Bitcoin

[root_s2yse8vt]

Up

0

Down

::

Ich versuche, ein besseres Verständnis für all die verschiedenen Möglichkeiten zu bekommen, wie mein Ledger kompromittiert werden kann.

Seed Phrase – sagen wir, ich mache NIEMALS digitale oder physische Kopien und meine Phrase ist nur Speicher.

Passcode: wie oben – keine physischen oder digitalen Kopien.

Smart Contract: Soweit ich weiß, gibt es keine Möglichkeit, eine Transaktion für BTC aus meinem Ledger über Smart Contract zu autorisieren.

Mit all dem gesagt, ist die einzige Möglichkeit, wie ich jemals verarscht werden, wenn ich meine Seed-Phrase und / oder Passcode vergessen?

[Inevitable-Driver-53]

Up

0

Down

::

Your memory is the biggest flaw.

[Jon_Hanson]

Up

0

Down

::

The seed phrase is the big one.

Smart contracts can only affect Etherium-based currencies. You can’t sign a malicious smart contract and have it drain your bitcoin addresses.

[RandomTask100]

Up

0

Down

::

I’ve been in this sub for 3 years. Not ONE of these worry-warts have gotten hacked. Every single victim was tricked into typing their seed phrase into a fake LL or they exposed the seedphrase online somehow. Don’t take photos of your seedphrase. Don’t save it in a word doc.

[Sensitive-Bridge8395]

Up

0

Down

::

Just write down the words bro. Dont try to get too fancy.

[cryptowalter4572]

Up

0

Down

::

The two biggest risks are you giving away the seedphrase or you forgetting/losing access to the seedphrase.

[Jim-Helpert]

Up

0

Down

::

Hey, the private keys that protect your funds have no way to be pulled out or hacked from the device, but there are other ways they can be compromised in which you can learn about here: [https://support.ledger.com/hc/en-us/articles/7624842382621-Loss-of-funds?support=true](https://support.ledger.com/hc/en-us/articles/7624842382621-Loss-of-funds?support=true)

We always note our users that neither Ledger nor an authentic version of Ledger Live would ever ask for your 24 words recovery phrase, anyone or site asking you to do so is a complete scammer
, always make sure to follow best safety practices: [https://support.ledger.com/hc/en-us/articles/6747982542749-Best-safety-practices-Ledger?docs=true](https://support.ledger.com/hc/en-us/articles/6747982542749-Best-safety-practices-Ledger?docs=true)

Hopefully this better clarifies

[weedium]

Up

0

Down

::

As someone stated, write down the words. Then keep them secret. Set up a pass phrase. The ledger is absolutely fine.

[–Starscream–]

Up

0

Down

::

Also, if you have malware apps in your phone such as unknown source apk .

[richardrietdijk]

Up

0

Down

::

your ledger can be compromised… by ledger.

[googlesuite]

Up

0

Down

::

Write down your phase in such a away that nobody understands except you. Dont interact with scam websites where they send you NFTS or vouchers and ask you to connect your ledger to claim the reward.

While making the transfers, take more time and always check the address in ledger before approving.

[macetheface]

Up

0

Down

::

And when you write down your words do it out of view/ earshot of any webcam.

[ExamAccomplished6865]

Up

0

Down

::

Rest assured that when you lose your passphrase then you will solely be the downfall of you own demise lol. Don’t get too crazy too many paranoids who don’t understand how blockchain and seeds actually work.

[LaColleMouille]

Up

0

Down

::

Important is, passcode must not be a passcode that you used elsewhere (bank pin code to connect, your windows Hello PIN code, etc.), and particularly, must not be found in any hash/pass leak found on leaked websites, that can be tied to your identity.

If I had to steal a Ledger, my first thing would be to find leaked info about the owner, on Collection.

[AndyAppBlock]

Up

0

Down

::

Assuming you are not using ledger recovery then you are broadly correct.

A few more points:

1. You mention smart contracts but that’s not really relevant for bitcoin
2. One other point of risk which is worth mentioning is the risk of using a non official/phishing version of ledger live or connecting another application to your ledger device. Whilst the private key stays on your ledger there will be another application that is responsible for constructing a txn and sending it to your ledger. If this application constructs a malicious txn i.e. sending your bitcoin to their address instead of your intended recipient and you click approve on your ledger they will take your funds. Ledger prevents this by showing you the destination address on the ledger device before you approve the txn but it is up to you to review this is really the txn you would like to approve. With smart contract interactions on networks like Ethereum reviewing and confirming txns is more complex as it’s not as simple to breakdown a smart contract deployment or interaction in a way that is legible on a ledger
3. Whilst making sure nobody else has your seed phrase is very important don’t underestimate the risk of losing it yourself!

[itechnotal]

Up

0

Down

::

There’s always the super rare chance that a same seed phase will be generated for other user :p

[Autor]

Beiträge