Pages:
Author

Topic: As a crypto investor, the less app you install the better. (Read 577 times)

hero member
Activity: 644
Merit: 520
Leading Crypto Sports Betting & Casino Platform
Avoid taking screenshot of your wallet seed phrase, somehow this can get to the hands of the wrong ones.


My final advice for all smartphone users is that the less apps you install on your phone the better, the less likely you are exposed to data leaking apps or malicious app, and don't use any app store to install apps, directly find their official website, that should direct you to the right apps on stores or direct download.

Do people still use crypto wallet that allows taking screenshot? I don't know for others but right from setting up a wallet, if I discover that it allows taking screenshot of keys phrases, I will instantly discard it without a second thought because it is a sign of weak security protocol from the developers. On the aspect of keyboard, I don't know what third party keyboards offer that phone built in keyboard doesn't offer which makes people to use them despite knowing the risk involved nowadays. I remember back then when I used third party keyboard but whenever I enter any site or app that requires typing of password or other sensitive information, my phone will automatically switch to phone built in keyboard. That's how things are supposed to be but I don't know what's wrong this days. Some of these security threats can be avoided by us using simple measures but we choose to overlooked it until it causes harm.
The more you use crypto wallets that allows screenshots the more chances you get your self scammed mostly when you install the wallets on your cellphones. Everyone's intentions are not the same, anyone can have access to your phone and screenshot your wallet others might see it and try to scam you on your absence. Many devices saves passwords  and logins detail, so advise one should always go to the password management section under settings to delete the wallet password.
hero member
Activity: 2786
Merit: 657
Want top-notch marketing for your project, Hire me
The image below is mine, I took this screenshot because Unstoppable wallet, a open source crypto wallet is the only crypto wallet that I have on my phone that warned me about using a non default keyboard, and I have many other crypto wallets on my smartphone including metamask and trust wallet.



This shows that all these apps are sensitive to everything we do on our smartphone, I will like to advice beginners to avoid non default keyboards, as they have the potential to collect every data on your phone, the sensitive ones and the less sensitive, even the words we type through them.

This is just a reminder for this new year, if you are just starting your crypto journey avoid doing this with your phone.

Avoid using a non-default keyboard, stick with the default keyboard

Avoid taking screenshot of your wallet seed phrase, somehow this can get to the hands of the wrong ones.

Avoid unlocking your phone bootloader, all OEM security is gone after the unlock, unless you know what you are doing.

My final advice for all smartphone users is that the less apps you install on your phone the better, the less likely you are exposed to data leaking apps or malicious app, and don't use any app store to install apps, directly find their official website, that should direct you to the right apps on stores or direct download.

Yes, having fewer apps installed on the devices we use for crypto-related activities is a good one for all cryptocurrency investors but it still doesn't provide the needed security and protection to prevent vulnerability. Besides, if we're still using Android and iPhone but never turn off certain settings on our phones we're still not far away from vulnerability and possible private information bridge based on how these phones are programmed by the manufacturer.
I created a thread last year that provided an insight assistant on this with the link to check the flaws of all the applications we installed or are about to install on our devices.


legendary
Activity: 2604
Merit: 2353
I don't think smartphones let users take screenshots of seed phrase, there is usually a kind of protection in the wallet app against that, otherwise it would be less difficult to hack HD seeds of wallets. But more globally you shouldn't leave large amounts of funds in your hot wallets. And if you need to use a smartphone to use some dApps with higher amounts, it's better to dedicate a smartphone to it if you can afford it.
hero member
Activity: 3024
Merit: 745
🌀 Cosmic Casino
That's a good advice because there are many people who actually install 3rd party keyboards because it looks all good and aesthetic.
Yeah, they are for the design of it and thinks that it's the best keyboard that they'll ever have. I don't usually download something like this and even plug ins. Any type of app that we're downloading that we're not familiar with, there's a huge risk that we're putting to ourselves if we're going to be careless just for the sake of aesthetic and liking the design of it. Honestly, we don't really need them if there are integrated keyboards or the default ones.

I have already told my friends to avoid using such 3rd party keyboards because of security and data concerns.
We should only use the built in keyboards on our phones and also restrict permission to apps which doesn't require keyboard access.
It's applicable to anything and not just with keyboards. And once we give these apps permissions to access our phones, that's like giving them a huge hole and gate to come forward and attack us easily.
hero member
Activity: 2702
Merit: 716
Nothing lasts forever
That's a good advice because there are many people who actually install 3rd party keyboards because it looks all good and aesthetic.
I have already told my friends to avoid using such 3rd party keyboards because of security and data concerns.
We should only use the built in keyboards on our phones and also restrict permission to apps which doesn't require keyboard access.
hero member
Activity: 2366
Merit: 793
Bitcoin = Financial freedom
I have been using Gboard for years and I try to disable all the possibilities where Google can track us which may not give complete privacy but better than letting them know everything about us.

AFAIK, Google  doesn't collect user data from keyboard unless the user enabled the next word suggetion so these small tweaks can give better internet security.
Presuming you are using Android.  The keyboard Google offers is very bad.  It is Closed Source and no body can guarantee the information never leaves toward their servers.

Use OpenBoard instead.  It works and looks just like Google Keyboard but is Open Source.  This guarantees you do not have information leaking through stupid 'features' such as data collection.

You can find OpenBoard here.  https://f-droid.org/packages/org.dslul.openboard.inputmethod.latin/
I tried many keyboards but none of them are convenient as Gboard and if I am not it is the default keyboard for most Android devices.

Whatever I type something sensitive then I opt for the virtual keyboard whether it's entering seeds in electrum or logging into my internet banking that completely eliminated the concern we are talking about apart from that I just use Gboard in all my android devices.
hero member
Activity: 2408
Merit: 584
I don't really get what you mean by keyboard can be compromised by account synchronization. Also, I don't think there's any such thing as offline keyboard. To avoid losing your funds to scammers, do not install fancy or third party keyboard, only use the factory installed stock keyboard.
Some third-party keyboards come with account synchronization and sometimes such keyboards can also have keyloggers attached to them which means that anything you type using the keyboard, is sent directly to the hackers that have injected the keylogger into that keyboard and you wouldn't even know about it. Before you come to know, they will have your accounts emptied and you will have nothing else to do than to regret.

Mobile applications are getting compromised a lot these days, so users need to be cautious when installing applications both from app stores and from third-party websites because they can contain malware and other material that can compromise their device and financial apps.
hero member
Activity: 1106
Merit: 526
Leading Crypto Sports Betting & Casino Platform
The highest safety comes from knowing how developers collect your data and what level of risk and privacy you will have using those apps, so we need to protect ourselves by knowing what steps to take that will guarantee our safety online and while using third-party apps.
I have been a victim of clipboard attacks before,  and to some extent, I learned a very bitter lesson from that experience since I did not know where the attack came from I became more skeptical about almost everything that came into my device.
legendary
Activity: 2254
Merit: 2406
Playgram - The Telegram Casino
Once a malicious app has access to your device, airgaped or not, there's a problem.
The literal meaning of airgap is to isolate the network and prevent any external access or connection. This means if done correctly there is no route of access for a malicious app.

I don't see this as a big threat especially as you mentioned Trust wallet. Besides some closed source apps are better than unmaintained open source apps.
Definitely avoid unmaintained open source softwares, but also avoid closed source wallets.
It's a security advice and not everyone takes them seriously, so you don't necessarily have to see the threat.
legendary
Activity: 1316
Merit: 1089
Goodnight, o_e_l_e_o 🌹
As a crypto investor, you should invest in a good open source hardware wallet or keep your coins on an airgapped device. This way you don't have to worry about what you download on your mobile or desktop cause it's not linked to your holdings.
You sounded so confident like this is the ultimate solution for hacking and fishing. Prevention has always been the best measure to take. Once a malicious app has access to your device, airgaped or not, there's a problem.

• Don't use closed source wallets like trustwallet,
I don't see this as a big threat especially as you mentioned Trust wallet. Besides some closed source apps are better than unmaintained open source apps.
legendary
Activity: 882
Merit: 1873
Crypto Swap Exchange
I have been using Gboard for years and I try to disable all the possibilities where Google can track us which may not give complete privacy but better than letting them know everything about us.

AFAIK, Google  doesn't collect user data from keyboard unless the user enabled the next word suggetion so these small tweaks can give better internet security.
Presuming you are using Android.  The keyboard Google offers is very bad.  It is Closed Source and no body can guarantee the information never leaves toward their servers.

Use OpenBoard instead.  It works and looks just like Google Keyboard but is Open Source.  This guarantees you do not have information leaking through stupid 'features' such as data collection.

You can find OpenBoard here.  https://f-droid.org/packages/org.dslul.openboard.inputmethod.latin/
hero member
Activity: 2366
Merit: 793
Bitcoin = Financial freedom
The worse part of it is that any keyboard can get compromised with account synchronisation. So, the best thing is to use offline keyboards to avoid getting hacked or compromised with keyboad. I use my keyboard offline now.
I don't really get what you mean by keyboard can be compromised by account synchronization. Also, I don't think there's any such thing as offline keyboard. To avoid losing your funds to scammers, do not install fancy or third party keyboard, only use the factory installed stock keyboard.


Maybe, he is mentioning Google keyboard which tracks all the user data knowingly or unknowingly from it's user for various purposes. I have been using Gboard for years and I try to disable all the possibilities where Google can track us which may not give complete privacy but better than letting them know everything about us.

AFAIK, Google  doesn't collect user data from keyboard unless the user enabled the next word suggetion so these small tweaks can give better internet security.
sr. member
Activity: 658
Merit: 441
True, but how is it possible to do that considering the fact that there are so many apps for airdrop and doing testnet these days. I literally do not even know the number of apps I have in my phone these days. Maybe, one needs to get a different phone for farming airdrops and testnet.
If you've so many apps installed on your phone, especially from unknown sources, there's a greater chance of getting your funds stolen by an hacker, as some of the apps may be developed and deployed on internet by scammers. My advice is that you get a hardware wallet for storing your funds offline while you use your phone for browsing and other activities.

The worse part of it is that any keyboard can get compromised with account synchronisation. So, the best thing is to use offline keyboards to avoid getting hacked or compromised with keyboad. I use my keyboard offline now.
I don't really get what you mean by keyboard can be compromised by account synchronization. Also, I don't think there's any such thing as offline keyboard. To avoid losing your funds to scammers, do not install fancy or third party keyboard, only use the factory installed stock keyboard.
member
Activity: 919
Merit: 19
Do it For Better Humanity (Bitget trader)
The worse part of it is that any keyboard can get compromised with account synchronisation. So, the best thing is to use offline keyboards to avoid getting hacked or compromised with keyboad. I use my keyboard offline now.
member
Activity: 994
Merit: 14
True, but how is it possible to do that considering the fact that there are so many apps for airdrop and doing testnet these days. I literally do not even know the number of apps I have in my phone these days. Maybe, one needs to get a different phone for farming airdrops and testnet.
legendary
Activity: 2422
Merit: 2228
Signature space for rent
I strongly advise you to just avoid storing your crypto on your smart phone. We have to be careful about smart hackers as well. When we use a hardware wallet, hackers won't get access to your wallet unless you compromise your seed phrase. Our mobile devices and computers would be affected anytime when we installed something that we weren't well aware of. So we might lose everything, and our wallet would become empty. We have seen many cases where hackers attack through malware when installing something from untrusted sources.
hero member
Activity: 1106
Merit: 526
Leading Crypto Sports Betting & Casino Platform
In the cryptocurrency world, one feature that we like most and always prefer is what we call privacy and for that, any action that will expose us, we always try as much as possible to avoid, and just like installing multiple third-party apps on our devices because we don't know which one comes along with a malware that could affect our system.
So we all have to try as much as possible to only keep clean and secured apps on our phones or computer devices, this is very important to save us from every possible vulnerability attack that may come along the way.
hero member
Activity: 2408
Merit: 584
My final advice for all smartphone users is that the less apps you install on your phone the better, the less likely you are exposed to data leaking apps or malicious app, and don't use any app store to install apps, directly find their official website, that should direct you to the right apps on stores or direct download.
Yeah, I don't recommend using mobile wallets to cryptocurrency investors in the first place. They are not secure and mobile phones or any devices connected to the internet are always vulnerable to hacks and exploits, so it's better to store your cryptocurrencies elsewhere even if you are using an online wallet which you shouldn't, make sure that it's not always installed and available for anyone to access through the device as your device can get in the hands of anyone.

People often make the mistake of having their wallets in their mobile phones and then saving their important credentials such as passwords and seed phrases inside that phone, in such cases, if your phone is lost or stolen, you basically lose all your funds since you have everything in that phone.
legendary
Activity: 882
Merit: 1873
Crypto Swap Exchange
I do not get the point of inserting a Seed or other sensitive information using the Default Keyboard anyway.  A keylogger type of infection could easily pick up the keys you push on your screen but will likely not pick up any thing if the App you are using has its own keyboard unrelated to your phone system.

Using Third Party keyboards is the worst thing you can do.  You are compromising the Security of your Wallet for a more eye pleasing personalized experience.  It makes zero sense.

But then also be careful about Apps requesting permissions for Screen Overlay and such.  These can be just as dangerous.  It is always important to often check your Device Settings and see which permissions do your Apps have enabled.  But then again.  You probably should not have a Wallet installed on a phone which you use to install all sorts of suspicious Apps.
legendary
Activity: 1890
Merit: 1537
I will like to advice beginners to avoid non default keyboards, as they have the potential to collect every data on your phone, the sensitive ones and the less sensitive, even the words we type through them.
I have found many applications for non-default keyboards that have been modified and developed and added attractive features. These modified applications are not only for the keyboard but also for communication applications. You may find WhatsApp Gold or Telegram Plus and unofficial versions developed by unknown people. When someone uses one of these applications, these applications may collect essential and sensitive information, violate privacy, and expose his phone to big risks and his wallet to be exploited through the permissions obtained by them. The best thing is to use another phone for these wallets without downloading unofficial or non-default applications, whether on Google Play, the Apple Store, through the search engine, or any advertisements.

Thank you, OP, for this valuable advice.
Pages:
Jump to: