A few months ago I published a post where I put physical purses or hardware wallets as a more secure option to keep our crypto currencies ahead of an exchange or a software purse or wallet. I still think the same, although nothing is 100% protected.
If we go to the website of Ledger, one of the largest marketers of physical wallets, we can read: „Keep your assets safe. Physical wallets, designed with the highest security standards“. Well, a few days ago they announced and solved several vulnerabilities. On their website there are already new updates for Ledger Nano X and Ledger Nano S.
Firmware update? What does that mean? Well, in a few words, it means that the soul that makes any electronic device work is updated. To understand it with an example, in any computer there is a chip that is kept plugged in thanks to a button battery and where the firmware is stored, it is known as BIOS. Now you can have the best security measures that if there is a vulnerability in the firmware are not going to help you.
SIM cards in mobile phones, computers, physical purses, smarts tvs, practically all technology has firmware and every time cyber criminals try to exploit it because they know that nobody will update them, neither users nor companies. The best advice I give is to update your equipment.
A new mobile will give an improved and updated firmware software, as well as a new model of physical wallet. It’s a good practice if you can afford it, since this way you also keep the cryptomonkets in a new physical hardware that will last longer without getting damaged.
Bitcoin Security: protect your crypto coins with our tips.
Are our crypto currencies in danger from this vulnerability?
On August 7, 2020 Ledger published the first update of Ledger Nano X on its blog. Version 1.2.4-4 of the firmware was available and brought new security improvements one year after the release of Ledger Nano X. The MCU chip was also updated to version 2.10.
They explain that the update is due to what they consider a minor vulnerability and they put in bold: be assured that your recovery phrase, private keys and funds are not at risk. It also says that the hardware is secure even without using the update and gives us the option to see the link for all the information about it.
Taking advantage of the update they implement some improvements. Now for the Nano X Ledger when upgrading there is no need to unplug it during the process. The applications that were installed will be uninstalled and then automatically reinstalled.
The update should be done through Ledger Live Desktop, a difficult decision for the computer as it claims but that was because it was the only way to have such an update as soon as possible. As a cyber security expert, I recommend installing this update.
Remember that Ledger wallets have their own operating system called BOLOS. They also have two chips, the MCU and called Secure Element as well as SIM cards, passports and credit cards, to give maximum security to the protection of sensitive data such as biometrics or private keys. They are very robust systems and very difficult to hack but cybercriminals know that there is a lot of money behind them and any vulnerability will undoubtedly be exploited.