Bekam ein Ledger als Geschenk, aber die Person fand es nicht im offiziellen Laden… alles in der Box scheint legit, Ledger Live scheint es auch als ein echtes Gerät zu erkennen. Ist es sicher, es zu verwenden? Vielleicht gibt es einige Maßnahmen, die ich ergreifen kann, um mehr Sicherheit zu haben? Oder sollte ich in ein neues Gerät investieren?
If you’re going to trust it, be sure to do a factory reset/wipe, then generate your own seed.
You can open up the case and inspect the chipset inside if you’re really paranoid. Ledger’s own website has [instructions](https://support.ledger.com/hc/en-us/articles/4404382029329-Check-hardware-integrity?support=true) for this and photos of what to look for. It also cautions that opening up the case will void your warrant, but it sounds like the device has no warranty at this point, so have at it!
Two tricks you could use. You can try generating your seed using another device, and restoring it to the ledger, so that any tampering with the seed generation/random number generator is countered. This requires an ‚offline‘ device to maintain the true ledger security, however.
Secondly, you could place a small amount of btc/eth on it and leave it for a few months, see if there are any bites.
Not totally secure, but these are two measures which can reduce the chance of compromise.
So long as you have a recovery phrase that you generated yourself on your device screen that only you know AND the device has passed the genuineness check in Ledger Live, you’re all good to go.
Common red flags are devices coming with a recovery phrase already in the box written on paper or given to you by someone else or “Ledger Live” apps that ask for your recovery phrase.