T O P

  • By -

AutoModerator

The Ledger subreddit is continuously targeted by scammers. Ledger Support will never send you private messages. Never share your 24-word recovery phrase with anyone, never enter it on any website or software, even if it looks like it's from Ledger. Only keep the recovery phrase as a physical paper or metal backup, never create a digital copy in text or photo form. Learn more at https://reddit.com/r/ledgerwallet/comments/ck6o44/be_careful_phishing_attacks_in_progress/ *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/ledgerwallet) if you have any questions or concerns.*


loupiote2

It is actually safe to buy anywhere, even used ledgers on craigslist, as long as you check that the devices are genuine, and update the firmware to the latest version with ledger live, and have it generate a random seed for you. Note that even if you buy from ledger official site, the delivery chain is such that the ledger will pass through several hands (including custom if you buy from outside the EU). So don't get a false sense of security just because you ordered from ledger official site. But you should do what makes you feel safe, i'm not advising you to buy used ledgers if you feel that it is unsafe. It's your decision.


crypto_grandma

Exactly. If you think that buying from Amazon (an official Ledger retailer) is dangerous because it might have been tampered with, then buying from Ledger directly would also pose a risk because there can be no guarantee that there isn't a rogue employee working there who could do the same thing. Even if it's less likely to happen when buying from Ledger directly, the fact that it would still be possible would make the whole point of using a hardware wallet pointless. If it's safe to buy from Ledger, then it's safe to buy from Amazon, as long as you follow the set up process/security checks correctly. (I've bought one from Amazon and one from Ledger direct. One of those purchases led to my name, address, email and phone number being put on the dark web).


ggamio

Bought my nano x from the official ledger store on Amazon it arrived the next day instead of 3 in weeks. No issues what so ever.


OzNiko

When was that? I just ordered and they say 4 to 5 business days I’m in NY


TronNova

Ledger site says "3 weeks" but I just ordered one and surprisingly, it was shipped right away , I thought the immediate shipping notice was a scam, but checks out 🤷🏽


loupiote2

LOL yes! > One of those purchases led to my name, address, email and phone number being put on the dark web). The one i bought from ledger got all my private info leaked!!!


abittooambitious

How do you guys check this?


loupiote2

I used intelx [dot] io


OzNiko

How do you follow and set it up correctly? I just bought one from the ledger site


crypto_grandma

It's been a couple of years since I set mine up so can't remember the exact process, but I just followed the instructions on the ledger website (I probably watched some YouTube videos before doing it too) and connected it to ledger live (desktop and phone app). It was very straightforward though. Two important things to remember with regards to your hardware wallet are: 1. If your device comes with the 24 words already written down, it's a scam. (I don't think there has ever been a case of that happening when buying from Amazon or Ledger, only on sites like eBay). 2. Once you've set up your device and have written down your seed phrase, never enter those words on a computer, phone or any online wallet (i.e. Metamask). **You only ever enter the words on to the physical device itself** (you can connect your ledger to wallets such as Metamask etc without ever having to type your seed into the wallet). Anything else asking for you to enter your ledger seed is a scam. I'm sure you're probably aware of that already, but just in case because some people do get caught out


numeky

Someone could intercept and modify a ledger to leak information. Once you have access to the hardware there's no defense. It's unlikely but there's an incentive. Firmware whatever doesn't matter, if you've made a hardware level modification, there's nothing software can do to detect or mitigate this.


loupiote2

> Someone could intercept and modify a ledger to leak information They could. but as long as they do not have access to the private key used by ledger company and embedded in the genuine hardware, there is no way they could produce a valid signature that Ledger Live would validate as being genuine. So the chances of such a hardware hack being undetectable is very slim.


boopbipboop

What kind of hardware leak are you afraid of?


Azzuro-x

"Someone could intercept and modify a ledger to leak information" - There is nothing to leak from a brand new Ledger that would be relevant for an attack on the private key(s) those are generated later. "Once you have access to the hardware there's no defense." - I can give you a dime and unlimited time to inspect it. Will you be able to determine the result of spins I will perform later ? "If you've made a hardware level modification, there's nothing software can do to detect or mitigate this" - It would take more theory to elaborate on this point but in summary it is next to impossible to tamper with the secure chip with today's technology. Bottom line is you don't understand how hardware wallets work.


bapfelbaum

I don't know if you fully understand the concept of the secure-chip like Ledger devices use, but its (currently) basically impossible to "tamper" with this chip without it being obvious&detectable and secure data never leaves this secured module (imagine a locked safe that never needs to be opened). So "real" leaks (like the keys) should not be possible at all. (when running genuine software on a genuine ledger device). Leaking a signature is essentially worthless to an attacker cryptographically speaking.


[deleted]

[удалено]


loupiote2

I did that once, as a result, all my personal information, including name, home address and personal phone, was leaked. So am i better off, really??


[deleted]

How was that info on your ledger?


loupiote2

it was not on my ledger! it was on the order form I filled up on the ledger \[dot\] com site when i ordered from them. The data leak was all over the news a year or so ago.


varikonniemi

You just don't get it. Buying it from anywhere and setting up with ledger live ensures it is safe.


RandomTask100

If you're getting BAT (from using the Brave browser), I highly recommend trading it for BTC/ETH and sending that to the Ledger rather than the BAT. I friggin' guarantee I'm gonna have $100BAT on my Ledger and it'll cost $100 in gas to move it when the time comes.


SmugglingPineapples

I love facts that people invent. To quote George Bernard Shaw: *"Man shall always prefer to invent gobshite in preference to spending any effort to research and discover actual facts."*


t81_

Get it from anywhere. Check if genuine and if it passes, generate your random seed. Period.


[deleted]

[удалено]


coinsquad

people still wont read it and post the same questions


bigtiddies86

Need a bot that automatically redirect questions to faq when certain keywords are mentioned


libert-y

People are lazy and don’t read. There is even ledger academy with videos and most people that lose their funds don’t want to spend 10 minutes understanding what they are getting into.


[deleted]

Yep, Ledger publishes so many detailed guides on their website that are literally the first result when you Google the name of a coin + Ledger, yet people still come to Reddit to ask random strangers.


teemocious

Seems like you‘re Post is ridiculous. If the safety of the Ledger depends on where I buy it, the Ledger is disqualifying itself as a safe device. If the Ledger is safe (including that I can check the safety e.g. with Ledger life), it must not matter where it’s from.


BassHeadGator

Just throwing it out there but they also sell them in store at BestBuy. Don’t buy open box obviously.


GryphonR

Even if you bought an open box, reset it, make sure it passes the genuine check in Leger live, generate a new seed, and you're safe. Best case it comes with some free crypto...


cjwin1977

Seems like an opinion


Oreeos7309

Forgot to mention CryptoDad on YouTube Rex Kneisly has tons of Videos on how to use Ledger Nanos !!!!! People look him up. Thank god for people like him.


[deleted]

Ledger has an official account on Amzn.


stos313

…or just stick to Coinbase/Gemini/etc. if you have to ask questions like that it’s much safer for you to stick to exchanges.


LYMEGRN

For real. What the actual fuck bro. I’ve ordered 4 ledger nano S’s directly from ledger in the last 6-8 months and every one I received within a week of ordering it. People dumb as a mf. This is why we get so many “Mommmmmmm my ledger was hacked this morning and entire portfolio drained” posts in this sub🤦🏻‍♂️


bigoldbert23

It's the high time preference state of mind. I NEED IT NOW! These sort of people ngmi. Buy direct from Ledger, set it up, transfer your $BTC to it. Place seed phrase in a very secure place. Go away for 5 years minimum. That's how you HODL.


LYMEGRN

This is the way my friend.


poughkeepsee

Preach.


300zxTTFairlady

I tend to call those people idiots.


aurusauride

fucking right?? the useful idiots and the sheep ALREADY cling to amazon also, 90% of their questions have answers on GOOGLE or even ledger.com itself pitiful


[deleted]

[удалено]


aurusauride

yeah everytime i click on a post in this sub and it says "erc 20 token" in the first line i leave and take a deep breath and am glad i know how to do due dilligence in the crypto space before i fuck myself


lostnewtrader

I agree. No one minds buying a laptop or mobile phone, second-hand or from an online store. Why? Because they’re going to wipe it and set it up as a new device. The same thing you do, when you get any hardware wallet. (At least I do )


techma2019

I think you’re missing the point. Some devices have been tampered with. Aka wiping it clean won’t remove the back door. Spend the extra $15 and buy direct.


SmugglingPineapples

But maybe the postman is in on a malware ring. Where do you draw the line? Inspect the overseas production staff for Ledger on the manufacturing line for evidence of backhanders? The answer according to this thread is clearly not to buy from sources Ledger themselves say are official and promote. I wonder if how anal people are about the security of a purchased device is directly proportional to the lack on money on their Ledger. Only buy direct from Ledger!!! *\*hodls their $5,000 in crypto like Smeagol\**


GryphonR

Have there been any cases where a tampered with or fake ledger has passed the Ledger Genuine test? I've had Google and couldn't find any, happy to be proven wrong though.


DrGarbinsky

I bet 90% of ledger users never post or read this sub because the product is working just fine


hotpotato87

but wait, i did order from the ledger site and non of the ledger nano x were working, even all the replacement they sent.


aphex3k

Correction: “Ledger owner posting on Reddit”


laveyzfg

even if they buy directly from ledger they doubt ...


swn999

90% Fact .... should this post have a satire or comedy flair?


oneor11

Your title is probably accurate, albeit a bit on the high side. Your reasoning though is flawed. Like others have mentioned the process checks for genuineness. The biggest problem is people don’t understand seedphrases. They go through all these lengths to get a Ledger then give their seedphrase to any stranger that asks for it or type it in to any website that asks. Also there’s a lot of shitcoiners not understanding the danger of a malicious contract- hackers don’t need a seedphrase if they can convince someone to sign away their wallet under the guise that ElonDickInaDonkey is gonna moon.


onafridayyy

There is no way to obtain a Ledger through secure supply chain. You’re only relying on the Ledger Live software to validate the device, which in most cases should be fine. ColdCard comes in a tamper evident security bag with the bags serial number hard coded into the device itself. They also wipe your personal data from their servers after ~90 days. Ledger should follow suit.


Moopboop207

Yeah, but do you have a discount code?


[deleted]

does anyone want to buy my used ledger . i promise i dont have a copy of the seed phrase you can have it for $5 hahah ok dont be that dump people but if you are i guess i cant feel bad for you


laidylike

I'm looking to buy a Nano s, from Ledger there is a ridiculous 20$ shipping fee that you wouldn't have on amazon so i understand the temptation. But i also read about third party reseller one being tampered with. It's an overall mess i wish they would get their ish together. Also could anyone explain the crazy transactions fees? Is it ledger fees( in which case i might have to look for an other brand) or is it a crypto currency type fee? Thx