They must be getting a lot of ESG investment to push KYC and government unlocking to make this kind of decision and not care about customers. They probably anticipate much more money in the future from the masses with CBDC support and IMF approved solutions. RIP Ledger.
James, I think you left out the most important aspect, which is that the keys for the Recover service are encrypted and sharded within the BOSOL kernel and Secure Element hardware chip. The plaintext private key never leaves the hardware, only the encrypted output which is sharded into 3 segments. Also if an attacker were to obtain all of the encrypted shards (essentially a multi-sig), they need the private key, which is on the SE chip on the physical hardware wallet and is passcode protected, to decrypt and retrieve the private key.
This is all well and good until a user gets phished posing as the ledger web site. It's bad OpSec to ask the user to input their seed phrase into any online web site. A nation state could also infiltrate their firmware and steal private keys via their own software. This just opens up more avenues for potential exploitation.
@@davidatclemson The seed phrase never leaves the Secure Element. The website sends a request to your Ledger Hardware wallet, which the BOSOL operating system does a syscall to the Kernel, and the actual firmware does the transaction signing with the private key. This is how every transaction is signed by your private key on your hardware.
@@iluvtododrawrings yes this makes sense to me. I have also sent an email to them to check this. On their website it says you have to use a new device when restoring or a factory reset one. I guess the next question is, does encrypting it into 3 separate fragments make this secure enough? For example, if the 2 third parties (each with 1/3 encrypted) colluded together secretly to form 16 words, is 16 words enough to recover the whole key? I'm hoping that because it's fragmented, it's actually ok even though it's not my key.
Unfortunately if you don't change your seed phase after moving to another wallet, you have done nothing to enhance protection. Once Ledger has your seed it's compromised regardless of the wallet you use
Bought my first LEDGER-NANO-S-PLUS three months ago, just so I could self-custody certain altcoins not available on my BCVAULT....now this. Needless to say, I liquidated those assets and put the waste of money back in the box. Anyone want one? Original receipt included; You pay postage, and it's yours! 🤔 This was the best insight into this debacle I have seen yet, and the reason why I keep tuning in. Both sides weighed, explored, explained, conclusion: That's you, James. Have no doubt you're a great father, brother, husband (what have you) as good as you are an educator. Question: Have I missed something over the last few years, because why is no one ever talking about BCVAULT anymore as a cold storage option?
We are all connected and we are one. So glad to have a brother like James to help get us through all this and learn every day from the cool classes he gives!
Aww man. I’ve already updated, and that’s not the only problem. Also you were wrong about Ledger being hacked. It was their store partner which I think was Shopify and was done by a rouge employee.
I've seen the CTO of Ledger talking about the new feature on a french media, he explained that they want to communicate only next monday about it, but some have analysed the next changes. The CTO said it's not linked to the Mica regulation, but also said that if the regulators want certain new rules in their wallet, they will have to do it.
I have BTC and Alts on my Ledger. Besides Trezor T are there any others that do both? I am 74 and it took me ages to learn about Ledger. Any help would be appreciated.🙏
Iam 67 took me ages too then put my crypto into ledger did update as required and lost my crypto ledger support does not take any blame does not help to retrieve I never ever shared my seed phrase Ledger is not supporting in finding what happened and then they have the impertinence asking ‘how did we do’
A good summary of the red flags, even if I would say that some of them are not true, but they are the obvious concerns. So it would have been interesting if you reached out to them and let them answer them. I think that most would change their mind if they listened to Ledger because I actually don't believe the hardware is compromised as long as you don't use it. This kind of feature is obviously less secure, but it could also be compared to a password manager (that could be unlocked with KYC) instead of having your password on a post-it. For some this could probably fill a use case and since it is divided to three companies all three needs to be compromised for an attacker to get your private key.
Kraken and a RUclipsr hacked a Trezor for sure and I don't hear much about it. Ledger or Ledger live has never been hacked, let's get that straight. I can't say I'm ready to jump on the "say goodbye to Ledger" bandwagon yet. So far Ledger has been very trustworthy and secure. I will wait to read more information, not just "trust the RUclipsrs" I won't do that again lol (2021 ahem...to the moon) no offense James, I listen/watch all you guys while I'm working. Good luck & HODL BTC 💎👐
How long do you think it'll take ledger to scrap this feature? Now that the damage is done, I don't think they ever will. I bet they'll be forced to disable it in the future when it's no longer profitable :) Honestly, I don't think it'll ever be profitable for them.
That is soooo true. No other channel explains things like this one does. If folks want to educate themselves on this stuff, this is the only channel you need.
Thank you James for explaining, clarifying, and why. You present a valid case regarding Ledger now and going forward. I initially thought this was a big to do over nothing if you don't opt in, but the shaking of Ledger crypto holders confidence in the company is an issue I hadn't taken into consideration. Thank you thank you thank you!
Thanks - the only thing you didn't mention that I'd seen online yesterday - was this apparently only affected particular device - the Nano X - have you seen any verification of that?
The world gets more confusing day by day. I have been a LastPass customer for a few years. A plethora of newspaper security issues made me switch to Enpass, which turned out to be a terrible implementation of password management. I then switched to Norton Password Manager which was truly horrible to us and constantly failed. I’m now back with LastPass!
Would love an update on this topic ( cold wallet storage in general ). Its been 10 months, and technology improves quickly, would be interested in a new "Best Storage Options" video James.
This is 100% unacceptable. I'm off ledger forever this is absolutely criminal how could they think this obvious security breech would fly with thier base?
I'm still confused - are all the issues with 'Ledger Recover' or also basic storage (Nano, X)? So embarrassed I have 5 figures on exchanges right now 😬 * bought two Ledgers last year, but think I already saw the flaw; didn't *feel* right to me .... Where are y'all storing with your digital assets??
Tangem wallet does not use BIP39, which is a standard for generating and storing cryptographic keys. This means that Tangem wallet users cannot import or export their keys to other wallets that support BIP39. Additionally, Tangem wallet does not support hardware wallets that use BIP39.
@@InvestAnswers is that a problem? If you have a ledger you most certainly don’t want to import your current seed phrase, so you are going to need to generate a new wallet and seed phrase anyway. Tangem doesn’t generate a conventional BIP39 seed phrase, but instead encrypts it into the chip it uses. I don’t see the problem as they give you three cards for back up. Unless there is a way for it to be hacked it looks like a pretty good system to me.
This is almost as bad as the bud light marketing team. Are they hiring new grads? Careful burying I did an experiment last winter and the paper I wrote stuff on was unrecognizable. Metal plates the way to go.
Even without this stupid feature, the problem is the code for ledger isn’t entirely open source so they could have been sending out your seed the whole time without you knowing. If the firmware is pwned all bets are off. Cold Card is about as good as it gets while using a secure element.
Tangem is a good option. Just depends what you want out of your wallet. I prefer something air gapped like the Keystone Pro. We have reviews for both of these wallets on our channel if you want to learn more about each one.
Hi James, could you look into the Tangem cold wallet please, seems very good with no need to staore/save/remember seeds but crypto safe, i'd really appriciate your thoughts. TIA
Tangem wallet does not use BIP39, which is a standard for generating and storing cryptographic keys. This means that Tangem wallet users cannot import or export their keys to other wallets that support BIP39. Additionally, Tangem wallet does not support hardware wallets that use BIP39.
James, you said do not download the firmware updates, do those differ from their standard updates?? Can someone please help give me peace of mind on this?
The only way for Ledger to partially recover the trust of the customers is to go open source. But something tells me it was a "calculated wrong move" and the will never open source it.
Not an Apple fan for the record but yes they have zero days! How many tho compared with the open source guys....most ppl dont even run an antivirus on ios for god sake which is ridiculous i know but also stands as a testiment to how well they stay on top of their security. Think about it like giving out 24 of a 25 word seed phrase to be tested by the hacker community. Would you really want to take the risk that your seed phrase cant be hacked...I would think once you have a private and audited system the less the hacker knows the longer it will take to hack. I fully support and invest in open source! Just not when it comes to my precious BTC 😂
It reminds me of when Coca-Cola released new Coke with a new formula! Terrible strategic move. Hopefully they resolve this quickly. We’re told we can’t leave crypto on exchanges and now this!! Thanks James
Oh because the Ledger said they have added an API inside the Ledger for that? Strangely they haven't, they just offer an online vault service. It is just not possible by design, hardware TPM does allow any ways to extract their secret except by using hardware glitch/side channel attacks At the same time, it is possible to ask users to enter their seeds in order to verify its validity (you know, maths), so rather than assuming that they will implement a backdoor, which is impossible regarding the hardware use inside ledgers, better assume they will enquire users to provide them their seed phrase, that likely the ledger will verify, then split and encrypt, only user input here.... Edit: Btw all apps running on the ledger are open source, so the apps delivered to cipher the seeds for their recovery service binding will also be be open source, lulz 🙃 Edit2: How could you onboard from their vault backup without firmware update to support that new onboarding option? By saving the backup seed in cleartext on the host computer giving a chance to be compromised on its way back? Sure no.
I work in Tech and can point to hundreds of exploits possible when using computers/phones (all platforms, all hardware/software). As James says, 'wear your seat belts everyone' which can also apply to our use of technology. You must use technology safely by being vigilant. And as James would say, 'the more you know' the better prepared you will be. And as James says, 'Don't panic' but do be vigilant.
My real problem is how many crypto exchange uses ledger as cold storage and they thought it is secure and if they lose it what will happen who is to blame?
It should be the same result as any other company that outsourced some parts of the business to a supplier (like how a tech provider / outsourcer service ScanSource admits to being hacked the day of this post). From what I read, the lawsuits usually go around trying to get damages from anyone involved and usually the PR of the victim company tries to blame the supplier/service provider to varying degrees of success.
I completely agree that there is collusion between Ledger and regulators. Pretty easy to see since this is such a ridiculous move by them. I'm so glad that people are waking up and this adds more fuel to that fire of awareness. It's just the great opportunity for the next big replacement for Ledger. Looking forward to who that is going to be.
I'd almost think paper wallets, but I hear they're annoying to set up and deal with. As long as one has a good algorithm for it, they seem to provide decent security. The issue is being tech savvy enough to create one.
@investanswers James - I noticed you did not include Foundation Passport or Keystone in the alternative wallet options. Do you or your wallet expert have some insight on either of these?
Trezor it is then. These other crypto wallets are unknown to me . Excellent video, you are crushing it with quality these days James. Greetings from Ireland ☘️
Thank you so much for the information. I can't believe Ledger is doing this. I had been getting spam emails to log into a fake Ledger link in the past. I am not happy with their Recovery decision. They should only offer this service to the more novice crypto holder at best.
UPDATE: @Ledger said “we cannot extract their keys, and will not extract keys,” after deleting a tweet that said “technically speaking it is and always has been possible to write firmware that facilitates key extraction.”
This is not correct and a hot reaction :-) 1. The seed phrase never leaves the wallet. 2. In case you want to activate the "recover" service, a validation action is required on the wallet. 3. The "recover" service requires the activation of a KYC with one of the service providers before the service can be activated. 4. The seed phrase is compartmentalized into 3 encrypted parts and then communicated to each of the 3 service providers. 5. It takes 2 parts and the wallet for the recovery to take place. So there is no comprize at all !!! However what we are loosing is confidentiality because of the KYC
Yeah, so many people out there don't understand that if your wallet provider can recover your account, then is not secure. Exodus Wallet doesn't have backup but im curious to know HOW do they connect to the blockchain. They also have built-in features like their own bridges and buying directly from the wallet. I'm curious to know how those connections are made. The less features and less connections there are, the more secure the wallet is. Now, anyone can just download a Bitcoin wallet like Bitcoin Core onto a pen drive and done. That's one of the most secure ways to have your own wallet. Problem is how many coins does the wallet support.
Yes but the bitcoin wallet is not a hardware wallet. It's a non custodial wallet with a seed phrase but not a hardware wallet. That's important difference.
@@wrfootball3847 What's the difference? You install an open source bitcoin wallet onto a pen drive. That makes it a hardware wallet. Well, the difference is if someone has physical access to the pen drive. THEN it matters how secure it is the encryption.
I stick to my concept of having a USB drive with a linux live system and encrypted persistence where I store my wallets. dd to .iso frequently and store on different medium and location.
Ledger is trying to go mainstream too fast, and even worse, at the cost of their current loyal customers and basic crypto ethics. They fucked up big time.
Okay... so the real problem is not the new software update. It is that they are not open source and Ledger never has been. So, why did anyone trust them in the first place.
Tangem wallet does not use BIP39, which is a standard for generating and storing cryptographic keys. This means that Tangem wallet users cannot import or export their keys to other wallets that support BIP39. Additionally, Tangem wallet does not support hardware wallets that use BIP39.
@@InvestAnswers Thanks for info about BIP39 support. I was not aware BIP39 (shows my ignorance on this topic) is industry standard and Tangem does not support it. Good to know. What I think is cool about Tangem is that there is no "seed phrase", instead the equivalent seed phrase (if you will) is a unique number generated when the wallet is setup, and it's stored on the card. Not even the user knows the unique number. Nobody knows the #, it seems very secure from that perspective. If your Tangem card gets stolen or lost, you can cancel the card and switch to your backup. They offer 2 cards (primary and backup) for $44 and 3 cards for $56 (primary and 2 backups). Truth be told, I've never used it, just learning about it. Ordered one this week, very excited to play around with it and see how it works. But like I said, I am still learning about the pros and cons, thanks for telling me about the importance of BIP39.
I heard of KeepKey now allows users to verify their SSN to withdraw their crypto. Keystone wallet may be a better option as it is open source, fully air gapped, has many coins, and they delete your shipping info after 180 days
@@kiwicam6419 they need less than 24h to broke your 12/24 seed pfrasess, you only need to be person of interest (knowing if you have some money-worth of doing this brute force).
I think there's an error in what you said, the seed cannot be exported without your consent. You need to consent for the seed phrase to be copied, split, encrypted and sent to the 3 companies.
You sure about that? I know that's what they said.....but they also said they can't access your seed phrase at all, which is now obviously proven to be a lie.
I bought a Nano X about 2 years ago and I went to use it a couple of months ago and the battery is dead. I charged it about 6 months before that, to make sure it still worked, then it was dead the next time I tried.
I was looking at NGrave but the big problem I can see is they use their 'Perfect Key' system - so what happens when the wallet fails in a few years time and Ngrave were no longer in business? Surely you would be stuffed as no other wallet would recognize the 'Perfect Key'. I know you can also use a regular seed phrase instead, but it's a concern that there preferred Perfect Key method could leave you without access to your crypto if they ever went out of business. As you use one, can you shed any light on this issue? Thanks
Their devices are questionable and customer service is as well. Bought a Nano S+ April 2023 and the buttons don't work. Support was awful. Buy elsewhere.
James, this is the best video on this topic I've seen yet! Thank you for keeping us "in the know". Cheers!
so welcome brother James :D
@@jasondreyn "allegedly"
@@badbaptist7046 "Allegedly" to which part? Please formulate your thoughts instead of quoting a single word.
@@badbaptist7046 It's the best video *_he has seen yet_* . What about that is "allegedly"?
Definitely a detailed video on cold storage
They must be getting a lot of ESG investment to push KYC and government unlocking to make this kind of decision and not care about customers. They probably anticipate much more money in the future from the masses with CBDC support and IMF approved solutions. RIP Ledger.
Lol... can you even hear yourself in that echo chamber?
James, I think you left out the most important aspect, which is that the keys for the Recover service are encrypted and sharded within the BOSOL kernel and Secure Element hardware chip. The plaintext private key never leaves the hardware, only the encrypted output which is sharded into 3 segments. Also if an attacker were to obtain all of the encrypted shards (essentially a multi-sig), they need the private key, which is on the SE chip on the physical hardware wallet and is passcode protected, to decrypt and retrieve the private key.
This is all well and good until a user gets phished posing as the ledger web site. It's bad OpSec to ask the user to input their seed phrase into any online web site. A nation state could also infiltrate their firmware and steal private keys via their own software. This just opens up more avenues for potential exploitation.
@@davidatclemson The seed phrase never leaves the Secure Element. The website sends a request to your Ledger Hardware wallet, which the BOSOL operating system does a syscall to the Kernel, and the actual firmware does the transaction signing with the private key. This is how every transaction is signed by your private key on your hardware.
@@wrfootball3847 No, OwenChen is wrong. Recover will let you restore to any ledger device because it uses Ledger's key... not yours.
@@iluvtododrawrings yes this makes sense to me. I have also sent an email to them to check this. On their website it says you have to use a new device when restoring or a factory reset one. I guess the next question is, does encrypting it into 3 separate fragments make this secure enough?
For example, if the 2 third parties (each with 1/3 encrypted) colluded together secretly to form 16 words, is 16 words enough to recover the whole key?
I'm hoping that because it's fragmented, it's actually ok even though it's not my key.
This really is a 'Bud Light moment' for Ledger.
100%
@@InvestAnswers Can you make a new video before the election on wallets to use. Stay cool - thanks
So, if the big guys like ledger can't be trusted, how could these other companies that we never heared of could be trusted more?🤔
Open source vs closed source
Red Bug Blue Bug Ever heard about Ngrave Zero Wallet? Dope wallet but not many crypto choices...
Unfortunately if you don't change your seed phase after moving to another wallet, you have done nothing to enhance protection.
Once Ledger has your seed it's compromised regardless of the wallet you use
Is there a wallet you recommend? Was thinking about getting a Trevor model T.
Bought my first LEDGER-NANO-S-PLUS three months ago, just so I could self-custody certain altcoins not available on my BCVAULT....now this. Needless to say, I liquidated those assets and put the waste of money back in the box. Anyone want one? Original receipt included; You pay postage, and it's yours! 🤔 This was the best insight into this debacle I have seen yet, and the reason why I keep tuning in. Both sides weighed, explored, explained, conclusion: That's you, James. Have no doubt you're a great father, brother, husband (what have you) as good as you are an educator. Question: Have I missed something over the last few years, because why is no one ever talking about BCVAULT anymore as a cold storage option?
We are all connected and we are one. So glad to have a brother like James to help get us through all this and learn every day from the cool classes he gives!
Aww man. I’ve already updated, and that’s not the only problem. Also you were wrong about Ledger being hacked. It was their store partner which I think was Shopify and was done by a rouge employee.
Ledger company's quietness about this issue is alarming
Or no news is good news.
Stunning as the building burns
Indeed
They are like don’t worry folks it’s all good lol 😂 as they sweep everyones coins
I've seen the CTO of Ledger talking about the new feature on a french media, he explained that they want to communicate only next monday about it, but some have analysed the next changes. The CTO said it's not linked to the Mica regulation, but also said that if the regulators want certain new rules in their wallet, they will have to do it.
I have BTC and Alts on my Ledger. Besides Trezor T are there any others that do both? I am 74 and it took me ages to learn about Ledger. Any help would be appreciated.🙏
Iam 67 took me ages too then put my crypto into ledger did update as required and lost my crypto ledger support does not take any blame does not help to retrieve I never ever shared my seed phrase
Ledger is not supporting in finding what happened and then they have the impertinence asking ‘how did we do’
I settled on a Keystone. Just waiting for post to deliver.
Woah thanks for the heads up!
Time to get a new cold storage wallet 😭
There will only be government crypto banks holding your keys in the future.
A good summary of the red flags, even if I would say that some of them are not true, but they are the obvious concerns. So it would have been interesting if you reached out to them and let them answer them. I think that most would change their mind if they listened to Ledger because I actually don't believe the hardware is compromised as long as you don't use it. This kind of feature is obviously less secure, but it could also be compared to a password manager (that could be unlocked with KYC) instead of having your password on a post-it. For some this could probably fill a use case and since it is divided to three companies all three needs to be compromised for an attacker to get your private key.
Kraken and a RUclipsr hacked a Trezor for sure and I don't hear much about it. Ledger or Ledger live has never been hacked, let's get that straight. I can't say I'm ready to jump on the "say goodbye to Ledger" bandwagon yet.
So far Ledger has been very trustworthy and secure. I will wait to read more information, not just "trust the RUclipsrs" I won't do that again lol (2021 ahem...to the moon) no offense James, I listen/watch all you guys while I'm working.
Good luck & HODL BTC
💎👐
@@Pilifo006 think it was an old firmware update. he did it to recover the guys money
@@Pilifo006 I believe it can be physically broken into and hacked as it doesn’t use a secure element like Ledger.
I never thought I’d be debating putting BTC back into Coinbase
Don't do it, their support is worthless in the event of a problem.
That is way not the right move imo. Future of Coinbase?
What makes you trust Coinbase’s opsec more than Ledger?
Why not just use the safest wallet there is avaible? Ngrave Zero wallet...
Thank you James for your hard work, Ledger will facing a shitstorm if they do not cancel this new option, not your keys not your cryptos
How long do you think it'll take ledger to scrap this feature? Now that the damage is done, I don't think they ever will. I bet they'll be forced to disable it in the future when it's no longer profitable :) Honestly, I don't think it'll ever be profitable for them.
Is Trezor still safe ???
That is soooo true. No other channel explains things like this one does. If folks want to educate themselves on this stuff, this is the only channel you need.
I knew it!!!! I had that feeling. They were being pushed too much by "big" people.
Thank you James for explaining, clarifying, and why. You present a valid case regarding Ledger now and going forward. I initially thought this was a big to do over nothing if you don't opt in, but the shaking of Ledger crypto holders confidence in the company is an issue I hadn't taken into consideration. Thank you thank you thank you!
More in this tomorrow 🙏🙏🙏
Can you do a quick videos on how to transfer from Ledger to Trevor model T?
The world of crypto is so damn risky all the way around. I am getting burnt out. Thanks for keeping us up to date on these issues 🙏🏻
ngrave zero wallet.. buy quality not quantity...
@@michaelcooreman3509im really considering them. It looks that for now they are the most expensive and safest option!
Thanks - the only thing you didn't mention that I'd seen online yesterday - was this apparently only affected particular device - the Nano X - have you seen any verification of that?
i think they are rolling to the other soon
@@InvestAnswers Yes it would seem like that's probably only a matter of time.
Ledgers reputation is toast!
The world gets more confusing day by day. I have been a LastPass customer for a few years. A plethora of newspaper security issues made me switch to Enpass, which turned out to be a terrible implementation of password management. I then switched to Norton Password Manager which was truly horrible to us and constantly failed. I’m now back with LastPass!
Your a fool in your picks. I really dont understand why you do this? Nobody can be this ignorant. Bitwarden is thr best and most secure pw manager.
16:34 Hey!! Coinjoin is currently only available on the Trezor Model T !!!! There is no coinjoin on Trezor 1
Would love an update on this topic ( cold wallet storage in general ). Its been 10 months, and technology improves quickly, would be interested in a new "Best Storage Options" video James.
Thank you for keeping up with of all the news out there for us all day everyday, day in day out.
Massive respect sir 🙏
thank you sir for being a part of it
Thankyou for the information .Can we use Solana's phone 'Saga" with built in hardware wallet as a alternative to ledger ?
I am digging into that
Ledger is completely safe if you chose not to PURCHASE the recovery feature. If you don't the wallet is still a cold secure device.
but eventually we will have to update it and then what?
This is 100% unacceptable. I'm off ledger forever this is absolutely criminal how could they think this obvious security breech would fly with thier base?
I'm still confused - are all the issues with 'Ledger Recover' or also basic storage (Nano, X)? So embarrassed I have 5 figures on exchanges right now 😬
* bought two Ledgers last year, but think I already saw the flaw; didn't *feel* right to me .... Where are y'all storing with your digital assets??
James, can you please give your thoughts on the Tangem cold storage card in an upcoming video? Thanks in advance. 👍🏼
Tangem wallet does not use BIP39, which is a standard for generating and storing cryptographic keys. This means that Tangem wallet users cannot import or export their keys to other wallets that support BIP39. Additionally, Tangem wallet does not support hardware wallets that use BIP39.
@@InvestAnswers is that a problem? If you have a ledger you most certainly don’t want to import your current seed phrase, so you are going to need to generate a new wallet and seed phrase anyway. Tangem doesn’t generate a conventional BIP39 seed phrase, but instead encrypts it into the chip it uses. I don’t see the problem as they give you three cards for back up. Unless there is a way for it to be hacked it looks like a pretty good system to me.
This is almost as bad as the bud light marketing team. Are they hiring new grads? Careful burying I did an experiment last winter and the paper I wrote stuff on was unrecognizable. Metal plates the way to go.
I just brought a ledger nano x, should I send it back and ask for refund, as I haven't used it yet. $250😢
First the database leak and now this? I wouldn't go with a Ledger device anymore nowadays.
Even without this stupid feature, the problem is the code for ledger isn’t entirely open source so they could have been sending out your seed the whole time without you knowing. If the firmware is pwned all bets are off. Cold Card is about as good as it gets while using a secure element.
Anyone have any thoughts on Tangem as an alternative to Ledger?
Tangem is a good option. Just depends what you want out of your wallet. I prefer something air gapped like the Keystone Pro.
We have reviews for both of these wallets on our channel if you want to learn more about each one.
I have been waiting for a long time to decide whether to go for Ledger or Trezor .its clear now.
Hi James, could you look into the Tangem cold wallet please, seems very good with no need to staore/save/remember seeds but crypto safe, i'd really appriciate your thoughts. TIA
Tangem wallet does not use BIP39, which is a standard for generating and storing cryptographic keys. This means that Tangem wallet users cannot import or export their keys to other wallets that support BIP39. Additionally, Tangem wallet does not support hardware wallets that use BIP39.
@@InvestAnswers thank you for the reply.
Tangem now has 2.0 cards that will show you your seed phrase on the phone screen.
@@bobwreck3775 Thanks, i saw this.
I like using Arculus. I tried using Ledger, and it was so problematic with the batteries.
This really is ledgers Bud Light moment.
James, you said do not download the firmware updates, do those differ from their standard updates?? Can someone please help give me peace of mind on this?
Avoid the version mentioned in the video
@@InvestAnswers I'll rewatch it just to make sure there's nothing I've missed. Thank you!
The only way for Ledger to partially recover the trust of the customers is to go open source. But something tells me it was a "calculated wrong move" and the will never open source it.
You don't understand open source if you don't understand 'Zero Days'!
Why would you expose a secure device to such risk?
iOS, for example is closed source, correct? It had quite a few 0day exploits from what I know ..
Not an Apple fan for the record but yes they have zero days!
How many tho compared with the open source guys....most ppl dont even run an antivirus on ios for god sake which is ridiculous i know but also stands as a testiment to how well they stay on top of their security.
Think about it like giving out 24 of a 25 word seed phrase to be tested by the hacker community. Would you really want to take the risk that your seed phrase cant be hacked...I would think once you have a private and audited system the less the hacker knows the longer it will take to hack.
I fully support and invest in open source! Just not when it comes to my precious BTC 😂
It reminds me of when Coca-Cola released new Coke with a new formula! Terrible strategic move. Hopefully they resolve this quickly. We’re told we can’t leave crypto on exchanges and now this!! Thanks James
Why doesn’t James just say which wallet HE TRUSTS & uses???? WTH!!??
Oh because the Ledger said they have added an API inside the Ledger for that? Strangely they haven't, they just offer an online vault service. It is just not possible by design, hardware TPM does allow any ways to extract their secret except by using hardware glitch/side channel attacks
At the same time, it is possible to ask users to enter their seeds in order to verify its validity (you know, maths), so rather than assuming that they will implement a backdoor, which is impossible regarding the hardware use inside ledgers, better assume they will enquire users to provide them their seed phrase, that likely the ledger will verify, then split and encrypt, only user input here....
Edit: Btw all apps running on the ledger are open source, so the apps delivered to cipher the seeds for their recovery service binding will also be be open source, lulz 🙃
Edit2: How could you onboard from their vault backup without firmware update to support that new onboarding option? By saving the backup seed in cleartext on the host computer giving a chance to be compromised on its way back? Sure no.
I work in Tech and can point to hundreds of exploits possible when using computers/phones (all platforms, all hardware/software). As James says, 'wear your seat belts everyone' which can also apply to our use of technology. You must use technology safely by being vigilant. And as James would say, 'the more you know' the better prepared you will be. And as James says, 'Don't panic' but do be vigilant.
Very good content, you just earned a sub.
thank you
My real problem is how many crypto exchange uses ledger as cold storage and they thought it is secure and if they lose it what will happen who is to blame?
... wait, what?! Source?
It should be the same result as any other company that outsourced some parts of the business to a supplier (like how a tech provider / outsourcer service ScanSource admits to being hacked the day of this post).
From what I read, the lawsuits usually go around trying to get damages from anyone involved and usually the PR of the victim company tries to blame the supplier/service provider to varying degrees of success.
I'm finished with Ledger moving all my crypto now
Matthew just talked about it . An excellent Bitcoiner . Very interesting. Simple answer : Coldcard
I completely agree that there is collusion between Ledger and regulators. Pretty easy to see since this is such a ridiculous move by them. I'm so glad that people are waking up and this adds more fuel to that fire of awareness. It's just the great opportunity for the next big replacement for Ledger. Looking forward to who that is going to be.
Yes agree 100%
I'd almost think paper wallets, but I hear they're annoying to set up and deal with. As long as one has a good algorithm for it, they seem to provide decent security. The issue is being tech savvy enough to create one.
Thanks James. I just bought new Trezor T, never touch Ledger again!
CEO spoke at the WEF in 2020. That says it all.
Game over Ledger
@investanswers
James - I noticed you did not include Foundation Passport or Keystone in the alternative wallet options. Do you or your wallet expert have some insight on either of these?
Thank you James
Trezor HW may have an issue too with implementing coinjoin through Wasabi. James, can you speak to this, if this is an issue? Thanks.
Just don’t use the service, and have the device on BTC only setting
Trezor it is then. These other crypto wallets are unknown to me . Excellent video, you are crushing it with quality these days James. Greetings from Ireland ☘️
Keystone Pro looks attractive now
Dang, I just bought my first wallet a month ago it's still in the wrapper. Of course it's got to be a ledger
Fyi, your crypto is not actually on your hardware wallet...
Thank you so much for the information. I can't believe Ledger is doing this. I had been getting spam emails to log into a fake Ledger link in the past. I am not happy with their Recovery decision. They should only offer this service to the more novice crypto holder at best.
either can i
In this video James recommends Trezor Model T; KeepKey; and AirGap for altcoins. However only KeepKey of these presently supports Solana.
The answer is 2fa mixed in with it. Double the amount of security.
Ngrave zero and Tangem wallet seem to be v good choices. Both air gapped, Tangem is eas6 and Ngrave is eas7 compliant.
Both good options for sure. However Tangem is not air-gapped as it uses Bluetooth to connect to the app.
I hear Tangem is also a good wallet... nfc, open source, no seed phrase needed.
UPDATE:
@Ledger said “we cannot extract their keys, and will not extract keys,” after deleting a tweet that said “technically speaking it is and always has been possible to write firmware that facilitates key extraction.”
This is not correct and a hot reaction :-)
1. The seed phrase never leaves the wallet. 2. In case you want to activate the "recover" service, a validation action is required on the wallet. 3. The "recover" service requires the activation of a KYC with one of the service providers before the service can be activated. 4. The seed phrase is compartmentalized into 3 encrypted parts and then communicated to each of the 3 service providers. 5. It takes 2 parts and the wallet for the recovery to take place. So there is no comprize at all !!! However what we are loosing is confidentiality because of the KYC
Yeah, so many people out there don't understand that if your wallet provider can recover your account, then is not secure.
Exodus Wallet doesn't have backup but im curious to know HOW do they connect to the blockchain. They also have built-in features like their own bridges and buying directly from the wallet.
I'm curious to know how those connections are made. The less features and less connections there are, the more secure the wallet is.
Now, anyone can just download a Bitcoin wallet like Bitcoin Core onto a pen drive and done. That's one of the most secure ways to have your own wallet. Problem is how many coins does the wallet support.
Yes but the bitcoin wallet is not a hardware wallet. It's a non custodial wallet with a seed phrase but not a hardware wallet. That's important difference.
@@wrfootball3847 What's the difference? You install an open source bitcoin wallet onto a pen drive. That makes it a hardware wallet. Well, the difference is if someone has physical access to the pen drive. THEN it matters how secure it is the encryption.
@@SagaraUrz oh can you, ok I didn't know that. In that case yes its all good
I stick to my concept of having a USB drive with a linux live system and encrypted persistence where I store my wallets. dd to .iso frequently and store on different medium and location.
Ledger is trying to go mainstream too fast, and even worse, at the cost of their current loyal customers and basic crypto ethics. They fucked up big time.
Okay... so the real problem is not the new software update. It is that they are not open source and Ledger never has been. So, why did anyone trust them in the first place.
Thanks James, as always. Always appreciated
Ledger is always safe. However uphold hacked my account and stole the tiny funds I had in it
Class action suit against ledger?
Tangem is the most secure cold storage wallet and very easy to use.
Tangem wallet does not use BIP39, which is a standard for generating and storing cryptographic keys. This means that Tangem wallet users cannot import or export their keys to other wallets that support BIP39. Additionally, Tangem wallet does not support hardware wallets that use BIP39.
@@InvestAnswers Thanks for info about BIP39 support. I was not aware BIP39 (shows my ignorance on this topic) is industry standard and Tangem does not support it. Good to know. What I think is cool about Tangem is that there is no "seed phrase", instead the equivalent seed phrase (if you will) is a unique number generated when the wallet is setup, and it's stored on the card. Not even the user knows the unique number. Nobody knows the #, it seems very secure from that perspective. If your Tangem card gets stolen or lost, you can cancel the card and switch to your backup. They offer 2 cards (primary and backup) for $44 and 3 cards for $56 (primary and 2 backups). Truth be told, I've never used it, just learning about it. Ordered one this week, very excited to play around with it and see how it works. But like I said, I am still learning about the pros and cons, thanks for telling me about the importance of BIP39.
James, Bitbox was your recommendation for hardware wallets in an earlier video. Have you downgraded your opinion of Bitbox? If so, why?
James thank you so so much for always being so on the ball with all things crypto. You and your team always delivers It’s truly my #1 source 👏
Much appreciated James and team!
Thank you, I actually trust your advice.
I heard of KeepKey now allows users to verify their SSN to withdraw their crypto. Keystone wallet may be a better option as it is open source, fully air gapped, has many coins, and they delete your shipping info after 180 days
@InvestAnswers
Another attack vector: what happens if/when governments force Ledger to provide the 3 shards of their citizens?
Not sure, but Ledger doesn't have all 3
@@kiwicam6419 they need less than 24h to broke your 12/24 seed pfrasess, you only need to be person of interest (knowing if you have some money-worth of doing this brute force).
I think there's an error in what you said, the seed cannot be exported without your consent. You need to consent for the seed phrase to be copied, split, encrypted and sent to the 3 companies.
You sure about that? I know that's what they said.....but they also said they can't access your seed phrase at all, which is now obviously proven to be a lie.
besides ledger I also use safepal, I found safepal to be VERY GOOD.
I bought a Nano X about 2 years ago and I went to use it a couple of months ago and the battery is dead. I charged it about 6 months before that, to make sure it still worked, then it was dead the next time I tried.
What is the best cold storage device now?
check summary at end
Hi James , I personally use NGrave for my cold storage. I bet you would love it !
Thank you again for all your hard work !
Does it support Solana?
Ngrave is a premium wallet.
Nice 👍
I was looking at NGrave but the big problem I can see is they use their 'Perfect Key' system - so what happens when the wallet fails in a few years time and Ngrave were no longer in business? Surely you would be stuffed as no other wallet would recognize the 'Perfect Key'. I know you can also use a regular seed phrase instead, but it's a concern that there preferred Perfect Key method could leave you without access to your crypto if they ever went out of business. As you use one, can you shed any light on this issue? Thanks
@@petersmith6798 Thanks. Does not support Solana so I am going with Keystone and Coolwallet
Thanks! Love the content. I use an NGRAVE, any reason why you don’t recommend this cold storage wallet?
The damage is done. They can say they will cancel this service but how can I verify they are being honest, I can't. I am going with another company.
Great content! So important !
awesome to hear
Their devices are questionable and customer service is as well. Bought a Nano S+ April 2023 and the buttons don't work. Support was awful. Buy elsewhere.
Thanks, James. Good review.
Appreciate you, brother.
🤘😎🤘
Thanks so much James. I love the work you do keeping us updated daily. I can always count on getting detailed information from your channel.
Side note QQ: Any TD recommendations? I don’t want to move to Schwab…
Move to which device?????????????????
Would having a nano S change anything as they’ve said no new features will be added to it as it’s discontinued? Kinda stuck on what to do
For every problem there is a simple solution - and it's probably WRONG!