Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Hardware wallets
Merits 1 from 1 user
Re: Ledger Recovery - Send your (encrypted) recovery phrase to 3rd parties entities
by
LoyceV
on 28/11/2024, 09:18:21 UTC
⭐ Merited by vapourminer (1)
Quote from: Wind_FURY on Today at 08:00:27 AM
Although true, but if it could be proven that the device is sending packets of data to a server, and if we could trace those packets of data going to an I.P. address belonging to Ledger, or worse an unknown entity, then we can safely make a presumption that they are doing "something" with the data, which could be sensitive data - your private keys.

BUT, that's where that question goes. - Is there proof that there are there packets of data that are sent from a Ledger Nano S+ to the internet?
It's just an USB device, I don't see how such a device could get it's own internet access. I know malicious USB cables can pretend to be a keyboard and get access to the computer that way, but I don't think Ledger that that. So it needs Ledger's own software (Ledger Live) to be installed, and when you're running Ledger Live, it connects to Ledger's servers anyway. So you can't know what data it's sending.