Topic: Ledger Recovery - Send your (encrypted) recovery phrase to 3rd parties entities - page 19. (Read 4624 times)

Right. But approve what?
Does the person have to repeat the passphrase in order to be registered in this "recovery program"? Or is it just a mere question, which person answers "yes"?

According to their statement

I still haven't been able to figure out one aspect (and maybe no one has figured it out yet):
Is the key automatically collected by Ledger for the person paying for this service, or does the user need to provide the key?

I've seen some reports of users on Reddit and Twitter that actually stand besides Ledger in saying that their keys are still safe if they don't opt-in for this program. This baffles me and I can't honestly understand what's the reasoning for such actions. Not only did they lied, as per the information shared by o_e_l_e_o, but they are gaslighting their audience in saying that their keys a copy of their keys ( ) are only shareable if the user decides to which totally goes against the concept of all their products. And they keep saying this over[1], and over[2] and over[3] again[4], which is ridiculous. They never answer the real question - Why is this feature even possible to be activated by either party?

And here's another article where Ledger tries to make sense of this service[5] where, once again, they explain that the original Ledger device isn't needed to "unlock" the original recovery phrase, which is mind-blowing :

---

[1]https://nitter.it/Ledger_Support/status/1658905804307669008
[2]https://nitter.it/Ledger_Support/status/1658908657482973184
[3]https://nitter.it/Ledger_Support/status/1658905447783440401
[4]https://nitter.it/Ledger_Support/status/1658902661360492553
[5]https://support.ledger.com/hc/en-us/articles/11022833583261

Honestly, more and more I have the feeling that there was a big miscommunication about how everything was going to work and the sentence still cannot be removed. But, the problem is already done and they will hardly be able to go back.

Once doubts are generated at this level, it will be difficult for anyone to go back to believing that portfolios do not have a back door - especially those that are updated in the future.

According to ANSSI  their devices where always vulnerable  in this respect:



The question remains whether their Secure Channel is able to countermeasure that vulnerability



Regardless, two days ago I have moved the whole of my stash to Passport 2.

 

This sounds good on paper, and is apparently supposed to calm down the voices screaming everything is closed-source, but the type of code means nothing in this scenario. The problem is not that we can inspect the code to see that the seed will be divided into 3 parts, encrypted, and then shared with 3 different custodians. The problem is that there is a way for them to do that, and it's a huge security risk combined with a privacy risk since they also require KYC.

They claim Ledger Recover will be open-source and you can verify the code. So what? What prevents them or anyone else to still get access to the shards by working with those custodians behind everyone's back. Not to mention that a serious hack could result in shards landing in the wrong hands.

That statement is still true today. The keys can't leave the secure element unless you pay $9.99 a month for the pleasure of sharing your keys. It's not a time to joke around, but this is as silly as it gets.

An update is irrelevant. As I explained earlier in this thread and in the tweet just above, the whole point of Ledger's Secure Element was that the private keys could never leave the Secure Element. We now know that claim is a lie, and has therefore been a lie since day one. A simple piece of code is all that is required to extract your private keys. All Ledger devices are vulnerable whether or not you opt in to this or update to the latest firmware.

No thanks Ledger. I've got my old nano s and good to see that it's not affected by this unimpressive upgrade of theirs. I'm still trying to absorb all of these questions on my mind while reading the entire thread backreading interesting questions that would do concern everybody's worry on this feature they've just made. I hope that there's a bigger company that would poke them and give them a shake on Ledger's head that this is full of bs update and defeat's the purpose of their own product. Say that even if we've got the old nano s but they can still try to do something and do a force update for its firmware, is that right?

Tweet by Ledger from 6 months ago:


Lol.

At this point I believe the worst thing would be to find out that there is a way to extract the seed from the hard wallet, at least in my opinion.
The fact of making a user enter the seed would only be done according to the user and would not be a design flaw, but a "social" flaw, but for me it's still hard to believe that they actually already have this tool to extract the seed.
The Ledger I own is a nano S, which apparently will not be compatible with this technology, so theoretically I am protected
But I'm afraid of how things might escalate from here on out

Yesterday I saw this tweet:

Source

The user claims that Ledger reportedly wrote a tweet saying that Ledger would create another backup phrase, and that no one would have access to seed, but that tweet was deleted.

Well. This is something I would have never expected a hardware wallet provider to come up with...
I am not that much into conspiracy theories but this is rather very fitting to the concept of inteligency agencies of being able to move, freeze or seize people's money if they find any "reasonable" excuse to do so.

It is very likely the encryption process of the seed means nothing, there must be some master key so the seed is read and recovered for God knows who.

The fact Ledger is the biggest provider of HW devices in the market only makes this to feel worse. Time to go to the isolated PC and paper. I guess.

It's anyone's guess since part of their code is closed source, but it might very well be that this backdoor can't be integrated into the Nano Ledger S for whatever reason -- why else would they want to miss out on that sweet sweet subscription money? On the other hand they might also just want to entice people to upgrade to their latest hardware wallets, because obviously everyone (and their moms, as we have learned) wants this feature.

Either way, at that point the 2.2.1 update is the vulnerability. If you can live without the GUI features even outdated hardware wallets can stay secure for a very long time (with few exceptions that involve physical access).

I'm not a technical fan, but is this thought true?
If the Nano S can "dodge" the 2.2.1 update. then it may be able to dodge another update later, then it will eventually be devices with outdated systems that are increasingly vulnerable while at any later higher update it won't exclude all the new features of 2.2.1.

Looks like Vitalik Buterin has been employed by Ledger SAS.


It is true. Nano s will stay immune. Only X and s+  as well as Stax will suffer


I have did it two days ago. Moved my stash into Foundation Passport 2.

That's probably it.
The first step now is to avoid updating at all costs, and then, for those who don't feel comfortable with their wallet, change their money to another one.

We are also discussing the Ledger issue in the German board and found a tweet claiming that the Nano Ledger S may not be affected because the device is too old for the the current Ledger Recover firmware update?

Regardless of the fact that you should still look for another hardware wallet company, can anyone with a more technical background comment on whether this information is correct?



Source: https://twitter.com/0xQuit/status/1658596830350036992

In fact, it turns out that Ledger first slipped its customers a new firmware version with this damned recovery function and only then announced this function. I don't believe that there was a mistake and the company (in which can’t even sneeze without the consent of the management) mixed up the date of the announcement of such a high-profile feature. Was this done on purpose so that as many users as possible upgraded to version 2.2.1?

Ledger's management are brilliant businessmen: you get verified with KYC and still pay money for it. Simple, ingenious.

Closed source, KYC, dubious collaborations. All this together forms a big alarm signal.


It's funny to hear calls to believe from a Ledger when they have already seriously screwed up with the personal data of their customers 2 times in the not so distant past. Moreover, both times they got off lightly without incurring any material losses, not to mention reputational ones. But it should have. And after this set-up with the so-called recovery function, Ledger will not lose its position in the eyes of ordinary users who don't really ask themselves where this company is slipping? I think no. Moreover, line up of their clients who are ready to pay those $10/month for a KYC.

Faith has no place in financial matters. Here there is only openness, reliability and security.


The coming catastrophe may turn out to be something else. Having a user ID thanks to the KYC for $10\month, having the entire history of transactions and wallets thanks to the data received through the Ledger Live, all users of this devices are at a glance. And if pass this information on to governments, which seems quite possible, if measured by the dynamics of changes in the actions of this company, it becomes not fun at all.

The most hypocritical thing is that the Ledger presents all the crap to its users under a plausible pretext, supposedly taking care of the safety of their funds.

"The road to hell is paved with good intentions".

It is precisely along this road that the Ledger has been slide down more and more lately.

Honestly, you put me at ease a little.

Although, just recently we thought about ordering a batch of customized Ledgers for our employees and for raffles, but now we are very skeptical.