The tech is really hit or miss sometimes. I have a pump that used to panic error out on a misused bluetooth connection, forcing you to set it up again.

Eventually the app developers fixed it but, for something that’s supposed to run 24/7/365 without fail it really rubbed me the wrong way.

On a slightly tangential note, I am interested in working on something better although not hardware inclined, so please reach out to me at my username @tutamail.com if you are interested.

"Just another 5 years for a cure"

Fusion within our reach.

I’d remove flagging or hiding on mobile unless you click on the post because it’s easy to accidentally do it.

Have used both Porkbun and Infomaniak, neither with any issues.

- Resell concert tickets and/or other sought after goods on a larger scale?

- Get a few remote jobs?

There’s plenty of inefficiencies around us, you just have to look hard enough.

I think Google needs to add a better way to secure old / previously inactive accounts. My guess is because your account was old, and your current device, IP and overall fingerprint was different it decided you were an intruder.

This seems inadequate to explain the removal of security keys. Unless Google inferred that OP was not just a garden variety intruder, but some sort of advanced persistent threat that had added such keys long ago?

Yep I don’t know what’s going on here. OP posted another reply with the time they added their keys and they aren't recent.

Removing pre-existing security measures due to suspicious activity seems an odd strategy.

I don't know, while this account is old and fairly infrequently used I normally have it in the google account switcher dropdown logged in rather than completely logged out.

Off-topic but what do you think they used here to render the UI. Qt?

The correct play is writing to the display buffer directly using a thin wrapper that has fonts, drawing primitives etc. I hope they don't have a GPOS and Qt on this.

home made framework like the previous devices, I'd say. The UI is running directly in the secure element (~1.5MB flash, ~50kb ram) so it's very memory constrained.

I'd be really surprised if they can pull that off. My guess is on a two-chip architecture [1] like for the original Nano S (non-plus).

[1] https://developers.ledger.com/docs/nano-app/bolos-hardware-a...

They already pulled it off for their previous device, the Nano X (and S+, which shares the same secure element with the new Stax device)

The Nano X has a minimal user interface and two buttons. I really doubt the Stax can be driven by only a secure element like that.

I just asked a guy working there, he confirmed that the screen and the touch inputs are solely driven by the SE. Basically the OS only stores a few fonts and all the graphical shapes are rebuild at runtime, it's a time for space trade-off.

Wow, and all that runs on the SE? That would be really impressive!

It's still not ideal though, given that every additional feature or library blows up the trusted code base and increases the scope of any audit as a result.

Well, I just hope the existing wallets will remain supported going forward.

They have a modular approach where the OS is not updated very often, and over it are running userland applets that define their own UI and features and can be audited separately. These applets are built using Ledger's SDK which make use of the security features of the OS through a bunch of scrutinized syscalls.

I thought a great talk around this area was Engineering You by Martin Thompson [1]. He used the phrase the "era of Software Alchemy."

[1] https://m.youtube.com/watch?v=S4LzzuMTqjs

Some impressive documentation on how to get around this BM solution.

Pretty sure they analyse TLS handshakes for their Bot Management product and probably other things.