{"id":88813,"date":"2023-12-28T16:01:10","date_gmt":"2023-12-28T14:01:10","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=88813"},"modified":"2025-09-13T20:19:54","modified_gmt":"2025-09-13T17:19:54","slug":"expert-says-anonymous-use-of-ledger-live-is-not-possible","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/expert-says-anonymous-use-of-ledger-live-is-not-possible\/","title":{"rendered":"Expert says anonymous use of Ledger Live is not possible"},"content":{"rendered":"<p>Developer REKTBuildr studied the Ledger Live source code and found that the software tracks users and accumulates data about them.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Ledger Live embeds the genuine check into the apps listing procedure. As it is, they always doxx your device when installing or updating apps and firmware. I removed most tracking in Lecce Libre, but they still track you regardless.<\/p>\n<p>For the past couple days I&#8217;d been trying to\u2026 <a href=\"https:\/\/t.co\/Q1aF1qpjge\">pic.twitter.com\/Q1aF1qpjge<\/a><\/p>\n<p>\u2014 REKTBuildr ??? (@rektbuildr) <a href=\"https:\/\/twitter.com\/rektbuildr\/status\/1739984215070888316?ref_src=twsrc%5Etfw\">December 27, 2023<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to him, Ledger Live checks each device for authenticity after installing the app or updating its firmware. This function is built into the listApps subroutine.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201c[Software developers] know every connection to your device and which other apps are installed on it. Therefore there is currently no way to manage Ledger anonymously,\u201d REKTBuildr said.<\/p>\n<\/blockquote>\n<p>His attempt to disable remote tracking led to the app breaking.<\/p>\n<p>The researcher advised against installing the latest Ledger Live firmware update, as he is not sure what other information might be transmitted to the company\u2019s central servers.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cThey have a recovery function that extracts private keys from the secure chip. How can we be sure that these keys won&#8217;t be read somehow \u201caccidentally\u201d?\u201d<\/p>\n<\/blockquote>\n<p>He also urged developers to provide advanced users with hardware wallets the ability to operate completely offline, without contacting their servers.<\/p>\n<p>In December, the Ledger team announced a <a href=\"https:\/\/forklog.com\/en\/news\/ledger-users-affected-by-hack-of-the-wallet-connector-used-with-dapps\">compromise of the software library<\/a> for decentralized applications. The hacker was able to inject malicious code into their interfaces.<\/p>\n<p>As a result of the incident, user losses amounted to <a href=\"https:\/\/forklog.com\/en\/news\/ledger-puts-estimated-user-losses-from-recent-breach-at-about-600000\">around $600,000<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Developer REKTBuildr studied the Ledger Live source code and found that the software tracks users and accumulates data about them.<\/p>\n","protected":false},"author":1,"featured_media":88814,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1480,961,1640,1515],"class_list":["post-88813","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-blockchain-apps","tag-hardware-wallets","tag-ledger","tag-tracking"],"aioseo_notices":[],"amp_enabled":true,"views":"24","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/88813","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=88813"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/88813\/revisions"}],"predecessor-version":[{"id":88815,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/88813\/revisions\/88815"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/88814"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=88813"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=88813"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=88813"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}