I don't use my Ledger nano s+ since they introduced that controversial recovery service but sometimes become interesting in what is going on the relevant scene. Yesterday I have surprisingly learn that the future firmware releases will add the ability to unsubscribe from this service
Ask them to
PROVE IT.They can't, because their firmware isn't open.
There's no backdoor and I obviously can't prove it
-- btchip, Ledger owner & co-founder
Can't prove it, because their firmware isn't open.
They'll probably just add a fake option to turn Recover off that actually does nothing, in order to trick users into feeling safe.
There's no way to prove what their firmware can or cannot do.
There's no way to prove how they share your data and who they share it with.
If Trezor, ColdCard, SeedSigner, Krux, and others say they've added a feature & somebody says "Prove it!" they can say "Sure! Here's the code. Every single line." Done.
All Ledger can say is "
Trust Me Bro." but no one can trust them after they lied so many times about so many things.
Remember when Ledger said "Your keys are always stored on your device and never leave it" and then they wrote an API to allow them and other companies (!!!) to extract your keys out of your device over the internet?
Remember when a Ledger employee got phished & DeFi users lost over $600k? ...and then Ledger later admitted it was a former employee who still had access to their codebase? Why did an ex-employee still have access to the codebase? Ledger wouldn't say.
Remember when Ledger got hacked & the hackers leaked Ledger's entire customer database, including users email addresses, home addresses & phone numbers? Ledger can't even keep their own data secure.
The only truly safe use for Ledger hardware is as a decoy wallet, which is how I use mine.
The day they added key extraction to their firmware, they should have offered full refunds to customers they lied to.
What a terrible company.