Besondere Bedenken hinsichtlich der Wiederherstellung des Hauptbuchs

No hardware is impervious to hack when possession is obtained by a hacker. It’s why big cloud data centers are heavily locked down with multiple layers of security and multi-person control for the most sensitive operations.

Losing possession of a device should be treated as if a compromise has happened. Move crypto to a new wallet / address / seed phrases.

the article is from 2019….

Ledger nano S is discontinued and cannot be updated with the firmaware that enables recovery (there is no space for it).

Which makes ledger nano S the most secure ledger xD

Anyone who argues that attacks are ‘impossible’ isn’t being intellectually honest. The donjon pays a bounty specifically to entice attackers to air exploits in a way that allows them to be mitigated.

It is a good practice, and it shows there have been at least a dozen past vulnerabilities in Ledger products.

There *will* be more in the future.

And, Ledger has never attempted anything like Recover in the past. It implements a key exfiltration mechanism, and an orchestrated collaboration between the Ledger device, Ledger Live, cloud hosted webservices and third parties.

It would be intellectually honest to acknowledge and reason about the different facets of the risk.

Its Ledger Recover. Not Ledger Recovery.

Yes it is from 2019, but if it happened to nano S why can’t it happen to nano X? Also should we conclude that the statement that Ledger has NEVER been hacked is not true?

The modified firmware was installed on the non secure chip and failed the pairing check between the smartcard chip and the non secure chip, so the smartcard chip didn’t boot.

To summarize this was a large nothing burger, and doesn’t apply to the X, S+ and Stax where the screen and buttons are directly connected to the smartcard chip

More information : https://donjon.ledger.com/lsb/005/

Any hardware device is susceptible to this type of attack. Keys can be extracted via firmware on any device that allows back up of seed

Even if it was hacked, the seed is split and divided between 3 companies. Neither have the complete seed. So it would be extremely difficult for a hacker to gain a complete seed unless attacking all 3.

There is a difference between “someone steals your device and can hack it to access your crypto” (which is pretty much impossible) and “someone swaps your device for a manipulated one with totally different hardware inside” (which is possible but extremely unlikely since you’d have to be a known valuable target, like a celebrity millionaire).

I think my concern with this is much simpler. It shares 3 shards and you need two of them to recover. So you only need two parties to collude to recover the encrypted seed. Once the encrypted seed is recovered by the colluding parties, there’s a trade-off: 1) if the seed is encrypted with a simple password, they can easily break it, but 2) if it’s encrypted with a more complex password you’ll have to write down and store somewhere safe, we’re back where we started. So I’m a big fan of shards, but I’m not sure about this setup unless I missed something very important in how this works.