Topic: Open source wallet and closed source wallet discussion (Read 547 times)

When i say permission, i mean permission on OS level. Here are few example,


Source: https://www.howtogeek.com/211623/how-to-manage-app-permissions-on-your-iphone-or-ipad/


Source: http://arstechnica.com/gadgets/2015/05/android-m-dev-preview-launches-permission-controls-fingerprint-api-and-more/


Advance/power user could use tool such as Wireshark to find out, but for everyone else they're forced to trust the application or ask someone to perform audit.

But depending on what kind of personal data is collected stolen, there are few obvious giveaway such as asking lots of permission on your Android/iOS device. And usually it's not impossible since it can be revealed with network traffic tool (such as Wireshark).

All or some of those permissions can be manually turned off from the phone's settings menu. And then when you start an app or attempt to use a particular feature of it, your phone is going to ask you to give the app permission to perform certain actions. That's when you know what permissions are needed to complete those actions, and whether or not you can keep them turned of. For example, it might sound weird that an app needs access to your storage and you ask yourself why does it need to go through my phone's storage and what is it looking for there? But you won't be able to download and install an update for the app without it. Of course, the permission can be given when you perform the update and you revoke it straight after that.

I am not sure if a wallet application asks for permission to track your transactions. That is the major concern with closed-source software: you're unable to verify that it actually does what it says it does. For example, you may have the option to specify and connect to your own full node to prevent collecting the information about your transactions, or rather, you make it slightly more difficult for malicious developers to collect such a piece of information because you cannot verify everything. Is there a way to check that your node is the only "server" that receives transactions, or is it only one of many, with others being malicious surveillance servers that attempt to deanonymize you? Needless to say that an application that doesn't even pretend it is legit, that is, which doesn't allow to specify a specific server is clearly malware waiting for your information.

I don't think that much is going to change with passage of time alone. It is evident that people are too lazy to make a change. Take web browsers for example. The closed source proprietary software called Chrome that is mining user personal info has more than 65% of the total number of users on all platforms while the far superior and open source Firefox has less than 4% (according to Wikipedia).

AFAIK, Linux comes with a user interface since 1992, which was a major upgrade (from CLI to GUI). I don't know how Microsoft had spread their software back then, to get advantage of their first moving position, I wasn't even born, but I know that offices did have a massive upgrade in efficiency with Microsoft Office in 90's. It might had been late to move to a brand new OS for most managers, and perhaps a risky move too, given that Excel is just better than the LibreOffice alternative.

Bill had an impressive strategy, no doubt for that.

Time will tell if the power of marketing and "first mover" can withstand the sorry shamble of rubble that Windows has quickly become.

It's not enough to just be the first one in the field, you have to make actually good stuff to convince people to stay. That's why so many people still use Apple even though they were laggards behind MS in the 80's and 90's.

Good point. Another major reason is the first mover advantage that Windows has though. Not to mention the fact that Linux has major differences that has discouraged many regular users from making that migration.

Exactly, that's why I don't consider them private, SPV asides. If you don't put transparency above all, you can neither convince us you have good intentions, nor you have coding skills, and therefore, your software can't be called secure nor private. And that's exactly what's happening with closed-source wallet software. The developers either put some backdoor, or they're just not competent enough.

And yet, number one in usage. That's the power of marketing.

The best example is Windows. It is closed source and historically all versions have had backdoors many of which were put there intentionally so that they can access your machine like the backdoors placed in Windows and used by NSA to access your webcam and a lot of other things!
It is so much easier to do something like that in a closed source cryptocurrency wallet. Specially the light wallets that depend on a centralized server to sync and use encrypted communication.

It is not only about stealing users' coins, it is also about "stealing" users' personal data, which is very hard, if not impossible, to spot early in the case of closed-source wallets. Developers of closed-source wallets may be experienced enough to avoid introducing critical bugs in their wallets, but if they behave maliciously collecting and selling the information about users' transactions to whoever pays more, you have no way to catch them red-handed because everything essential is hidden from public view. Even if they promised to compensate for all my losses, I wouldn't use their software because I wouldn't be sure if the money they offer me hadn't been earned by selling my personal information and the information of others.

It's easier to make a phishing/scam copy of an open-source wallet than a closed-source one, but if people are financially motivated enough (like NK's Lazarus Group) then they will go out of their way to make a scam clone of the closed-source wallet as well.

Yeah right, of course they will. Two Playboy models will deliver the lost coins in physical form on a red pillow to your doorstep. You get to pick which models.
 
No one knows what happens with closed-source wallets except what they tell us.

I found a GitHub research report from December 2020. It is not directly related to Bitcoin but open-source projects in general. The report claims that the average detection of vulnerabilities is not that good and that over 4 years can pass (on average) before certain code vulnerabilities are detected. But once they are, they are fixed in a month or so. Another interesting find is that over 80% of the bugs aren't malicious in nature, they are mostly mistakes made by the developers.

Yeah, he mentioned 'closed-source wallets'; I suspect he meant closed-source, but non-custodial wallets. Something like Ledger hardware wallet, Trust Wallet or Coinomi.

Exchanges probably just have to comply with deposit insurance laws.
https://en.wikipedia.org/wiki/Deposit_insurance

Noncustodial wallets? Not as far as I know. It wouldn't make sense if they would do that anyway. For exchanges, I believe there is a couple of them.

Is there such a wallet? That promises to compensate lost coins? I've never heard of something like that.
Even if it does, for one, it's not good enough as pooya87 said, and also how do you enforce it?

And they keep advertising some fake decentralization now that they fully switched to Proof-of-stake model, and on top of everything they are not censorship resistant blockchain.
Ethereum is now mostly controlled by few individuals, corporations and exchanges, with 25% of their blocks being OFAC compliant, as everyone can see on website mevwatch.info.
This number is constantly growing, and it doesn't really matter anymore if they have wallets and everything else open source, when they have protocol level censorship.

Let's learn some lesson from this shitshow fiasco, and let's not allow something similar to happen with Bitcoin.

Nobody in the right mind would do that, and closed source is sadly pretty much the norm in the normie world. 

The "promise" alone is not enough, having a way of enforcing that promise is what matters. Otherwise there has been many centralized exchanges (that people used as wallets) that promised their users that their funds are safe and yet when they scammed people or got hacked, they never compensated the users for their losses. Nobody could make them answer for it either.

I have no problem with closed source wallets if the developers pledge to compensate any coin that is stolen if there is a problem with the code, otherwise the security of the central platforms is considered higher than the closed source wallets.

The same applies to the open source wallet. If you have not reviewed every line or trust someone who has reviewed each line, there will be no difference between it and the closed source wallet.

The only essential difference is that in the open source wallet, bugs can be identified and fixed without anyone losing their money, but this rarely happens in closed source wallets.

Well because Ethereum was open source we knew from day one that the protocol is very buggy and has a lot of room for hacks like the ones you mentioned. The fact that nobody listened is their own fault so we can't really mention those breaches in this context since they were already expected.

The audits were also mostly fake, basically they created a business of auditing smart contracts and in the end they ended up getting paid (or bribed) to publish fake results.

That's wrong. We still see it; we need to get a binary of some sort to run after all, right.
Hackers can look at either the binary directly or its disassembly, it's possible to fuzz test a binary and do all sorts of static and dynamic program analysis.

How else do you think jailbreaks and Windows exploits are created?

It's possible, but it's guesswork. That could be the reason why the wallets are closed-source or because there is something there they don't want you to know about.

Close-source is saying trust me it's good. I promise.
Open-source is saying take a look and make up your own mind. Don't trust me just because I am telling you it's good.

Yes, but the coin has two sides. You mentioned one. The other is if someone is a security expert who understands coding, they could tell the developers what to improve based on what they see in the codebase. If there is nothing to see, no one can make corrections. And attacks could still happen with or without a public codebase.     

Again, it's guesswork. It can also say we don't want you to see our code because we are targeting you.

Open-source does not mean secure by default. Although after years of testing, improving, and probably being thoroughly put under the microscope by those with bad motives, it's pretty safe to say that the brands you mentioned are all secure. But we have also seen some open-source Ethereum smart contracts being breached and hacked for reasons that could be bad code, exit scams, lack of knowledge how to secure them properly, etc. It's very important who looks at the code and tags it as verified. If I am not wrong, some hacks occurred even though the projects were called audited and secure.

You can get scammed by either of them if you are not careful with what you are doing. However, opensource will act like a safety belt in most situations preventing the dev from doing silly stuff. With the closedsource wallets, you simply have no idea what is going on behind the scenes and this is China we are talking about. They will collect and use every information about you. They may not steal your funds directly but they will find a way to make up for it.

The answer is pretty simple the most popular projects are open source and they are very secure. From Linux to bitcoin core and Electrum. Everyone sees "how things are run" and they are still secure.

They actually don't need to look like the original at all. All they need is the name.
Think about their target victims. They are either people who have never used the software before so they already don't know how it looks like. Or they are people who want to upgrade to a newer version, in which case all the malicious software has to do is to tell them "it's a new version where UI was changed!".

Besides it is trivial to look at the UI and create something that looks similar.

This is how decentralized works on open-source coding, you can even follow the developer's progress which means the code itself can be checked by anyone who wanted to know the progress.  So there is more advantage to open-source than the close source wallet.  The reliability, security, and decentralization were open-source.

However, closed-source reduced the increase of imitators wallet or exchange but this isn't a problem if you know how to verify the legitimate one.

A closed-source wallet does more harm than good on many levels. Being a free and open source wallet invites those who can comprehend the code and the ones who are interested in the wallet itself, to collectively monitor how the codebase behaves. It gives them more eyes, rather than a fixated number of people that work on the closed source wallet, whose solely controlled by a centralized entity. It gives complete freedom to the users, in which it does not make sense if the underlying system(Bitcoin) itself is free and open-sourced.

And I bet a closed source wallet adds an unnecessary burden of a closed system where it is also designed for surveillance/tracking in mind. How can we be sure that the wallet key generation process is secure? What we do within the application isn't being tracked identifiably? or simply we just don't want the generated address being "processed" as what Trust Wallet does[1].

If we take an example of the recent aftermath of closed source Slope Wallet hacks, it is not so conceivable. It seems closed source wallets add their own unnecessary complexities and even the true root causes of the vulnerability can't be conclusively identified, after conducting an audit with 2 security firms.

[1] https://trustwallet.com/privacy-policy

That's a fallacy.

Closed-source software is nowhere close to better than reputable open-source software in terms of security. Being open-source doesn't mean more vulnerable than closed-source. Most attacks, from dynamic which work as a black-box (push inputs, observe outputs) to static which use pattern matches against binaries require no source code. Even if source code is necessary for an attacker, they can use disassemblers to reverse engineer part of the source code they want.

All in all, even if the entire source code is required, and the attacker can't reverse engineer the entire thing, revealing the source code, if reputable, can attract more defenders than attackers. If the software is not open-source, there can't be defenders. Only the centralized entity of developers that are responsible for it.

So, if somebody ever tells you this:

You should respond them that if they rely on closed-sourceness for their security, they are benighted. And that's before we even mention that I'm not indulged to trust a random developer's coding skills and intentions.

It might make things harder on scammers, but if they're determined enough that's just a small obstacle.  Many malicious wallets aren't even that sophisticated, and in large part they don't need to be.  In some cases they only need to look like the original, and obviously the code is going to differ somewhat for the scam to occur.

On the other hand, of course, is the trust issue:  How do we know that a rogue employee doesn't imbed some malicious code into Binance's wallet?  Without being open-source, verifiable, and reproduceable by the general public something like that may months before it's caught.

Open source is especially critical in the crypto world, where we are expected to operate without the need to trust anyone.

Exactly, and they could even turn out to be very shady like Safepal hardware wallet that is closed source but they still used bunch of open source code and they breached original license they used.
Both of this wallets (safepal and trust wallet) are supported by binance exchange, so you can understand why I don't trust both of them with their lame excuses.
I am sure they didn't built anything from scratch, they cloned and forked other code, made few changes and than made it closed source so they could hide all the bugs in code from public.

There should be nothing (serious).to target if everything is stored on the user's device locally. If I remember correctly, they were afraid people would create similar copies of the wallet (same design) and add malicious code to it...which by the way, is something that scammers still do.

We all appreciate open source wallets, they are the best around but have we ever thought that being closed source is security? If Binance Trust wallet could be a closed source maybe they did this because they don't want malicious people to find out how they run things which could make their wallet become a target?

If you can't see how things are running (coding) wouldn't that make it harder to attack such code or network?

open source says > see this is how we run things, we are transparent and we have nothing to hide

Closed source says > we don't want you to see how we run the codes, you can target us or something