
Ledger Live: A mobile companion app for Ledger hardware wallets - frozeus
https://github.com/LedgerHQ/ledger-live-mobile
======
topynate
Good to see Bluetooth in the new hardware. Lack of real mobile support for
hardware wallets has been by far the biggest pain point for me. (With regard
to the best possible physical security, I would have preferred NFC over
Bluetooth, but the latter is alright for everyday use.)

~~~
YjSe2GMQ
AFAIK given the Ledger's on-screen confirmation process it really doesn't
matter what's the medium of communication between the host machine and the
device. It could as well be sent via unencrypted http routed through China,
then Russia and then an NSA server all while your host device is heavily
backdoored.

The supply chain attacks/evil maid attacks are a much bigger issue, as pointed
out in other comments.

~~~
otoburb
>> _It could as well be sent via unencrypted http routed through China, then
Russia and then an NSA server all while your host device is heavily
backdoored._

As much as we'd like to believe this is the case, MITM (network or host)
allows for replacement of destination addresses that show up on your screen.
Redirected/malicious destination addresses showing up on your host screen will
be cryptographically verified with Ledger's on-screen confirmation, but will
not prevent you from sending your cryptoassets to the "wrong" endpoint.

I think this is much more of a reality if your host device is "heavily
backdoored" than unencrypted HTTP, but could happen in either case. Another
attack vector was BGP & DNS hijacking, which happened to My Ether Wallet in
April 2018[1][2].

[1] [https://qz.com/1261540/mew-ethereum-hack-the-internets-
infra...](https://qz.com/1261540/mew-ethereum-hack-the-internets-
infrastructure-was-compromised-to-target-myetherwallet/)

[2] [https://doublepulsar.com/hijack-of-amazons-internet-
domain-s...](https://doublepulsar.com/hijack-of-amazons-internet-domain-
service-used-to-reroute-web-traffic-for-two-hours-unnoticed-3a6f0dda6a6f)

~~~
DennisP
Yes but the Ledger has its own screen that shows what you're actually signing.
If you verify that, you're good.

There are a couple caveats. First, the Ledger Nano's screen is too small to
display the entire address at once, so an attacker who knows where you might
send money could generate an address that appears that same on the characters
that display. (The Ledger Blue shows the full address but is getting
discontinued.)

Secondly, if you're on Ethereum and using a multisig contract, the destination
address is just the contract and the ETH amount is zero. The function
parameters which define your actual request are just displayed by the Ledger
as a warning that they exist.

I've suggested to Ledger that they come up with a way to import the json.abi
and display the actual parameters on device, which is what desktop clients do.
They thought it was doable but I haven't seen any suggestion of it happening.

~~~
jki275
Just for the record, the entire address for the transaction _is_ displayed on
the screen, it just scrolls side to side. Generating another address that's
similar enough to be confused easily would be prohibitively difficult at best.

~~~
DennisP
Yes but the middle scrolls by pretty quickly. I once saw an article that did
the math on the difficulty of making an address that matched on the easy-to-
read parts of the address at beginning and end, and it amounted to less than a
day's work on a modern PC. That's likely to work against most users.

~~~
jki275
It doesn't scroll quickly, it's very easy to read and verify, even for my beat
up eyes.

I'd be very interested to see that math, because it's unlikely that's
accurate. You can get a few characters at the beginning of the address
relatively easily -- the rest is in heat death of the universe territory.

------
dmos62
I thought this was about ledger, the cli accounting tool. I thought ledger +
hardware + wallet? Wow!

[https://ledger-cli.org/](https://ledger-cli.org/)

~~~
senorsmile
Me too.

------
mihaifm
My greatest concern with the Ledger hardware wallet has been making sure the
device hasn't been tampered with during shipment. Fortunately they provide a
script to check hardware integrity, it's probably a good idea to run it before
doing anything with the device.

[https://support.ledger.com/hc/en-
us/articles/115005321449](https://support.ledger.com/hc/en-
us/articles/115005321449)

~~~
32032141
Note that this doesn't actually do anything to attest the safety of the
device, as has been pointed out in a CCC talk recently. It attempts to confirm
that the code running on another processor is legitimate by asking it to read
its entire flash to a "HSM" chip, which is obviously simple to deceive by
reading back something that is not the processors flash. I personally think
that this is deceptive and counter productive.

~~~
sowbug
Remote attestation implementations via HSMs will always remain subject to a
confused-deputy problem, but they're still leaps and bounds better than pure
software solutions. Any threat you can describe that involves a facade
hardware UI is much easier to implement in software, meaning that attackers
are more likely to invest resources in software attacks (like spraying bad
Electrum servers into the pool) than hardware attacks (like modifying hardware
wallets and setting up a storefront on eBay).

------
mr_sturd
I'm still very much in favour of managing my own private keys in an encrypted
database on my desktop/laptop. I feel like everyone is blindly trusting these
devices, having been scared in to it by horror stories of malware lifting keys
off machines.

I will eat my paper wallets if my meagre holdings are stolen from me like
that.

~~~
jillesvangurp
I sort of agree with this.

One caveat is that laptops are commonly compromised and your security would
depend on nobody stealing keys/passwords needed to access your
database/password manager/whatever.

Having hardware token with paper backup, makes this harder. Having a lot of
tokens creates a huge incentive for getting hacked.

If you have non trivial amounts of tokens under your control, you need to
consider all the points of failure. Laptops get compromised in all sorts of
ways and can be equipped with key loggers or worse. Unless you are a security
expert, defending against a determined & skilled hacker is super hard. Most of
us never get our setups audited by an expert and I'm afraid that a bog
standard OS X/linux setup is probably only get you so far. Even if you turn on
disk encryption and do all the rest of the things you are supposed to do.

So the advantage of a token is that it does not depend on your laptop being
uncompromised and that it is a third party solution that can be scrutinized
and audited. That being said, I'm not a big fan of having a proprietary
software/hardware package and would prefer to trade in my ledger for a
properly OSS platform. There are a few of these platforms but it is early days
and I'd need it to support Stellar though. As far as I know, ledger is the
only thing working with that. I own a few of those for this reason.

IMHO there's a big market opportunity for creating a secure, easy to use
hardware token for ubikey/oauthn signins, managing blockchain wallets, and
doing 2fa. Not impossible, but making open hardware/software platforms
commercially is apparently still a big challenge. I'd buy several if the price
and feature set were right . Assuming enough auditing/vetting has happened by
people that are smarter than me, of course.

~~~
doomslice
Founder of StellarGuard here, so sort of in the same realm. Just wondering
what additional features you'd want out of such a hardware token. Would it
need to do the actual signing of transactions on the device for you to feel
secure with it, or would generic U2F (Yubikey) + signing on the software be
sufficient, assuming we could do it securely?

~~~
jillesvangurp
Yes, that is the point. Basically you have to work under the assumption that
your laptop may be compromised. So anything that exposes private keys to it is
going to end up leaking those keys. With the ledger you approve transactions
on the token. You configure it from a paper backup or by letting it generate a
private key for you and you use it to sign transactions.

------
jscheel
Ugh, I haven't even moved my existing crypto from cold storage to the original
Ledger Nano sitting on my desk for a year.

------
jobbagy
I'm not able to find the md5 signature for Ledger Live: would you please help
me?

~~~
188201
A mobile app managing cryptocurrency, but does not sign all their release, and
don't even react the situation quickly. Apparently they have no clue what they
are doing in terms of security.

Since they also use react native, and npm is notorious for being exploit to
distribute malware. I have a brief look at the package.json. Seems to be a
typical javascript project where developers tend to put one more dependency
for a simple feature rather than implementing themselves. So, if one of the
hobbyist project owner's key is compromised or hand over their orphan project
to somebody malicious to manage their npm, then they are screwed. Although
same could apply to other language which have package management, npm is the
worst among those. Do they ensure the dependencies are signed before building
the binary? And always use the last known good version for building new
binary? I really doubt.

~~~
AgentME
The repo has a yarn.lock file, which contains the hashes of all of the
dependencies, so yarn verifies the dependencies match that at least.

------
_nalply
I wonder whether these apps cache sensitive information like account numbers
and balances. I think they shouldn't.

~~~
YjSe2GMQ
Yes they do - you don't need to plug in your device to see your current
balance, even after power cycling the host device.

That being said - there's virtually no privacy in most cryptocurrencies. Your
Bitcoin/Ethereum/Ripple/... balance is fully public.

------
gapinggasher1
ledger is garbage and their software falls over if too many people are using
it. Why do I know this? Their customer service literally told me that I cant
access my wallet because too many people are trying to use the software. As a
silly consequence I was not able to update the firmware.

I switched to a more open source solution for the hardware, and for mobile
mycelium.

Ledger can suck a fat one.

------
homero
Is the hardware device required?

