209 похожих чатов

I'D rather trust software which can be audited than trusting

hardware from a random company...ledger is safe until it isnt. u dont need to trust these companies man . i would still use ledger if i needed a hot wallet or to connect to a not safe computer / connection though. not to generate keys and cold store it doesnt make any sense. answer this question to me. can you grab a ledger and change its firmeware ? yes or no ?

9 ответов

23 просмотра

Ledgers firware is verified by Ledger each time you use it and downloads are cryptographically signed. Either way, the Keys / seed words never leave the device. An attacker would need physical access to the HW device, some fine soldering skills, and be able to put it back together without you noticing. wallet.fail is a bit outdated, but shows the kind of attacks that HWs are vulnerable to — much harder to do than any software. OTOH Malware attacking the files on your computer that store the seed phrase for your Metamask or Trustwallet etc is rife. Most people's MM password is not very strong. Modern malware include a keylogger so the decrypion is straightforward, but even if they get just the encrypted file, there's no salt, and the software to decrypt is freelay available online — as are lists of millions of the most commpn passwords found in other data breeches. Regardless, by far the most crypto losses we see are when people get conned in to giving up seed words, or private keys — scammers DM claiming to be support and get them to click "export private key" or "reveal recovery phrase" directly from MM — That can NEVER happen with a HW.

Patinhas 🐾- Автор вопроса
𝙇𝙤𝙯ᵘᵏ [I Never DM You • Beware Of Scams]
Ledgers firware is verified by Ledger each time yo...

Ledgers firware is verified by Ledger each time you use it and downloads are cryptographically signed. nuf said. Keep your verification by a company. and i will keep my audited code.

Patinhas 🐾
Ledgers firware is verified by Ledger each time yo...

What audited code are you talking about?, I thought the discussion was about software wallets vs Hardware. You really think Ledger would risk their entire business model on dodgy updates?

Patinhas 🐾- Автор вопроса
𝙇𝙤𝙯ᵘᵏ [I Never DM You • Beware Of Scams]
What audited code are you talking about?, I though...

many things can happen when u trust other people. in this case u trust company and all their employers. ledger is cool but there are other risks as well

Patinhas 🐾
many things can happen when u trust other people. ...

They also publish their code on Github, and a change log so it's not too hard to have a quick read of the diff with each version. Git makes that super easy... but you still didn't answer the question: What audited code are you referring to? Sure there are other ways to stay safe, but all involve too much opSec for most people to maintain.

Patinhas 🐾- Автор вопроса
Patinhas 🐾
can a rogue ledger employer install backdoor on le...

Not without it being spotted before harming anyone, Now please for the 3rd time answer the question of what audited code you're referring to

Patinhas 🐾- Автор вопроса
𝙇𝙤𝙯ᵘᵏ [I Never DM You • Beware Of Scams]
Not without it being spotted before harming anyone...

ok so you agree it can. also: can a rogue ledger employer install dodgy firmware on ledger ?

Похожие вопросы

Обсуждают сегодня

Ready for some fun AND a chance to win TKO Tokens? Join us for exciting minigames in our Telegram group! 🕒 Don’t miss out—games start on today 25 October 2024, at 8 PM! Ge...
Milkyway | Tokocrypto
255
How are we going bro about the Raids ??
🅿️abby_FX
13
Keep saying it, it’s Trump or WW3. Iran will be emboldened if Harris wins by cheating. Israel will have to take the initiative against Iran. How has BTC faired everytime the...
Adz | Ferrum Network Product & Service Consultant @ Ferrum Network
1
------------------------------------------------------------------------------ 📢 MAJOR ANNOUNCEMENT: HSUITE ECOSYSTEM UPDATE 📢 @everyone Dear HbarSuite Community, After month...
Big Stones
3
Ok I will use this example…there has been a crazy amount of meme coins launched on solana and more recently on xrp ledger, many of these memes have found their way on to diffe...
Stevo Payne
7
isnt that how its called? lol
Hobbyist
34
Hey guys, I am a first time Staker, I'm on Chrome browser on Hex dot com, I'm using rabby wallet with my ledger nano X, but when I click the STAKE button it doesn't prompt my ...
Slug
8
Does anyone in here have a contact with EOS Labs that we could ask what they've been doing with their funding?
Bytecode360 Katoshi [1337 f4rm3r]
13
I know it does. The thing is in my case for example, I'm not using desktop (secure VM) for anything else besides nautilus. Even my bank pushed me towards mobile app, they do n...
Navip
2
Cake wallet beta works on Linux?? Anybody?
MR V
7
Карта сайта