Pages:
Author

Topic: [Hands On] Ledger Nano Hardware Wallet - Notlist3d (Read 3289 times)

full member
Activity: 401
Merit: 104
Are there any news of how Ledger Nano has been upgraded/updated in 2017? I am seriously thinking to buy it but I'd like some more recent feedback.
legendary
Activity: 1456
Merit: 1000
On second post it now deals with using the Ledge Nano on a Android device - https://bitcointalksearch.org/topic/m.13375015 .  It is a nice feature to have.  If your a mobile user on the go a lot I suggest you check it out.
legendary
Activity: 1456
Merit: 1000
The Ledger Nano is still working very well.  I recently tried using it with android mobile phone and it is a nice feature for those who need access to it on the go.    A update to hands on is coming to show that.

There is a reason I save those posts under Smiley.  I do intend for it to be there in the near future.
If you loose the ledger nano and you don't have another one can you still backup the wallet?
Can you backup the wallet only with the 24 seeds in another client or mobile app? as PIN is used only with ledger

The good news if you lose it you can restore with seeds on another wallet here is official response: "In case of loss or theft of your Ledger Wallet, or at any time, you can restore your entire balance either on a new Ledger Wallet or on any BIP39 compatible software wallet such as Multibit HD or Mycelium."  

So the pin is just used as extra security on the hardware wallet.  Those seed's should be stored very safely as it is the way to restore your holdings.

I read fast in their FAQ and was thinking why should i order 2 (1 active and 1 for backup)
Checked in Mycelium and they support restoring the wallet with 24 seeds from Ledger thanks for the helpful info.

My biggest advice  for someone getting Ledger Nano is go ahead and also get the Ledger Starter - https://www.ledgerwallet.com/products/7-ledger-starter

It is a nice metal usb with 100 percent safe and offline OS for 5.50 euro.    But this ensures your seeds are secure and even if PC was infected since booting up this live linux OS your Ledger Nano is still secure.
legendary
Activity: 1204
Merit: 1000
The Ledger Nano is still working very well.  I recently tried using it with android mobile phone and it is a nice feature for those who need access to it on the go.    A update to hands on is coming to show that.

There is a reason I save those posts under Smiley.  I do intend for it to be there in the near future.
If you loose the ledger nano and you don't have another one can you still backup the wallet?
Can you backup the wallet only with the 24 seeds in another client or mobile app? as PIN is used only with ledger

The good news if you lose it you can restore with seeds on another wallet here is official response: "In case of loss or theft of your Ledger Wallet, or at any time, you can restore your entire balance either on a new Ledger Wallet or on any BIP39 compatible software wallet such as Multibit HD or Mycelium."   

So the pin is just used as extra security on the hardware wallet.  Those seed's should be stored very safely as it is the way to restore your holdings.

I read fast in their FAQ and was thinking why should i order 2 (1 active and 1 for backup)
Checked in Mycelium and they support restoring the wallet with 24 seeds from Ledger thanks for the helpful info.
legendary
Activity: 1456
Merit: 1000
Looks like the Ledger Nano is the perfect way to bring some bitcoin along on a holiday or travels for instance.

For more demanding stuff, like have traffic through the wallets in the device, it would be better to use something like a Trezor which does not have the weakness of potentially revealing the secret card code after several uses.

It's all personal preference.  If you need more security you will find a post I talked about linking wallet with phone.  - https://bitcointalksearch.org/topic/m.13384208

Read that post I don't want to clutter it up and explain it twice.  But the short version is you could link it to your phone and you would never share more then 4 of your codes, so that weakness really can be whipped away if using phone to verify.
legendary
Activity: 1456
Merit: 1000
The Ledger Nano is still working very well.  I recently tried using it with android mobile phone and it is a nice feature for those who need access to it on the go.    A update to hands on is coming to show that.

There is a reason I save those posts under Smiley.  I do intend for it to be there in the near future.
If you loose the ledger nano and you don't have another one can you still backup the wallet?
Can you backup the wallet only with the 24 seeds in another client or mobile app? as PIN is used only with ledger

The good news if you lose it you can restore with seeds on another wallet here is official response: "In case of loss or theft of your Ledger Wallet, or at any time, you can restore your entire balance either on a new Ledger Wallet or on any BIP39 compatible software wallet such as Multibit HD or Mycelium."   

So the pin is just used as extra security on the hardware wallet.  Those seed's should be stored very safely as it is the way to restore your holdings.
legendary
Activity: 1946
Merit: 1007
Looks like the Ledger Nano is the perfect way to bring some bitcoin along on a holiday or travels for instance.

For more demanding stuff, like have traffic through the wallets in the device, it would be better to use something like a Trezor which does not have the weakness of potentially revealing the secret card code after several uses.
legendary
Activity: 1204
Merit: 1000
The Ledger Nano is still working very well.  I recently tried using it with android mobile phone and it is a nice feature for those who need access to it on the go.    A update to hands on is coming to show that.

There is a reason I save those posts under Smiley.  I do intend for it to be there in the near future.
If you loose the ledger nano and you don't have another one can you still backup the wallet?
Can you backup the wallet only with the 24 seeds in another client or mobile app? as PIN is used only with ledger
legendary
Activity: 1456
Merit: 1000
The Ledger Nano is still working very well.  I recently tried using it with android mobile phone and it is a nice feature for those who need access to it on the go.    A update to hands on is coming to show that.

There is a reason I save those posts under Smiley.  I do intend for it to be there in the near future.
legendary
Activity: 1456
Merit: 1000
does the challenge question asked is different each time? because an advance keylogger with screen logger, can see everything the user is typing and screening
The video implies that there are 4 challenge characters that must be entered, and that the 4 are different every time.
A really sophisticated key logger could potentially duplicate the security card by collecting the answers over many uses, but that threat is mostly theoretical at this time.

The PIN, however, is typed in the clear when you first connect to the Ledger Nano.

If you want higher security, you'll need to buy a more expensive hardware wallet with a screen and buttons, like the Trezor or the Ledger Blue. These eliminate the key logger threat by providing a direct interface to the user, without going through the vulnerable browser/OS.

there is something like trezor or ledger blue, but in the form of an usb? it's better to no get around with somethign that scream " hey i'm carrying a wallet.dat here" mostly in real life, a usb it's more of a reserved thing

As far as Ledger Nano carrying any key's they will not leave Ledger Nano just like other wallets I reviewed.  It sign's transactions and keeps everything safely on the Ledger Nano.

It is not like a regular usb stick where you could make a copy of a wallet file.  To make a copy you would need another Ledger Nano and the recovery seed word's which should be safely stored in recovery book offline and in a safe place.

But if your thinking this is a regular usb drive with wallet info it is far from that.
legendary
Activity: 3248
Merit: 1070
does the challenge question asked is different each time? because an advance keylogger with screen logger, can see everything the user is typing and screening
The video implies that there are 4 challenge characters that must be entered, and that the 4 are different every time.
A really sophisticated key logger could potentially duplicate the security card by collecting the answers over many uses, but that threat is mostly theoretical at this time.

The PIN, however, is typed in the clear when you first connect to the Ledger Nano.

If you want higher security, you'll need to buy a more expensive hardware wallet with a screen and buttons, like the Trezor or the Ledger Blue. These eliminate the key logger threat by providing a direct interface to the user, without going through the vulnerable browser/OS.

there is something like trezor or ledger blue, but in the form of an usb? it's better to no get around with something that scream " hey i'm carrying a wallet.dat here" mostly in real life, a usb it's more of a reserved thing
legendary
Activity: 1456
Merit: 1000
does the challenge question asked is different each time? because an advance keylogger with screen logger, can see everything the user is typing and screening
The video implies that there are 4 challenge characters that must be entered, and that the 4 are different every time.
A really sophisticated key logger could potentially duplicate the security card by collecting the answers over many uses, but that threat is mostly theoretical at this time.

The PIN, however, is typed in the clear when you first connect to the Ledger Nano.

If you want higher security, you'll need to buy a more expensive hardware wallet with a screen and buttons, like the Trezor or the Ledger Blue. These eliminate the key logger threat by providing a direct interface to the user, without going through the vulnerable browser/OS.

Yes I suggest watching the video to see how it works.  But there are uppercase letter's (26), lowercase letter's (26), and digits (10).  So a total of 62 completely different possibilities on the card to challenge against.  And to send there are 4 you have to give anwser to.   And this changes each time you send.  Also you need the PIN before this and if PIN is entered 3 times wrong it erases wallet.  

So combine this with needing the Ledger Nano plugged in it is almost impossible as I don't see user's leaving Ledger Nano plugged in when not in use.  But i see your point almost impossible is not impossible when we talk in theoretical.

And if you are worried about above not being enough there is a feature to pair with smartphone.  With this you use your smartphone after a challenge on it to confirm sending transactions.  So if you did this only 4 of the 62 possible answers is ever shown and it's answered on smartphone.  So you would need ledger plugged in your computer and smartphone to could confirm transactions after pairing.

So if the first one is not secure enough you could move to smartphone pairing.  With this the I don't see it being defeated as you would need access to the Ledger Nano itself and also the smartphone.

Smart Phone Pairing:  

legendary
Activity: 1806
Merit: 1164
does the challenge question asked is different each time? because an advance keylogger with screen logger, can see everything the user is typing and screening
The video implies that there are 4 challenge characters that must be entered, and that the 4 are different every time.
A really sophisticated key logger could potentially duplicate the security card by collecting the answers over many uses, but that threat is mostly theoretical at this time.

The PIN, however, is typed in the clear when you first connect to the Ledger Nano.

If you want higher security, you'll need to buy a more expensive hardware wallet with a screen and buttons, like the Trezor or the Ledger Blue. These eliminate the key logger threat by providing a direct interface to the user, without going through the vulnerable browser/OS.

Great points, why I use a Trezor instead of a Ledger Nano. Have you had a chance to evaluate the new Ledger Unplugged?
full member
Activity: 206
Merit: 100
does the challenge question asked is different each time? because an advance keylogger with screen logger, can see everything the user is typing and screening
The video implies that there are 4 challenge characters that must be entered, and that the 4 are different every time.
A really sophisticated key logger could potentially duplicate the security card by collecting the answers over many uses, but that threat is mostly theoretical at this time.

The PIN, however, is typed in the clear when you first connect to the Ledger Nano.

If you want higher security, you'll need to buy a more expensive hardware wallet with a screen and buttons, like the Trezor or the Ledger Blue. These eliminate the key logger threat by providing a direct interface to the user, without going through the vulnerable browser/OS.
legendary
Activity: 3248
Merit: 1070
does this offer the same protection as the trezor, when you plug-in in a infected pc for example?

It uses a different way  to offer protection.  If computer is infected it's possible that it might get the PIN.  With this you could view inside if Ledger Nano was in computer, it would need it to be connected to infected computer.  This is why I mention I would use a different PIN then wallet's with LCD where it randomizes numbers where when you click on screen a infected computer has no idea what is being clicked.

But it still could not send even if PC was infected and had the PIN.  When sending you need to have the security card.  It will ask challenge question that if you don't have the card you would not be able to send. Part 4 if you click on that image it show's this being used.

Also with Ledger Nano if you enter PIN 3 times wrong, it erases wallet.  So if stolen or lost it cannot be brute forced on the PIN.  You can recover it with seed words if you accidentally did it yourself.  

does the challenge question asked is different each time? because an advance keylogger with screen logger, can see everything the user is typing and screening
legendary
Activity: 3430
Merit: 1142
Ιntergalactic Conciliator
i have already two of them and is great! I have buy one of them through their official store in OpenBazaar before months Smiley They have and a great support if you ask something they answer very fast/ Before some time i ask for their android app .apk file and they give it to me. I have ask the same and from bitpay(copay) and coinbase and i am still waiting for response...is three months now.. Tongue
legendary
Activity: 1456
Merit: 1000
Thanks for a good review. Cheesy

Design Ledger nano looks like a regular usb not so interesting and easily lost.

But for price it cheap than other hardware wallet.

They did a good job of making it work with regular USB drives.  I think it is a little better built as far as most USB drives, they estimate around 30 year's which mean's it has a lot of writes till device start's to fail.

It is a small form factor I need to take a few more pictures to show lanyard on it.  It is much harder to lose with included lanyard or key chain which both are included.
legendary
Activity: 1456
Merit: 1000
does this offer the same protection as the trezor, when you plug-in in a infected pc for example?

It uses a different way  to offer protection.  If computer is infected it's possible that it might get the PIN.  With this you could view inside if Ledger Nano was in computer, it would need it to be connected to infected computer.  This is why I mention I would use a different PIN then wallet's with LCD where it randomizes numbers where when you click on screen a infected computer has no idea what is being clicked.

But it still could not send even if PC was infected and had the PIN.  When sending you need to have the security card.  It will ask challenge question that if you don't have the card you would not be able to send. Part 4 if you click on that image it show's this being used.

Also with Ledger Nano if you enter PIN 3 times wrong, it erases wallet.  So if stolen or lost it cannot be brute forced on the PIN.  You can recover it with seed words if you accidentally did it yourself.  
legendary
Activity: 1456
Merit: 1000
Thanks for the detailed review Cheesy. What happens if the USB breaks down or gets stolen? which will be the procedure to recover the wallet?

As far as recovery same as any other ones.  You can get a new one and recover it from the 24 seed word's you get during the Ledger start creating a wallet.  As mentioned above you write down in Recovery Sheet.  You MUST do that step as it allows you to recover it.  

This is why Recovery Sheet should be stored safely it is the same as other hardware wallets in this aspect.
legendary
Activity: 3248
Merit: 1070
does this offer the same protection as the trezor, when you plug-in in a infected pc for example?
Pages:
Jump to: