Author

Topic: Nothing matters more than transparency (Read 308 times)

sr. member
Activity: 952
Merit: 275
November 25, 2022, 12:49:33 AM
#22
I wonder what would have happened if Ledger hardware wallet company belongs to someone like Sam, just imagine, this type of man could have leave a backdoor in the whole hardware system and catered away with users' funds.
Don't imagine, verify. Don't use closed-source software. Don't buy a Ledger. You can't argue that it's secure, not only because you have to trust their intentions, but because you have to trust this small dev team's developing skills-- given a history full of breaches of that trust, I would absolutely avoid it.

They might have left a backdoor, they might haven't but have a 0-day. In any case, people should move to transparent software as soon as possible.
The topic is not referring to me, I know the difference between a closed source wallet and a open-source wallet.

I know that many people are using closed source hardware wallets, thinking it's safer, the topic is referring to such people.

Many don't know the difference, they don't know the danger that's lurking around Ledger wallet and other closed source wallet, right now some are still buying Ledger, I am just using the FTX drama as an example of what may happen to closed source wallet one day.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
November 20, 2022, 02:26:46 PM
#21
I wonder what would have happened if Ledger hardware wallet company belongs to someone like Sam, just imagine, this type of man could have leave a backdoor in the whole hardware system and catered away with users' funds.
Don't imagine, verify. Don't use closed-source software. Don't buy a Ledger. You can't argue that it's secure, not only because you have to trust their intentions, but because you have to trust this small dev team's developing skills-- given a history full of breaches of that trust, I would absolutely avoid it.

They might have left a backdoor, they might haven't but have a 0-day. In any case, people should move to transparent software as soon as possible.
hero member
Activity: 1064
Merit: 843
November 19, 2022, 10:07:17 PM
#20
You're missed the important part, open source is useless if there's no any coders who want to review every code or you're not a coder so you can't read the code. There's many project claim if they're "decentralized" many people didn't really know between semi decentralized and fully decentralized, actually semi decentralized is similar like centralized, it just to trick a newbie.

You need to know how to read the code and know how to verify the "decentralization" otherwise open source and decentralized will be useless.
legendary
Activity: 2576
Merit: 1860
November 19, 2022, 08:24:33 PM
#19
But people should be wary about wallets that are claiming to be open-source and decentralized. After all, these words are like marketing terms. They've been taken advantage of, exploited to gain users, used to entice them. Do wallets claiming to be decentralized and open-source truly decentralized and open-source? The ordinary users cannot tell.

Just recently, Trust Wallet became popular primarily because of CZ promoting it using the FTX fiasco. Not your keys, not your coins, he says. Self-custody is the better way. As a result, the price of Trust Wallet's token, TWT, soared all of a sudden and more than doubled in just a few days. But how decentralized and open-source Trust Wallet is? I bet those who moved their funds to such wallet cannot independently verify.

And, contrary to their marketing claims, it seems it isn't open source at all. So the transparency label could easily be faked.
legendary
Activity: 3024
Merit: 2148
November 19, 2022, 06:42:33 PM
#18
Another serious thing to take very seriously 😒, stay away from anything that's not open source and decentralised, this was why crypto is crypto in the first place, transparency must be 100%.

Being open source and decentralized is not enough to be safe. Unless you posses the skill to review the software and done it yourself, or someone qualified and trusted done it, then the software is not safe. Case in point - countless shitcoin protocols like DeFi, DAO or algorithmic stablecoins that got hacked, despite being open source. That's because no one seriously reviews them, so either the devs put the backdoors or hackers find the exploits first.
full member
Activity: 952
Merit: 232
November 18, 2022, 05:57:09 PM
#17
Hence the emphasis on DYOR, which is an acronym for Do your own research. It is always better to have an idea of the kind of exchange one is dealing with, also if it involves P2P, names and format of profile should lead one with hints of what he/she is dealing with.
hero member
Activity: 1414
Merit: 542
November 17, 2022, 02:56:44 AM
#16
I wonder what would have happened if Ledger hardware wallet company belongs to someone like Sam, just imagine, this type of man could have leave a backdoor in the whole hardware system and catered away with users' funds.
Nobody can guarantee that current ledger manufacturer is not doing something like this right now as we speak, since they are making closed source device nobody can verify their code.
They don't even need to have backdoor, with new type of attacks they can slowly collect seed words through transactions sent by user, even if they use third party wallets like Electrum.
I really can't find any good reason why they are being so stubborn and why they don't want to switch to open source, unless they have some hidden motives.
Luckily, there are plenty of open source alternative hardware wallet devices that exist today.

Or someone really close to the project can do a back door without us knowing and suddenly it exploded when bitcoin price is like in the millions making a lot of investors and hardware holders lost big amounts.

Open source is the key for the rest of us, at least we really see what's going on inside and outside. So we really need to be very careful as who we trust in this crypto industry and anything can go wrong in an instant.
copper member
Activity: 2156
Merit: 983
Part of AOBT - English Translator to Indonesia
November 16, 2022, 09:44:54 PM
#15
theymos already said in here https://bitcointalksearch.org/topic/reminder-do-not-keep-your-money-in-online-accounts-5421039

I can not explain how happy I am this transparency thing is receiving so much more attention now.  Unfortunately, tragic events like FTX's downfall need to happen for everyone to finally realize that we actually DO have to care about our belongings, be it the smallest or largest Exchange or whatever platform it is.

yeah since transparent will little bit give a peace of mind at least so we can see and track where is the money go for the centralized exchange. like DAO treasury in DeFi
hero member
Activity: 882
Merit: 1873
Crypto Swap Exchange
November 16, 2022, 01:37:28 PM
#14
I can not explain how happy I am this transparency thing is receiving so much more attention now.  Unfortunately, tragic events like FTX's downfall need to happen for everyone to finally realize that we actually DO have to care about our belongings, be it the smallest or largest Exchange or whatever platform it is.

We have certainly derived away from the initial purpose of Cryptocurrencies.  We went pretty backwards when it comes to transparency due to all these easy to use and fun looking Apps and websites that steal your focus and make you seek UI over transparency and safety.  Seek safety, people!  Stop taking the bait of comfort.

Now back to your post.  Ledger could at any given time have a backdoor revealed or leaked.  Just because nobody knows about a backdoor does not make it nonexistent.  In fact, I have a pretty big doubt there is no backdoor in Ledgers simply due to the Closed Source component it contains.  But that is my pure speculation as for now.

-
Regards,
PrivacyG
legendary
Activity: 2338
Merit: 1084
zknodes.org
November 16, 2022, 01:12:00 PM
#13
If a wallet like the hardware ledger had a back door and was managed by someone like SBF, I don't think it would have lasted as long as it has. Everything will collapse by itself because they manipulate user assets as they please. There will still be traces left no matter what. Transparency, Open Source and decentralized are absolutely necessary for crypto, because crypto does not accept centralized rules.
But if there really is a back door embedded in hardware wallets, it will be catastrophic, trust in crypto will decrease even more.
legendary
Activity: 2170
Merit: 1789
November 15, 2022, 11:18:49 AM
#12
I don't think Ledger and Trezor has a malicious code because it's really secure and trusted by many big holders, until now there's no any news where Trezor or Ledger is a scam hardware wallet.
And the same thing can be said for other services before they scam their users. Point is, users should always verify and look for transparency instead of trusting companies, regardless if they are popular or not. The point of crypto is to make the user their own custody and control their own money, not the opposite.
hero member
Activity: 812
Merit: 560
November 15, 2022, 11:16:51 AM
#11
stay away from anything that's not open source and decentralised, this was why crypto is crypto in the first place, transparency must be 100%.

If it's not decentralized then it is not safe completely, many make this great mistakes thinking that once they invest with bitcoin settles it all about thier security safety, but one can definitely be centralized with bitcoin if not conscious of how to be decentralized, and i also don't recommend decentralized wallet but closed source, why not going for the perfect suitability with an open source decentralized wallet to be completely free from any form of central authorities, there should be something left undisclosed with any decentralized closed source wallets for not being open source.
legendary
Activity: 2268
Merit: 1379
Fully Regulated Crypto Casino
November 15, 2022, 10:33:47 AM
#10
Another serious thing to take very seriously 😒, stay away from anything that's not open source and decentralised, this was why crypto is crypto in the first place, transparency must be 100%.
Its been constantly reminded that closed sourced might also been compromised. So open source has been chosen to remedy the potential breach and potential hack, and stolen funds. Most users ignore the possibility but they must be understand in the later stage. Dont be so relax but you must be cautious as always as we dont know when these centralized platform will trigger.
legendary
Activity: 1064
Merit: 1298
Lightning network is good with small amount of BTC
November 15, 2022, 10:27:37 AM
#9
Also quick note that we're not required to use the Ledger Live software (probably outside of updating firmware). When using Ledger hardware wallets, I always recommend using Ledger+Wasabi or Ledger+MetaMask.
It remains one which is for bitcoin, Ledger + Electrum. Even while some people are having issues with their Ledger Live, some clear the cache while some just move to Electrum which solves the issue. For bitcoin lovers, using Ledger hardware wallet with Electrum is highly advisable.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
November 15, 2022, 10:11:16 AM
#8
I agree but what Ledger do not take serious is privacy, this is reason I do not like to tell anyone about the hardware wallet. The software which is Ledger Live is open source, only the secure element on the hardware wallet is close source, it helps protect the seed phrase, but I  prefer a hardware wallet that is open source in everything.

Also quick note that we're not required to use the Ledger Live software (probably outside of updating firmware). When using Ledger hardware wallets, I always recommend using Ledger+Wasabi or Ledger+MetaMask.
hero member
Activity: 854
Merit: 663
November 15, 2022, 10:01:21 AM
#7
Although you have a point, but can you read the whole code and determine if it's a legit code or malicious code? I doubt it. Open source is better than closed source, but you need to know how to read code and get reviewed by many wallet geek or coders.

I don't think Ledger and Trezor has a malicious code because it's really secure and trusted by many big holders, until now there's no any news where Trezor or Ledger is a scam hardware wallet.
hero member
Activity: 3038
Merit: 634
November 15, 2022, 08:08:53 AM
#6
That's really something to think about. I myself as a Ledger wallet owner, made me just realize of what you've said.

But I guess there will be a person that would come who's concern with the potential damage that it can do to us, the users. Although I've been using them for years, I'll just lean on the fact that I trust them.

Maybe, there will be the time that the trend would be in favor of most decentralized things in the next years.
legendary
Activity: 2212
Merit: 7064
November 15, 2022, 06:12:00 AM
#5
I wonder what would have happened if Ledger hardware wallet company belongs to someone like Sam, just imagine, this type of man could have leave a backdoor in the whole hardware system and catered away with users' funds.
Nobody can guarantee that current ledger manufacturer is not doing something like this right now as we speak, since they are making closed source device nobody can verify their code.
They don't even need to have backdoor, with new type of attacks they can slowly collect seed words through transactions sent by user, even if they use third party wallets like Electrum.
I really can't find any good reason why they are being so stubborn and why they don't want to switch to open source, unless they have some hidden motives.
Luckily, there are plenty of open source alternative hardware wallet devices that exist today.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
November 15, 2022, 05:57:08 AM
#4
I wonder what would have happened if Ledger hardware wallet company belongs to someone like Sam, just imagine, this type of man could have leave a backdoor in the whole hardware system and catered away with users' funds.

Who says the backdoor doesn't exist in the HW you mentioned, or maybe in another one you didn't mention? Although this HW is only partially closed source, so far it has not been shown that they have bad intentions, and I think they have been on the market for more than 6 years. Of course, this does not mean that you should completely trust them, as well as any other similar company that produces similar devices.

In addition, imagine a situation where there really is a backdoor to that HW, and someone suddenly steals a huge amount of coins - I think the price of the entire market would collapse so quickly that the stolen coins would become worthless very quickly.
legendary
Activity: 1064
Merit: 1298
Lightning network is good with small amount of BTC
November 15, 2022, 05:42:35 AM
#3
I agree but what Ledger do not take serious is privacy, this is reason I do not like to tell anyone about the hardware wallet. The software which is Ledger Live is open source, only the secure element on the hardware wallet is close source, it helps protect the seed phrase, but I  prefer a hardware wallet that is open source in everything.

I too will prefer open source wallet that has nothing related to close source at all.
sr. member
Activity: 2366
Merit: 332
November 15, 2022, 05:40:49 AM
#2
The creation of blockchain is the real purpose that freedom and decentralization is the main drive towards the attainment of freedom from feudalism and feudal system where the master is superior to the "slave" or subordinate and controls everything concerning people in the location just like the government controls the strong hold of the people through fiat. This Satoshi in his creativity has set human out of such bondage and control. But however, laziness has beclouded investors to always do the right thing by securing our crypto assets in a secured wallet.
sr. member
Activity: 952
Merit: 275
November 15, 2022, 04:51:25 AM
#1
I wonder what would have happened if Ledger hardware wallet company belongs to someone like Sam, just imagine, this type of man could have leave a backdoor in the whole hardware system and catered away with users' funds.

This is just my imagination as I am stylishly challenging the security of wallets, hot wallet or hardware wallet that are not fully open source.

Another serious thing to take very seriously 😒, stay away from anything that's not open source and decentralised, this was why crypto is crypto in the first place, transparency must be 100%.
Jump to: