Ist es möglich, eine geforkte Version von Ledger Live ohne Recover-Code zu erstellen?

Home Foren Ledger Wallet Ist es möglich, eine geforkte Version von Ledger Live ohne Recover-Code zu erstellen?

  • Dieses Thema hat 11 Antworten sowie 1 Teilnehmer und wurde zuletzt vor vor 1 Jahr, 3 Monaten von pringles_ledger aktualisiert.
Ansicht von 11 Antwort-Themen
  • Autor
    Beiträge
    • 28. Oktober 2023 um 10:43 Uhr #3098917
      root_s2yse8vt
      Administrator
      Up
      0
      Down
      ::

      Ich weiß, dass Recover immer noch Teil der Firmware auf den Geräten ist, aber wenn Ledger Live Open Source ist, kann dann nicht jemand einfach eine Version erstellen, die einfach den Recover-Code blockiert/entfernt? Das würde es zumindest für die Firmware, die Recover enthält, viel schwieriger machen, missbraucht zu werden, wenn sie nicht mit Ledger oder jemand anderem kommunizieren kann.

    • 28. Oktober 2023 um 10:43 Uhr #3098918
      the-quibbler
      Gast
      Up
      0
      Down
      ::

      At that point, you can just use a different wallet with your ledger. Metamask has a dashboard app that shows similar info.

    • 28. Oktober 2023 um 10:43 Uhr #3098919
      NoVegas0
      Gast
      Up
      0
      Down
      ::

      Ledger live doesnt matter, its the firmware update for the device that puts the Recovery code on it.

      many people say it doesnt matter but it does. just by existing the code creates greater surface area in the device that could be exploited. this unnecessarily adds a new attack vector to the device.

    • 28. Oktober 2023 um 10:43 Uhr #3098920
      cryptowalter4572
      Gast
      Up
      0
      Down
      ::

      You could write your own code if you wanted to. I’m damn sure I wouldn’t be using some random code written by „someone“.

    • 28. Oktober 2023 um 10:43 Uhr #3098921
      r_a_d_
      Gast
      Up
      0
      Down
      ::

      You could, or you could simply read the code and understand that it doesn’t matter if you don’t use it.

    • 28. Oktober 2023 um 10:43 Uhr #3098922
      moose_boogle
      Gast
      Up
      0
      Down
      ::

      Just use the Ledger S. Problem solved. Move on.

    • 28. Oktober 2023 um 10:43 Uhr #3098923
      grandphuba
      Gast
      Up
      0
      Down
      ::

      The compiled software requires it to be signed so the device can verify if the software legitimately came from Ledger.

      This would only be possible if Ledger provides/opens that mechanism of side loading, which is unlikely.

      This is a point many supporters and detractors of open sourcing Ledger’s code miss. Simply posting the code on github is not enough.

      Being able to verify code/binaries and then sideload that code (even if it’s just Ledger’s), and verifying it is that code that is actually being run on the device is necessary for open source to work on a security standpoint.

    • 28. Oktober 2023 um 10:43 Uhr #3098924
      loupiote2
      Gast
      Up
      0
      Down
      ::

      Yes, it is possible, ledger Live is open source.

    • 28. Oktober 2023 um 10:43 Uhr #3098925
      cryptowalter4572
      Gast
      Up
      0
      Down
      ::

      What a red load of it. Dickheads get blocked.

    • 28. Oktober 2023 um 10:43 Uhr #3098926
      bears_or_bulls
      Gast
      Up
      0
      Down
      ::

      I wish they just had a button on live that asks you if you want to use Recover, is so then it updates and puts the code on your Ledger if you never click it the code never makes it to your wallet.

    • 28. Oktober 2023 um 10:43 Uhr #3098927
      selfcustodynerd
      Gast
      Up
      0
      Down
      ::

      Theoretically, you can do it. Also, the recovery code is more relevant for the device update rather than a Ledger live update. But the current Ledger live forces you to update to do any Crypto transaction from the Ledger live app. The easier route is to use another software app like Metamask to do the transactions without updating the device.

    • 28. Oktober 2023 um 10:43 Uhr #3098928
      pringles_ledger
      Gast
      Up
      0
      Down
      ::

      Hey – understand your concerns about the Ledger Recover feature. However, Ledger Live and the firmware on Ledger devices are two separate entities. Ledger Live is indeed open source, and while it’s technically possible to fork it, the Ledger Recover code is part of the device’s firmware, not Ledger Live. Therefore, modifying Ledger Live wouldn’t affect the firmware on the device itself.

      We take security very seriously at Ledger and we’re committed to providing the most secure environment for our users. The Ledger Recover feature is designed with multiple layers of security and it’s entirely up to the user to activate it or not.

      For more information about Ledger’s open-source roadmap, you can visit this link: https://support.ledger.com/hc/en-us/articles/11132311094813-Ledger-s-open-source-roadmap

      And for more details about Ledger Recover, you can refer to this link: https://support.ledger.com/hc/en-us/articles/9579368109597-Ledger-Recover-FAQs

  • Autor
    Beiträge
Ansicht von 11 Antwort-Themen
  • Du musst angemeldet sein, um auf dieses Thema antworten zu können.