This is a huge risk posed by those companies that monitor user information and having a virtual keyboard would greatly help to reduce the risk posed. Do you have a list of wallets that support virtual keyboards?
There's an additional risk of keyloggers being used. This could be a hardware or software which effectively monitors keys punched in a computer through several means, and can send this information to a third party which can lead to an exploitation. The risk becomes worse when you consider that hardware keyloggers can be built in on a keyboard you purchase online and used to monitor your activities.
It's important to do proper research before purchasing and using any piece of hardware.
Also, disable any permission which allows a software provider to monitor your activities.
Topic: Do not use a wallet that do not bring out virtual keyboard - page 2. (Read 288 times)
Warning: Smartphone text prediction guesses crypto hodler’s seed phrase
I type so much daily, there are some sentences I frequently type which is already part of me, what I have noticed about this is that once I type the first word of the common sentences I use daily, I can use use the text predictor to know all the remaining words.
Example: I type 'Spam, move this to altcoin discussion as it does not belong to bitcoin discussion board'. If I type this often.
There will be a time if I type Spam, the text editor will bring the remaining words one by one to the last word which is 'board'.
If a see phrase is stolen if another person got hold of the person that use his device as wallet, this can not be commonly successfully done, but if it is done and the wallet is compromised this way, should we blame it on the word predictor or we should blame it on wallets that do not bring out virtual key board. I believe if virtual keyboard is used, this wouldn't have happened. Many wallets should not be used.
Quote
Andre, a 33-year-old IT professional from Germany, recently posted on the r/CryptoCurrency subreddit after discovering his mobile phone’s ability to predict the entire recovery seed phrase as soon as he typed down the first word. As a fair warning to fellow Redditors and crypto enthusiasts, Andre’s post highlighted the ease with which hackers can use the feature to drain a user’s funds just by being able to type the first word out of the BIP 39 list:
“This makes it easy to attack, get your hands on a phone, start any chat app, and start typing any words off the BIP39 list, and see what the phone suggests.”
Speaking to Cointelegraph, Andre, otherwise known as u/Divinux on Reddit, shared his shock when he first experienced his phone literally guessing the 12-24 word seed phrase. “First, I was stunned. The first couple words could be a coincidence, right?”
Andre’s experiments confirmed that Google’s GBoard was the least vulnerable as the software did not predict every word in the correct order. However, Microsoft’s Swiftkey keyboard was able to predict the seed phrase right out of the box. The Samsung keyboard, too, can predict the words if “Auto replace” and “Suggest text corrections” have been manually turned on.
“This makes it easy to attack, get your hands on a phone, start any chat app, and start typing any words off the BIP39 list, and see what the phone suggests.”
Speaking to Cointelegraph, Andre, otherwise known as u/Divinux on Reddit, shared his shock when he first experienced his phone literally guessing the 12-24 word seed phrase. “First, I was stunned. The first couple words could be a coincidence, right?”
Andre’s experiments confirmed that Google’s GBoard was the least vulnerable as the software did not predict every word in the correct order. However, Microsoft’s Swiftkey keyboard was able to predict the seed phrase right out of the box. The Samsung keyboard, too, can predict the words if “Auto replace” and “Suggest text corrections” have been manually turned on.
I type so much daily, there are some sentences I frequently type which is already part of me, what I have noticed about this is that once I type the first word of the common sentences I use daily, I can use use the text predictor to know all the remaining words.
Example: I type 'Spam, move this to altcoin discussion as it does not belong to bitcoin discussion board'. If I type this often.
There will be a time if I type Spam, the text editor will bring the remaining words one by one to the last word which is 'board'.
If a see phrase is stolen if another person got hold of the person that use his device as wallet, this can not be commonly successfully done, but if it is done and the wallet is compromised this way, should we blame it on the word predictor or we should blame it on wallets that do not bring out virtual key board. I believe if virtual keyboard is used, this wouldn't have happened. Many wallets should not be used.
Jump to: