Beyond Ledger, I think we are finding out that secure elements aren’t as secure as we thought
Discussion
Ledger was always kinda sus.
I mean as long as you don't sign up for the new service nothing changes but I'd stick with a Bitbox2 regardless
Definitely disappointing news. A seed phrase on metal is more internet secure but less convenient, just to keep in mind.
The hardware is only as secure as the software controlling it. What ledger is doing is plain stupid. An interesting counter approach is what Block/Bitkey is doing to never let the key seed leave the hardware and rely on multisig for backup/recovery.
