Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
More
Privacy Advocate Exposes Ledger Live’s Tracking of User Data and Network Activity
Last updated: December 28, 2023 03:57 EST . 1 min read
Disclosure: Crypto is a high-risk asset class. This article is provided for informational purposes and does not constitute investment advice. By using this website, you agree to our terms and conditions. We may utilise affiliate links within our content, and receive commission.
Source: PixabayA privacy advocate has alleged that the Ledger Live wallet software monitors its users and gathers information about them.
In an X post published on Wednesday, privacy advocate and app developer REKTBuilder reported that Ledger Live conducts a “genuine device check” whenever users connect their Ledger device to a PC or phone.
This check provides a list of all installed apps on the device, enabling Ledger to ascertain the networks being utilized by the wallet owner.
REKTBuilder’s discovery came after they investigated the software’s Python code. They had previously published a report on December 6th alleging that Ledger Live was recording users’ crypto balances.
The next day, REKTBuilder unveiled what they asserted to be a “tracker-free” open-source alternative to Ledger Live, named “Lecce Libre.”
REKTBuilder’s allegation stems from their discovery that multiple lines of Ledger Live’s code contain the phrase “genuine check.”
Upon incorporating “tracing prints” into the code, they discovered that it did not ute when the software seemed to be examining the device. REKTBuilder delved deeper into the matter and found that the actual check is integrated into a “listApps” subroutine.
REKTBuilder asserts that this check can be utilized by Ledger to discern the specific time and date whenever a user connects their device.
The researcher also said that trying to delete the tracking code resulted in the software becoming dysfunctional and unusable.
“I tried disabling the remote tracking and it’s impossible, it breaks if you do,” REKTBuilder stated. “Which means Ledger knows it’s you every time you plug the device in.”
Several commenters expressed disdain with REKTBuilder’s findings.
“They could easily be one of the best hardware wallets but they chose to ruin themselves,” commented user @DegenBread.
“Great work, ledger really doing everything they can to lose trust,” commented user @HODLCEO.
Despite the reported privacy concerns, REKTBuilder mentioned on X that they have no choice but to continue using Ledger Live, as there is “[n]o other HW [hardware] option on native #Avalanche.”