So we all know about the ledger stuff and most likely most are sick of hearing it. But I figure this is worth noting. https://np.reddit.com/r/ledgerwallet/comments/1464ocs/my_post_was_removed_for_some_reason/

​

From this it looks like Ledger is still pushing the Ledger Recovery service, the update which allows it, but still doesn’t have the stuff open source like they said they would. Meaning once again, don’t trust words without action behind it.

​

For those of you who think “well you have to opt in”. As far as we know, the firmware itself gives the ability and you don’t then update your Ledger again when opt in to get this ability. Meaning the back door is already there and if ever used for any reason (like if you got tricked or whatever). Then basically the stuff is there to take the master private key off the device.

And note, if you assume it doesn’t do this. Fine, but where is the open source code so we can verify?

​

This alone making the Ledger wallets into a hot wallet.

​

For those thinking, well I won’t update. The problem with this is slowly you will lose the ability to do anything with it.