Topic: As a crypto investor, the less app you install the better. (Read 562 times)

Do people still use crypto wallet that allows taking screenshot? I don't know for others but right from setting up a wallet, if I discover that it allows taking screenshot of keys phrases, I will instantly discard it without a second thought because it is a sign of weak security protocol from the developers. On the aspect of keyboard, I don't know what third party keyboards offer that phone built in keyboard doesn't offer which makes people to use them despite knowing the risk involved nowadays. I remember back then when I used third party keyboard but whenever I enter any site or app that requires typing of password or other sensitive information, my phone will automatically switch to phone built in keyboard. That's how things are supposed to be but I don't know what's wrong this days. Some of these security threats can be avoided by us using simple measures but we choose to overlooked it until it causes harm.

The image below is mine, I took this screenshot because Unstoppable wallet, a open source crypto wallet is the only crypto wallet that I have on my phone that warned me about using a non default keyboard, and I have many other crypto wallets on my smartphone including metamask and trust wallet.



This shows that all these apps are sensitive to everything we do on our smartphone, I will like to advice beginners to avoid non default keyboards, as they have the potential to collect every data on your phone, the sensitive ones and the less sensitive, even the words we type through them.

---

This is just a reminder for this new year, if you are just starting your crypto journey avoid doing this with your phone.

Avoid using a non-default keyboard, stick with the default keyboard

Avoid taking screenshot of your wallet seed phrase, somehow this can get to the hands of the wrong ones.

Avoid unlocking your phone bootloader, all OEM security is gone after the unlock, unless you know what you are doing.

---

My final advice for all smartphone users is that the less apps you install on your phone the better, the less likely you are exposed to data leaking apps or malicious app, and don't use any app store to install apps, directly find their official website, that should direct you to the right apps on stores or direct download.

That's a good advice because there are many people who actually install 3rd party keyboards because it looks all good and aesthetic.

I have already told my friends to avoid using such 3rd party keyboards because of security and data concerns.
We should only use the built in keyboards on our phones and also restrict permission to apps which doesn't require keyboard access.

Presuming you are using Android.  The keyboard Google offers is very bad.  It is Closed Source and no body can guarantee the information never leaves toward their servers.

Use OpenBoard instead.  It works and looks just like Google Keyboard but is Open Source.  This guarantees you do not have information leaking through stupid 'features' such as data collection.

You can find OpenBoard here.  https://f-droid.org/packages/org.dslul.openboard.inputmethod.latin/

I don't really get what you mean by keyboard can be compromised by account synchronization. Also, I don't think there's any such thing as offline keyboard. To avoid losing your funds to scammers, do not install fancy or third party keyboard, only use the factory installed stock keyboard.

Once a malicious app has access to your device, airgaped or not, there's a problem.

I don't see this as a big threat especially as you mentioned Trust wallet. Besides some closed source apps are better than unmaintained open source apps.

As a crypto investor, you should invest in a good open source hardware wallet or keep your coins on an airgapped device. This way you don't have to worry about what you download on your mobile or desktop cause it's not linked to your holdings.

• Don't use closed source wallets like trustwallet,

I have been using Gboard for years and I try to disable all the possibilities where Google can track us which may not give complete privacy but better than letting them know everything about us.

AFAIK, Google  doesn't collect user data from keyboard unless the user enabled the next word suggetion so these small tweaks can give better internet security.

I don't really get what you mean by keyboard can be compromised by account synchronization. Also, I don't think there's any such thing as offline keyboard. To avoid losing your funds to scammers, do not install fancy or third party keyboard, only use the factory installed stock keyboard.

True, but how is it possible to do that considering the fact that there are so many apps for airdrop and doing testnet these days. I literally do not even know the number of apps I have in my phone these days. Maybe, one needs to get a different phone for farming airdrops and testnet.

The worse part of it is that any keyboard can get compromised with account synchronisation. So, the best thing is to use offline keyboards to avoid getting hacked or compromised with keyboad. I use my keyboard offline now.

My final advice for all smartphone users is that the less apps you install on your phone the better, the less likely you are exposed to data leaking apps or malicious app, and don't use any app store to install apps, directly find their official website, that should direct you to the right apps on stores or direct download.

I will like to advice beginners to avoid non default keyboards, as they have the potential to collect every data on your phone, the sensitive ones and the less sensitive, even the words we type through them.

---