markus - ethOS - e/acc-d
@markus
What the fuck is wrong with Ledger
8 replies
0 recast
10 reactions
Dirk Jäckel
@biafra
Is it possible not to activate it for a given key?
1 reply
0 recast
1 reaction
markus - ethOS - e/acc-d
@markus
It's opt-in afaik. But that's not important. What is important is the fact that Ledger (the company) can at any time push a Firmware update to "do something" with your seed phrase. It shouldn't be this way
1 reply
0 recast
2 reactions
Dirk Jäckel
@biafra
They offer a firmware update. I am sure you don't have to install it. And that is the same with any hardware wallet. What would you prefer? No updates?
1 reply
0 recast
0 reaction
markus - ethOS - e/acc-d
@markus
Of course you don't. I would prefer a secure enclave that will NEVER under any circumstances reveal the seed phrase. By having Firmware Updates override that, breaks the entire security model
0 reply
0 recast
1 reaction