After a video went viral of what appears to be a hardware wallet getting smashed with a hammer and then blow-torched into a charred mass, Ledger (and all of the crypto industry) got a searing reminder on the importance of managing expectations.
In a series of media appearances, executives said the French wallet-maker would make part of its code open-source and add additional security protections.
Unciphered, a company of cybersecurity professionals who recover lost cryptocurrency, says it found a way to physically hack into the Trezor T hardware wallet. Trezor says it acknowledged a similar-sounding attack vector a few years ago.
Paris based hardware wallet maker Ledger announced a new key recovery feature this week allowing users to recover their private keys But opponents say that the product isn’t compatible with the concept of a hardware wallet which promises to ring fence private keys from prying eyes The Hash panel discusses the criticism around the launch [...]
The French wallet-maker believes the service will help attract customers turned off by crypto's unforgiving self-custody ethos. But critics wonder whether the concept is compatible with a real hardware wallet.
"Technically speaking it is and always has been possible to write firmware that facilitates key extraction. You have always trusted Ledger not to deploy such firmware whether you knew it or not," Ledger said earlier on a now-deleted tweet.
The new Coldcard Q1 model aims to blend security and convenience – with a physical QWERTY keyboard recalling the look of a 2000's-style waffle phone. It relies on a flashlight and LED scanner to read QR codes – instead of using a camera, which can be an attack vector.