Hello Veeky Forums I have recently got information that Ledger has a custom seed to generate addresses on their Hardwarewallet. This limits the possible addresses substantially and allows them to gain access to your wallet within the next decade as computer power increases. This code is embedded into each Ledger, be cautious.
Do yourself a favour and use a proper self generated wallet.
Other urls found in this thread:
en.wikipedia.org
twitter.com
>Hello Veeky Forums I have recently got information
No you didn't or you would post a source.
>hehe hey guys lets make a fucking mint of selling hardware wallets in an age where cryptocurrency is becoming ever more popular, then fuck it all up buy stealing crypto, send the whole thing crashing overnight, thus making our ill gotten gains worthless hehe
why wouldn't you post a source? This is straight up illegal if true and you couldn't be prosecuted or harmed.
also you do realize crypto is just a pnd scam and nobody will be in it in a couple of years, not to mention decades right? I'll be comfy in millions of fiat in a few years so idgaf
>recently got information
>Ledger has a custom seed to generate addresses
im sorry what?
Its 24 words like every other fuck seed generator you goof.
In computing, when you generate a random number you have to use a seed. If you use the same seed over and over, you get the same result. So generally seed values are supposed to be as "non-deterministic" as possible so that the random values generated every time cannot be predicted.
OP claims that they make up their own pre-determined seeds to generate your key, so that they know your private key.
tl;dr op is a FUDder with no evidence
Just a heads up, OP. What you're doing may just be a troll, but it's genuinely illegal. You could make yourself liable for a lawsuit.
>let's sue user
are we all going down with him?
You're an idiot
I think he was more trying to say that there are less seeds so after enough time of brute forcing they would eventually get your coins. 5-10 years down the line
That's not really what he's saying. I think he means that ledger seeds have limited range making them easier to brute force
>Then entropy is provided by the device, using an AIS-31 certified TRNG - if that doesn't convince you you're free to generate your own mnemonic and import it instead
I have 10 ledgers each holding 10% of funds. Each ledger has its own mnemonic which was generated using 10 different methods. Checkmate.
You could literally generate your own seed on a different tool and use that if it's BIP39 compatible. Don't be an idiot.
he meant that ledger has cracked crypto and can generate a short range of predictable private keys so they can robe their users later.
doesn't make it less retarded tho
I don't think it's true, but that's one of my concerns with every single device or service that generates private keys. It feels like there really is no way to know they aren't doing it other than occams razor and them not wanting to hurt their own interests.
Just got one of these. Should I use it with MEW or the built in ETH app? I quite like MEW for storing ETH and ICOs.
Maybe we should all start comparing our mnemonic phrases to see if they're all different!
I'll start
creator thread giant orifice nether region null brain unqualified empty skull corpse defile burning sensation urinate cock pussy anus tickle nipple armpit hairy balls
this is highly improbable due to key generation nature, and possibilities. and will require tech and knowledge that a small baguette fag business simply doesn't have.
there is always the hypothesis that there are alien geniuses experiencing with quantum computing and no one didn't see them coming.
They're probably making insane profits right now from the huge surge in Crypto, and 2018 will be even bigger than this year. Like you said, they have no reason to hurt their own interests. They would literally make more money just making legitimate hardware wallets with no backdoors and keep selling them for the rest of time (or for as long as cryptocurrencies exist)
FUDing retard who wants people to rather buy trezor or nothing at all.
I use the built in ETH app for just ETH, and MEW for ERC20 tokens
got thee same one wtf???
you might as well put the eth on MEW though so you actually have gas to move those tokens.
Yep. That’s mine too.
It'll be hard for them to cash out a significant amount of stolen coins too with the entire world hunting for them and their families' heads.
You can use the Ledger Nano S directly with MEW so the gas comes out of your ETH balance anyway.
also, the most important selling point for a crypto-wallet company is to make secure devices
...av sum saus widdat pl0x fyn ser
>AIS-31 certified TRNG
right, because certifications mean so much in this space en.wikipedia.org
exactly the same, so weird
why am I not surprised?
Ledger also has a portion of it software as closed source. No one knows what's happening in there.
They could have abacktoor there.
Or some hackercan plant a backdoor.
Ledger is shit.
The code would be audited in-house by multiple people to make sure that the integrity of their devices stood up to what they claim - otherwise they could face huge legal battles and also bankruptcy. They don't just let some guy in a ski-mask program the firmware solo then ship it out.
How new are you?
Companies do go bankrupt because of massively unnoticed coding mistakes.
Worst case lossees do not somehow magically make ppl write ideal foolproof code.
Is Trezor any better? I need a place to store my ERC20
What's safer then? Exodus wallet or ledger?
>Companies do go bankrupt because of massively unnoticed coding mistakes.
Like?
>Worst case lossees do not somehow magically make ppl write ideal foolproof code.
There's a difference between mistakingly not writing fool proof code and writing intentionally malicious code. If the code was audited by multiple people in-house, it would have been glaringly and blatantly obvious if there was something intentionally malicious written in the firmware. Bad code, maybe - but definitely not a whole intentional exploit.
>using closed source security hardware
Seriously? Why would you ever do this. An open source mainstream wallet on your computer is infinitely more likely to be safe in the long run even if that computer has internet access. Do these (closed source) hardware wallets at least get updates somehow? If not I'm laughing at anyone who bought some.
I've heard some hardware wallets _are_ open source and that's ok I guess, but clearly what OP is talking about is not or someone would have disproved it almost instantly.
> Like?
Eh, Parity for example?
It happened 2 months ago or so. $280M of ETH hacked out by a github boi. It is still unclear whether it was hacking or an inside job.
> mistakingly not writing fool proof code and writing intentionally malicious code
Once discovered mistakenly written code becomes an exploit. And it doesn't matter if it was intentional or not.
Keeping your code closed shows devs are not 100% sure about their own code.
Ledger Nano S has firmware updates
That's good.
>Parity exploit
Random kid sent out kill() and destroy() commands (according to him), pretty sure the ETH just got locked down and wasn't actually hacked or stolen or anything.
I can't disagree that I would prefer it to be open source too - but there can be legitimate business reasons for keeping your products firmware closed source besides malicious intent or not being sure of their own code. They have a business and a product, and it would hurt them as a business to throw up their source like that.
>Jagex automatically blocks your runescape password, look *********!