Author

Topic: Google PATCHES critical Android crypto flaw used in $5,700 Bitcoin heist (Read 1232 times)

full member
Activity: 154
Merit: 100
A friend of mine lost his 5 coins by having this android app and now he's spooked. Told him to play it safe and get a trezor for his computer.

Any idea when Trezor will be released?  I can't find a date anywhere.

http://www.bitcointrezor.com/eshop/

Delivery est. October/November 2013
legendary
Activity: 1904
Merit: 1002
A friend of mine lost his 5 coins by having this android app and now he's spooked. Told him to play it safe and get a trezor for his computer.

Any idea when Trezor will be released?  I can't find a date anywhere.
legendary
Activity: 3430
Merit: 3080
I'm wondering what commonly used code on Android has been accessing this "flawed" RNG ... e.g. TSL connections, banking apps?

Browser based SSL and TLS are apparently unaffected, only apps that access this specific (legacy) Apache crypto library have the problem, which presumably extends to apps other than the Bitcoin wallet coterie
legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
I'm wondering what commonly used code on Android has been accessing this "flawed" RNG ... e.g. TSL connections, banking apps?
full member
Activity: 154
Merit: 100
Don't store coins on your phone etc etc

My Android wallet is safe, it moved my 0.007BTC for me...
sr. member
Activity: 336
Merit: 250
Cuddling, censored, unicorn-shaped troll.
Quote
Symantec researchers said in their blog post. "Since transactions are public on the Bitcoin network, attackers scanned the transaction block chain looking for these particular transactions to retrieve the private key and transfer funds from the Bitcoin wallet without the owner’s consent."

I wasn't aware Symantec was interested in bitcoin... There are actually a lot of related posts in their blogs. Shocked
Here is the one the article mentions.
legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
google "crypto flaw" or google nsa back-door?

... guess we'll never know, they got laws for lying about stuff like that.
legendary
Activity: 1568
Merit: 1001
A friend of mine lost his 5 coins by having this android app and now he's spooked. Told him to play it safe and get a trezor for his computer.
Jump to: