Update Ledger Nano S Firmware v2.0.0

xenon131

hero member

Activity: 491

Merit: 1259

Nihil impunitum

Quote from: jerry0 on May 11, 2021, 12:32:53 AM

Quote from: HCP on May 10, 2021, 05:54:56 PM

Quote from: ?? on ??

Also are you suppose to remove the coin apps before you do the firmware update?

No.

Quote from: LoyceV on May 10, 2021, 01:47:19 PM

With a hardware wallet, I plug it into an online device hooked to their own software, and all I can do is hope it does what they say. That's not "verify, don't trust" at all!

Do you verify the microcode for your CPU? or your mobo BIOS? your harddrive firmware? Have you verified all the code in your OS? Huh

If you use Bitcoin Core, have you actually verified all the code in that app? What about Electrum or ? Huh

Yes, I'm being facetious, but the point is that at some point in the chain you're no doubt trusting someone...

"Don't trust, verify" is nice in theory... incredibly difficult to implement 100% though.

Quote

That brings me to my main concern: even if the device can be trusted now, would it be possible for Ledger to create a firmware that broadcasts private keys? I'm hoping this is a very dumb question and it's completely impossible.

I'd hesitate to say "impossible"... because #famousLastWords... "unlikely" is probably a better description. The makers of Ledger Live are well known. They're not some "semi-anonymous" internet folks living in parts unknown.

I would think the thought of ending up in the French prison system would be enough to deter them from doing someone as stupid as that.

HCP, wasn't with the older firmware updates, we had to delete the apps first on the nano ledger before the firmware update? I thought i remember doing that before.

I assume back then we did, but now we don't?

Also if we don't have to remove the coin apps before the firmware update, that means we don't need to add coin apps to it afterward right? I am going to do the firmware update later today. I did check reddit and lot of people mention they had issues with it though like ledger live etc.

The older update procedures indeed required the removal of installed apps before flashing new firmware. But this has changed. Latest updates including the current one don't need this. Removal happens automatically. After finishing update you should confirm the reinstall of removed apps by pressing button on Ledger Live. However if you want you may remove apps manually before flashing new firmware.

jerry0

full member

Activity: 1750

Merit: 186

I'm not going to do this, but if you were to remove the apps before you do firmware update, after the update, you obviously have to re-add the apps. But you wouldn't have to add any accounts right?

Also did anyone here notice any issue with the firmware even after the update? HCP mentions it went really smooth and I believe a while back when he did previous update, it reset his nano ledger s. I read on reddit.. like the screen loading time is a bit slower and things like that.

But do you find this update to the new firmware better than the one before it? Deciding whether to upgrade soon or not or wait but if i wait, good chance i might not be able to update the firmware in 6 months maybe since i might not have my seed with me.

jerry0

full member

Activity: 1750

Merit: 186

Quote from: HCP on May 10, 2021, 05:54:56 PM

Quote from: ?? on ??

Also are you suppose to remove the coin apps before you do the firmware update?

No.

Quote from: LoyceV on May 10, 2021, 01:47:19 PM

With a hardware wallet, I plug it into an online device hooked to their own software, and all I can do is hope it does what they say. That's not "verify, don't trust" at all!

Do you verify the microcode for your CPU? or your mobo BIOS? your harddrive firmware? Have you verified all the code in your OS? Huh

If you use Bitcoin Core, have you actually verified all the code in that app? What about Electrum or ? Huh

Yes, I'm being facetious, but the point is that at some point in the chain you're no doubt trusting someone...

"Don't trust, verify" is nice in theory... incredibly difficult to implement 100% though.

Quote

That brings me to my main concern: even if the device can be trusted now, would it be possible for Ledger to create a firmware that broadcasts private keys? I'm hoping this is a very dumb question and it's completely impossible.

I'd hesitate to say "impossible"... because #famousLastWords... "unlikely" is probably a better description. The makers of Ledger Live are well known. They're not some "semi-anonymous" internet folks living in parts unknown.

I would think the thought of ending up in the French prison system would be enough to deter them from doing someone as stupid as that.

HCP, wasn't with the older firmware updates, we had to delete the apps first on the nano ledger before the firmware update? I thought i remember doing that before.

I assume back then we did, but now we don't?

Also if we don't have to remove the coin apps before the firmware update, that means we don't need to add coin apps to it afterward right? I am going to do the firmware update later today. I did check reddit and lot of people mention they had issues with it though like ledger live etc.

HCP

legendary

Activity: 2086

Merit: 4361

Quote from: ?? on ??

Also are you suppose to remove the coin apps before you do the firmware update?

No.

Quote from: LoyceV on May 10, 2021, 01:47:19 PM

With a hardware wallet, I plug it into an online device hooked to their own software, and all I can do is hope it does what they say. That's not "verify, don't trust" at all!

Do you verify the microcode for your CPU? or your mobo BIOS? your harddrive firmware? Have you verified all the code in your OS? Huh

If you use Bitcoin Core, have you actually verified all the code in that app? What about Electrum or ? Huh

Yes, I'm being facetious, but the point is that at some point in the chain you're no doubt trusting someone...

"Don't trust, verify" is nice in theory... incredibly difficult to implement 100% though.

Quote

That brings me to my main concern: even if the device can be trusted now, would it be possible for Ledger to create a firmware that broadcasts private keys? I'm hoping this is a very dumb question and it's completely impossible.

I'd hesitate to say "impossible"... because #famousLastWords... "unlikely" is probably a better description. The makers of Ledger Live are well known. They're not some "semi-anonymous" internet folks living in parts unknown.

I would think the thought of ending up in the French prison system would be enough to deter them from doing someone as stupid as that.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: dkbit98 on May 04, 2021, 07:16:38 AM

we can't really review their closed source code and we can't verify anything they say.

I've always been wary of hardware wallets, because I can't know for sure what goes on in there. At least with offline key generation I know I can (in theory) create my own random input from coin flips, and as long as it's offline I know nobody else can ever access it.
With a hardware wallet, I plug it into an online device hooked to their own software, and all I can do is hope it does what they say. That's not "verify, don't trust" at all!

That brings me to my main concern: even if the device can be trusted now, would it be possible for Ledger to create a firmware that broadcasts private keys? I'm hoping this is a very dumb question and it's completely impossible.

In Ledger Live, how hard can it be to sum up the euro balance? The "total balance" is about 20% off from what the sum of "Asset allocation" should be! It doesn't inspire confidence that something as simple as adding up numbers doesn't work properly.

jerry0

full member

Activity: 1750

Merit: 186

Quote from: ?? on ??

Quote from: HCP on May 09, 2021, 08:14:38 PM

^^ THIS! any failures of the device are not an issue... as long as you have you recovery seed words!

Yeah, no issue regarding the private keys behind SEED but the blow to budget, 59,00 € is still a money.

I have noticed that after firmware upgrade my settings to ETH wallet gone away and to work with the smart contracts over Ledger there was a need to allow this again.

Is the update the same way as it was done like in previous updates? Going to update it later today soon. But one issue i have is my internet has been acting up... and i read someone mentioned that is one concern of theirs. Anyone had their internet go out or went slow while doing the firmware update and if something goes wrong, what happens? For some reason my internet seems to not be that good right now... rarely is this the case.

Also are you suppose to remove the coin apps before you do the firmware update? I do have btc, bch and btg apps installed. Do i need to delete them before update or not? I thought someone said a while back its better or it doesn't matter?

[moderator's note: consecutive posts merged]

HCP

legendary

Activity: 2086

Merit: 4361

Quote from: jerry0 on May 08, 2021, 11:51:14 PM

I also read somewhere on reddit... that few people had issues entering your seed phrase in recovery where it kept showing the seed is wrong. But after trying it multiple times, it eventually showed as correct. Saw a few people mention this on reddit.

I would say that is more likely to be "fat fingers" (aka data entry error) on behalf of the user than it is an issue with the recovery app (or the device firmware). Because of the english wordlist having so many "similar" words, it's very easy to enter/select the wrong one.

Annoying? yes... but not the end of the world.

Quote from: dkbit98 on May 09, 2021, 09:53:09 AM

You can always reset your device and reinstall new firmware if something goes wrong, and more important thing is keeping you backup phrase safe on paper or metal plate.

If your device get's broken during update or for some other reasons you can always buy a new hardware wallet and simply import your seed words and you will be fine.

^^ THIS! any failures of the device are not an issue... as long as you have you recovery seed words!

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: ?? on ??

Yeah, the upgrade procedure became very simple. Nevertheless I'm always afraid to be trapped into situation of the sudden problem with Internet when doing Ledger upgrade. I can’t stop thinking about lost communication session with the upgrade server. A common sense dictates that nothing terrible must happen because firmware goes first into Ledger Live cache and only after checking its integrity it reprograms the wallet itself. Is this correct?

You can always reset your device and reinstall new firmware if something goes wrong, and more important thing is keeping you backup phrase safe on paper or metal plate.

If your device get's broken during update or for some other reasons you can always buy a new hardware wallet and simply import your seed words and you will be fine.

jerry0

full member

Activity: 1750

Merit: 186

Okay i think i might have to do this firmware then... because i wouldn't have the opportunity to do it in a while maybe.

Did anyone here had issue with the firmware at all?

Also anyone here using old firmware that is at least l year old or more?

I also read somewhere on reddit... that few people had issues entering your seed phrase in recovery where it kept showing the seed is wrong. But after trying it multiple times, it eventually showed as correct. Saw a few people mention this on reddit.

Could firmware update possibly cause something like this with the ledger recovery app saying incorrect seed when you input it?

HCP

legendary

Activity: 2086

Merit: 4361

I already upgraded both Ledger Live and my device to firmware 2.0.0... no issues to report... and I haven't seen any (new) issues reported either.

I was pleasantly surprised at how easy the firmware upgrade was... it basically does everything for you now (removes old apps, reinstalls apps etc). Very simple.

It didn't wipe the device or require the seed to be restore or anything.

Pmalek

legendary

Activity: 2730

Merit: 7065

Quote from: jerry0 on May 07, 2021, 10:51:11 AM

Did most or all of you update to the new firmware yet? Or you all waiting a few weeks before you do it? I got to assume very few people update immediately when there is any firmware update right and just wait a bit to see what others say first?

I haven't been offered the update yet, and I am not in a hurry. It doesn't do anything important in terms of security, so I will wait.

Quote from: jerry0 on May 07, 2021, 10:51:11 AM

Also what if you don't update the firmware now and travel and say you won't have access to your seed for at least 6 months or so?

You will be arrested and detained by the Ledger Secret Police (the L.S.P) upon your return to your country. When you installed Ledger Live, you gave the company every right to arrest and torture Ledger customers (read the ToS). Usually they don't go that far and all they want to know is why you waited 6 months to perform the update.

Quote from: jerry0 on May 07, 2021, 10:51:11 AM

Thus I heard never good idea to do firmware update without your seed with you.
Do you think there will be any concern down the line where there is another firmware update in say few months... then when you do an update 6 months down the line... then you might have issues? I recall years ago people who didn't do any firmware update for years... couldn't do it later on and had that message of device not geniune and firmware way too old.

Even if you don't have your seed with you, it's always possible to restore your accounts whenever you get access to your seed. You only need the seed in case your device resets itself and you need to spend money immediately after the upgrade.

Only firmware versions 1.1 and 1.2 can't be updated to the newer firmware releases anymore. Everything else can still be updated. The worst case scenario would be that you'd have to update it gradually version by version before you meet the requirements to upgrade to 2.0. That's how things stand now. We don't know what the future holds.

jerry0

full member

Activity: 1750

Merit: 186

Did most or all of you update to the new firmware yet? Or you all waiting a few weeks before you do it? I got to assume very few people update immediately when there is any firmware update right and just wait a bit to see what others say first?

Also what if you don't update the firmware now and travel and say you won't have access to your seed for at least 6 months or so? Thus I heard never good idea to do firmware update without your seed with you. Do you think there will be any concern down the line where there is another firmware update in say few months... then when you do an update 6 months down the line... then you might have issues? I recall years ago people who didn't do any firmware update for years... couldn't do it later on and had that message of device not geniune and firmware way too old. But someone mentioned ledger fixed this issue right so essentially if you are using the firmware right now... not the one just updated... you are probably still good for a year or two at least?

Or always safe to do an update within a week or weeks after it comes out?

HCP

legendary

Activity: 2086

Merit: 4361

I don't think there were any "security" related patches in the new firmware... they were mostly QoL (quality of life)... and adding support for ETH2.0

Release notes here: https://support.ledger.com/hc/en-us/articles/360010446000-Ledger-Nano-S-firmware-release-notes

So, if you're happy with how things are for now, and don't require/need/want ETH2.0, then it's probably find to just stick with what you have... Just be prepared for Ledger Live to ~~bug~~ remind you about updates being available! Tongue

alladel

newbie

Activity: 4

Merit: 0

Is this a case where "if it ain't broke, don't fix it"?

I trusted WinXP a lot more than I trust Win10, yet same OEM. (I use neither, but just making the point that newer isn't exclusively more trustworthy.)

HCP

legendary

Activity: 2086

Merit: 4361

Not sure when the feature was added, if it was in this new firmware, or has been in a while... but I noticed that when you attempt to access a particular coin in Ledger Live now, it will automatically prompt you on the device to open that coin app...

Whereas, before it would just stick on the "Open Bitcoin app on your device" prompt in Ledger Live until you manually went and selected the coin app... now it just pops up with "Open Bitcoin App" with the "approve/reject" options on the device... kinda like when you try to open Ledger Manager and it says "allow Ledger Manager?", it now does the same thing with the coin apps.

Granted, it's a very minor thing, but a nice little addition to the UX, imo.

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: ?? on ??

Is there a need to remove apps from Ledger nano S before flashing it with new firmware? The link you provided said nothing about it. As I recollect the previous upgrade doesn't require this and apps were allowed to be on device in the course of upgrade. Would like to be sure first before doing any stupid thing.

Apps will be removed automatically, than firmware will be updated and apps installed again in the end, so you don't have to do anything manually except maybe making few click confirmations.
You can't really make any mistake but make sure you have the latest ledger live app, keep your 24 backup words safe, and in case something unexpected happens you can always restore your wallets.

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: Pmalek on May 06, 2021, 04:10:34 AM

You had to trust Ledger with the older firmware upgrades as well, so nothing changes in terms of trusting/distrusting them.

I guess ''don't trust, verify'' phrase don't apply for ledger, and yes I know that nobody can verify any changes and updates made by ledger (except their small closed circle of devs), you always have to trust their words,
and after reading that IRS is seriously looking for new ways to Hack Hardware Wallets I have valid reasons to question any closed source firmware updates related to hardware wallets.
There is also whole can of worms hidden behind secret NDA contracts and past has shown that ledger is not the best dealing with information that needs to be safe.

Pmalek

legendary

Activity: 2730

Merit: 7065

Quote from: dkbit98 on May 05, 2021, 07:44:06 AM

We can't verify anything so we need to trust ledger that those apps and firmware is good and without IRS special code.

You had to trust Ledger with the older firmware upgrades as well, so nothing changes in terms of trusting/distrusting them.

Like with all the previous firmware upgrades, I will wait a few weeks before installing this one to see if they'll be accompanied by any serious bugs. It's mostly cosmetic changes anyways. The release notes don't mention any discovered vulnerabilities that are fixed with the newest version, so it's not a critical upgrade.

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: Pmalek on May 05, 2021, 07:15:41 AM

They claim they balanced out the increased size of the new version of the operating system by reducing the size of most of the crypto apps. Did you check if the apps are lighter now?

I updated ledger apps and I think there is not much difference with size of individual apps, for example Bitcoin app is now 42 Kb, and I am not sure what size was before this latest firmware update but I think it was 40 Kb before, someone can correct me if I am wrong.
I know that total free space in my case is lower than it was before, however I am using only Bitcoin and Electrum so I don't really care so much, but maybe bitcoin forked coins and altcoins apps reduced in size.

Quote from: NeuroticFish on May 05, 2021, 07:26:41 AM

Update:

So it was 44 Kb before and they reduced Bitcoin app for 2 Kb like all other bitcoin forks, but total space is reduced for 12 Kb, so it's not an issue if you don't use bunch of altcoins.
We can't verify anything so we need to trust ledger that those apps and firmware is good and without IRS special code.

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: Pmalek on May 05, 2021, 07:15:41 AM

Did you check if the apps are lighter now?

I just did.
I had v1.6.1, 156kb capacity and the latest Bitcoin app 1.6.0.
After update I have v2.0.0, 144kb capacity and the same versions of apps seem to be offered. However, most of them are a little bit smaller.

I'll prepare a comparison.

Update:

Topic: Update Ledger Nano S Firmware v2.0.0 (Read 348 times)