Topic: Ledger's laying off employees. Thoughts? (Read 787 times)

So they're finally honest about leaking all seed phrases to the internet :O

I have been looking at SeedSigner the last couple of days, and must admit I like what I see. I will most probably get a fully assembled device to move part of my stash onto it. It's affordable even if it is no longer valid to say you can get all the parts for under $50. I don't know how much the assembled SeedSigner used to cost in the past, but it's now $90-$100, depending on the colour of the case and extra accessories. Still, it's worth the money.

They have been doing that for some time. I remember seeing the same thing a few months ago.

I can guess they already got rid of everyone in marketing:

Got this yesterday, Oct 17, 2023:


But, one has to appreciate the honesty, right ?!

In case the picture is too small, the way they arranged the words it reads like:

Without automated payments, many people will forget to pay, and find out they don't have car insurance when they need it.

Touché!

Perhaps one of the benefits of bitcoin in this situation (beside the obvious self custody and actual ownership of your own property) is that there is no simple way to set up automatic recurring payments.

The problem many people run in to is recurring payments and subscriptions just being taken from their bank accounts without them thinking about them. Steaming services, music services, gym memberships, food delivery services, Amazon Prime, phone contracts, internet contracts, the list is endless. You even hear stories of people paying for insurance contracts for vehicles they no longer own and other such nonsense. If people had to actually open their bitcoin wallet and manually sign these transactions every month, you can guarantee that they would all have far fewer users as well as putting an end to endlessly billing inactive users.

Isn't it interesting that Ledger Recover can only be paid for using automatic fiat methods and not with bitcoin?

I've seen them, but never tried. If I have to go DYI, I can just as well sign offline. Most people want something convenient.

The timeline has many good things, but somehow corporate interests dictate almost everything nowadays. Isn't that one of the major flaws in capitalism: money gets more and more concentrated, until there's nothing left for most people and a few own everything?

We can never put a hard figure on it, but you only have to look at the general feeling on here, Reddit, Twitter, etc., to see that large parts of the community are absolutely boycotting Ledger, and also (and perhaps more importantly in the long run) recommending to avoid Ledger to new users.

For actual fuck sake. I was going to post in reply to TSC's comment how it won't be long until you actually have to pay extra just to drive your car at full speed, but I see we are already there. We really do live in the worst timeline.

How long until we get FOSS car firmware which bypasses all this nonsense? There's going to be a great market for second hand "dumb" cars in the future.

You'll own nothing and be happy.

The good news is, there are some amazing Bitcoin hardware wallets that are actually FREE and open source.  SeedSigner and Krux, for example.  Granted, you have to buy the hardware, but the hardware is off the shelf stuff which isn't crypto related, so you won't end up on a leaked address list (Eff you, Ledger!).

I REALLY like Krux.  Krux is firmware that runs on K210 devices like the M5StickV and Maix Amigo, converting them into airgapped devices that can sign transactions for multisignature and single-key wallets.

Krux on a Maix Amigo is incredible, for many reasons.  One: The Amigo is cheap but has a large touchscreen, so you see everything, including full addresses, upubs/zpubs, etc, which makes it easy to confirm everything to be exactly right.  But my favorite feature of Krux is that it's airgapped, and it can use encrypted QRs, which means you don't have to worry that somebody might find your SeedQR since it's encrypted.

Krux is a fantastic open source project.  I'm not affiliated with it in any way.  I just friggin' love it.  Krux & BlueWallet are currently my favorite combo.

Don't forget the "extra power if you pay $60 or $90 per month" and "extra range if you pay extra" (I can't find back the link) features

People said the same thing when Microsoft started selling software subscriptions, now they're all using it. I think it started with anti-virus-subscriptions, then got worse. Streaming services got people used to paying instead of owning movies too. We're moving more and more towards a future without ownership and monthly payments for everything you use. That's not something I like. We now have (electric) bicycles and mopeds, paid by the minute. Car sharing paid by the hour. I live in a cycling country, and more and more people rent one. It's a strongly growing industry at the moment.
How did we get here from wallets? Basically, we went from very cheap "paper wallets" in any possible form to very convenient "hardware wallets" to skip the trouble of manual offline signing, to a monthly subscription model. That reminds me of stock brokers, where you pay them an annual fee to keep your funds. I do indeed hope people vote with their wallet!

You have got to be shitting me.  Years ago when my life didn't suck I had a car with heated seats, and though I didn't really care for them (it was a used car, so I just bought it with whatever options it had) I never would have guessed that any car manufacturer would use the "subscription" model for their automobile options.  

I swear to god I hope people see through this chicanery and vote against it with their dollars, because that's the only way greedy corporations will get the message--and if not, it's just going to be another way consumers are going to get their pockets picked.  And Leo, I appreciate you sharing that chilling tidbit.  It makes me hate the world we live in just a little bit more, but I need to know these things.

Do we know for a fact that X number of people are in fact boycotting Ledger products?  Ledger doesn't have to report their financials, and the Recover shitstorm wasn't too long ago and I haven't heard anything about their sales tanking aside from what's implied from the layoffs.  I can't imagine they've gained many new customers, but I'm curious as to what the real state of the company is.

I am familiar with their plans about launching Ledger Recover, however, you didn't specify in your previous reply that your post is about what could happen once that service goes live.

It's hard to comment on something we still aren't 100% sure how it will work following the PR nightmare Ledger themselves created. Before I say anything else, let me state that the feature is an absolute no-go, and I have said that in the thread where we discussed Ledger Recover. Now, from what I understood reading about Ledger Recover in the past, the seed is divided into 3 shards and no party has ownership of any two shards. But one of the companies receiving one of the shards is directly linked to Ledger in some capacity.   

That's a valid concern. These companies are required to cooperate with law enforcement and they will surely assist if a criminal's funds need to be seized. Another example that Ledger doesn't have their users best interest at heart.   

I don't know who is 'you' in this context. You as in Ledger or you as in all the parties holding a shard. Neither of the two is an acceptable option for me. But like I said, we must wait until we know all the bits of the service that should have never happened.

Unfortunately, this is true and the world is turning into a place where any different (critical) thinking is taken as something negative. Even that famous CEO Pascal says that everyone who speaks negatively about the Recover service is actually doing nothing but spreading FUD.


Or maybe they've already made so much money that they don't care how the whole thing ends - and if the company fails in the future, they'll blame the people who didn't understand their genius. Your calculation definitely makes sense, and considering that the average user will most likely pay $9.99 a month to feel safe, Ledger would still be able to continue doing business.


In some countries, they enabled profile sharing with the condition that you pay extra for that option - in some other countries, they went in the other direction and even reduced package prices, but did not enable profile sharing even with an additional fee. Allegedly, the results of the new business strategy are more than good, and another streaming service has announced that it will introduce the same measure from the beginning of next year (D+).

Because if you don't, you don't get to use all its features.

You want to use your heated seats you already paid for? $18 a month please: https://www.theverge.com/2022/7/12/23204950/bmw-subscriptions-microtransactions-heated-seats-feature

Or maybe you want the cameras on your car which you already paid for to actually record things? $19 a month. Or maybe you want to use the remote engine start which you already paid for? $30 a month!
https://www.bmw.co.nz/en/shop/ls/cp/connected-drive

This is the future of everything, because 99% of the population are morons who just accept this.

They will have ran some numbers and decided they will make more money from this subscription service than they will lose from people no longer buying their devices. It doesn't take much. Even if someone only buys Ledger products, then they will maybe spend $100-200 with Ledger every 5 years? With Ledger Recover they would spend $600 in the same 5 years. Gaining one Ledger Recover customer makes up for losing several normal customers. Just like Netflix banning password sharing. They will have decided they will make more money from people signing up for their own plans than they will lose from people cancelling or downgrading their plans.

But perhaps Ledger got their numbers wrong, which is why they now have to fire a bunch of their employees.

Excuse me - why the hell do you need to buy a subscription for a $30,000 car, that is most likely already being paid for in installments with its own contract?


Jeez.  

But in the case of hardware wallets specifically, what else were they expecting? This was the kind of reaction they were going to get from any kind of subscription plan.

It won't matter, the damage was done the moment they confirmed it's possible to extract the seed from the hardware wallet and send it through the internet.
They just couldn't be happy with customers buying their product, they just had to go down the route of "subscriptions". Just like more and more car manufacturers are doing now, just like software manufacturers are doing, and just like phone providers have been doing for decades. It used to be: "If you're not paying for a product, you are the product". Now, even if you buy a product and pay for it, you're still the product and they still want more money from you.

You know what the crazy thing about all this is? Ledger doesn't want to admit that they were wrong, and kill the Recover service. Then they wouldn't be where they are today.

I guess sales must have hit them really hard with all this boycotting of Ledger Nano devices, because that's the only way I see their pockets taking a hit from that whole debacle.

I'm not naive.  I've been saying that exact same thing since the day Ledger Recover became known.  And I immediately felt foolish for ever having trusted Ledger in the first place.

Anyone who says what Ledger's hardware can or cannot do is either assuming or lying, and honestly I'm not sure which is worse.

No one can honestly say what Ledger hardware can or can't do, since Ledger's code is not open.  If somebody says "You have to confirm any actions by pressing buttons on the hardware" ask them if they're the author of Ledger's code, because if they're not, they have no way of knowing if what they said is actually true.

Assuming a device works the way the manufacturer says it does is dangerous.  If the code isn't open, the device can't be trusted.

Ledger cannot be trusted.  It's up to us to explain why, because noobs can't be expected to know better.  It's up to us to teach them.

EDITED to add, for crystal-clarity: I believe Ledger has been dirty for years and I regret ever buying one.  I've moved my coins from a seed that was used with Ledger hardware to a new seed.  I will never trust that company again.  I can't think of anything Ledger could do to ever regain my trust.  They're dirty, and my coins matter to much to me to ever trust them to Ledger hardware again.

Don't be naive, the fact that they only recently announced that they will enable such an option, does not mean that this option did not exist in the past - and considering that their devices are not completely open source, no one could know if it was possible to extract the seed from the device. Their CEO confirmed that everything is based on trust, that is, that the whole thing is whether we believe that the company will not do something bad, regardless of whether there is (or not) the possibility that some feature will be misused in some way by someone who will get access to their systems.

I would not agree that @Pmalek is not familiar with the recover option, because all those links you posted have long been in the topic : Ledger Recovery - Send your (encrypted) recovery phrase to 3rd parties entities

I am aware of all the advantages of Passport's open-source firmware. However, even though it is entirely open source, there is still a possibility of intentionally embedded backdoors.Furthemore, being with backdoor, it can be verified against multiple Passport keys before installation. As I mentioned earlier, I prefer not to place all my trust in any manufacturer, regardless of their reputation.



Using an airgapped computer as one of the cosigners for multisig is not a bad approach, especially if you are always at your desk in your home. However, it may not be optimal in certain cases, such as during emergency situations when you need to carry an emergency bag. In such situations, I would opt for lightweight and compact devices instead of a bulky and heavy airgapped machine.

Thus, airgapped computer is not universal approach.

That's because Ledger didn't have them.  Once they launch their Ledger Recover service, they will.  They and the companies they're partnering with will have the keys AND the KYC needed to recover the keys.


Again, Ledger Recover didn't exist back then.  Ledger Recover is a new service which extracts keys from users' hardware wallets and includes the user's personal information (KYC).

I'm guessing you're not familiar with Ledger Recover, so here are some links you might want to check out:

Youtube interview with Ledger CEO Pascal Gauthier:
https://www.youtube.com/watch?v=M3VjQUcyZSY



I still can't believe Ledger's CEO said that about one of his own company's products.

Ledger's key extraction includes other companies.  What happens if those companies want to give up your keys?  Here's what Ledger's CEO says:


Yikes.


Here's the part about a hacker being able to connect the coins to a user's personal information (their KYC data):

That is a possibility. However, the data leaks we saw from Ledger and other companies never included any addresses or xpubs. The amount of coins never leaked anywhere which means those who still have those databases can't know who owns what. But since their names are on a list of hardware wallet users, it's reasonable to assume they have coins whose keys they believe are worth protecting with such devices. 

Wasn't there talk about hardware wallets not always being the best choice in multisig systems? I think I have heard both Ledger and Trezor being mentioned as problematic. Or perhaps I am thinking of a specific multisig use case and not all of them

This would require you to install said fake firmware first. Given Passport's firmware is entirely open source, and can be download and verified against multiple Passport keys prior to being installed, then the chance of this is extremely low. And even if you did install the fake firmware, you would still have to make further mistakes to transfer private keys or other sensitive information off the device and on to your computer.

That's certainly a very good option, but if I was doing this I would prefer to use a multi-sig between a Passport and an airgapped computer, rather than two different hardware wallets.

Completely agree. If the seed phrase from one of my hardware wallets leaked, I would lose absolutely nothing. Every coin I own is further protected by either a multi-sig or an additional passphrase, and so I would casually move everything to fresh wallet and have no ongoing concerns. If on the other hand my KYC data leaked (which obviously it never would, since I've never given it away) I would consider that a complete disaster with lifelong implications.

So far (as far as I know) no HW company has been part of a scandal that involved seed being compromised in a way that could be hacked remotely/online, but Ledger will go down in history as the first company to allow hackers that possibility. Although I generally agree that leaking seeds/private keys is a complete disaster financially, sometimes leaking data that includes the physical addresses of HW customers can have even more serious consequences, because apart from what you have stored on HW, you can endanger the life of yourself and your family.

---

I wonder how likely it is that something like that would happen and do you think that someone from that company or some hacker would do it? However, I think that the majority of people who buy such HW are not so naive as to fall for such a trick.


For those extra paranoid, maybe even that wouldn't be enough, but it's certainly better than the option of completely trusting only one manufacturer.

This is true  until fake and/or back-door firmware will not modify the data immunity inside Passport device otherwise they have the option to leave this wallet despite it is airgapped device. I would not put all trust on a single manufacturer. In my view the best setup for your stash is a multisig wallet with at least two airgapped co-signers, say Passport and ColdCard MK4 (or coming ColdCard Q1).

It's even worse than that.  The thief would get your coins AND your personal info, because Ledger's system connects your KYC directly to your coins.  So, if the thief has reason to suspect that you have even more coins hidden behind a passphrase, he knows who you are and where to find you, all thanks to Ledger.

Each individual must decide what the biggest possible threat is: database leaks from centralized entities or supply chain attacks that increase more and more if you add new people to the chain that come in contact with the device. Judging by how many hacks and leaks we have had (not just crypto related), I personally think the former is more likely to happen than the latter. But the other element of the story is privacy vs security. A security leak is more dangerous than a privacy leak. I mean, leaking names, emails, and addresses is bad, but leaking seeds or private keys and having your device manipulated equals the loss of coins.

That's possible, yes. One more option that works for us in the Balkans is that we usually have friends and family all over the world who could be the recipients of physical goods. If you explain to them the threat model and privacy implications and they don't mind, it's also doable. But that involves putting them in the line of fire which is far from ideal. 

The price is really around that amount (even a little more) with the addition that the costs of sending the package should be added to the total price. However, I don't think that amount should be an obstacle for anyone who has any amount of BTC that they feel is of great value to them. For some it may be 1 BTC, for others it may be half as much, but considering the security provided by the device, it is a small price to pay.

Of course, when we buy things like this online, we should always keep in mind what happened with the Ledger database, and avoid such a situation in the future. This means either buying the device directly in a physical store and paying in cash, or using a PO box.

There is another option, and that is if you have someone who travels to the US to buy you that device, you save some money and don't have to worry about possible data leaks and privacy threats.

I know that it works with Sparrow, Blue Wallet, and some other less-known bitcoin-wallet. I think you are right about the Electrum.
Yeah, the seed has to be generated on the Seedsigner. For example, with dice rolls. There is another option to do it using images you take with the device's camera, but I am not sure how this works exactly. I am sure it's not difficult to learn if it comes to that.

Me too 


From what I've seen on websites, yes. Just afaik there's more to read about SeedSigner, for example I think that it doesn't work with Electrum (it may do with Sparrow) and you have to generate the seed separately yourself.

It's quite an expensive device to get in Europe despite their price reduction. I think you are still looking at around €250 if you buy it from an official reseller. But yeah, Passport definitely deserves one of the top spots now. Something draws me to the Seedsigner as well. But I don't like the DYI nature of it. Can these devices be bought fully assembled?   

I have no intention of moving my short list of alts that I need from my Ledger. Without going into too many details of what I have there, why move something that is centralized in nature and freezable regardless of where it is!? My Ledger-Trezor combo will work fine for that. One part of my BTC will be going elsewhere, though.

Actually I had a situation last summer, I had only the phone with me abroad and I needed to use my Ledger on a let's say unexpected setup and after trying the two Android wallets that I knew they support Ledger HW and they both gave error, I had no other choice than to use LL. Maybe I'll recheck the steps of what I've done and I'll write it detailed some day.
The point is that LL can be needed in other cases too, as wallet, and in the light of that seed recovery crap, ... it's somewhat unsettling.


I strongly agree with both statements from here 

Then stick to permanently airgapped hardware wallets such as Passport, and your data can't leave the device at all.

If you are a Ledger user, you can't stay away from Ledger Live entirely. You have to set up your wallet when you first get it. You have to install the crypto apps from the Account Manager and upgrade the firmware, which also requires installing a certain version of the Ledger Live. After that, you can avoid using the LL, unless it's time for another round of upgrades.

But yeah, connecting to Ledger servers is a privacy leak. They will surely know your IP address and your balance. But it's an equal privacy leak to connect to someone else's Electrum server except yours. The only difference is that there isn't a company like Ledger receiving this information (publicly known at least), it's the subject running the Electrum server. Take note, though, that anyone can be behind those servers including chain analysis or government agencies. Nothing stops them from owning nodes the same way you can.

You are missing something far worse that doesn't concern only Ledger. All hardware wallet manufacturers have lied to their customers that sensitive data can't leave the secure element. Ledger was just stupid/smart enough to tell the public about it. That's the worrying part. 

In fact the laying off employees from company that makes hardware wallets with  the hidden room ( which can be known  to some of those employees)   to access  users' SEED is a dangerous bearing. What  if  those who have been fired would like to take out on Ledger  for their  kick off and put company in the line of fire by using that hidden room? End result is quite possible, why not.

That your coins are still in your wallet is Ledger's omission rather than  your credit .  

That would be a very honest thing for a restaurateur to say--and every one of them should say that if they haven't explicitly done tests for poisons.  Even if they said they did, there are a lot of poisons that standard tests wouldn't pick up on.  Personally if I got that answer from our theoretical restaurant owner, I'd still feel comfortable eating at his establishment.

But when it comes to everything Ledger has said and the risk you're comparing to being poisoned at a restaurant....I'm not reassured in the least by anything they've said after they announced the Recover thing, and I just don't understand all of the support they're still getting in their subreddit.  Some of those people have to realize the gravity of Ledger being able to get access to their customers' private keys at will. 

Still have my fingers crossed that their company goes down in a bright, flaming ball of wreckage and is never to be seen again.

This.

Why would anyone risk their coins by sticking with Ledger?  Even Ledger says they can't prove their code is safe.


Could you imagine if the owner of a restaurant said "Our recipes don't contain poison, but I obviously can't prove it"?

The good thing about this whole Ledger debacle is that they taught you why open source code is so important.

Code that can't be verified can't be trusted.  Wallets with code that can't be verified shouldn't be used.  Period.

This option will only work if, in the process of bankruptcy or disappearance, none of the former employees of ledger wants to take away before leaving “what belongs to him by right of having worked so hard for this company for so many years”, after looking into your wallet. Of course, if ledger contains any backdoor or loophole in its closed source code.

Why take unnecessary risk when there are so many hardware wallet devices on the market to which you can transfer your coins at the earliest opportunity.

The guarantee will only be available if you completely switch to a device from another manufacturer. For example, Trezor announced its new device with a new protective element - Trezor Safe 3 New Hardware Wallet .

In that case, let's start a bit easier: create a new Electrum wallet. Then go through the "workflow" to reproduce the addresses air-gapped from seed using Ian Coleman's site. No need to fund this wallet, so no risk of messing up, but it will be a good exercise.

To think about: How are you going to verify restoring the seed for that new address before funding it?

It's likely due to a decrease in demand. As per @Yamane_Keto's post, Ledger sold over 6.5 million Ledger Nano devices, raking in at least $650 million by my rough calculations, considering the price range of $79 to $149. That's a substantial number of people securing their assets with Ledger wallets. A quick Google search tells me there are already '460 million Bitcoin wallets' out there, so it's possible that 6.5 million hardware wallets might be close to the maximum for total users. Of course, there's still room for growth if some positive news shakes up the market, as demand is often driven by market conditions.

However, this recent update is significant. They've had to lay off a lot of employees, which is unfortunate but understandable given their situation. It does, however, does not project a better image for the company. I wouldn't be surprised if we hear more news related to their situation if things continue to worsen.

Ok task accepted.

But I’m dead scared by just reading the process itself. Lolz. I think I will have to right down the step by step workflow for this since I am not very much experienced with this stuff.

If I am going to do anything like this then I will first move my coins to other address temporarily off course. Then I will do the dummy run as mentioned above. I don’t want to be victim of things that I don’t know. Even when I am normally using ledger I would triple check the shit.

But thanks for the info, reminds me that I have revise and recall my deed phrases in my photographic memory. 

It does not matter if Ledger go bankrupt or disappear. You can always pair your device with Electrum or Sparrow to access your coins, and as long as you have your seed phrase you can still restore it to another hardware wallet or airgapped device.

The bigger concern is the risk of your seed phrase leaving your device, or indeed, if it has already left your device since the ability for that to happen has been there all along, despite Ledger lying and saying the opposite. Ideally you should purchase another hardware wallet or move to using a permanently airgapped computer. If you don't want to do this then there are a few steps you could take to reduce your risk, but they are not a guarantee by any means, make no difference to what might already have happened in the past, and they will limit how you can use your hardware wallet.

From your worries, it's good to differentiate between two things: "Ledger disappearing", and "Ledger lying about the seed phrase never leaving the hardware wallet". I'd worry about the latter, but that's something for another topic. As for the former: If you're worried about relying on Ledger's servers, you shouldn't have used them in the first place.
I like to test my backups before funding a wallet. So here's a test: get an offline air-gapped system without storage and running from a Linux Live DVD, copy Ian Coleman's site, and see if you can reproduce the private keys and addresses that you have in your Ledger from it's seed. Be careful of course not to do dumb things with your seed, and wipe the system's memory (by turning it off) when you're done. I've done this in the past, and it gives me peace of mind that I can restore my funds without any hardware wallet.

That doesn't seem good to me considering the fact that I am having Ledger bought in late 2018. Since then I have never explored other wallets considering I will have to invest more money in my wallet than I could save up in it. Instead, I am using the same wallet to date. In the past, I even lost it once due to home shifting and careless handling of the same _{(learned lesson already).}

Now is not the time for this company to shit around like that.

Should I be worried about its ongoing operations?

What I read on the website tells me they are also in the process of launching a new feature that can help us restore the ledger if we ever forget seed phrases. They have not explained it in very much detail but it seems they are going to do that based on "Identity verification".

Pretty much fucked up when we call it a decentralized system. However, it's not available for everyone, meaning you have to enroll in the program.

Anyways, if they have an ongoing project, but they are also laying off the employees, what future does it have?

Fact: My ledger is still holding pretty awesome, I turn it on rarely. Sometimes I have to turn it on to check if it's still operational or not. Lolz.

I remember listening to him in one of the damage control live streams Ledger hosted in the days and weeks following the launch of Ledger Recover, and he came across as completely condescending and as if everyone raising issues about Ledger Recover should just be ignored.


Your seed phrase will be extracted and shared with third parties. What's not to like!?

This seems to be a common theme throughout Ledger management now. They are all quite willing to lie to promote their products. For example: https://bitcointalksearch.org/topic/m.62267909. Or when they claimed they were making their code open source, and then invented a new license which isn't open source at all.

That guy was toxic.

If you asked questions on the Ledger sub, he would respond by lying.  And if you quoted him, he'd cry foul and then ban you.

Here's one of my favorite BTchip quotes.  He was asked if there are any backdoors in Ledger's code.  He said:


Note that he removed the reply to his comment.  He then edited his comment and added a disclaimer saying he was quoted out of context.  So, hey BTCIP!  In case you see this, here's the context:

QUESTION: "Is there a backdoor? Yes or No"

BTCHIP: "There's no backdoor and I obviously can't prove it (because it's not possible to prove a negative)"

Noooo...  he can't prove it because Ledger's code isn't open, which means they can't prove anything.  Is their code even safe?  They can't prove it.

Here's another one of my favorite BTchip quotes:


Notice the date on that quote.  May 14th 2023.  How long do you think they'd been working on Ledger Recover by that point?  "Recover" is a huge undertaking that includes Ledger working with other companies (because 3 companies will hold extracted seeds from Ledger wallets).  How long do you think it took to come up with that plan, negotiate deals with the other companies, finalize those contracts with the lawyers from all three companies, not to mention writing and testing the code.

Seriously, how long do you think it took to do all that work?

I guarantee there are signed documents for Recover from long before May 2023.  I bet there are signatures from 2022, not to mention emails, texts and other electronic data.

So, long after Ledger was working on a system for key extraction and recovery over the internet, BTchip was still saying keys never leave Ledger devices.

How is that not fraud?

No surprise here that ledger is laying off their employees, village garage is getting smaller and smaller every day  
Let's not forget they also fired their co-founder aka reddit evil moderator BTChip for doing ''amazing'' work in last few years  

I didn't force anyone to hate ledger, I just presented information from my research, and something was stinking from start.

I always forget that people care so much about shitcoins. When your entire coin can be rug pulled at any time, or when its entire set up is one massive scam or Ponzi, or when its so centralized it can be shutdown at any time or your coins can even be unilaterally frozen or seized from your wallet, or perhaps if you make the "wrong" transaction then the entire chain will be re-orged to remove your transaction, then people worrying about which hardware wallet will support it is completely missing the point in my opinion.

On the other hand, being bitcoin only means a smaller attack surface and less possibilities for vulnerabilities and bugs. Although it is a shame that nothing seems to have come of the Monero fork of the Passport firmware: https://github.com/mjg-foundation/passport2-monero

I agree that Passport is an excellent solution for those who only have BTC, and here Ledger or Trezor have an advantage, considering that they are multicurrency HW, which for some is a crucial thing when buying such devices. As for us in the EU, the price is of course a little higher (about 260 EUR - a little more than $270), and there are really quite a sufficient number of resellers, and for me it's a shame that one from my country stopped selling this HW.

Considering the events of the past, my first option would be to buy HW directly for cash, and the second option would be to use a PO box, I am not even thinking about the third one.

I think such a product already exists in the Foundation Passport.

They relatively recently dropped the price to $199, making it cheaper than both the Ledger Stax and Trezor T. And when you consider it comes with an industrial grade SD card, then it also works out cheaper than the same bundle from ColdCard. Add in that it is entirely airgapped and entirely open source, and it is a very attractive device indeed.

I think the biggest issue for someone like yourself would be the shipping fees and any import taxes you would have to pay, although they do have a number of official resellers: https://foundationdevices.com/resellers/

This is the first time I'm hearing about it, although honestly all the information I get about them comes from this forum - and apparently everyone missed it, or no one considered it something worth mentioning. For those who want to know a little more, there is some information on the official website, but also on some news portals.

---

@o_e_l_e_o, as they say, old habits die hard even when we are aware that we should change them. This is exactly what keeps Ledger still in the competition, regardless of all the scandals they produce. As you say yourself, if someone buys BTC and keeps it in something they consider an online crypto bank (CEX), then I'm sure that Ledger can sell them the story that their new service is actually good, and it's also optional.

I hope that a company (or maybe an existing one) will appear that will offer a product that will be safe, attractive and competitively priced in relation to Ledger HW. It always seemed to me that the Ledger Nano S or X models owe their success to their design, which resembles a regular USB stick, and when I was in doubt between the Nano S and the Trezor, I was somehow more attracted to the design made by Ledger.

Agreed. People continue to use a variety of centralized exchanges despite them selling data, insider trading, seizing coins, etc. People continue to use a variety of closed source software wallets despite them having glaring security flaws and suffering from massive hacks. People continue to use other hardware wallets with poor security or poor privacy. People continue to use lending platforms and other DeFi nonsense despite millions of users losing everything in various scams and bankruptcy. They will continue to use Ledger devices despite significant risks in doing so. Best we can do is warn them not to.

I think this will change. As I said above, Ledger are currently surviving based on their previous good reputation and name recognition, but they have failed to make a single real innovation in the hardware wallet space in years. Their latest product - Stax - is an absolute joke. Newer companies are only behind in marketing because Ledger have been around for a decade.

Dude, that was one of the most helpful posts I've read in a long time--seriously!  As to the financial reports I'm sure you know that since they're a private company (and I assume a small one at that, despite all of that massive funding), they don't have to report anything to anyone aside from their investors and whoever else requires that info.  That doesn't raise a red flag in my mind necessarily, nor does it concern me and wouldn't even if I was using any of their wallets.

In that reddit thread, someone said that they'd had far, far fewer employees not too long ago before they ballooned up to the 500+ mark.  I don't get why a company that makes a few established products would need that many workers, because as far as I can tell (and I could be wrong) they're not doing any extensive R&D or anything of the sort.  I mean that's a lot of employees, no?

The feeling I get is that those layoffs aren't mainly due to the crypto "bear market" which I don't think is an accurate description of how the crypto market is doing unless the present state is only being compared to 2020.  It isn't as though prices are constantly dropping or that enthusiasm for crypto is waning.  The Recover debacle was a huge deal, and I think it caused far more people to not buy Ledger wallets than their subreddit would indicate.  Anyone who understands what Ledger's disclosure about the secure element means and is in any way concerned that one's private keys are not at all private anymore when using a Ledger would look elsewhere for a HW wallet.  

Yeah, I completely get that.  I guess what I'm wondering is why, when I read their subreddit, there are still so many people who appear to be blissfully unconcerned about that.  There was outrage after the Recover announcement and then it kind of switched back to normal discussion--and even during the outrage there were members vehemently defending Ledger.  There might be shills, of course, but I find it hard to believe there are that many in the subreddit.  I also know a lot of people are ignorant or just plain stupid, but the defenders of Ledger didn't seem to fall into either category.  They just seemed to be very trusting with respect to what Ledger has or will do with their customers' private keys and the info they obviously have access to.

I'm very curious to see how this all plays out, because I think Ledger cut its own throat and just hasn't bled out yet.

Yes, 500 employees are really a lot for this type of company. I was expecting their number to be between 50-70 employees. By the way, it's interesting to know what's their net profit, how much they profit from each product. But I think from these 500 employees, many will be contract employees from overseas. They save tons of money this way.

---

If anyone was a little lazy to read the whole article, I picked some good quotes from that.

What a hypocrisy, they have no shame. They ask, if not self-custody then why crypto and at the same time offer Ledger Recover service that makes your device totally controlled by them. That's far from self-custody, it's everything else other than self-custody.

Hypocrisy again on another level. As it seems, Ledger Recover is a necessary service for those who are looking for self-custody device. How is that? I just can't understand. Is there anyone who doesn't laugh when reads this?

Oops, didn't saw a post about tradelink on this forum. Did everyone miss that?

Yes, Ledger Recover was the biggest mistake. Did they really realize that? No, they think that fail is part of the process and positive side (probably of Ledger Recover) will outweigh the negative sides. Ledger CEO remains N1 Dhead again.

I think another reason is that the BTC community (not just on this forum alone) has promoted Ledger (and Trezor too) for a very long time as recommended hardware wallets, i am talking of before the community knew they were lying about wallets secrets never leaving the secure element and a lot of other lies and security flaws from Ledger.

So it is kind of difficult to convince people now that Ledger isn't recommended, especially people who don't know what they are doing and can't do their own research. I've had to answer a couple of questions from newbies who query why Ledger is 'no longer' recommended and i am sure it won't be the last time.

They definitely deserve some kind of punishment from the community that bought their devices, but I sincerely doubt that they will go bankrupt considering that (unfortunately) most of the people who have their hardware wallets or those who are about to buy them do not understand the risks they are exposed to considering that their seed can be shared with Ledger and at least two other companies. As if the hacking of the data of hundreds of thousands of their clients was not enough of a warning that someone in that company is behaving very irresponsibly.

---

We will only see in the coming years how much trust has actually been lost, but the fact is that Ledger is maintained on the surface only for the reason that no other company has adequately responded to the opportunity that appeared on the market. I am not saying that there are no alternatives when it comes to other hardware wallets, but it seems to me that they are still a step or two behind, whether it is marketing or competitiveness when it comes to the price of the product.

---

I think that the number of employees of the company will perhaps be the best indicator of how successful (unsuccessful) the company will be in the future. Bad business results always fall on the backs of ordinary workers.

Yes, of course. As Z-tight points out on the previous page, if you aren't using your Ledger device exclusively via your own node, then someone is spying on you, whether that is Ledger themselves or the owner of whichever third party server you are connecting to.

There is no need for Ledger to keep this data for 5 years though (which is what the Privacy Policy states), nor for them to share it with a bunch of third parties.

To be fair: that kinda comes with relying on a centralized server. The moment you connect to an Electrum server, the server also knows all this information about you.
Of course, they shouldn't be keeping this information after you disconnect, but then they wouldn't have bragging rights of "securing" 20% of all crypto assets.

Because if you use Ledger Live, then Ledger are spying on you.

Here's a quote from their Privacy Policy about what data Ledger Live collects:
But also shows terrible management.

Bitcoin has booms and busts. There are bull markets where hundreds of thousands of people are scrambling to buy hardware wallets for the first time, and bear markets with a tiny fraction of that kind of action. This has been the case since before Ledger existed. To fail to see this coming is just another decision to add to the growing list of terrible decisions made by Ledger management, such as Ledger Stax, Ledger Recover, poor security practices and database leaks, lying to your users for a decade, trying to redefine open source, and so on.

Since the current management took over at Ledger, it's been constantly downhill. They are riding on the coattails and the money of the original management and the devices they created, while making bad decision after bad decision.

I don't know if you know this, but the negative opinion about Ledger's CEO directly concerns their devices, people criticize him and Ledger as a whole for saying for many years that your wallet secrets can't leave the secure element, but it turned out to be a lie. The discussion here is very objective, it isn't about guesses or gossips, it is a fact Ledger lies about stuffs concerning their devices and it is not a recommended hardware wallet to use.

They will eventually and basically Ledger company is a sinking ship and with their actions, I don't think they will ever gonna regain the lost trust. Their story of longevity just proves that they need financial sources to survive as long as they can since they are not making any profits.

I think it is time for them to build something other than hardware wallets like USB Humping Dog

See: Ledger Recovery - Send your (encrypted) recovery phrase to 3rd parties entities.

Of course it is! But the much bigger problem is that Ledger Live can extract the seed from the hardware wallet.

I don't have a ledger and I want to ask is this about ledger update i read about. they offer storing your seed ``securely``? it sounds like huge security hazard that could happen. i agree with you if this is it.

The other side is, was this always part of the plan. A lot of places will hire more people then they need on a regular basis to get things done, work through a surge, whatever. Then get rid of a lot of them. No different then retail stores hiring extra help around the Christmas holidays, or amusement parks having more help though the vacation season. Tie that in with a general slowdown in crypto and they were going to lay off X number of people anyway. But now it's X+Y people. Which is worse, yes. But how much worse?

Either way, their attitude and business practices are terrible anyway. So it could be those issues coming back to haunt them too.
All we have are the press releases and other statements. Not what is 100% the truth.

-Dave

In the winter of 2023, Amazon, Google, Microsoft fired their employees in the tens of thousands, and against their background, the dismissal of ledger 12% of employees (60 people) by the company should look like something terrifying? This is a common occurrence during economic downturns, which, if anyone hasn't noticed, are still ongoing. This would be considered a trifle during a “concrete” crisis.

All discussions on the topic “what do 500 employees in ledger do during working hours while releasing only 3-4 products to the market” will be just speculation. We don't know the internal structure of this company, as well as the distribution of work responsibilities of employees and why there are 500 people on staff and not 50. If the ledger contained such a staff, then it is logical to assume that the company needed it. Why even raise these questions?

And I still don’t know. Why is this gossip here if negative opinions about Ledger's CEO only if it doesn't concern their devices and the users of their products? I am ready to listen to information of this nature if it is related to ledger products (hardware wallets, apps and so on) and related topics.

They deserve bankruptcy! You don't go from "the seed phrase never leaves the device" to "oh yeah it's fine we'll keep your seed for you" without consequences.

I assume that the company (Ledger) sees your IP address only if you use Ledger Live, but I leave it possible that the hardware wallet itself has some hidden communication with the company even if we use another wallet like Electrum. However, we must not forget that when initializing the hardware wallet, we have to connect the device to Ledger Live, and we have to download coins apps or even upgrade the firmware, so I wonder how much sense it makes to hide later.

From everything that I have personally read on this topic, it seems to me that from the beginning the whole thing was actually in trust between the company and us (customers), and now it all came down to Ledger literally saying "yes, we can extract your seed from our devices, but trust us we won't share it around unless you pay us $9.99 every month".

The problem is, of course, that the company thinks that way at all, because most of these so-called "crypto messiahs" think that we are all just idiots who would lose everything we have if it weren't for their companies and their services/devices.

10 years into it and this year they had to get funding once more, because they've yet to find a sustainable business model. This is very common in the tech world. Reddit came to be in 2005 and after hundreds of millions in funding has yet to turn in any profit. Many of these companies function in a perpetual state of being managed like a startup.

Ledger is not a startup.  They're a few months away from their 10 year anniversary.

If you connect your hardware wallet directly to Electrum or Sparrow for example, Ledger can't see your ip addresses. But if you do so without running your own node and connecting Electrum to your own server or Sparrow to your own node, the public or random server you are connected to would know your ip addresses and BTC addresses, and not Ledger this time.

That is why i said that if you use any wallet at all, without running your own node and connecting to it, then you do not have complete privacy because the random server you connect to can spy on you.

According to Techcrunch, Ledger has raised around 456 million EURO! That's a lot of money.
They have a lot of cash to burn and I assume that while the crypto market was on a bull run, their earnings must have been looking better than it does now.

But now without as much movement in crypto, we can safely assume that they aren't doing as well. I tried to look at their financial statements but it seems like they haven't published a new one since 2016!?

Well, we could draw conclusions from another metric though. Their series C funding round was $380 million in 2021. They called an "extension" to series C and got another 100 million EUR earlier this year. However, for a startup to actually get LESS money in a new funding round, it must mean that they aren't as hot. Their investors must be demanding answers. Probably their earnings were too low to justify as many employees.

TL;DR, in financial terms Ledger probably isn't earning a lot and has a dubious future as a company as is, so the layoffs were expected. Excessive growth goals tend to do that to startups.

Edit: Forgot to mention that my view is that the layoffs weren't caused by the whole PR fiasco Ledger faced. The bulk of their turnover probably comes from their enterprise services other than retail sales anyway, and corporations utilizing a company's services to secure other people's crypto sure wouldn't mind some trust into the equation of safekeeping crypto.

OK, so it is true then that if you use Electrum (or Sparrow I heard?) and just stay away from any coin that doesn't have a 3rd party wallet that can interact with the Ledger in place of Ledger Live, Ledger can't see your IP address?  The first part of the above statement seems to say the opposite, whereas the second kind of says that explicitly.  From my scant knowledge of even the basics of how wallets and everything else interact with the internet (I know, I'm as good as fucked) it was always my understanding that avoiding LL was the solution to avoiding Ledger updates--especially the one introducing Recover--but when I fooled around with my Ledger I never really considered IP addresses.

Jesus.  By the way, I don't think I mentioned that I used to be a fan of Ledger despite the warnings by dkbit98 in particular but now have turned 180 degrees....so that makes me an anti-fan, I suppose.  Anyone buying used Ledgers?  Lol.

If you are using any wallet without connecting to your own node or server, the server you connect to knows your BTC addresses and IP addresses, so for privacy you have to connect Ledger live to your own node, or you just forget about Ledger live and use Electrum with your hardware wallet and connect to your own Electrum server, this is the only way you get privacy.

I completely agree with the above, and even though I see your point about the biggest issue being their capability of extracting their users' private keys, it would be much more ominous/hideous/[add your own descriptor] if they had already done so and if in fact that's where they got that 20% statistic from.  That would just be straight-up evil.

Does the use of the device transmit a user's IP address, or is it Ledger Live that does that?  Yeah I know I'm no noob, but I'm still an ignorant lunkhead when it comes to computer science. 

When a company goes bad (for one reason or another), the first to pay the price are the employees. I do not think that these dismissals of employees are solely the result of their business decisions, but also due to the global economic situation, which definitely affects the EU as well.

---

My opinion is that they know exactly how many coins are on their devices, because their devices communicate with their servers and use the blockchain data located on those same servers. Considering this fact, it is easy to conclude that such data can be collected very easily and also connected to the IP addresses with which they are accessed.

If some big brother were to knock on their door (if he hasn't already) and ask for all this information on any basis (taxes, money laundering, terrorism...) I'm sure they would have to hand over this information. Considering everything that has been happening around that company for several years now, everyone should ask themselves if there is any logic in trusting them with something as sensitive as our private keys?

We wouldn't know for sure if such a list exists, but since they said that their users' keys cannot leave the secure element, but it turned out to be a lie, then anything is possible with ledger and it is surely not a recommended hardware wallet. They were also caught lying that they are on an open source roadmap^[1] which isn't true, too many lies coming from Ledger and it is enough not to trust them. A company can layoff staffs without any ominous meaning to it, but one that has recently come under fire and have probably lost all their customers that understands a thing or two about security, then it could mean something extra.

[1] https://bitcointalksearch.org/topic/m.62891890

Whether they do or don't doesn't matter.  The question that one should be asking themselves if they can or cannot.  Obviously the answer is they can.  Why would anyone sweat and fret about the other questions when the most damning answer is already known?

People should stop using Ledger, it's obvious that they think of their clients as nothing but a number and an income stream.

OK, this is the first time I'm reading that quote and if he knows that information, then Ledger obviously knows which coins are being kept on Ledger wallets and how many.  Hmm.  D'ya think the disclosure that your private keys could be exfiltrated from the secure element that went along with the Recover announcement could have something to do with that?

In other words, do you think Ledger has already got something akin to a master list of every Ledger user's private keys?  Just thinking out loud here, you know?

I wonder how many of those 500 or so employees are various government spooks.  Christ I need a drink.  And I don't even drink.

Considering that they're not the first cryptocurrency company to go down that path in 2023 and their downward trajectory, it was bound to happen at some point ^{[I'm not surprised]}.

This is a direct result of being the face of a company, but he shouldn't be the only one ^{[the whole board, president, and other staff deserve to be blamed as well]}!

They're great at manipulating newcomers ^{[unfortunately]}!
^{- Some of their users tend to purchase multiple hardware wallets of the same kind (refer to their subreddit).}

Perhaps they're spying in some way, but that number shouldn't matter when their main focus is on shitcoins.

Linkedin has 734 entries for Ledger employees (and I think not all company's staff n that list) which is more than a hell.  
Probably their profit was affected by the brain-bust-decision to share users' SEED with third parties and thus, the employees firing had to be  an inevitable fact.
Media is actively discussing the related development ^[1], ^[2], ^[3].  

[1]. More Crypto Job Cuts: Ledger Downsizes Workforce by 12%
[2]. Ledger Layoffs: Hardware Crypto Wallet Firm the Latest to Axe Staff
[3]. Ledger Faces Industry Downturn: Announces 12% Workforce Reduction

Although this doesn’t comes as a surprise because of the conditions faced by microeconomics, many crypto exchanges and entities-like have been layoff their staffs with the likes of chainalysis in the last few days blaming it on bear market and also binance-US which theirs was as a result of regulatory issue. But this Ledger own definitely has to fall into the place of business not growing more due to the bad decisions they made.

Reading through this news outlets I don’t see a comeback for them even though they still want to go ahead with the recovery idea, and thinking it will come good. If you read through many insults are thrown to the CEO, someone even tweeted of trusting software wallets than them which is definitely too bad. I would say Ledger should just be considered there was a big hardware wallets firm.


Here is direct link from there blog post affirming to this

It seems that this news is true. Here is the link to the article: https://www.ledger.com/blog/a-message-from-pascal-gauthier-chairman-ceo-at-ledger
When we talk about a company that manufactures hardware wallets, continuous development and customer safety must come first. It is not a company that sells TVs or sports shoes, so the marketing mentality must come first, the constant lying that appears in the company’s management will lead them to bankruptcy and may lead to the loss of some users.

The numbers he mentioned about the total number of wallets sold are frightening, and I do not know how he knows the percentage of securing 20% of global crypto assets.

I've been checking the Ledger subreddit pretty often since their idiotic, trust-destroying Recover service was announced and looking at it today, I saw a thread that linked to a Twitter post that in turn linked to some other source saying that Ledger is laying off 12% of its employees.  Having read through the reddit post, I'm seeing opinions about the cause of this ranging from "this is expected during an economic downturn" to "Ledger fucked themselves because of Recover and/or the behavior of their CEO".  Those aren't direct quotes from the post, by the way.

Frankly I was expecting a thread about this on bitcointalk, but apparently there isn't.  What do you guys think about this development?  Was it mentioned on any crypto news sites?  The reddit thread also mentioned that Ledger has something like 500 employees, which seems like a hell of a lot for a company that basically makes 3-4 products (unless a lot of programming/coding is needed).

I also wasn't aware that there were very negative opinions about Ledger's CEO.  Very interesting.