I have personally used Ledger hardware wallets for about 7 years. Today is the first day I've decided to look elsewhere.
Apparently, newer Ledger hardware devices (Nano S plus and Nano X) have the capability of sending the private key from the device. Not good.
This just came to light as Ledger unveiled its #LedgerRecover service. This "recovery service" is actually not the core issue. It's what it tells us about the hardware wallet's capabilities.
A properly secure hardware wallet shouldn't be capable of sending the private key. Period.
The fact that the device has the capability of sending the private key is the flaw. Even if Ledger were to release a patch to "address the issue", they can't fix this issue because they have just admitted the hardware device is capable of sending the private key.
I've seen some red-herring discussions regarding this (for example, some will say "Don't worry. It's an opt-in feature. Just don't opt in." or "Just don't update to the newest firmware", etc.) but they are all missing the above, single, massively important point.
Btw, supposedly the older Ledger Nano S (non-"plus" version) doesn't have this capability (flaw).
A temporary, stop-gap solution can be to use an older, Nano S (non-"plus") device. But, Ledger as a company isn't really trustworthy at this point, imo, especially after they already leaked all of our personal information on the Internet in 2020. ( cointelegraph.com )
I suggest you educate yourself and read up on this topic further. There's a lot of discussion about this on the Ledger sub-reddit right now:
reddit.com
Apparently, newer Ledger hardware devices (Nano S plus and Nano X) have the capability of sending the private key from the device. Not good.
This just came to light as Ledger unveiled its #LedgerRecover service. This "recovery service" is actually not the core issue. It's what it tells us about the hardware wallet's capabilities.
A properly secure hardware wallet shouldn't be capable of sending the private key. Period.
The fact that the device has the capability of sending the private key is the flaw. Even if Ledger were to release a patch to "address the issue", they can't fix this issue because they have just admitted the hardware device is capable of sending the private key.
I've seen some red-herring discussions regarding this (for example, some will say "Don't worry. It's an opt-in feature. Just don't opt in." or "Just don't update to the newest firmware", etc.) but they are all missing the above, single, massively important point.
Btw, supposedly the older Ledger Nano S (non-"plus" version) doesn't have this capability (flaw).
A temporary, stop-gap solution can be to use an older, Nano S (non-"plus") device. But, Ledger as a company isn't really trustworthy at this point, imo, especially after they already leaked all of our personal information on the Internet in 2020. ( cointelegraph.com )
I suggest you educate yourself and read up on this topic further. There's a lot of discussion about this on the Ledger sub-reddit right now:
reddit.com
This guy perhaps says it best.
The best post I’ve read on why this Ledger situation is a big deal.
reddit.com
reddit.com
جاري تحميل الاقتراحات...