Topic: Ledger Recovery - Send your (encrypted) recovery phrase to 3rd parties entities - page 5. (Read 4624 times)

It's impossible to use ledger wallet without ever using ledger crap app.
First you need this crap app to install and update device firmware, so you need to install and use it minimum one time or more.
There is no way around to generate new ledger account with electrum or any other third party wallet if you have new ledger device.

Someone has to be crazy or ignorant to pay for this crap $110 to $120 per year, just to have false sense of security.

They need to have physical access your device first, than anything is possible.
If they can't extract it, maybe they can sign up for Recover instead of owner  

My ledger is from before this firmware update. Furthermore, the service was never active. Now, the observation is valid, and therefore requires the person to be very attentive to how they use things - like not walking around with the Ledger in their pocket.

I am not afraid of Ledger stealing the keys.

I am afraid that in case the government will issue different laws against crypto, then our devices will be locked and the keys will be in the governement hands to be returned to us or not.

It would be a perfect case to control everyone's crypto, to verify how much anybody has in order to pay taxes, etc.

So i dont think it will be used to steal it from us, only to control.

So yes, DO NOT use Ledger.

How safe is that against a thief who steals your Ledger and uses "Recover" to extract your seed phrase from the "secure" element?

i also read about the 'recover start' yesterday. what i find even more outrageous is that Ledger charges the user €10 for this service (after the first month is free) from the second month on.
will advise everyone in my circle of acquaintances and also here in the form against this service!

If Ledger's key extraction firmware is on your device, you have no way of knowing what that firmware can do when you turn the device on.  For all you know, Ledger already has access to your keys.  Maybe the companies they're working with too.  Ledger says your device needs you to press the buttons to confirm any actions, but they admit can't prove it, because their code is closed.

If you only have a few hundred bucks worth of Bitcoin on your Ledger and you wouldn't be too angry if it gets stolen, then yeah, stick with Ledger.  But then again, if that's the case, why bother with the Ledger at all?  Go with a software wallet instead.

But if you own enough Bitcoin that you'd be upset if it gets stolen, why are you trusting a company that lies to their customers and lowers the security of your device after you bought it?

Ledger told you this, for years:


Then they wrote key extraction firmware and put it on users' devices.

They even kept repeating that lie as recently as May 2023 even after spending months if not years working on adding a key extraction scheme to their hardware wallets.

"Your keys are always stored on your device and never leave it."

...uhm, how does Ledger Recover work?

Your keys are extracted from your device over the internet.  They say only if you authorize it, but they can't prove that to be true.

I think it's funny how people stick with companies because they feel a tribal sense of commitment.  Look at all of the examples of companies, especially in crypto, where we saw signs of danger, but some people stayed and went down with the ship.  Voyager is one of my favorite examples, but there are so many others.  I got out as soon as I had doubts.  Others stuck around and lost most of what they had.  It's easy to say "Oh, come on.  Ledger is different."  Nope.  Ledger has been lying to their customers while making customers devices less secure.  It doesn't take a genius to see problems there.

Sure, it's annoying having to buy another hardware wallet, make a new seed, and move your coins.  But owning Bitcoin means being your own bank.  It's up to you to keep your coins safe.

I bailed on Ledger.  I feel foolish for having trusted them in the first place, but I didn't double down on my mistake.  I admitted it and moved on.

What I say is simple: do not have Ledger Wallet installed on your PC; use Electrum or another wallet to access Ledger; and never do this type of configuration.
This is clear for anyone who wants to continue using their HW Ledger.

At least that's what I do with my wallet Ledger.

It's even worse than that.  In fact, it's much worse.  Ledger's KYC will connect your coins to your identity and personal information, and it will be held by multiple companies.  If it gets hacked, anyone who uses it is more screwed than screwed.  Thieves be able to steal your coins, but that's only the beginning.  If they have reason to believe you have more coins hidden behind a passphrase, they've got your name and home address.  Knock knock.  "Who's at the door?"  You won't know them, but they'll know you.

This whole Ledger Recover thing is so poorly thought-through, but Ledger doesn't care because, to them, it's just a grift.

Ledger just launched and started ledger Recover, that is provided by Coincover,and I urge everyone NOT to use this crap!
If you sign up for this you basically agree that your coins can be seized willingly or unwillingly, because ledger partners all have to comply with governments.
Additional danger is sending your personal ID and ledger is well known as leaker wallet.
https: //www.ledger.com/recover/

I can't say to feel any sorrow for such a Reddit moderator moron like BTChip was. I remember too well his stupid contributions to discussions on Reddit when people complained that Ledger doesn't properly and reliably publish cryptographic hashes of new versions of Ledger Live. Why would people want to check if their download of Ledger Live is genuine? (Sarcasm)

If such "high level guys" at Ledger don't even understand very basic and necessary verification steps for software, then sanity of the management team of Ledger isn't at its necessary level, if not worse.

Just go down the drain, Ledger, I don't cry a single tear. Let's see how bad it can go with the remaining moron overlord Pascal Gauthier. When he spins freely, I think I'll have to stock up my popcorn supply.

Shitcoin hardware wallet is falling down, falling down...  
I wonder if this co-founder Nicolas Bacca is one of the reddit moderators with nickname BTChip that banned and silenced a bunch of people a while ago.

EDIT:
Yeah he is!
This guy was a real poison for ledger reddit community.

Yes, its not a good sign like you said, but when you have this kind of massive blows, no matter if its a company or a state, you allways needs to have a fuse, and this kind of move its that, a fuse making his job, so to the outside everyone can see some change (not really).

Still sad to see the founders went out. I hope if they made all with good intentions at least they walk away with some good money.

All those who left and those who are now leaving are irrelevant, it is known who pulls the main strings in the company and who invented a new service that once again put the company in an uncomfortable position. This is nothing new in the business world, when the CEO does something stupid, then he shifts the responsibility to those below him for what they say is the "welfare of the company".

---

He calls his stupid decision an "unintentional communication mistake", which means that he is actually saying that they were not capable of presenting a bad business move (from the perspective of anyone who knows what kind of risk we are talking about) as something revolutionary that will allow their mothers and grandmothers to use cryptocurrencies on "safe way".

It's really not a good sign when all the founders of a company decide to leave the company, when apparently it is not having any problems.

Are there any other founders left at this point? Or have they all left?

Nicolas Bacca cio and co-founder of Ledger, will leave the company following the recent recover scandal. he follows former ceo and co-founder Eric Larchevêque, who stepped down in 2019.
ceo Pascal Gauthier blamed an 'unintentional communication mistake' for the Recover melee, but also stressed the importance of key recovery for users who feel overwhelmed by key management.

https://en.thebigwhale.io/article-en/EXCLUSIVE-Nicolas-Bacca-leaves-Ledger
https://cryptomode.com/co-founder-nicolas-bacca-to-exit-ledger-amidst-recover-feature-controversy/

Haven't updated ledger live in a while.  Still using version 2.57 and current version is now 2.66. 


Am using a nano ledger s plus.


Any issue doing the ledger live update directly from the ledger live app on the top right though?  Reason is because it's been a long time since I did an update so would it not work and it require me to do update directly from ledger site?  Also, does the ledger live update do the ledger recovery?  Do you need to not allow it or what happens here?

I would prefer not to trust any device not purchased from an official manufacturer at all. Even if the betnomi had not done an exit scam, I would have thought 10 times before using such a wallet to store major cryptocurrencies. Why create unnecessary risks for yourself? I admit the possibility that on hardware wallets received at various raffles and other contests (that is, not purchased directly from the manufacturer) you can store only a small amount of money, which is not a pity to lose.

I don’t know about throwing out betnomi's ledger, but you definitely shouldn’t trust 100%. You can 100% trust only those devices that were purchased directly by you directly from the manufacturer, preferably without intermediary stores.

It would be interesting if the Betnomi scammers were able to find some experienced blackhat willing to do that for them, but in reality I can't consider that possibility to be an accurate one unless they've spent too long organizing and shipping the hardware wallets from the giveaway (so unfortunately I think it might be credible... in any case just throw it out and don't trust hardware wallets from giveaways).

I feel the answer is becoming repeated. I already answered it many times but anyway here it is again. It's completely possible to hire an embedded programmer and change the functionality of any device. Leger is close source, you as an end user can not verify anything if anyone do any trick.

I totally did, thank you for alerting me (I've edited my previous post). Regarding the linked [5] source, Ledger has placed within that folder recover's scripts (within the last month). I don't know why they particularly chose to place them in their discontinued product however.