Topic: *warning* Two current security issues with mobile devices - page 3. (Read 2101 times)
How do these malicious apps get included in the Apple app store? I thought they had higher quality control and that they are more strict in choosing which apps are accepted and which ones are rejected.
This is alarming because i only mobile wallet application. But have not encounter some issues so far. Dont download wallet from not trusted sites or any refferal site. I suggest, you must go to website of the wallet you want to have and dowload it from their website so you are surely safe from fake applications
...
Secondly, some wallets are automatically backing up private keys to the cloud. Keys stored online are potentially a serious security risk. Make sure your apps aren't doing this, or if they have, move your funds to new addresses immediately.
It's generally good practice to only keep small amounts on portable devices in the event of physical loss or theft anyway. Larger sums should be locked away in cold storage, offline, somewhere secure.
Secondly, some wallets are automatically backing up private keys to the cloud. Keys stored online are potentially a serious security risk. Make sure your apps aren't doing this, or if they have, move your funds to new addresses immediately.
It's generally good practice to only keep small amounts on portable devices in the event of physical loss or theft anyway. Larger sums should be locked away in cold storage, offline, somewhere secure.
I didn't know that the private keys are hosted on the cloud for the greenaddress app, I think it is dangerous if their cloud gets hacked so the hacker can spends our bitcoin without getting noticed. I prefer more to store small amounts on mobile if we travel or we need to, but the cold wallet should be offline.
I use mobile wallets exclusively. I assume Mycelium is safe, right? From all I've read about it here, it seems to be at least one of the preferred wallets.
And how about the one by "Bitcoin Wallet developers" for Android. That's one I saw on the app store, and it's one that comes up second when you search for "bitcoin wallet".
And how about the one by "Bitcoin Wallet developers" for Android. That's one I saw on the app store, and it's one that comes up second when you search for "bitcoin wallet".
I think the issue is with Android itself. No one ever seems to give its overall security any thought. They just assume it's fine and press on.
Considering how much lucrative info is on the average phone these days there are going to be ever more attempts to gain nefarious entry into it.
And in this particular case the second problem is a 'feature' of the OS and it's exposing your data to google. I can't imagine their security is anything other than exemplary but you never know.
I use mobile wallets exclusively. I assume Mycelium is safe, right? From all I've read about it here, it seems to be at least one of the preferred wallets.
And how about the one by "Bitcoin Wallet developers" for Android. That's one I saw on the app store, and it's one that comes up second when you search for "bitcoin wallet".
And how about the one by "Bitcoin Wallet developers" for Android. That's one I saw on the app store, and it's one that comes up second when you search for "bitcoin wallet".
Nobody should keep bigger amounts of Bitcoin on devices connected to the Internet. This holds true for PC's but even more for mobile phones, since the wallet software available for these devices is less secure (i.e. not fully validating, new apps).
It should be best practice to store all funds that are not used for daily purchases entirely offline - for example by using paper wallets. Mobile Bitcoin wallets should be used like ordinary hard cash wallets: The amount stored in them should be so small that it can be afforded to be lost.
It's sad that many users are not paying enough attention to security when using Bitcoin. In contrast to money stored at banks, Bitcoins have no insurance against theft. So it's entirely up to the owner to ensure they are not stolen.
ya.ya.yo!
It should be best practice to store all funds that are not used for daily purchases entirely offline - for example by using paper wallets. Mobile Bitcoin wallets should be used like ordinary hard cash wallets: The amount stored in them should be so small that it can be afforded to be lost.
It's sad that many users are not paying enough attention to security when using Bitcoin. In contrast to money stored at banks, Bitcoins have no insurance against theft. So it's entirely up to the owner to ensure they are not stolen.
ya.ya.yo!
I'm guilty of sometimes leaving respectable amounts on mobile devices. For some reason I don't think of them as anywhere near as howlingly insecure as a PC is, yet I'm sure there are plenty of issues that I'm blithely unaware of. Must use more paper.
Or just don't use mobile wallets entirely. Has worked for years so far with no problem and also utilizing cold storage.
just don't put too much moneh there and everything should be fine, mobile wallets are ez 2 use and available everywhere
Op said "Larger sums should be locked away in cold storage, offline, somewhere secure."
I don't use a mobile wallet. I barely use a mobile. But if I did, this post is clear info I would like to see.
Thanks OP.
Or just don't use mobile wallets entirely. Has worked for years so far with no problem and also utilizing cold storage.
just don't put too much moneh there and everything should be fine, mobile wallets are ez 2 use and available everywhere
Or just don't use mobile wallets entirely. Has worked for years so far with no problem and also utilizing cold storage.
Thanks for warning other people not that I hold any big amounts on mine phone. Anyway the malicious app is already removed from the AppStore can't find it anymore.
Those are good warnings. I am very nervous about mobile "anything" for absolute security. I know it isn't necessary, but I prefer to setup a Trezor on a laptop first. Then you use it with a mobile (e.g. MyCelium), however the mobile software never sees the private keys so it couldn't put them in the cloud if it wanted to. Frankly, I personally don't do this, but I helped setup this configuration for a buddy. His transactions are very small but its simple and safe this way.
Just to make everyone aware, there are a few security risks presently affecting mobile devices that require people to be vigilant.
Firstly, there are still fake, malicious wallets circulating on the App Store, always make sure you use download links from a reputable source.
Secondly, some wallets are automatically backing up private keys to the cloud. Keys stored online are potentially a serious security risk. Make sure your apps aren't doing this, or if they have, move your funds to new addresses immediately.
It's generally good practice to only keep small amounts on portable devices in the event of physical loss or theft anyway. Larger sums should be locked away in cold storage, offline, somewhere secure.
Firstly, there are still fake, malicious wallets circulating on the App Store, always make sure you use download links from a reputable source.
Secondly, some wallets are automatically backing up private keys to the cloud. Keys stored online are potentially a serious security risk. Make sure your apps aren't doing this, or if they have, move your funds to new addresses immediately.
It's generally good practice to only keep small amounts on portable devices in the event of physical loss or theft anyway. Larger sums should be locked away in cold storage, offline, somewhere secure.
Jump to: