Newsletter
CoinSharks
  • Bitcoin
  • Ethereum
  • Altcoins
  • Nasdaq
  • NYSE
  • Regulation
  • Shark School
  • Premium Services
No Result
View All Result
  • Bitcoin
  • Ethereum
  • Altcoins
  • Nasdaq
  • NYSE
  • Regulation
  • Shark School
  • Premium Services
No Result
View All Result
CoinSharks
No Result
View All Result
Home News

Ledger Provides Clear Explanation of Firmware Functionality Following Deleted Tweet Controversy

The Megalodon by The Megalodon
May 19, 2023
in News, Bitcoin
0
Ledger Provides Clear Explanation of Firmware Functionality Following Deleted Tweet Controversy
389
SHARES
1.8k
VIEWS
Share on FacebookShare on Twitter

On May 18, Ledger, a leading provider of crypto hardware wallets, provided clarification regarding how its firmware operates after a tweet on May 17 sparked controversy and was subsequently deleted by the company. The tweet in question, attributed to a customer support agent, suggested that Ledger could develop firmware capable of extracting users’ private keys.

Charles Guillemet, the chief technology officer of Ledger, took to Twitter to address the matter and stated that the wallet’s operating system (OS) requires the user’s consent whenever the OS interacts with a private key. In essence, the OS cannot copy the device’s private key without the user’s approval, although Guillemet acknowledged that using a Ledger wallet necessitates a certain level of trust.

Related articles

US district judge refers FTX independent examiner issue to appellate court

US district judge refers FTX independent examiner issue to appellate court

May 31, 2023
Class-Action Lawsuit Filed Against Bancor DAO for Alleged Failure to Deliver on Impermanent Loss Protection Promises

U.S. prosecutors state that if the Bahamas raises objections, certain SBF charges will be dropped

May 31, 2023

The original tweet from Ledger’s customer service mentioned the technical possibility of creating firmware to facilitate key extraction, but Guillemet’s clarification emphasized that Ledger has never deployed such firmware and highlighted the importance of user trust in the company.

The tweet generated intense debate on Twitter, with many users accusing Ledger of misrepresenting the security of its wallets. Critics also pointed to a previous Ledger post from November that stated a firmware update could not extract private keys from the Secure Element, which seemed contradictory to the deleted tweet.

The controversy initially arose on May 16 when Ledger introduced a new service called “Ledger Recover,” allowing users to back up their secret recovery phrases by splitting them into three shards and storing them with different data custody services. The now-deleted tweet was in response to this new feature.

Guillemet’s Twitter thread clarified that Ledger’s firmware or OS is an open platform, enabling anyone to write and load their own apps onto the device. However, before an app is accepted on the Ledger Manager software, it undergoes evaluation by the Ledger team to ensure it is not malicious and does not have security flaws.

Ledger emphasized that even approved apps cannot utilize the private key for a network they are not designed for. For instance, Bitcoin apps cannot access Ethereum private keys, and vice versa. Additionally, whenever an app requires the use of a private key, the Ledger OS prompts the user to confirm consent. This implies that third-party apps installed on Ledger should not be able to access a user’s private key without their explicit permission.

Guillemet also acknowledged that while this system is currently part of the OS, it is theoretically possible for Ledger to change it or for an attacker to compromise the company’s computers. However, he dismissed concerns by stating that a certain level of trust is inherent in using any wallet. To protect against a potentially dishonest wallet provider, Guillemet suggested building one’s own computer, compiler, wallet stack, node, and synchronizer, though he acknowledged that this undertaking is a lifelong endeavor.

Rival hardware wallet provider GridPlus has offered to open-source its firmware as a means to attract Ledger users. However, Guillemet argued that open-sourcing firmware would not provide protection against a dishonest wallet provider, as users would have no way of verifying if the published code is actually running on the device.

Share156Tweet97

Related Posts

US district judge refers FTX independent examiner issue to appellate court

US district judge refers FTX independent examiner issue to appellate court

by The Megalodon
May 31, 2023

A motion for the appointment of an independent examiner in the bankruptcy case of crypto exchange FTX has been referred...

Class-Action Lawsuit Filed Against Bancor DAO for Alleged Failure to Deliver on Impermanent Loss Protection Promises

U.S. prosecutors state that if the Bahamas raises objections, certain SBF charges will be dropped

by The Megalodon
May 31, 2023

According to a filing in the U.S. District Court for the Southern District of New York, some of the charges...

Bybit cryptocurrency exchange withdraws from Canada due to ‘recent regulatory changes’

Bybit cryptocurrency exchange withdraws from Canada due to ‘recent regulatory changes’

by The Megalodon
May 31, 2023

Dubai-based cryptocurrency exchange Bybit has revealed its decision to halt operations in Canada due to recent regulatory developments. The exchange...

AI Experts Issue Document Comparing the Risk of ‘Extinction from AI’ to Pandemics and Nuclear War

AI Experts Issue Document Comparing the Risk of ‘Extinction from AI’ to Pandemics and Nuclear War

by The Megalodon
May 31, 2023

An open statement published by the Center for AI Safety (CAIS) has garnered signatures from numerous AI experts, including the...

Competing regulatory bills take center stage in US House stablecoin hearing

US CFTC Releases Letter Addressing Compliance in Three Areas of Digital Asset Derivatives and Clearing

by The Megalodon
May 31, 2023

The United States Commodity Futures Trading Commission (CFTC) has issued a staff advisory letter to registered derivatives clearing organizations (DCOs)...

Load More
  • Trending
  • Comments
  • Latest
Kaspersky reports a 40% increase in crypto phishing attacks within a year

Kaspersky reports a 40% increase in crypto phishing attacks within a year

April 17, 2023
Investors Must Be Aware of These 3 Points from the C3.ai Report by Short-Sellers

Investors Must Be Aware of These 3 Points from the C3.ai Report by Short-Sellers

April 18, 2023
XRP Price Nears ‘Sell the News’ Moment Following a 20% Weekly Gain in the Crypto Market

XRP Price Nears ‘Sell the News’ Moment Following a 20% Weekly Gain in the Crypto Market

March 28, 2023
THORChain Halts Mainnet Due to Potential Network Vulnerability Reports

THORChain Halts Mainnet Due to Potential Network Vulnerability Reports

March 29, 2023
Protecting Your Crypto: The Importance of AML Frameworks in Web3

Protecting Your Crypto: The Importance of AML Frameworks in Web3

President Biden Proposes Phased-In 30% Tax on Cryptocurrency Mining Electricity Usage

President Biden Proposes Phased-In 30% Tax on Cryptocurrency Mining Electricity Usage

Explaining the Reasons for the Recent Downturn in Ethereum (ETH) Price: A Macro Analysis

Explaining the Reasons for the Recent Downturn in Ethereum (ETH) Price: A Macro Analysis

Breaking Barriers: Women in Web3 Leading the Charge for Diversity and Inclusion

Breaking Barriers: Women in Web3 Leading the Charge for Diversity and Inclusion

US district judge refers FTX independent examiner issue to appellate court

US district judge refers FTX independent examiner issue to appellate court

May 31, 2023
Class-Action Lawsuit Filed Against Bancor DAO for Alleged Failure to Deliver on Impermanent Loss Protection Promises

U.S. prosecutors state that if the Bahamas raises objections, certain SBF charges will be dropped

May 31, 2023
Bybit cryptocurrency exchange withdraws from Canada due to ‘recent regulatory changes’

Bybit cryptocurrency exchange withdraws from Canada due to ‘recent regulatory changes’

May 31, 2023
AI Experts Issue Document Comparing the Risk of ‘Extinction from AI’ to Pandemics and Nuclear War

AI Experts Issue Document Comparing the Risk of ‘Extinction from AI’ to Pandemics and Nuclear War

May 31, 2023
  • Premium Services
  • Terms of Service
  • Privacy Policy

All Rights Reserved. CoinSharks.

No Result
View All Result
  • Bitcoin
  • Ethereum
  • Altcoins
  • Nasdaq
  • NYSE
  • Regulation
  • Shark School
  • Premium Services

All Rights Reserved. CoinSharks.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.