Was befürchtet dieser Open-Source-/Recovery-Dienst?

[root_s2yse8vt]

Up

0

Down

::

Kann mir das jemand erklären, wie ein kleines Kind. Ich habe meinen nano s+ von der Ledger-Website gekauft. Ich habe meinen 24-Wort-Satz erstellt und ihn auf Papier und nur auf dieses Papier geschrieben. Ich habe die Software auf meinem Ledger seit Monaten nicht mehr aktualisiert. Es hat keine Wiederherstellungsoption. Was passiert, wenn ich die Software einfach nicht aktualisiere? Nach meinem Verständnis und nach dem, was ich hier gelesen habe, muss ich mich nicht für den Wiederherstellungsdienst entscheiden, selbst wenn ich die Software aktualisiere. Ich sehe das Problem also nicht. Ich weiß nicht viel über dieses Open-Source/Closed-Source-Zeug. Danke für jede Hilfe

[Separate-Forever-447]

Up

0

Down

::

“At Ledger, we offer you the best security and provide you with ownership and control over your assets. Therefore, we created the Nano hardware wallets combined with one-single app Ledger Live, to safeguard your private keys and mitigate potential risks. In short, the devices are designed so that your private keys never leave the security of the hardware, even when connecting your wallet to your smartphone or desktop.”

“…the devices are designed so that your private keys never leave the security of the hardware”

Ledger built the devices, and their whole narrative, around the idea that the keys cannot leave the device.

This turned out to not be true. The new firmware has this mechanism now built-in, whether you opt in or not.

That is the root of the problem.

[Toger]

Up

0

Down

::

>What happens if I just don’t update the software?

Eventually LL won’t talk to it anymore / the software gets so out of date as to be useless.

[BetLongjumping5132]

Up

0

Down

::

The problem is they said it wasn’t possible and now they are saying it is possible and always was. Even if you don’t opt in the vulnerability exists. The trust is gone.

The reality is nothing has changed except they misled their users and they were always more vulnerable than they thought.

[chuoni]

Up

0

Down

::

The fear is that there’s an alleged backdoor in the hardware that could be activated at any time to send out private keys (or has already done so), even without installing an update or opting in to the recovery service.

You need to update the firmware regularly though to be able to install the latest apps.

[kocknocker]

Up

0

Down

::

Still better than keeping coins on exchanges right?

[screddachedda]

Up

0

Down

::

I think y’all still don’t understand, the option itself allows vulnerabilities, and allows to exploits to be made. Who knows if someone can automate the recovery service in the background, or capture what data is transmitted. Doesn’t matter what they do, the option and feature is a risk.

[[deleted]]

Up

0

Down

::

[deleted]

[YaBastaaa]

Up

0

Down

::

One day by accident, you may fat finger it and select OPT -IN for the service by updating the device software and from that day forward, your keys seed phrase are sold to the DEVIL 👿.

[pringles_ledger]

Up

0

Down

::

Hi – updating the firmware does not automatically activate Recover. Utilizing Recover is entirely optional.

Self-custody is at the core of our offering, and your Secret Recovery Phrase is securely generated on your device. We have no access to it. This will NEVER change. We are uncompromising about security and that will never change.

You don’t have to use Ledger Recover and can continue managing your recovery phrase yourself if that’s why you bought a Ledger. Any firmware updates do not automatically enable this. This is your choice

You can find answers to your questions in this FAQ:
https://support.ledger.com/hc/en-us/articles/9579368109597-Ledger-Recover-FAQs?docs=true

Hope this helps!

[Bonpoignon]

Up

0

Down

::

Liars gonna lie. Bye Ledger.

[Autor]

Beiträge