Topic: Ledger Recovery - Send your (encrypted) recovery phrase to 3rd parties entities - page 14. (Read 5425 times)

Smart move. I miss the old days where you could just show a person your ID in person, and they would sign a form to say it all checks out without having to actually keep a copy of your ID. And if they did keep a copy, it was a photocopy kept in a filing cabinet and not a digital copy leaked across the internet.

Because Trezor are a deeply unethical company:

How many Trezor device users are able to do this? - Units.

Can say whatever want, but doing it is completely different. You seem to overestimate the capabilities of hardware wallet buyers, as if every second person is able to understand the source code of the firmware and check the safety of new functions. Get down to the ground. Trezor (or any other hardware wallet) users are ordinary people, completely far from understanding the technical aspects of these devices.

No one will puzzle out in trezor devices (from the majority of users), and the words of those who do this (analyze and summarize) should also be questioned if this is not your close friend or public person with an impeccable reputation.

But this one company, through its antics, exposed the weaknesses of the entire industry and led users to question the words and actions of these companies. Blind trust does not bode well.

Why don't you recommend Model T right now? Is it related to one company betrayed of its users? By chance, you don't extrapolate it to this firm?

Whenever I have to send some personal documents to some company (for setting up a bank account, utility services, amongst others) I always make sure to include a watermark with numerous information (such as which company I'm sending the data to, which data and why). In the event their security is weak and this data is stolen from them, probably no one will be able to open a credit line in my name due to the watermark, and if I ever see those documents floating online I'll know which company was the one responsible for the leak.

There is one big distinction to be made. If you own a Trezor Model T, since it's completely free open-source (FOSS) as in 'freedom', you can refuse to upgrade the firmware, downgrade the firmware, write your own, and patch new firmware versions that have features you don't like.
You also are able to tell whether they try to sneak in some unwanted features and know whether new features are implemented securely, e.g. if any encryption used is secure.

If we just take one company who in a way betrayed its users and extrapolate it to all the companies, there is no wallet you can buy, no Linux distro you can install and no services you can use.

I would still not recommend a Model T right now, but at least if I got one, I knew what I'm getting, since code and hardware are open.

Depends on your bank and your jurisdiction. Some banks will happily let you open accounts, set up credit cards, take out loans, even take out mortgages, all over the internet. Often a picture of your ID is enough, and if they want more such as tax numbers, recent bills, etc., then these can be often be obtained by an attacker with a copy of your ID/passport/whatever and your other personal details.

Offical News https://support.ledger.com/hc/en-us/articles/360020773319-What-s-new-in-Ledger-Live-?docs=true ,_ ledger live

https://support.ledger.com/hc/en-us/articles/360014980580-Ledger-Nano-X-firmware-release-notes?docs=true <--last mouth  Ledger

Check this: Data Leak: Personal identifiable information of 4.9 million Georgians found online
Does that mean that that this country and the whole population is f-ed? Well, I can't fund much information if this leakage caused any significant damage to their population because I have no idea about their language and there is little information in English language about this info but I idk, maybe they faced problems, maybe not, can't be 100% sure.

How can one take loan with my identity? I mean, banks don't give away loan so easily, I can't really think that someone can do anything with pictures of my ID card, at least I'm unable to do things with it alone. Absolutely everything I have done and everything I have been in touch with, always requested more than just an image of ID card.

I know that I don't want someone to know what I do with my finances and that's why I also use cryptocurrencies but I would say that my favorite is Monero and not bitcoin because I don't feel secure with it, blockchain is like an old Telephone directory where everyone can find and track absolutely every transaction. Btw one can still pretty much make things hard by using mixers, coinjoin but for superior security, I prefer Monero but I don't actually need it, so yes, I agree with you, that's why I use Bitcoin but with cautious. It's widely accepted though.
So, when it comes to KYC, my only fear is that someone will know what I bought, how I spent my money but I don't think they'll be able to threaten my or do something with me.

Several.

Yes, it is true that you must be fully KYCed to use the fiat banking system. But the whole point of bitcoin is to get away from that. I use bitcoin precisely because I don't want a bunch of unknown third parties monitoring everything I do with my money, requiring their permission in order to do it, being censored and having my transactions refused if they don't like what they see, and then sharing that data with anyone and everyone they like. If you link your bitcoin addresses to your real identity, then you remain under constant surveillance. My stance on privacy is well known, and by subjecting yourself to KYC you have exactly zero prviacy.

It is also a massive security risk. Centralized crypto services have leaked, sold, shared, or been hacked for sensitive data an inordinate number of times. Every big exchange is guilty of this. Ledger themselves are guilty of this. Would you be happy with your real name and address being leaked across the entire internet next to a list of all your crypto addresses and their balances? Not only can anyone in the world monitor exactly what you are doing with your money, you become a target for both electronic and physical attacks to have your coins stolen.

KYC can ruin your life. Even without the crypto side of things, KYC documents are sold on black markets constantly. Having your identity stolen can leave you hundreds of thousands of dollars in debt for loans or credit cards you had nothing to do with. The latest studies have shown that identity theft costs US citizens alone over $50 billion a year:

https://javelinstrategy.com/2022-Identity-fraud-scams-report
https://javelinstrategy.com/research/2023-identity-fraud-study-butterfly-effect

I'd also point you towards this thread: Why KYC is extremely dangerous – and useless

What is the actual problem in KYC? The fact that your identity is revealed to some 3rd parties or the fact that your bitcoin address is trackable? But one can use Monero in this case. By the way, sometimes I'm lost in vein when I think about KYC. The fact is, when you are born, you get birth certificate, unique ID number, passport, your fingerprint is saved, etc. So, this information is stored by the government but at the same time if you want to start work, if you want to open bank account, if you want to visit a clinic, if you want to get internet, electricity, gas and water at home and so on, you have to share this data, that means that your data is never safe, tons of people already have access to it and still you have to reveal it many times in real life.
One can't really be sure how many times their KYC documents have leaked from land-based companies.

---

While it's true that three companies, including Ledger have access to your KYC documents, at some point we can say that revealing your KYC documents can't really affect your quality of life and personally the only threat I can see is that they'll know when and how I spend my crypto, they'll know it for sure. Besides this, is there any other reason to be afraid of KYC? I don't really think that Ledger's data breach is the only thing that will reveal my KYC data, I'm afraid our data has been leaked many times from the institutions that I mentioned above.
I'm not an anti-KYC, just want to know what are your real fears when it comes to KYC.

You can buy the old version of Nano S and the firmware will also be the old version, but there are no guarantees that the old version doesn't have vulnerabilities. After all the events with the Ledger, I tend to expect bad things from them rather than good ones, and therefore, I expect a catch even in old devices. I don't rule out that my fears are groundless, but as I have said repeatedly, in the case of finances, it is necessary to be extremely scrupulous in matters of safety and security. My tactic is simple: it's better to take precautions than take risks.

The Trezor (like any firm that depends on sales of its devices) will promise anything to attract and retain its customers. This is the harsh truth of business. I prefer to believe facts, not promises. The Ledger example shows that promises are not kept and all sorts of things are broken. Moreover, the Trezor already has a dubious partnership that raises questions and alarms users of their devices.

Don't be naive, Ledger said the same thing in the past, and today we know that the whole story they told is a simple lie. Trezor has its vulnerabilities, and even cooperation with companies that deal with spying on Bitcoin users and censoring transactions is not something that can position them as reliable producers.

In addition, both companies are located in the EU, and accordingly they will have to (or are already doing so) act according to regulations that go in the direction of complete control of crypto transactions.

The Nano S wallet is now retired, but it is still on sale in some stores. Maybe this feature will work later on the new Nano S plus wallet?
The Nano S wallet can be bought with old firmware.
But I will buy a Trezor T wallet because they promised that the secret phrase would not leave the wallet.

I don't want to waste any money on this junk.
My question was related to people who already won this devices, so they can mitigate potential issues.

I listened to Andreas Antonopoulos talking with Jameson Lopp and he said that ledger is probably using industry standard encryption (I can't remember exact name), but there is no way for anyone to confirm or prove that.
Since they don't have any plans to stop with Recovery plans, we are going to find out more details in next few months.
I am glad some other hardware wallets are going different direction and releasing everything as open source ^{(for example Coolwallet)}.

Does anyone think that Ledger worked so hard that a new firmware would only be an option? Of course, they will use every possible trick to force users to upgrade, because otherwise they will not be able to upgrade coin apps, and accordingly they will not be able to sign the transaction.

I just hope that as many users as possible will give up using this wallet, even though currently the only option that seems somewhat safe when it comes to HW costs even $200, and I am sure that a good part of users cannot afford something like that.

As has been said many times, you can use a brand new Ledger device to conduct the decryption process, which means a hardware wallet itself can't obtain it except through direct communication with trusted third parties. Having undergone a KYC procedure, you connect any Ledger device to your Ledger Live App and receive pieces of encrypted seed along with the decryption key. In other words, once you handed over your secrets to third parties, you gave them everything needed to steal your coins, including an encrypted secret, decryption key, and all your personal information. At best, you are no longer the sole owner of particular UTXOs in the blockchain because this recovery feature negates all the benefits that a hardware wallet should provide. From the point of view of the Ledger company, a hardware wallet is nothing else but another form of custodial solution where users are unable to protect themselves from counterparty risk and government attacks.

I also thought about it. Theoretically, hackers can make a patch for Ledger Live to intercept the encrypted Seed, which is divided into 3 parts. Of course, without the decryption key stored on the Ledger, they can't do anything. But where is the guarantee that this key will not leak in the future? So I think such a step on the part of Ledger is too presumptuous.

If you are using Ledger Live, the update will be expected to be "forced".
Of course, for those who use currencies other than Bitcoin, they are exposed to this type of situation, since there are not many alternatives. This I say, that I don't have coins other than Bitcoin, and that's why I don't use Ledger Live.

To anyone that is still using Ledger: I've seen a couple of reports floating on Reddit[1][2][3] regarding users that aren't able to sign transactions unless they update to the latest firmware. Considering that I haven't seen such reports here, I would say whatever happened with these users has nothing to do with forced updates?

Note: Eventually you'll have to update your device if you want to use the Ethereum app that Ledger provides[4][5]. I assume that this applies to most apps provided by them.

---

[1]https://safereddit.com/r/ledgerwallet/comments/13scmf3/why_am_i_still_getting_prompted_to_install_the/
[2]https://safereddit.com/r/ledgerwallet/comments/13ruuph/so_i_was_forced_to_download_the_firmware_update/
[3]https://safereddit.com/r/ledgerwallet/comments/13sh8m0/allow_signing_without_firmware_update/
[4]https://nitter.it/play_Bloomverse/status/1660880957266853889
[5]https://nitter.it/2Cold_XRPL/status/1659757684617515009

They have said that first your seed phrase is encrypted, and then that encrypted seed phrase is split in to a 2-of-3 Shamir's scheme, with one share given to each of those companies. They have not however, as far as I am aware, said anything about how your seed phrase is actually encrypted, what encryption algorithms are being used, how the encryption key is generated, or who stores it.

If two of the three companies return their shares to your new Ledger and you combine them, then all you can do is recover your encrypted seed phrase. Without the decryption key, you cannot restore your wallet. Where does the decryption key come from? Who is providing it? We simply do not know.

That's why I find highly interesting to see if Pmalek is able to get a more recent feedback from him. To see the only argument from his opinion being shattered by how Ledger Recover works in a new device surely has to change his mind on the subject...

Do note that Ledger Nano S will also eventually get this service as well[1] according to Ledger Customer Success agents.

---

[1]https://safereddit.com/r/ledgerwallet/comments/13scxdo/comment/jlp5t5b/?context=3