Ledger clarifies how its firmware works after tweet controversy is removed
Developers say third-party apps cannot access ledger user keys without device owner consent.< /p>
News
Join us on social networks
On May 18, crypto hardware wallet provider Ledger clarified how its firmware works after the company deleted a controversial May 17 tweet. The deleted tweet, which Ledger said was written by a customer support agent, said it was "possible" for Ledger to write firmware that could extract users' private keys.
[1/3] You may have seen a tweet from our shared Ledger support account regarding Ledger firmware updates.
Unfortunately, in our attempt to clarify how Ledger and all wallets work with firmware, a customer service agent posted a tweet with confusing wording. https://t.co/cL6UrBzxWr
— Ledger Support (@Ledger_Support) May 18, 2023Ledger CTO Charles Guillemet clarified in a new Twitter thread that the wallet's operating system (OS) requires user consent whenever "a private key is touched. by the operating system". In other words, the operating system should not be able to copy the device's private key without the user's consent - although Guillemet also stated that using a ledger requires "a minimum of confidence".
The original Ledger customer service tweet read: "Technically speaking, it is and always has been possible to write firmware that makes key mining easier. You've always trusted Ledger not to deploy such firmware, whether you know it or not."
Tweet of May 17 from Ledger Support, which was later deleted. Source: TwitterThe tweet sparked a storm of controversy on Twitter, as many users accused of...
Developers say third-party apps cannot access ledger user keys without device owner consent.< /p>
News
Join us on social networks
On May 18, crypto hardware wallet provider Ledger clarified how its firmware works after the company deleted a controversial May 17 tweet. The deleted tweet, which Ledger said was written by a customer support agent, said it was "possible" for Ledger to write firmware that could extract users' private keys.
[1/3] You may have seen a tweet from our shared Ledger support account regarding Ledger firmware updates.
Unfortunately, in our attempt to clarify how Ledger and all wallets work with firmware, a customer service agent posted a tweet with confusing wording. https://t.co/cL6UrBzxWr
— Ledger Support (@Ledger_Support) May 18, 2023Ledger CTO Charles Guillemet clarified in a new Twitter thread that the wallet's operating system (OS) requires user consent whenever "a private key is touched. by the operating system". In other words, the operating system should not be able to copy the device's private key without the user's consent - although Guillemet also stated that using a ledger requires "a minimum of confidence".
The original Ledger customer service tweet read: "Technically speaking, it is and always has been possible to write firmware that makes key mining easier. You've always trusted Ledger not to deploy such firmware, whether you know it or not."
Tweet of May 17 from Ledger Support, which was later deleted. Source: TwitterThe tweet sparked a storm of controversy on Twitter, as many users accused of...
What's Your Reaction?
