New firmware update 1.4.1 available for the Nano S

ledgernanos
updates
firmware

#1

New firmware update 1.4.1 available for the Nano S


Ledger

We’re thrilled to announce the release the Ledger Nano S firmware 1.4 (available as version 1.4.1), which brings several functional changes, new UX features as well as a few security improvements. One key update that we’re really excited about: with the firmware 1.4, you’ll be able to install many more applications on your Ledger Nano S!

We highly recommend all our users to update their Nano S by following these steps.

New features to significantly improve user experience…

  • The number of apps which can be loaded onto the Nano S at the same time can be raised to up to 18 (depending on the cryptocurrencies – see FAQ), thanks to some refactoring on the BOLOS app management. As a reminder, deleting an app does not impact your cryptocurrency holdings: when the app is reinstalled, the original balance is retrieved.

  • The screen lock management has been slightly modified. A long press (3 seconds) on both buttons of your Nano S when it is in use (whether in the dashboard or while using apps) will enable you to lock the screen.

  • To ensure that the user has backed up correctly the 24 words, all of them must now be confirmed during the onboarding.

  • Several other optimizations have been implemented in order to improve the user experience. For instance, the device is now faster using some cache optimizations.

… While we keep improving your security

BOLOS (Ledger OS) has evolved. You’ll find below some of the latest modifications:

  • The apps are now split in 3 segments (code, data, installation parameters). Two different hashes are computed (code + data and code + data + installParams). This allows the user to verify the data loaded even for apps which have secret data.

  • U2F tunnel is now supported for APDUs in the dashboard and also in the SDK. It’ll make it possible to support all communication protocols with a single interface and avoid using the “Browser Support” options. U2F tunnel is very convenient to interface with a web application (such as MyCrypto / MyEtherWallet).

  • The SDK now offers another primitive for comparing memory pointers securely (memcmp).

The cryptographic support has been widely extended. A lot of new Elliptic Curves are now supported:

  • SEC curves (SECP384R1, SECP521R1),

  • Brainpool Curves (P256R1, P320T1, P320R1, P384T1, P384R1, P512T1, P512R1)

  • ANSSI Curve (FRP256V1),

  • Edwards Curves (Ed448), and

  • Goldilocks’s curve (Curve448).

The firmware 1.4 includes a few other security improvements. For instance, the policy to load 3rd party apps slightly evolved. The custom Certification Authority (CA) management is now only available under recovery mode. It is intended to make malware applications less attractive to promote for inexperienced users.

Also, we would like to congratulate two of our users, who successfully found bounties in our firmware 1.3. Though these issues were not critical and apply only under quite uncommon conditions, they are now solved in our firmware 1.4 – consequently, you are more than encouraged to update. We will share more details about these issues soon. We are very thankful for these two users for raising these issues with us, and are going to reward them with a bounty for their help and responsible disclosure.

This is also a great opportunity for us to promote our Bounty Program: we definitely encourage our users to challenge the security of our products. If you find a vulnerability or a bug on our design, you can get rewarded in bitcoins by following the Bounty Program guide.


#2

Nano S best hardware wallet on the market, such wow, much love. <3


#3

Sounds like a solid update but I would wait a while before updating. Sounds like a few are experiencing teething problems judging by this thread on reddit.


#4

sounds also like they have been a little unpatient :sweat_smile:

Stuck on “update” i’ve unplugged and restarted ledger manager but still stuck on “update” any one know how to fix this?

Me too

EDIT: Just waited a few minutes and it updated without any more problems!

same.

Edit:

Guys, I got it working!

Just left it plugged in on “update” even though the Ledger Manager didn’t recognize the Nano S and then after ~2 minutes it just rebooted the Nano and it worked


#5

Is it mandatory to update my Nano S device?
The update of your Ledger Nano S to the firmware 1.4.x is strongly recommended, and will become mandatory on March 20th. Until this date, you are free to use either firmware 1.3.1 or firmware 1.4.x.

The update is mandatory after March 20. But yeah, I will wait until the dust settled first.
I’ll wait for 2 weeks…


Ledger on Twitter
#6

Thanks for the updates.
Great for ledger users!


#7

Oh man, this is scary issue…


#8

it was stuck on “MCU is outdated” showing on the Ledger itself. Googled that.
What fixed it was to disconnect the Ledger while the Ledger Manager app is open, hold the button closest to the USB port and reconnect the USB cable.
Then let it boot, go through some sequences.

Another possible fix if the one above does not work might also be:

Source: Reddit
I had the same issue. Got stuck at “update” after “MCU” restoring.

Assuming you’re on Windows: Open device manager check if under “human interface devices” there is any device with a yellow warning sign. It’s most probably the nano s. Double click and and select the “driver” tab. Click “update driver” (or something similar).

Once the driver is updated successfully and there’s no more yellow warning sign beside the device the nano update via the app should go through.

You might want to start with the MCU restoring step again.


#9

ah…next issue:
Unable to install OS Updater.

Anybody else had this? I only have the Bitcoin app installed, everything else i deleted to have enough space.
here’s what i tried myself already:

  • Disconnect the Ledger, reconnect it (leaving the application open). Result: Same error
  • Disconnect the Ledger, close Ledger Manager application, reconnect. Result: Same error.

Now, Ledger itself says that you need to remove all apps from the Ledger. Really convenient they didn’t start the update manual with this essential step… Now it is in a loop.


#10

anyway did you just try to restart your browser and reconnect the device?


#11

i didn’t restart the entire browser, but just the “application”.


#12

I´d try restarting your whole system, this may help.


#13

i closed browser, disconnected and held the button closest to the port. then reconnected. it went through the same steps but now the Manager application is stuck at the “to begin, connect your Ledger Wallet”.

I’ll reboot my system now, because i’m out of options.


#14

didn’t help. still stuck at the begin screen in the Manager app, Ledger showing Update.


#15

are you behind a VPN or a firewall?


#16

no #characterlimitssuck


#17

did you press 5 seconds and plug in at the same time?


#18

yes.
On Reddit, lots of ppl have this problem. Ledger will probably need to address this, it seems.
i’ll try later on my mac instead of my windows pc.


#19

another possibility is that their update server is overloaded because too many people try to do the update now at once.

maybe it will work better later.


#20

that is a good idea, i did not consider it because i thought it downloaded every needed file before starting the upgrade (so it be connection independent during upgrading)