James, this is the best video on this topic I've seen yet! Thank you for keeping us "in the know". Cheers!

They must be getting a lot of ESG investment to push KYC and government unlocking to make this kind of decision and not care about customers. They probably anticipate much more money in the future from the masses with CBDC support and IMF approved solutions. RIP Ledger.

This really is a 'Bud Light moment' for Ledger.

James, I think you left out the most important aspect, which is that the keys for the Recover service are encrypted and sharded within the BOSOL kernel and Secure Element hardware chip. The plaintext private key never leaves the hardware, only the encrypted output which is sharded into 3 segments. Also if an attacker were to obtain all of the encrypted shards (essentially a multi-sig), they need the private key, which is on the SE chip on the physical hardware wallet and is passcode protected, to decrypt and retrieve the private key.

Ledger company's quietness about this issue is alarming

We are all connected and we are one. So glad to have a brother like James to help get us through all this and learn every day from the cool classes he gives!

Bought my first LEDGER-NANO-S-PLUS three months ago, just so I could self-custody certain altcoins not available on my BCVAULT....now this. Needless to say, I liquidated those assets and put the waste of money back in the box. Anyone want one? Original receipt included; You pay postage, and it's yours! 🤔 This was the best insight into this debacle I have seen yet, and the reason why I keep tuning in. Both sides weighed, explored, explained, conclusion: That's you, James. Have no doubt you're a great father, brother, husband (what have you) as good as you are an educator. Question: Have I missed something over the last few years, because why is no one ever talking about BCVAULT anymore as a cold storage option?

That is soooo true. No other channel explains things like this one does. If folks want to educate themselves on this stuff, this is the only channel you need.

I never thought I’d be debating putting BTC back into Coinbase

So, if the big guys like ledger can't be trusted, how could these other companies that we never heared of could be trusted more?🤔

Aww man. I’ve already updated, and that’s not the only problem. Also you were wrong about Ledger being hacked. It was their store partner which I think was Shopify and was done by a rouge employee.

Is Trezor still safe ???

A good summary of the red flags, even if I would say that some of them are not true, but they are the obvious concerns. So it would have been interesting if you reached out to them and let them answer them. I think that most would change their mind if they listened to Ledger because I actually don't believe the hardware is compromised as long as you don't use it. This kind of feature is obviously less secure, but it could also be compared to a password manager (that could be unlocked with KYC) instead of having your password on a post-it. For some this could probably fill a use case and since it is divided to three companies all three needs to be compromised for an attacker to get your private key.

Woah thanks for the heads up! Time to get a new cold storage wallet 😭

Unfortunately if you don't change your seed phase after moving to another wallet, you have done nothing to enhance protection. Once Ledger has your seed it's compromised regardless of the wallet you use

Ledgers reputation is toast!

The world of crypto is so damn risky all the way around. I am getting burnt out. Thanks for keeping us up to date on these issues 🙏🏻

Thank you James for your hard work, Ledger will facing a shitstorm if they do not cancel this new option, not your keys not your cryptos

Thank you James for explaining, clarifying, and why. You present a valid case regarding Ledger now and going forward. I initially thought this was a big to do over nothing if you don't opt in, but the shaking of Ledger crypto holders confidence in the company is an issue I hadn't taken into consideration. Thank you thank you thank you!

This is 100% unacceptable. I'm off ledger forever this is absolutely criminal how could they think this obvious security breech would fly with thier base?

Kraken and a KZfaqr hacked a Trezor for sure and I don't hear much about it. Ledger or Ledger live has never been hacked, let's get that straight. I can't say I'm ready to jump on the "say goodbye to Ledger" bandwagon yet. So far Ledger has been very trustworthy and secure. I will wait to read more information, not just "trust the KZfaqrs" I won't do that again lol (2021 ahem...to the moon) no offense James, I listen/watch all you guys while I'm working. Good luck & HODL BTC 💎👐

How long do you think it'll take ledger to scrap this feature? Now that the damage is done, I don't think they ever will. I bet they'll be forced to disable it in the future when it's no longer profitable :) Honestly, I don't think it'll ever be profitable for them.

The world gets more confusing day by day. I have been a LastPass customer for a few years. A plethora of newspaper security issues made me switch to Enpass, which turned out to be a terrible implementation of password management. I then switched to Norton Password Manager which was truly horrible to us and constantly failed. I’m now back with LastPass!

I knew it!!!! I had that feeling. They were being pushed too much by "big" people.

I have BTC and Alts on my Ledger. Besides Trezor T are there any others that do both? I am 74 and it took me ages to learn about Ledger. Any help would be appreciated.🙏

Would love an update on this topic ( cold wallet storage in general ). Its been 10 months, and technology improves quickly, would be interested in a new "Best Storage Options" video James.

I work in Tech and can point to hundreds of exploits possible when using computers/phones (all platforms, all hardware/software). As James says, 'wear your seat belts everyone' which can also apply to our use of technology. You must use technology safely by being vigilant. And as James would say, 'the more you know' the better prepared you will be. And as James says, 'Don't panic' but do be vigilant.

16:34 Hey!! Coinjoin is currently only available on the Trezor Model T !!!! There is no coinjoin on Trezor 1

Can you do a quick videos on how to transfer from Ledger to Trevor model T?

Ledger is completely safe if you chose not to PURCHASE the recovery feature. If you don't the wallet is still a cold secure device.

Thank you for keeping up with of all the news out there for us all day everyday, day in day out. Massive respect sir 🙏

Thankyou for the information .Can we use Solana's phone 'Saga" with built in hardware wallet as a alternative to ledger ?

I completely agree that there is collusion between Ledger and regulators. Pretty easy to see since this is such a ridiculous move by them. I'm so glad that people are waking up and this adds more fuel to that fire of awareness. It's just the great opportunity for the next big replacement for Ledger. Looking forward to who that is going to be.

Even without this stupid feature, the problem is the code for ledger isn’t entirely open source so they could have been sending out your seed the whole time without you knowing. If the firmware is pwned all bets are off. Cold Card is about as good as it gets while using a secure element.

Thanks - the only thing you didn't mention that I'd seen online yesterday - was this apparently only affected particular device - the Nano X - have you seen any verification of that?

The only way for Ledger to partially recover the trust of the customers is to go open source. But something tells me it was a "calculated wrong move" and the will never open source it.

Oh because the Ledger said they have added an API inside the Ledger for that? Strangely they haven't, they just offer an online vault service. It is just not possible by design, hardware TPM does allow any ways to extract their secret except by using hardware glitch/side channel attacks At the same time, it is possible to ask users to enter their seeds in order to verify its validity (you know, maths), so rather than assuming that they will implement a backdoor, which is impossible regarding the hardware use inside ledgers, better assume they will enquire users to provide them their seed phrase, that likely the ledger will verify, then split and encrypt, only user input here.... Edit: Btw all apps running on the ledger are open source, so the apps delivered to cipher the seeds for their recovery service binding will also be be open source, lulz 🙃 Edit2: How could you onboard from their vault backup without firmware update to support that new onboarding option? By saving the backup seed in cleartext on the host computer giving a chance to be compromised on its way back? Sure no.

I like using Arculus. I tried using Ledger, and it was so problematic with the batteries.

It reminds me of when Coca-Cola released new Coke with a new formula! Terrible strategic move. Hopefully they resolve this quickly. We’re told we can’t leave crypto on exchanges and now this!! Thanks James

Much appreciated James and team!

Thank you James

UPDATE: @Ledger said “we cannot extract their keys, and will not extract keys,” after deleting a tweet that said “technically speaking it is and always has been possible to write firmware that facilitates key extraction.”

Thanks James, as always. Always appreciated

This really is ledgers Bud Light moment.

CEO spoke at the WEF in 2020. That says it all.

I have been waiting for a long time to decide whether to go for Ledger or Trezor .its clear now.

First the database leak and now this? I wouldn't go with a Ledger device anymore nowadays.

Thanks James. I just bought new Trezor T, never touch Ledger again!

Trezor it is then. These other crypto wallets are unknown to me . Excellent video, you are crushing it with quality these days James. Greetings from Ireland ☘️

I'm finished with Ledger moving all my crypto now

Very good content, you just earned a sub.

This is almost as bad as the bud light marketing team. Are they hiring new grads? Careful burying I did an experiment last winter and the paper I wrote stuff on was unrecognizable. Metal plates the way to go.

Matthew just talked about it . An excellent Bitcoiner . Very interesting. Simple answer : Coldcard

Hi James , I personally use NGrave for my cold storage. I bet you would love it ! Thank you again for all your hard work !

Keystone Pro looks attractive now

Thank you, I actually trust your advice.

My real problem is how many crypto exchange uses ledger as cold storage and they thought it is secure and if they lose it what will happen who is to blame?

In this video James recommends Trezor Model T; KeepKey; and AirGap for altcoins. However only KeepKey of these presently supports Solana.

I just brought a ledger nano x, should I send it back and ask for refund, as I haven't used it yet. $250😢

Hi James, could you look into the Tangem cold wallet please, seems very good with no need to staore/save/remember seeds but crypto safe, i'd really appriciate your thoughts. TIA

Thank you so much for the information. I can't believe Ledger is doing this. I had been getting spam emails to log into a fake Ledger link in the past. I am not happy with their Recovery decision. They should only offer this service to the more novice crypto holder at best.

Dang, I just bought my first wallet a month ago it's still in the wrapper. Of course it's got to be a ledger

Ledger is trying to go mainstream too fast, and even worse, at the cost of their current loyal customers and basic crypto ethics. They fucked up big time.

James, can you please give your thoughts on the Tangem cold storage card in an upcoming video? Thanks in advance. 👍🏼

Someone on Twitter sent me to an official-looking site and they wanted my 12 word seed phrase. I put, "do you think I'm stupid?" 😅

I'm still confused - are all the issues with 'Ledger Recover' or also basic storage (Nano, X)? So embarrassed I have 5 figures on exchanges right now 😬 * bought two Ledgers last year, but think I already saw the flaw; didn't *feel* right to me .... Where are y'all storing with your digital assets??

Anyone have any thoughts on Tangem as an alternative to Ledger?

Ledger is always safe. However uphold hacked my account and stole the tiny funds I had in it

Yeah, so many people out there don't understand that if your wallet provider can recover your account, then is not secure. Exodus Wallet doesn't have backup but im curious to know HOW do they connect to the blockchain. They also have built-in features like their own bridges and buying directly from the wallet. I'm curious to know how those connections are made. The less features and less connections there are, the more secure the wallet is. Now, anyone can just download a Bitcoin wallet like Bitcoin Core onto a pen drive and done. That's one of the most secure ways to have your own wallet. Problem is how many coins does the wallet support.

James thank you so so much for always being so on the ball with all things crypto. You and your team always delivers It’s truly my #1 source 👏

The answer is 2fa mixed in with it. Double the amount of security.

For every problem there is a simple solution - and it's probably WRONG!

Great content! So important !

Okay... so the real problem is not the new software update. It is that they are not open source and Ledger never has been. So, why did anyone trust them in the first place.

Ngrave zero and Tangem wallet seem to be v good choices. Both air gapped, Tangem is eas6 and Ngrave is eas7 compliant.

I stick to my concept of having a USB drive with a linux live system and encrypted persistence where I store my wallets. dd to .iso frequently and store on different medium and location.

Thank you for sharing your knowledge on this topic-very helpful! 😊

Thanks, James. Good review. Appreciate you, brother. 🤘😎🤘

What A shitty ..... situation we have come too ....For money Ledger Forgets ......us all..... $10 a month new comers. and a back door to us who doting agree ... we all want a REFUND

Why doesn’t James just say which wallet HE TRUSTS & uses???? WTH!!??

besides ledger I also use safepal, I found safepal to be VERY GOOD.

I hear Tangem is also a good wallet... nfc, open source, no seed phrase needed.

Not open source not your keys

I heard of KeepKey now allows users to verify their SSN to withdraw their crypto. Keystone wallet may be a better option as it is open source, fully air gapped, has many coins, and they delete your shipping info after 180 days

Thanks so much James. I love the work you do keeping us updated daily. I can always count on getting detailed information from your channel.

@InvestAnswers Another attack vector: what happens if/when governments force Ledger to provide the 3 shards of their citizens?

Tangem is the most secure cold storage wallet and very easy to use.

Game over Ledger

When you think it’s all safe, can’t seem to do right for wrong

James, you said do not download the firmware updates, do those differ from their standard updates?? Can someone please help give me peace of mind on this?

Class action suit against ledger?

Thanks for the Tier 1 info, James!

It is an optional upgrade. No one has to get it.

Thank you my friend, Happy Wednesday 😁🌞❤️🎶

@investanswers James - I noticed you did not include Foundation Passport or Keystone in the alternative wallet options. Do you or your wallet expert have some insight on either of these?

There is a solution to all this ....Serenityshield is leading the privacy and self custody

This is not correct and a hot reaction :-) 1. The seed phrase never leaves the wallet. 2. In case you want to activate the "recover" service, a validation action is required on the wallet. 3. The "recover" service requires the activation of a KYC with one of the service providers before the service can be activated. 4. The seed phrase is compartmentalized into 3 encrypted parts and then communicated to each of the 3 service providers. 5. It takes 2 parts and the wallet for the recovery to take place. So there is no comprize at all !!! However what we are loosing is confidentiality because of the KYC

This is great, I give hackers the ability to steal my crypto and I pay Ledger 6 bucks a month for the service. Absolutely brilliant.

Fyi, your crypto is not actually on your hardware wallet...

Trezor HW may have an issue too with implementing coinjoin through Wasabi. James, can you speak to this, if this is an issue? Thanks.