, and there's a decent chance he won't face any problems...

Because a new one is cheap, and it's much safer. Bitcoin is money. If you're going to neglect opsec, you might aswell use a desktop wallet. Much cheaper... And if you verify the signature and keep your pc sparkling clean it's also "reasonably" secure



Well, the car analogy only works up untill a certain point:

• A second hands car costs about 20% of a new one (at least, it does in my country). A new hardware wallet costs 40€, i doubt the OP will find a second hand wallet for 8€. In absolute number it's even better: buying a second hand car saves you >10.000€ (in my country). Buying a second hand HW wallet saves you 10€
• The risk you run is also different. HW wallets can be used to store hundreds of bitcoin, with a fiat value of millions of dollars... If your second hand car's engine breaks, you're out of 500 or 1000 dollars... A completely different pricerange
• It's harder to see with the naked eye if somebody messed with your hardware wallet's firmware than it is to see if somebody messed with your car
• When buying a car, the seller has to give his full KYC (at least, in my country). Buying something online does not have the KYC prereq. Hence, if you buy a bad car, you can track down the seller more easily
• If your car is faulty, you can go to the police to file a claim. You can do the same with your hardware wallet being compromised. However, cops will probably relate to you and actually understand the fact you were scammed after filing a complaint for a bad car. When you file a complaint about the firmware on a ledger device being altered, they'll probably scratch their heads and classify your case as a cold case without even trying

I'll give you another real life analogy that comes closer to buying a second hand wallet:
One day you decide to open an ATM. Your ATM will be located in the bad part of town and the store where you'll place your ATM machine does not have camera's. You will load your ATM with 1.000.000€ in unmarked, untraceable bills.

• A new ATM costs 10.000€, it comes straight from the factory, has a 3 year guarantee period, the latest firmware and the latest updates in security technology.
• Some guy you don't know approaches you on the street and says he sells his second hand ATM for "only" 8.000€. You don't know if he modified the firmware or succeeded in copying the key to open the machine tough... Oh yeah, it's heavily scratched aswell

Which one will you buy? Will you store 1.000.000 of your money in a second hand piece of metal because no locksmith would ever copy ATM keys and because your ATM validates it's firmware before starting, or will you spend 2.000€ more for a brand new machine?

I realise this whole topic makes me look like a hardware wallet critic. This couldn't be further from the truth! Hardware wallets are great. Hardware wallets, airgapped wallets and properly generated paper wallets are about the safest way to store your funds... But i'm talking about new, trusted, hardware wallets bought from an official vendor

Ok, current firmware is 1.6.1.
I just dont understand why frighten people with firmware hack that is no longer works?

It is like saying don't open unknown documents from floppy disk as you might be infected by CIH

I'm not saying that person should buy or should not buy used Ledger. He has his own head to decide. But you guys turn "buying used" here into a plague or a fire that should be avoided.

If the guy has low budget, buy old, reset, update, clean it, use new keys. Why not ? Or buy alternative device.

P.S. Anyone ever bought used car? I guess no one. No one knows how to check true mileage, check accident history, presence of airbags and that the buyer can ran various diagnostics at the dealer.

Here is the same. You are taking a risk of airbags not shooting during accident = taking a risk of loosing crypto because of modded device.

It should check the firmware, yes... But, once again: does it really matter if the issue in the blogpost i shared is fixed? The point is: there are attack vectors that have been exploited in the past, and there is no guarantee there are no other existing vulnerability's that are yet unknow (or worse: undisclosed), so my advice would be: better safe than sorry.

My work pc is running windows (a company policy, i don't like it, but i have nothing to say in the matter). Once a month a gazzilion fixes get pushed to my pc automatically on the first day of the month together with the new virus defenitions. Is it a good idear to assume my pc is completely safe on the second day of the month since all known vulnerabilty's have been patched a day before and all virusses should be stopped? Is it OK to start saving all my private keys in plain text on this machine while surfing to unknown sites and installing whatever software i come across? No, offcourse not... Why? Well, I'm 99,99% sure NEW vulnerability's will be found, NEW virusses will be written and UNDISCLOSED vulnerability's are still there ready to be exploited.

Same goes for my hardware wallet: sure, the vulnerability's that were found in the past have been mitigated. Either by better opsec, by checks performed by the wallet software, by changes to the firmware,... But it's not like i'm 100% sure no OTHER vulnerabilty's still exist. What i DO know is that a lot of those vulnerability's required physical access to the hardware wallet, either before it was shipped to the customer, or after it was initialised. Is it such a dumb idear to make sure as little hands touch my devices as humanly possible?
You could be loading a hardware wallet with tens of BTC at a time. We all hope BTC will go to the moon... It's perfectly possible the 10 BTC on your wallet now are worth $1.000.000 in a couple of years. Are you really going to take any extra risk by buying this wallet second hand? Maybe it's a complete fake, maybe somebody tampered with the RNG, maybe somebody found a way to load fake firmware without being detected, maybe it's genuine but the firmware is so old you're at risk when initialising, maybe it's pre-initialised and you forget to wipe it,...


In this case, you keep presenting these arguments
1) the price: C'mon, you're buying a hardware wallet... Decent wallets go for as low as 40€ or less... How much are you going to pay for a used one... 10€ less, 20€ less? Are you really going to risk your holding for 10€ or 20€?

2) there are no black fridays in your country: nor are there in mine... Well, the last couple of years shops start to get on this hype-train, but 4 or 5 years ago they didn't exist. I bought my first black friday promo many, many years ago, because these promotions are global

3) You don't use €: I've presented the price in euro because ledger is a French company. They use Euro's. But you can pay in Bitcoin... I use the €, i buy stuff from china all the time but i haven't touched a Yen (ever) nor do i have a Yen account. I've bought stuff from the US, and i don't have an US bank account (i do have some dollar bills laying around from my last trip to America 20 years ago). I've even bought a new spring for my baikal air rifle straight from russia, but i wouldn't know how a ruble looks like.

4) The question is to find out if the risks could be eliminated: No, not 100%, never 100%. If you buy a hardware wallet from an unknow person, my gut feeling tells me you're 98% safe if you follow all precautions. If you buy a new one, my gut tells me you're 99,9% safe. I've been around for a while, my gut usually makes good decissions. It's up to you if you agree with me or not. And if you agree it's up to you to decide if 98% certainty is good enough or nor. It isn't for me, but i'm a different person than you are.

5) You say because of covid you cannot buy one: Why? Ledger is still shipping, Amazon isn't closing down... If I buy something it still gets delivered... Are you living in a country where all post and delivery services no longer work because of covid? In that case, you might be right...
The only "real" excuse for not being able to buy a HW wallet is living in a country where crypto is illegal IMHO.

I'm not an actual Ledger user, but regarding the bogus firmware issue.... didn't Ledger Live check for the authenticity of the firmware once you plug the device in?

I'm particularly interested in this discussion, because even if I wouldn't buy a used HW (I already own a few so no need), I do (re)sell some of them. For example, buying in "bulk" makes the devices cheaper, so I sell the extra ones; always sealed and untouched of course.

You should read the original article from Saleem Rashid: Breaking the Ledger Security Model
"An attacker can exploit this vulnerability to compromise the device running firmware 1.3.1 or below..."
I don't think the time the article was published plays any role in this case.


I think you might be wrong about this. Resetting the device to factory settings doesn't magically remove compromised firmware from the device. And secondly, since all devices with a faulty firmware could be compromised, how can you be sure that you are buying a device that is already patched?

As I wrote in my previous post, are you willing to take that risk?

Does it really matter how old the article is? Sure, there aren't any recent, disclosed vulnerabilitys that aren't patched, but that doesn't matter. It doesn't even matter if this particular one is "fixed" easily
What matters is that both ledger and Trezor have had vulnerabilitys that were exploitable after a malicious actor has had physical access to a hardware wallet.
Are you sure all vulnerabilitys are fixed? I am not... Hence I will not buy a hardware wallet to which a potential malicious person could have had access.

But bitcoin is about freedom. If you want to risk all your holdings by cheaping out of 40 Euro's, be my guest. I will not however.

“ This article is more than 2 years old.” 

Even if that really was possible, Ledger had already made patches to close an option to modify firmware.
The hack describes in the article worked if you keep using used ledger with previous owner settings. Reset disables everything imho.

I knew it had happened before, a quick Google search turned up this: https://qz.com/1233401/a-teen-hacker-exposed-a-security-hole-in-ledgers-hardware-wallets/

Thank you so much guys for all the input. What an awesome community!

I get where you all are coming from...better safe than sorry, right? However, what i'd like to know is; is it indeed unsafe? If it is, what exactly are the risks?

Ledger has been around for some time. We heard of tons of people that got hacked/scammed off their btc...have you heard of any through buying a used Ledger?...even after taking all the precautions suggested by Ledger? All this time, surely there has to be at least 1 reported incident if it were possible.

I get anything is possible...but time travel is also - theoretically - possible. I was looking to make a decision based on facts rather than hypotheticals.
I know, I know...there is a risk to benefit ratio that tips toward getting a new Ledger being a smarter, safer choice, considering the price difference is relatively negligible. But that's from where you stand. From where I stand; big difference and not even possible.

So then you say, look into other options...paper or even desktop. Because that would be a safer route than a tampered Ledger. But then again, we go back to..."is it actually possible for the device to be tampered like that and not know?". I'm interested in the technicalities of it all. I mean, Ledger themselves say as long as you reset, and you could update the firmware, and you follow this, it's safe.

Thoughts?

You could always reset Ledger to default factory settings. Then it would be new, but used
Consequences, onsequences… Well, its battery could die faster compared to new one, its body can be scratched. Previous owner could have put boogers on it. I've never heard that Ledgers software were hacked and someone had issues with buying used one.

However, why do you need a used one? If you are short of money, buy a KeepKey for $30. It supports most of crypto you will face.

I would never buy nor would I recommend anyone to buy a used hardware wallet.

Let me explain why:
It all comes down to the fact that buying a used Ledger will save you a few bucks, right? However, there is no scenario to justify this.
If you don't have a relatively large amount of money to save on your hardware wallet, then you don't even need it. There are other solutions that can give you equal or better convenience (desktop/mobile wallets) or security (paper wallets). If the situation is the opposite and you do have a larger amount of crypto, then by buying a used wallet you lose its biggest advantage, which is the security of your funds. Are you really willing to take that risk?

I tend to agree with all suggestions above.  Never use a used hardware wallet because you will never know it is manipulated by installing them an unofficial firmware that could be lead you to a hack and wipe out your entire balance.  It could also have tampered with manipulated malicious firmware or could be trick you using a fake firmware.

If you can't afford hardware wallets, it's better to choose open-source desktop wallet apps that free to download and safe.  Don't hesitate to spend a few Euros just for the safety purpose of your fund, if you have a thousand Bitcoin worth, I rather choose and buy a new one where your fund is safe.  But if that is a few hundred bucks, just choose a desktop wallet and it might good if you start with Electrum.

Even you aren't asking, I share with you this [BIG LIST] Hardware wallets (80+).  There could be a cheap lower than 51 euros upon buying Ledger or Trezor, price it doesn't important if the valuable assets that you feel safe.

Anyway, before making and generating a Bitcoin address, make sure you're the one who holds the keys, not the reseller of used HW.

This can be a problem. If online ordering is not an option and no official resellers either, I'd look for another option = cold storage or even paper wallet, depending on how often you want to spend from those funds.

Just beware that cold storage has to be carefully made and has to never get online again after it's installed and paper wallets have to be created in a safe manner too. This means that if you go this path you have to understand/know what you're doing.

I couldn't agree more... I didn't think about altcoins for a moment
Theoretically, you should be able to create a proper paper wallet for your altcoins aswell, but i have to agree that it would be really confusing if you'd have to print several paper wallets for a couple dozen altcoins.

I'd never store funds for a long time on any desktop/mobile wallet, but even if i did, coinomi would defenatly not be in my top-10 of wallets . I've been around when they completely trashed one of their users after he lost his lifesavings when using coinomi (at least, that was his claim). They still put all the blame on him, but to tell you the truth, i wouldn't trust a company that resorted to victim-blaming even if it was the vicim's own fault, and i'm still not 100% sure that it wasn't coinomi's bug that caused him to lose all his money.

Agree completely with this, and that should be OP's bottom line answer.  I certainly understand that $51 is a lot of money if you can't afford it, but if that's the case why in the world would you be investing in risky and super-volatile assets like cryptocurrencies anyway if a new Ledger is too much money.  OP sounds like he might be the type of person who invests more than he can afford to lose--but I could be wrong, and I don't mean any offense by that.

As for me, I would never buy a used hardware wallet.  I'm not super paranoid, but I'm paranoid enough not to trust that it hasn't been fiddled with in such a manner that my coins could get stolen.  Generally I don't encourage people to be paranoid either, but in a matter like this....if you want to sleep well at night knowing your crypto is safe, be paranoid enough to buy a new HW wallet. 

If OP had a lot of altcoins, I don't think that would be convenient.  Sure, you could put them all onto a Coinomi wallet and write down the seed, but they're not 100% secure last I heard and I wouldn't recommend that.  Nor do I know of any other multicoin wallet that has been proven to be safe.  Other than that, I'm all for paper wallets.

I'd like to add one extra thing that might help you:

If you're really unable or unwilling to buy a new hardware wallet, maybe it's a good idear to learn how to properly generate a paper wallet? Sure, they're not as user-friendly as a hardware wallet. It's a learning curve and you have to follow the correct procedure. But if you know how to properly generate a paper wallet, it's security is about the same as a hardware wallet...

Best thing is: you don't need to buy one... A pc/laptop, an usb stick to boot tails with network disabled, a proper paper wallet generator software and a printer that isn't connected to the network will do.  Odds are you have all 4 of these things laying around, so the cost is equal to the cost of a piece of paper.

If you are interested in paper wallets, do your research first... Then create a paper wallet on the testnet and fund/sweep it, and only then make "real" paper wallets.

An other option is to create an airgapped setup, either by booting from tails with network disabled, or by using an old pc from witch you physically remove the network cards. These setups can be really secure aswell, defenately on-par with a hardware wallet. A bit user-friendlyer than a paper wallet (IMHO), but still not as user-friendly as a hardware wallet.