Topic: Earn merit by telling us about the dangers in using 3rd party wallets. (Read 683 times)

In fact, I would like to say that other than the official wallet, other wallets are dangerous

When I was looking answers for this initial question (Of course I googled and read some documents, Sources are mentioned below) I got to know few new things regarding Bitcoin wallets. Since many of the replies converge to the answer I am not going to go through that same stuff over and over again.


As clover 12 suggested here I thought to give a brief Idea as much as I understand. (Please feel free to give suggestions and corrections since I am not an expert nor had any prior experience and this reply only depicts two hours of googling and digging in crypto websites.)

For the simplicity of understanding, I am going to use an Answers and Questions approach.

Q1 ) First of all what is a crypto wallet?

As you already know we need a digital wallet to store any cryptocurrency. A wallet is basically a software which stores private and public keys (Two Cryptography methods used in encryption) and interacts with various blockchain to enable users to do digital currency transactions.
 
NB:

Unlike traditional ‘pocket’ wallets, digital wallets don’t store currency. In fact, currencies don’t get stored in any single location or exist anywhere in any physical form. All that exists are records of transactions stored on the blockchain. In other words, this is like a huge ledger where we note down all the expenses and incomes.

Q2) The Ops question is about third-party wallets, Then There must be another type of wallets, Is it?


As OP has said here He is referring to all the wallets other than a core wallet as a third-party wallet.


Q3) What is a Core wallet then?

Bitcoin Core is the software that runs the entire bitcoin network. Included in the Bitcoin Core software is a secure digital wallet that can be used to store, send and receive bitcoin. By choosing to store your bitcoin in the Bitcoin Core wallet, you can contribute to the decentralized bitcoin network by validating transactions and storing a copy of the blockchain.
It takes a little bit of technical knowledge to get started with the Bitcoin Core wallet, but when it comes to security the original bitcoin wallet is still hailed by many as one of the safest places to keep your funds.
And do not get into a false sense, as everything in life Core wallet too is far from being perfect. It too has pros and cons. While the high level of privacy and security being the most visible pros, having to download a file of size around 150GB (This is free to download and works well with most of the common Operating systems Including Windows 7,8,10 versions, Linux, Mac Os and also with raspberry pi V.1, V.2), having to store this large file  in your local machine with limited resources and requirement to know your way around the Bitcoin core would make a beginners life bit harder.

Q4) Okay, Core wallets sound good, I wanna set up a one, tell me how to do it.

If you still need to go with a Core wallet (Actually the preferred way among experts in the field) here is a guide for you.


Q5)  I don’t need that so-called valuable information! Just tell me about third-party wallets!!

Unlike in a core wallet, the information can be accessed from anywhere since the wallet is saved in a remote cloud server. As everything is on the web, this too is a security vulnerability. Since the drawbacks are well covered in above replies I am not going go through the same stuff over and over again.  I’ll tell you the answer for the exact opposite question which OP asked.

Q6) What are the advantages of using a third party wallet?

You do not have to have a technical knowledge at all, Go to the website and enter a password BAM! You have a wallet.
You do not need to do any update manually. You may have thousands of problems but maintaining the blockchain file, updating it won’t be one of them. It will be taken care by the wallet hosting site. There will be no emails, text messages or pop-ups telling you an update needs to be downloaded.

Obviously, as OP has mentioned clearly using a third party wallet is a huge risk, as in all cases High convenient comes with High risk. There are numerous cases has been reported throughout the history of Bitcoin regarding security vulnerabilities with use of third-party wallets.

Please go through the answer of napsterz(https://bitcointalksearch.org/topic/m.40737106) as it seems to be covering the OP’s question.  
Cheers!


PS: If this reply is out of the topic I apologize for that and please feel free to delete.  



References:

1.   Bitcoin Core ( https://en.wikipedia.org/wiki/Bitcoin_Core )
2.   Bitcoin Core: The original bitcoin wallet – June 2018 review ( https://www.finder.com/bitcoin-core-wallet-review )
3.   How to set up the Bitcoin Core wallet Client for Beginners and send your first Transaction ( https://medium.com/@CoinMeteor/how-to-set-up-the-bitcoin-core-wallet-client-for-beginners-and-send-your-first-transaction-819c6d5b9790)
4.   Public Keys and Private Keys (https://www.comodo.com/resources/small-business/digital-certificates2.php )

Edit:
I found this Immensely helpful link regarding Bitcoin wallets and I suggest all the newbies take a sneak peek here!

Lets say 3rd party wallets are more beneficial than the main wallets, 3rd party wallets have more features that they offering like coin swapping , multi cryptocurrency wallet and many more but this is the deal using 3rd party wallets you are just like letting them to controlled your coins and also you dont have a freedom to choose what will be the FEE for every transaction you will make (like in exchanges).And also 3rd party wallet is very prone in hacking that attackers can stole your coins in instant. To those beginners that reading this i didn't saying that all of 3rd party wallets are not safe to use just pick a 3rd party wallets that you can trust your assets.

Fraud, misuse, and lack of safety are the maximum common dangers related to third-party wallet processors these days .

Deposit relationships with payment processors can disclose monetary institutions to risks not found in regular business consumer relationships, along with more strategic, credit, compliance, transaction, legal, and reputation threat.

We need to constantly preserve networks separate, review how they’ve dealt with and pointed out protection breaches, examine online evaluations, and ensure that they do now not use an automatic vulnerability management system to guard information.

Most I guess were mentioned already. So I'm just writing down some more based on my personal experience.
Advantages:
Free
Easy access of assets to trade any time whenever opportunity arises
You can convert one asset to another within the same exchange/wallet

Disadvantages
Possible loss of assets if available protection is not utilized
Some require min amount of withdrawal. If you have only change you can forget about it, unless you will deposit some more to get it, which I find impractical as this will cost you more due to transaction fees.

I may have missed it, but I think you asked for ways to avoid the dangers of third-party wallets? Well how about don't use them and use a Trezor, Ledger Nano instead? I think an easy to use hardware wallet is ALWAYS the way to go. Some people think they are expensive, and I get that, but once you lose your coins (like we all do) because of a scam, or you can't remember your password (how many BTC are frozen because of that) you will see that $100 (or so) is a great deal.

I think those little devices are great.

Here are way to get them:

https://shop.trezor.io/?h=7472657a6f722e696f (buy a Trezor here, direct from the maker, much safer than buying elsewhere, a Trezor One is good enough, you don't need the new fancy version)

https://www.ledgerwallet.com/products/ledger-nano-s (buy a Ledger Nano, direct form the maker)

These things take about 15 minutes to set up and then your private keys never touch the Internet.

I read an article once about a guy who tried to hack his own Trezor. I think he failed, but I learned a lot.

https://www.wired.com/story/i-forgot-my-pin-an-epic-tale-of-losing-dollar30000-in-bitcoin/

I advise you not to use third-party wallets. At any time will be without their savings! Do not use wallets on smartphones. It is better to use Linux or a virtual operating system to work with wallets and exchanges. Keep passwords, private keys in a safe place. Good luck to all crypto-enthusiasts!

What I think are the dangers of using 3rd party Wallets:

1. Access - Because the website is freely accessible online on any browsers, your personal information namely your wallet address could be in trouble. If you are outside and are using a public network then you are more vulnerable to cyber attacks.

2. Security - 3rd party wallets need to safely protect your information from prying eyes, they may have very weak encryption and hackers might be able to breach, also their admins and staff could also circumvent their own security and this may lead to you losing all your money on your wallet when that employee decides to go rogue.

My 2 cents. Thanks!

Let's talk about both advantages and disadvantages of third party wallets.
I don't think it is reasonable to discuss only about the 'dangers/ drawbacks' of third party wallets.
Any discussion and point of view should be taken into consideration in both sides, should not only positive or negative sides.

1. Advantages:
- No requirements for hardwares to install, set up, and synchronize wallets, which also requires a lot of time. For someone, who can not buy strong hardwares to do these tasks, using third party wallets are their best choice.
- No requirements on technical issues, especially someone who have very limited knowledge, skills on computers (the elderly, women - most of those sort of people). They can get and store wallets easily by following guided steps from third parties.
- Can get helpful supports from third parties when have demands to recover wallets, etc.

2. Disadvantages:
Now, let's talk about drawbacks of using third party wallets, which is the main point to discuss of the topic.
- There are risks to lost your money due to unexpected serious issues with third parties, such as hacks, scam third-party wallet providers. Using wallets from third-party providers, you put your money under their controls, which in turn result in high risks of losing money due to their bad manangements.
Of course, users should discover carefully about third-party providers which they would like to use their services. Doing this will help users to lower risks with providers to much lower odds.
- Your transaction orders might get stucked due to maintenance or frozen modes from third-party wallet providers at any time, which you don't know when it will occur.
- Won't get any support if you choose wrong providers (scam providers).

To sum up, spending time to discover about third-party wallet providers, their services, chronological events (if they got terrible issues, hacks before, how they solve those ones is very important), before deciding to use their services.
It's also better to choose third-party wallet providers have cold-wallet storages.

Firstly, thanks for this thread, apart from the opportunity to earn merit. I believe this kind of thread will help get many newbies informed and also serve as a friendly reminder to experienced members. I will not waste time on definition because I believe the previous posters combined have done justice to that.

However, I think there's another important danger to using third party wallets that have not been mentioned yet, which is that; using third party wallets puts you and your coins at the mercy of the developer(s), especially if it's not an open source project with a large active and well motivated community.

I didn't realise how crucial this can be until the recent issue that happened where a developer threatened to split the Zcash Network if he wasn't paid in return for his development efforts.

According to CoinDesk; D. Jane Mercer, the sole maintainer of the Windows Zcash wallet software, said he was going to cease development of the clients and release a zcash competitor "rebranded as another coin," if he didn't get further funding for his work. And, I think the community had to contribute for him, to sort of bribe him before the issue was resolved. Full story at https://www.coindesk.com/zcash-pays-off-angry-developer-avoid-blockchain-split/

In this case D. Jane Mercer single-handedly made a decision which put the status of clients coins, those who have trusted their wallets to his wallet software at a big risk, because in such cases, the situation could have gone the other way which might have got messy, and I'm sure the developer knew his power lies in his uses base, so he probably might have found a way to hold his use base hostage to achieve his aim (just my personal opinion though).

So, to add to all the the previous posters have said, if you must use a third party wallet always make sure that "in addition to other things" it's an open source project, possibly maintained by a community of developers that well motivated.

MEW is can't catagorize as a 3rd party wallet since we are the only having "private key", not the MEW team.

The hacking thing about MEW is another aspect which happens if we entered our private key through a phishing link. So it's better not to use keystore file(JSON) or private key in order to login your account. Always try to use servise like"Metamask" which is less likely to be phished.

I'm certainly new here but I think the dangers of using third party wallet can be summarized by saying bitcoin is decentralized whereas not all third party wallets are

Using a 3rd party wallet you will not be able to guarantee that your money is safe. As far as I remember, Myetherwallet was attacked not long ago. Your money will not be safe anymore

As lots of users above commented, there are both advantages and drawbacks of using third party wallets.
Consequently, each one will have specific purposes, and different choice to use third party wallets or set up their old wallet with full control of wallet by themselves.

The dangers in using third-party wallets are that the wallet is stored on remote server, so the information is easily accessed from anywhere, no matter what computing device you're using. That is to say, third-party wallets are almost exclusively web wallets. Those who didn't use third-party wallets find it hard to trust the third-party wallet when it comes in safety.

These sort of incidents are a little bit like when hackers compromised Target’s payment system, and stole customers’ credit card information. In the case of bitcoin owners, they are doing business with companies that don’t have proper cybersecurity measures in place—and worse, unlike the Target breach, no one is likely to refund their money.“Exchanges” may be hacked now and then.In my opinion even the most reputable bitcoin exchanges are suspect. Not because of intention but because of the many ways an exchange is subject to attack.Anyone using 3rd party wallets must be  careful.

Third party wallets are web wallets that are stored by a third party (in most cases exchanges) usually on a remote server.  Because of that, the information is accessible from anywhere and from any device .These digital wallet apps are managing your private and public key for You , but  because this data resides on Your computer or smartphone ,there is a risk that someone hack your founds.
To prevent  and avoid losing funds  and not to expose Yourself to unnecessary risks, there are some precautions to follow  :

If coins are stored on  the  Exchange only keep funds that You plan actively trading with. Use  a unique and dedicated email address for all trading accounts, create difficult password ( not used elsewhere ).

Do not save auto fill  account details  of the Exchange on Your PC ( username and password ) , do not click on advertisements, regularly run antivirus software on your mobile and PC, type the exchange URL directly to the browser and when You are on  the Exchange clean the cookies.
Exchanges should have 2FA enabled and save 2FA recovery on a safe place.
Join the network by private  encrypted channel using VPN technology.

Cryptocurrency  that You are not trading with store on hard wallet bought directly from manufacturer or official distributor. (Avoid eBay&Amazon sellers)
Keep private keys for your hardware wallet on a secure location.

Many people use MEW to participate in the bounty. Everyone knows that there is a private-key for using the wallet. Since this topic is about security, I think it would be appropriate to show my article how to make an encrypted volume for storing important data: https://bitcointalksearch.org/topic/safe-storage-of-data-guide-3361608

I disagree. Android phones are cheap, and plentiful. If you're an Android user, chances are, you have a spare Android phone lying around somewhere (I currently have two alongside). You can fairly easily wipe it, and install Bither/Mycelium/BreadWallet/Your Android Wallet of choice and keep it as an offline/airgapped wallet. Yes, there are many malware applications, but I don't believe any are persistent, and you can keep the phone permanently offline.

Using 3rd party wallets seems to be secure at the first view but if you dig a bit deeper you will recognize more the technical thing about it.

The basics are about the blockchain. If you have Bitcoins they aren't stored "at your wallet". This is not possible, it's about the blockchain where everything ist saved. So it's only the way you access your Bitcoins at the blockchain. For getting access to your coins you need the public key and the private key. You can use different ways to do this, one of them is to use a 3rd party wallet. A 3rd party wallet means they held the private keys of you and if the 3rd party gets hacked, you will be affected. Most services offer a cold-storage wallet to secure this (private keys are held offline by the exchange) but after all you have to trust the 3rd party.

Another risk is to get phished, when you log in and if your account is compromised, the hacker can access your Bitcoins - you can't do anything.

It's better to use your own, private Bitcoin address, a 1st party wallet. Here only you know about your private keys. Keep them secure and don't tell anyone about it. Save them on a piece of paper and please don't store them at your computer, especially when you are online. A first party wallet can be a desktop wallet, a hardware wallet or a paper wallet. If you do no mistakes these options are very secure. For a long term-storage a 3rd party wallet is not recommended. Remember the hack of Mt.Gox. The best option is to use a 1st party wallet for this - be your own bank  

If you use a 3rd party wallet (like an exchange for trading (Binance) ord to buy Bitcoins (coinbase)) please keep the amount you held there as low as possible and send coins you don't need there to a 1st party wallet.

Another thing is about ICOs and if you participate in an ICO please don't use an ETH wallet you have no private keys from. You can only access your tokens if you have the private keys. If you use a 3rd party wallet you won't have access to your ICO token. The private keys are held by the exchange and the only possibility is to contact them to send your tokens to another wallet (what is very unlikely because of the cold storage). In 99% of all cases they won't do anything. For ICOs please avoid using a 3rd party wallet, where you won't have access to your private keys.