Firmware 1.4.1 FAQ
The update of your Ledger Nano S to the firmware 1.4.x is strongly recommended and will become mandatory on March 20th. Until this date, you are free to use either firmware 1.3.1 or firmware 1.4.x.
According to the FAQ, you can have a lot more than 4 apps now. All the Bitcoin derivatives have been refactored and it is possible to have 18 apps installed if they are all are Bitcoin forks. They claim most users will be able to install 10-12 apps successfully.
This was my only complaint about the Ledger Nano S is you only were allowed to have 4 unique tokens on your device (although you can have multiple wallets under each token).
Full details of this update can be found here.
Why you should vote me as witness
My recent popular posts
The truth and lies about 25% curation, why what you know is FAKE NEWS
WTF is a hardware wallet, and why should you have one?
GINABOT - The Secret to your Sanity on Steemit
How to calculate post rewards
Use SSH all the time? Time for a big boy SSH Client
How to change your recovery account
How curation rewards work and how to be a kick ass curator
Markdown 101 - How to make kick ass posts on Steemit
Work ON your business, not in your business! - How to succeed as a small business
You are not entitled to an audience, you need to earn it!
How to properly setup SSH Key Authentication - If you are logging into your server with root, you are doing it wrong!
Building a Portable Game Console
It's not as bad of a flaw as the researcher made it out to be.
Taken directly from Reddit:
> This is not a critical flaw. The security researcher is doing an unfortunate publicity stunt.
> EDIT: we have decided to share more information, even though we wished we wouldn't have to (to not reveal anything useful to black hat attackers). The vulnerability reported by Saleem requires physical access to the device BEFORE setup of the seed, installing a custom version of the MCU firmware, installing a malware on the target’s computer and have him confirm a very specific transaction. While possible, this proof of concept ranks by no mean as a critical severity level and has never been demonstrated. Saleem got visibly upset when we didn't communicate as "critical security update" and decided to share his opinion on the subject. This generated a lot of panic with threads such as this one, and I do not believe it was to the benefit of anyone. A complete blogpost (which was already scheduled to be published according to our reponsible disclosure program) will be available in time.
https://np.reddit.com/r/ledgerwallet/comments/82frwu/critical_flaw_in_the_nano_s_is_causing_this/dv9wqrc/
In summary, they would need your device BEFORE u got a 24 word recovery, install their malware on it, still have the device in hand.... INCLUDING installing more malware onto the computer you use to access your wallet. Don't worry.... Everyone's safe. Just update it and move on.edit: I upvoted this comment for visibility
Good find!
Thanks. You prolly posted it right when the researcher got mad from the official statement from ledger. I really didnt think it was news worthy to make a post to correct it. Anyways, I'll be following you from now on :)
That is the problem with security people feel they need to use sensationalism to force users to update thus diminishing the credibility when the issue really is serious and critical! But users should still do all their updates especially in the crypto space as your wallet can be cleaned out although the likelihood of this happening with a hardware wallet is very low it's still better to be up to date than not!
It's given to update a device, period. With hardware wallets, it's your money on the line. Not to mention, this update also does away with one of things i was critical about, lack of space. You can now install up to 14 apps on it. No longer will you need to remove one and install another.
Really happy with my nano. Even if there are potential flaws, the risk is probably less than maintaining private keys on own computer or figuring out air-gaping techniques.
I am glad Ledger is consistently updating their software to protect all of us even more so.
Long live crypto.
UPVOTED | RESTEEMED | FOLLOWED| THANK YOU
Mark, could you possibly write 'An Idiots Guide to the Nano S' please ? I want to get one but I don't quite understand what to do with them. I'm sure there are a lot of crypto newbies out here like me. I know there are a few articles out there, but you're a trusted resource for this sort of stuff. Thanks
I already did.
https://steemit.com/bitcoin/@themarkymark/wtf-is-a-hardware-wallet-and-why-should-you-have-one
Always a star, thank you mate. Added to pocket :-)
saleem is clearly spreading fame fud!
Wow private key extraction from hackers would b really dangerous and nad on cryto users like we all. I really love this post and would take caution going forward on the amount of wallet for my tokens.
Meanwhile u mind i ask what the best and secured wallet all for our nitcoin coins
Thanks @themarkymark
I like the Ledger Nano S, but I want to try the new Trezor, I suspect overall it is a better device from what I heard but I was able to get a Nano S in stock and fairly cheap ($75) so I jumped on it.
I am using both (for security reasons) and I have to say that they are just very similar to me.
Happy to hear that Ledger Nano now can be used with more coins at the same time though!
Good information
This is why i went with trezor always hear about flaws with the ledger nano
I believe this is related to the issue I mentioned before, which affects both Trezor and Ledger.
I suspect Trezor will be will be releasing one soon as well.
Ah man in the middle attack those are easy to avoid if your cautious nothing to really worry about for me anyways im sure alot of people fall for those
Actually not as much as you think, because both devices communicate through Chrome apps, malware can easily change the addresses displayed. Both have recommended clicking the button that sends the address to your device's screen for confirmation on large transfers to be safe until they go to native apps.
i have my public address for receiving funds in my safe with my trezor always double check on the paper before sending funds to it
Awesome! It's definitely a great thing to be able to store more wallets! I read that some guys bought two or three to host more cryptos because of that ! ^^
I recommend having more than one of any wallet you have. If anything goes wrong you don't have to wait for a replacement. Although you can use software options that use the same wallet algorithm as a backup/replacement.
Thanks buddy will do the update now :)
Thanks for letting us know @themarkymark! Glad for the expansion. Resteemed.
You got a 45.98% upvote from @upmyvote courtesy of @themarkymark!
If you believe this post is spam or abuse, please report it to our Discord #abuse channel.
If you want to support our Curation Digest or our Spam & Abuse prevention efforts, please vote @themarkymark as witness.
You got a 51.85% upvote from @ipromote courtesy of @themarkymark!
If you believe this post is spam or abuse, please report it to our Discord #abuse channel.
If you want to support our Curation Digest or our Spam & Abuse prevention efforts, please vote @themarkymark as witness.
You got a 6.60% upvote from @buildawhale courtesy of @themarkymark!
If you believe this post is spam or abuse, please report it to our Discord #abuse channel.
If you want to support our Curation Digest or our Spam & Abuse prevention efforts, please vote @themarkymark as witness.
Congratulations @themarkymark, this post is the fifth most rewarded post (based on pending payouts) in the last 12 hours written by a Hero account holder (accounts that hold between 10 and 100 Mega Vests). The total number of posts by Hero account holders during this period was 421 and the total pending payments to posts in this category was $8722.39. To see the full list of highest paid posts across all accounts categories, click here.
If you do not wish to receive these messages in future, please reply stop to this comment.
Good update. However still loads of stuff to do... still loads of problems
What happens after march 20th though?
It cannot be overstated how important of an update this is, nice work!!
Thank you, going to update it now