Trezor and Ledger Respond to Claims Against Their Crypto Wallets Security

Three researchers and engineers have recently published a report claiming the vulnerabilities faced by the users of Trezor and Ledger cryptocurrency wallets. The report claims that the users of these wallets are not feeling secure about their data.

Three researchers and tech geek named Dmitry Nedospasov, Josh Datko and Thomas Roth created the website named wallet.fail. They promised to make the site live after publishing their presentation to the 35th Chaos Communication Congress.  

Within 24 hours of the presentation at the Congress, the researchers have published their claims online and two leading wallet makers, Trezor and Ledger have responded to their claims.

One of the marketers, Ledger has responded to the claims by a blog post stating that though it is a positive sign that people are thinking about their wallets and suggesting for its improvements, the claims these researchers have made are not based on all right facts.

The researchers have given three attack paths making an impression that the critical vulnerabilities of the users were disclosed and open on Ledger devices. But that is not what it is. The Ledger also added that though people are saying that they love cryptocurrency and they own some, the Ledger is a bit disappointed.

The company went on saying in the blog that, when it comes to security in the crypto world, the standard way to proceed is to go with responsible disclosure. The researchers did not follow the standard security framework which is given by Ledger. Plus, they claimed that the vulnerabilities presented by the researchers are not practical.

The Ledger does accept the presence of any possible bug in its firmware update function. The company, however, has assured that the next version of its firmware. This possibility would also be taken care of.

Researchers analyzed the radio emanations in the Ledger Blue wallet when a PIN was entered. Ledger says this path of attacking is exciting but in a real situation to make this attack successful, a device has to remain in the same position while recording the emanations. This is again very unlikely to happen.

The company while concluding the blog post said that Ledger has already installed a random keyboard for the PIN on the Nano S, and the same provision is made in the next version of firmware.

Trezor, on the other hand, appears to be working on its hardware as and how the information on it is getting revealed more and more. The company has accepted the claimed vulnerability.

Recent Articles

Mphasis and QEDIT to Create Blockchain Solutions With Enhanced Privacy

Indian IT firm Mphasis has teamed up with Israel’s QEDIT to create blockchain-based privacy-enhancing enterprise solutions. Blockchain being a distributed ledger technology, all transactions on...

Smart Sight Innovations Provides Blockchain-based Solution for Trusted’s Web App

Headquartered in Mumbai and working as a renowned IT and web-based solution providing firm Smart Sight Innovations has designed a revolutionary blockchain-supported solution for...

RBI Says Crypto Not Banned in India but Offers Little in Terms of Utility

The Reserve Bank of India on Wednesday made a strong statement against Crypto and asserted that residents of India are in no need of...

Siemens gets support from Trump on Middle East Reconstruction Projects

In a recent interview with CNBC at the World Economic Forum (WEF), Siemens CEO, Joe Kaesar revealed that US President Donald Trump would support...

Ways to Catalyze Mass Adoption of Cryptocurrencies

The adoption of cryptocurrencies is gradually gaining momentum in this era when the global economy is looking forward to digitization. From money transfer to...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on op - Ge the daily news in your inbox