Author

Topic: IP leak from MetaMask wallet (Read 155 times)

hero member
Activity: 1274
Merit: 561
Leading Crypto Sports Betting & Casino Platform
February 11, 2022, 10:14:29 PM
#4
The team behind OMNIA protocol disclosed many ways of obtaining other people's IP through Open sea website. Isn't it threatening to the general public and a lay man if everyone can now extract people's IP for malicious reason? Because, the Idea is understandable even to those who are not into tech to test and try. Well, the Meta-mask team have been aware of such a loop hole without defining another method to secure their platform. They are a lot of platforms that are like Meta mask so people should move on to a more decentralized computers or networks for safety. 
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
February 09, 2022, 07:50:33 AM
#3
Sooo...

We now know that using crypto with an online computer is not that secure.
We now know that web browsers and plugins are not that secure
We now know that running something like MetaMask that can connect to everything anyplace is not that secure

Oh, wait we knew all those things already...

The only new(ish) info is that MetaMask might be a bit poorly written and has not had a real security audit.

-Dave
member
Activity: 90
Merit: 91
February 09, 2022, 06:03:13 AM
#2

It seems appropriate here to cite a MetaMask "audit" by Matthew Green:

https://blog.cryptographyengineering.com/2022/01/14/an-extremely-casual-code-review-of-metamasks-crypto/
legendary
Activity: 952
Merit: 1385
February 09, 2022, 05:35:54 AM
#1
Last week, researchers at OMNIA Protocol published what they considered to be a critical privacy vulnerability in MetaMask. By sending an NFT to users of a mobile MetaMask wallet they were able to obtain user IP addresses when MetaMask fetched IP address data from a centralized server.

https://medium.com/@convexlabs/this-nft-logs-your-ip-address-7f6f9cf2376e
Jump to: