Hardware wallet manufacturer Ledger is publishing a new firmware update. The update introduces a recovery feature that allows Ledger to back up seed phrases.
To use the new service users have to send a picture of a government-issued ID.
https://i.postimg.cc/gjcqnCdt/IMG-4245.jpg
WTF are you doing Ledger?
Folks NEVER EVER let a 3rd party store your privat key. And don’t use a hardware wallet who offer such services.
NOT YOUR KEYS, NOT YOUR BITCOIN.
To me this looks like a hosted version of Shamir Secret Sharing. I get it that normies might find this comfortable.
But we as a community need to prioritise self sovereignty, and work hard on getting the message out there.
Spread your self soverign risk by using purpose built by tools like Shamir Secret Sharing.
https://trezor.io/learn/a/what-is-shamir-backup
Shamir Secret Sharing: "the secret cannot be revealed unless a quorum of the group acts together to pool their knowledge"
Guess what? The quorum does not include you.
Not only that, this is a KYC service that requires government-issued ID to use.
🚩 Upload your keys to a trusted third party. 🚩 Submit government identification.
This goes against everything the bitcoin community has spent years building.
Might as well save yourself some trouble and use a custodial software wallet.
deleted by author
deleted by author
You know what Bitcoin has that works more securely than shamir secret sharing? Multi-sig. But shamir gets shilled by shitcoiners because shitcoins don't know how to multi-sig lol
My experience with multisig is limited, but IMO SSS is easier than multisig.
Cofounder confirmed the device will transmit encrypted shards of your seed phrase and that it’s optional.
But what the fuck. Transmit my seed phrase ? Fuck you.
I can no longer trust Ledger as a cold wallet so why should I trust that the change is not going to become mandatory. Even if opting out, that implies the capability is still present. Fuck that.
Direct link to cofounder’s reddit comment :
https://reddit.com/r/ledgerwallet/comments/13itm7u/_/jkbyyfp/?context=1
Has this been verified? All I've seen are screenshots, but nothing on Ledger's website.
The co-founder was answering questions on Reddit: https://old.reddit.com/r/ledgerwallet/comments/13itm7u/is_there_a_backdoor_yes_or_no/jkbyyfp/
It seems legit.
Thanks for confirming. This is very disappointing.
They are under pressure from governments. The financial action task force, the supranational body that sets aml standards, has its sights on hardware wallets. This will be a slow step by step boil but they WILL be pressured into compliance
They are feds, end of story. These pricks putting bitcoin user data in dragnets fuck outta here
Yup, wasn’t ledger associated with FTX?
I think they were at least sponsored by FTX, but I'm not sure
Finally ledger owners could use ledger as the only purpose was designed: as a neckless.
This is concerning, if true, it can turn your hardware wallet even less secure than a regular software wallet.
Doesn't sound good at all.
Really disturbing. When I questioned Trezor during the AMA about blacklisting addresses, their answer included "you can opt out." I'm sure that's exactly what Ledger will say now. It's a slippery slope until both manufacturers make this mandatory. Time to move on.
Disturbing, if confirmed. But logical, as more and more companies are preparing to adapt to coming crypto-regulations, esp. MICA in Europe. Governments will force all crypto service providers (whether it's protocols, wallets or whatever) to KYC.
That's the sad thing about this world. Pretty sure that most citizens of the world praise their right to anonymity but most governments (supposed to represent the people) are against it.
There is always that airgapped old PC in the basement with open-source wallet software on it. Unless they ban Turing-completeness.
Doesn't make sense for a single key hardware wallet.
I can see it as a reasonable choice in a 2-of-3 set up where you could use your biometric to request use of the 3rd key only (as one option).
Very strange brand destroying stuff.
It might be time to dig out an old USB thumb drive and start rolling dice.
https://i.postimg.cc/8ckQ9QXN/photo-output.jpg
I don't understand. This is totally not needed and against their own product. Late April's fool? Lol Their clients didn't ask for this. Also, how does this work? I hope it is not automatically read from the device and you have to manually tell them the words. Not safe in any case. anyway I wasn't going to use any of their products.
That's why I prefer metal plate...
Wtf is that Ledger and Trezor going full regulatory carnage, steps by steps, slowly and surely.
The majority of their customers, the crypto boys, will love the idea.
No one seems to remember anymore why Bitcoin was invented. 😔
Ledger and Tezor following rules of State. Sad
Ya, give me your wallet, I will hold it for ya. Trust me bro! :-) They will kick themselves out of the market...
Seems like a government driven backdoor disguised as a Monthly Recurring Revenue money grab. Either way, suicide that may turn out to be case studies in business schools some day.
FWIW, we have NEVER recommended users purchase or use Ledger's as:
And now this. This is stupid on SO many levels. They have to know this too, which means it's a toss up of why they're doing it. Either they're being forced to by govs OR they just want that sweet, sweet subscription action @ $10/m. Or maybe it's both.
We will continue to actively tell our readers to never use any Ledger device as this new "feature" is extremely bad. All Ledgers now have code written into them that allows software on the host device to exfiltrate the private keys. That means it's only a matter of time before criminals figure out how to hack it, which opens up the possibility of millions of Ledger users getting rugged. For shame Ledger.
What do you think, should we add Ledger to our Bitcoin Scams post lol https://www.athena-alpha.com/bitcoin-scams/
Yeah this is concerning.
Build your own hardware. Verify everything. https://seedsigner.com/
Ledger Launches Distributed, KYC-Based, Cloud Seed Recovery Service Then Quickly Deletes It
You can't trust hardware wallets that support shitcoins. I would go a step further, don't trust any hardware wallet besides SeedSigner (DIY).
been lambasting ledger for a minute now, glad to see people wising up.
When their company goes bankrupt, they can take all of their clients' bitcoins with them. This has happened many times with centralized corporations, don't trust them. Not your key,not your coin. Ledger just another form of FTX.
I really don't get why buying an expensive hardware wallet device and do full KYC to broadcast your seedphrase to a third party.
Success and money got Ledger founders all over their head, they do not care about its users self custody.
CoinKite just posted they are running a 24 hour promo on their ColdCard MK4 unit.
15% off Mk4 with promo "noKYCwSE"
Works on the coloured units as well.
Sweet sweet honeypot…
Maybe someone can check their open source code to see what this is all about. Oh, wait... never mind
Even if they transmit encrypted data you still need to type your seed on an online device. No thanks! Time to find another HW.