I have seen a lot of people deciding that they will continue to use their Ledger devices without updating firmware for as long as possible. I think there is still a lot of misinformation and misunderstanding in the seed extraction drama so I will try to clarify those misconceptions and share my perspective below.
The newest Ledger Recovery function is optional and allows you to send out your encrypted seed to 3rd parties for supposed safekeeping. You need to perform KYC and pay a monthly subscription fee for that.
The problem is that a lot of people believed that there is no possibility for the seed to leave the device. That the seed was safely stored in the Secure Element, where it would be used to sign transactions, and signed transactions would be the only thing leaving the SE. The reality turned out to be quite different, and a lot of people got angry as they were misled by the marketing.
Technically, nothing has changed. The "backdoor" to extract your seed might have been present in their closed source firmware since day 1. Basically there are two options.
You either continue to trust Ledger that their firmware is "safe" and does not extract your seed without your consent, in which case you continue to use your Ledger devices with up-to-date firmware;
or you decide that you were misled into false thinking and do not trust Ledger anymore, in which case using your Ledger with outdated firmware does not help, because you cannot be sure if older firmware versions have not already secretly exported your seed, and you need to DYOR and carefully choose a different hardware wallet provider, which means cold wallet or airgapped wallet, because all wallets that connect to a device with Internet connection are technically able to export and send out your seed if the firmware is malicious.
I am not going to tell anyone whether they should continue to use their Ledger devices or choose a different hardware wallet, but I don't see a point in using outdated firmware - this only makes you miss security updates and locks you out from new features.
TLDR: use your Ledger with up-to-date firmware or choose a different wallet altogether, there is no benefit in using outdated software because "the backdoor" could have been there since day 1.
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments