Ledger nano CEO claims twitter user is exaggerating the vulnerability found. No re-seed needed
Hello guys, between this ocean of FUD about the ledger wallet, found the real response to the twitter from a CEO of ledger:
"This is a massive FUD, and such thread should be removed. I won't remove it however because it would create the opposite effect.
The security researcher in question is greatly exaggerating the criticity of the issue he found. I can't unfortunately go in the details because good practice require to patch (and wait for enough updates) before sharing more information. I don't understand his publicity stunt."
One of the users asked: So, straight answer: Do I need to re seed or not?
CEO REPLIED: The attack is not practical, requires physical access before the setup of the seed, and has never been demonstrated. Therefore nothing indicates that you have to re seed.
You can read the full conversation in this link from the subreddit of ledger: https://www.reddit.com/r/ledgerwallet/comments/82fndi/psa_dont_panic_but_assume_the_device_is/
EDIT:Just to add more to the conversation, there's a official response from saleem (the guy who found the vulnerability) and another from the ledger CEO. Check the link to find the full conversation. Ledger CEO told saleem that he's now destroying the responsible disclosure he agreed days ago.