Topic: Fuck you ledger - page 3. (Read 1022 times)

No, from my research ledger devices are produced in China, maybe by this Flextronics, and than they are assembled in France.
I am not defending ledger in any way, but there is a difference between assembling and producing.
But there is a chance they changed something in last few months to reduce expenses.

Seems like it: https://support.ledger.com/hc/en-us/articles/360012207759-Solve-a-synchronization-error. The first step to solving a sync error is to "update Ledger Live".

For anyone with their coins still on a Ledger who obviously don't want to do this, then you can bypass Ledger Live entirely and simply interact with your Ledger device via either Electrum or Sparrow. Once you've got it connected up, use this set up to transfer all your coins to a better hardware wallet or cold storage solution.

I wanted to check the Ledger Live that was preinstalled a long time ago (some version like 2.40 or so), but when synchronizing it gives an error. Refresh doesn't change anything. The Internet works stably and all other applications that require an Internet connection work as before. Now old versions of Ledger Live can't sync with Ledger servers? Has Ledger really decided to force all users to update Ledger Live? If this is not an isolated case, then congratulations on another surprise from Ledger. Now everyone will be in their complete power without the right to refuse their services, such as the recovery function and other trash.

Tell the title of this topic now or it will be too late.

I don't know whether that is true or not but I came across the mention that Ledger wallets are assembled by Flextronics. This means that Ledger company doesn't have the facilities to produce hardware and rely on 3^rd party which in turn may aper   as    the other potential  "hidden" and weak section in the trust chain.

Thus, the best approach for keeping bitcoin stash safe is to use multisig wallet with HW cosigners from different manufacturers.

In fact, no hardware wallet manufacturer can be trusted 100%. If the partnership with Wasabi was known, then there may be partnerships unknown (secret) to the general public. For example, with the government (this is not necessarily the case). It is unlikely that any of the manufacturers will advertise this, to put it mildly. After all, every hardware wallet manufacturer has a country of jurisdiction, in other words, production workshops, warehouses, work offices, and the like. That is, leverage can always be found to persuade a HW device manufacturer to partner, which means there should always be doubts about the reliability of any of the manufacturers.

It is not necessary to boycott Ledger or Trezor. You just need to be aware of the existing risks and take this into account when storing your crypto assets on these devices. The realization that one day, your money may not be on these hardware wallets. Who even came up with the idea that they (and others) can be blindly trusted?

Maybe the hatred towards Trezor arises because it is the largest competitor (one of the industry leaders) of Ledger. That is, when a company expands very strongly, it ceases to be customer-oriented, switching to money-oriented. And when the main goal is money, then you can expect anything from the manufacturer (being their client).

AFAIK, there is no security threat in the Trezor models but their censorship became questionable when their coinjoin partnership with Wasabi leaked users' addresses and they tried to hide by censoring users on Reddit and other platforms showing that they can't be trusted either.

Also, their hardware malfunctions become issues like LCD screens failing on multiple devices and lack of support from the team to make them be untrustworthy with my Bitcoin.

Related Threads

Coinjoin on Trezor Suite
Trezor problem!

They work with Wasabi, meaning they are pro-censorship, they fund blockchain analysis, and they support government blacklists. They were also a big supporter of AOPP, which was a protocol designed to make you KYC your own addresses to centralized exchanges before being allowed to withdraw. They only pulled their implementation of it after huge community backlash. The argument against these facts is always "Well, you don't have to use these 'features' if you don't want to", but it shows their underlying morals and ethos are very much not what they once were. I don't want my hardware wallet designed by people who are so pro-surveillance.

I also take more issues with their approach to the seed extraction vulnerability rather than the seed extraction vulnerability itself. I explain why here: https://bitcointalksearch.org/topic/m.53803392

I am wondering how long this will take before some body files a lawsuit against Ledger for lying to their customers about the Secure Element and how it was impossible to breach their top notch security.

Will agree with the others here who say the best option is airgapped computer.  While Ledger, Trezor and other Hardware Wallet producers can dispatch a malicious firmware, Bitcoin Core will not get an official malicious version.  If it does get one then we will get a non malicious version right the next minute.

I do get the hate for Ledger but I do not understand why there is some hate here for Trezor too.  Other than their Seed extraction vulnerability and the possibility of pushing a malicious version of firmware or Trezor Suite.  Is there any thing I might have missed?

God.  It is so depressive to look at how things were years ago versus now.  We are looking at every body we used to love jumping in the wagon of Surveillance and lack of Privacy when years ago it was all the love in the world for these people.

Owning Bitcoin means being your own bank.  Only you can decide how important your security is to you.

I'm a firm believer in using a 24 word seed, written on paper and backed up on metal, secured in 2 locations only I have access to, plus an 8 word passphrase also secured twice.

EDITED to add: My view is that I need to secure my Bitcoin as if Bitcoin's price is $1 million, because someday it will be.  The way to make sure I still have coins when that day comes is to have that level of security now.  And since it's so easy to do, I do it.

40 characters minimum is overkill, IMHO. Passphrase is exclusively for saving you stash in the case you SEED comes to the notice of someone else. The length of  passphrase will be irrelevant  If user puts SEED away safely.

However everyone  is free to use the passphrase of any length (ranging from zero to n) which is comfortable for him, thus I don't think that Jade compares poorly Krux in the passphrase regard.

What else?

Krux makes it ridiculously easy to use passphrases.  And when I say "passphrases," I mean strong passphrases.  My passphrases are 40 characters minimum, always using words and spaces with punctuation where appropriate.  I have three passphrases for my seed.  The first is for work.  The second is for personal savings.  The third is for testing.  Krux makes it so easy to use strong passphrases.

I've never found any other hardware wallet that makes entering and using strong passphrases so quick and easy.  You don't have to type them on the device or in a companion app.  You CAN, but you don't have to.  Instead, you can save your passphrase as a QR code to scan.

Here's how quick and easy it is to use Krux:

Turn on the device.
1: I scan the QR code with my seed.
2: My seed's QR is encrypted, so I scan the QR with the decryption password.
3: Scan the QR code with my passphrase.
Done.

Three quick scans.

I love that the device is airgapped and saves none of my info.  When I shut down, my seed & passphrase are erased.  And since the device isn't crypto related (it's a Maix Amigo), it doesn't call attention to itself as a Bitcoin thing.  The UI is really great, and it's a breeze to use on that large touchscreen.

Wallets that make using passphrases inconvenient are one of my major complaints.  So many wallets force you to type the passphrase every time, which encourages people to use terrible passphrases that are short and easy to crack, or worse, they make it so inconvenient that people don't use passphrases at all.  Or even worse than that, they make the process confusing and complicated.  Ugh.  No wonder so few people understand what passphrases are and how to use them properly.  Krux makes it easy.

Little did bitcoiners know which  is the fully creditable wallet,  theywould buy it.

You like Krux, I'm fond of Passport , the others prefer something else but all of us have in common their attitude to Ledger which  has  gained a reputation for being a company which pissed of customers.  

BTW, what advantages u see in Krux  when comparing it , let'us say, with  Jade?

Good for you!  Ledger is a terrible company and their hardware cannot be trusted anymore.  I stopped using mine the day they announced their key extraction firmware.  I didn't move my coins right away though.  I did what you're doing.  I started searching for my next hardware wallet.

In my opinion, there is no such thing as the best hardware wallet.  Which one is the best will come down to your own wants, needs and abilities.  For example, Trezor is great for somebody who wants easy to use hardware with a user friendly companion app.  ColdCard is great for somebody who wants top notch security and is willing to deal with a device that isn't as user friendly.  SeedSigner is a great choice for somebody who is willing to do some DIY and doesn't want to be tied to a company that could go rogue or turn evil, like Ledger did.  SeedSigner is totally open source software that runs on off the shelf parts (a Raspberry Pi Zero).

I'm a huge fan of a project called Krux, which is fully open source.  Here's my review with lots of images.  Krux is like a deluxe SeedSigner that runs on off the shelf hardware.  You can buy a Maix Amigo for less than $60 and install Krux on it.  The Amigo is awesome because it has a camera and a large touchscreen, which makes using it REALLY easy, but even better, it means the device clearly shows you everything, including full addresses, etc, so confirming things is easy.  Krux is particularly good for anyone who uses singlesig with a passphrase, or multisig.  Krux is airgapped, but even better, Krux can save encrypted QR codes, so even if somebody were to find your QR code they wouldn't be able to read it (or even know what it is, other than a QR code).  Seriously, the folks working on Krux are doing amazing things in my opinion, and they're doing all of this while keeping Krux incredibly easy to use with a simple but intuitive UI.  Like I said, I'm a huge fan.

Here's a picture of an Amigo next to an old iPhone 4, for comparison.  To be clear, it doesn't run on an iPhone.  I'm just using an iPhone in this image next to an Amigo so you can see the size of the device:



And here's a pic of the Krux startup screen.  Super-simple and intuitive:



For me, Krux on a Maix Amigo with Sparrow or BlueWallet are a killer combo.

I had been using Ledger for a few years. But due to their FUCKING system, I am going to move to another hardware wallet. Right now, I am searching and comparing the best wallets. I am afraid lately to store a larger amount in the ledger. Even though the community wants open-source software, they still don't care. Rather, they launched a seed recovery service, which is the worst thing in crypto.

That's a mistake. It isn't partial offline signing. It's a normal (full) signature on an offline machine which is later exported as a file or QR code to be broadcasted on a device with internet connection. If the signing keys are exclusive to the offline wallet and we aren't discussing a multi-sig wallet, the whole signing process takes place offline.

Yes, of course. No one is questioning that. But the narrative was that the keys can never leave, aka be exported from the secure element. And turned out to be false.

I don't know about that. I don't remember seeing a discussion with people who knew key extraction was possible before Ledger told us it is. Not on Bitcointalk at least. If such a thread exists, someone please point me to it. 

Exactly. And people that didn't know better believed it. The rest knew that what this really meant was with an asterisk attached: "*so long as no firmware commands it". I don't fault people for taking it verbatim, most users had no reason to question the wording or dig any deeper. But the truth is there was never anything so magical about Ledger hardware which prevented firmware from extracting the seed. So prior to Recover - all you had to do was trust that Ledger wasn't going to maliciously backdoor their firmware to swipe your seed. This is less ideal than an open source or source verifiable hardware wallet - but still within the scope of what many people are willing to tolerate.

When Ledger announced recover, they did 2 things:
1. They alerted people who thought otherwise that this was even possible to begin with. So that was a scare to many but not to others.
2. They alerted people who already knew this would be technically possible (but insane to implement) that they were actually going to do such a thing. This is the bigger red flag. Not that it was possible, but that they were actually building something like this into future firmware.

My main point here is what Ledger is now doing is using this fact (which is now more common knowledge than it was prior to the Recover announcement) to liken trusting their Recover service to trusting any other hardware wallet. "You have to trust any hardware wallet so what's the big deal if we have Recover firmware?" as if trusting Recover is the same as trusting any SE. Levels of trust are not all equal but Ledger is gaslighting people into thinking the recover mechanism requires the same level of trust as any hardware wallet and that's so false. They're using this false equivalence trickery to calm the waters and it seems to be working, sadly.  

Exactly, and it should be completely open-source. It might even work completely airgapped, but if the firmware used is closed-source, then you can't know if the company can access your funds. Flawed RNG or malicious code inside cryptographic libraries can grant them total access, and you can't prove anything.

I don't know Ledger, but I know they were never open-source to begin with. We should trust nobody who claims to be in favor of privacy and security without complete software transparency. Period.

But it's what Ledger had been telling us since day one:







Lies, lies, lies.

Ledger Lies.

Just in the spirit of clarity here, I think while it's important to note that although Ledger's communication has been terrible and their marketing repeated this notion - the belief that a secure element could never reveal private keys in any form regardless of what firmware was thrown at it was and has always been incorrect. This was known long before Recover was ever announced. It's how hardware wallets work. Access to the private keys MUST be granted in order to sign anything. The concept of a HW wallet that can both sign a Tx and have ZERO access to the privkeys ever is possible in theory but not in practice as this would mean you would never realistically be able to update the wallet ever. No bugs could be patched etc. It's not practical. Forgive my inability to explain the technical details of this as I'll leave that to people smarter than me but this is how it was explained to me.

So the fact that your wallet can spit out your keys if the firmware allows it is NOT what the problem here is and I think it's very important to understand this in order to combat the gaslighting coming from Ledger. Coldcard will reveal your keys in plain text on the device as well as export them in encrypted form via SD card for a backup if you like. This in no way makes the secure elements or the wallet less secure, those are simply features of the device that are baked into the firmware. (You can always lock down the seed of you like to remove this feature of course but all of it is locked behind a pincode anyways) The crucial differences here are 1) you know exactly what the device is doing and 2) the keys if revealed are only being shown to you and you alone, they're not being sent anywhere. You can either see them on the device or you can export them encrypted on an SD. And 3) you were never led to believe this was impossible with fancy marketing that led you into a false sense of what the hardware was actually capable of. Ledger was deliberately misleading in their marketing at times even stating that "Not even a firmware update could extract your keys" when this was blatantly false. So when people who didn't know better learned that this was actually technically possible they lost it - but they lost it for the wrong reasons! The REAL reason this should worry people is that the process of extracting keys involves so much 3rd party trust and involves those keys being sent through your computer over the internet. That is what should frighten people, not that a SE can spit out a seed if it's told to.

Impressed... and I 100% agree with you, although I've never used Ledger. However, I've always been skeptical about hardware wallets, especially when they announced changes and narratives regarding private key security.

It's better to be vigilant when it comes to the safety of our online assets.

It's good to hear that you've switched to an offline software wallet. We should too. Also, the approach you've adopted, like partial signing online and then signing offline and broadcasting it, is something I wasn't aware of.

I think I need to explore these concepts too, especially this privacy coinjoin, as it adds an extra layer of privacy to your transactions. It's an excellent way to take control of your online privacy in this crypto world.

I've always believed that offline software wallets are not only secure but also cost-effective. If managed correctly, cold wallets can offer the same level of security, or maybe sometimes even surpass hardware wallets.

Well, thanks for sharing your experience.