You Can't Be Too Careful Over Private Keys, Can You?

BlackBoss_

sr. member

Activity: 602

Merit: 387

Rollbit is for you. Take $RLB token!

Quote from: hosseinimr93 on July 31, 2024, 04:29:56 PM

I didn't know anything about OWNR wallet either. I just searched about it and found this article on their official website. The article says that the wallet is close source and the funny thing is that they somehow say that being close-source is better.

Trustwallet, OWNR and any other close-source wallet should be avoided.

This website https://walletscrutiny.com/ is helpful to check summary reviews on Bitcoin and cryptocurrency wallets like is a wallet open-source (reproducible) or not.

Some queries for checking Trust wallet and OWNR wallet.
https://walletscrutiny.com/?platform=allPlatforms&page=0&query-string=Trust
https://walletscrutiny.com/?platform=allPlatforms&page=0&query-string=OWNR

A quick view can give No Source information for both Trust wallet and OWNR wallet.

Adbitco

hero member

Activity: 1428

Merit: 653

Leading Crypto Sports Betting & Casino Platform

Quote from: SFR10 on July 31, 2024, 01:19:57 PM

Quote from: Adbitco on July 28, 2024, 11:14:28 AM

There should be a better way of choosing a staff maybe they should have a complains form to fill if they violate any of these rules either by stealing funds or revealing someone else information they should pay for it.

Even if such a form existed, I highly doubt a potential staff member with a track record as a rogue employee would fill this kind of form ^{[it'd jeopardize their chances of getting the job]}!

Yeah but even as that there should be a better way, most times we can say trust and record can be broken or we don't know what they are suffering at there end to tarnished there trust which people had on them. For instance this doesn't happen immediately they go employed but after years they should up their devil in them so at this point there should be something to bind there employment with this there could be some what a lasting trust.

Z-tight

hero member

Activity: 994

Merit: 1089

Quote from: hosseinimr93 on July 31, 2024, 04:29:56 PM

The article says that the wallet is close source and the funny thing is that they somehow say that being close-source is better.

Thank you for sharing, but i don't know why i cannot access the article, maybe it is a problem from my end though. However, i am certain the person who wrote that article knows that they are lying about a closed source wallet being better than one that is open source, and that is another reason not to use this wallet, because it is one that tries to deceive their customers who don't have so much knowledge about crypto wallets.

PrivacyG

hero member

Activity: 882

Merit: 1873

Crypto Swap Exchange

Put the Private Keys in the hand of the most respectable and well known man for being honest. Make them all sign an NDA. Promise harsh punishments for those who steer away from the morality they signed up for. And still, Custodial Wallets are nothing but a head ache we do not deserve.

It is all that easy and simple. If you ever use a Custodial Wallet, EMPTY IT OUT AS SOON AS POSSIBLE. But the smartest and best idea still remains NOT using a Custodial Wallet at all. Is comfort really this tempting that these guys choose it over the Security of their own Money? I find it so mind bubbling. Secure your own Money, it is easy to do it.

And who did we really think were handling these Private Keys anyway? People, and people are often vulnerable to a lot of things. Including to becoming vile all of a sudden.

hosseinimr93

legendary

Activity: 2380

Merit: 5213

Quote from: Z-tight on July 31, 2024, 03:50:23 PM

You have just mentioned two wallets that i would not recommend, Trust wallet is closed source, and i don't know much about OWNR wallet, neither have i read reputable members recommend it in it

I didn't know anything about OWNR wallet either. I just searched about it and found this article on their official website. The article says that the wallet is close source and the funny thing is that they somehow say that being close-source is better.

Trustwallet, OWNR and any other close-source wallet should be avoided.

Z-tight

hero member

Activity: 994

Merit: 1089

Quote from: ektotanes on July 30, 2024, 05:22:15 AM

I'm always concerned about the security of my crypto. I believe that it's best to use well-established non-custodial wallets, such as OWNR or Trust Wallet. We will never be completely safe from hacking and other cyber threats, but we can make sure we've done everything we can to protect ourselves.

You have just mentioned two wallets that i would not recommend, Trust wallet is closed source, and i don't know much about OWNR wallet, neither have i read reputable members recommend it in it forum. Doing everything you can do to protect your funds starts by using a well reviewed open source wallet and running it in an airgapped wallet that will never be connected to the internet, as anything online is always prone to hacking.

albon

legendary

Activity: 1862

Merit: 1518

Quote from: Frankolala on July 28, 2024, 09:48:54 AM

I wouldn't say that this is hacking or that the owners of those wallet was careless with their private keys. It was an intentional act by Zhank because he wanted to steal their funds that was why he made a back door to have access to people's private keys.

This is why open source wallets are the best wallets for storing bitcoin because it is open for all to look into the source code and improve the security. It is only a closed source wallet that a back door can be created unknown to the users. An open source wallet can not be compromised only if you expose your private keys or malware and Spyware attack your system unknown to you, because there is no back door.

They were mistaken in trusting the use of the Houbi wallet or any wallet managed by centralized authorities. Indeed, since the wallet was a closed source, this is what made the unethical employees succeed in this heinous fraud by placing the backdoor in it, which gave them unauthorized access to its users' seed phrases and private keys. I agree with you that with open-source wallets, security vulnerabilities can be examined, discovered, and fixed, and they receive continuous updates; the mistake that may expose the user of these wallets to hacking is downloading fake wallets from unknown sources.

The fact that they have now closed this wallet and launched iToken might be better. Still, I personally only trust well-known, open-source Bitcoin wallets recognized by the crypto community, avoiding any other untrusted wallets.

SFR10

legendary

Activity: 2968

Merit: 3406

Crypto Swap Exchange

Quote from: Adbitco on July 28, 2024, 11:14:28 AM

There should be a better way of choosing a staff maybe they should have a complains form to fill if they violate any of these rules either by stealing funds or revealing someone else information they should pay for it.

Even if such a form existed, I highly doubt a potential staff member with a track record as a rogue employee would fill this kind of form ^{[it'd jeopardize their chances of getting the job]}!

Quote from: nakamura12 on July 28, 2024, 02:36:30 PM

Checking the wallet you are using is what makes your assets safe and there will be no loophole if it's open source.

You have a point, but just because certain software is open-source, it doesn't mean it can't suffer from zero-day vulnerabilities and exploits.

Quote from: ContentWriter on July 28, 2024, 09:15:10 AM

Done.

For some reason, it's not working on my side.

SickDayIn

member

Activity: 210

Merit: 31

3 years prison and a fine of 30,000 RMB (converted to $4,200 USD), is a small price to pay to access that many private keys. Seems they actually got a deal.

ektotanes

jr. member

Activity: 61

Merit: 6

I'm always concerned about the security of my crypto. I believe that it's best to use well-established non-custodial wallets, such as OWNR or Trust Wallet. We will never be completely safe from hacking and other cyber threats, but we can make sure we've done everything we can to protect ourselves.

SquirrelJulietGarden

hero member

Activity: 1442

Merit: 775

Quote from: Hyphen(-) on July 29, 2024, 10:50:26 AM

Sometimes, this problem can come from downloading fake wallets; scammers have already created a clone wallet that looks exactly like the original wallets with just a few unnoticeable things that not everyone will understand, and they will gain access to your private key once you input it in the wallet.
While trying to invest, make sure you use a reputable wallet, and be sure you downloaded the wallet from their official website.

The key is download Bitcoin wallet softwares from official websites. It is a first step but not enough.

A next step is very important, verify what you download, and when it is confirmed as a legit one, you can start use it for storing your bitcoin.

The next step is creating your wallet properly like write down mnemonic seed for back up, test your back up as if you write down mnemonic seed words inaccurately, you can not use it for wallet recovery later.

How to back up a seed phrase

Hyphen(-)

hero member

Activity: 994

Merit: 744

Quote from: ContentWriter on July 28, 2024, 09:15:10 AM

It doesn't look as if those wallets had issues. What I'm beginning to see is that there's always a loophole only if the hacker looks closely enough or if the owner is careless enough.

It is a wallet issue because I don't think I have heard of similar cases in any reputable wallets like Electrum, Bluewallet, and other open source wallets.

Sometimes, this problem can come from downloading fake wallets; scammers have already created a clone wallet that looks exactly like the original wallets with just a few unnoticeable things that not everyone will understand, and they will gain access to your private key once you input it in the wallet.
While trying to invest, make sure you use a reputable wallet, and be sure you downloaded the wallet from their official website.

FatFork

legendary

Activity: 1624

Merit: 2594

Top Crypto Casino

Quote from: Faisal2202 on July 29, 2024, 07:34:47 AM

And now after reading the article, I can say again, if you don't own the keys, then you don't own the crypto.

It doesn't help to have your own keys if someone else has access to them too. Did you read the article? This isn't a case of custodial versus non-custodial wallets. The issue is about security breaches and compromised private keys through backdoors created by rogue employees. Even with your own keys, if they're compromised, your crypto is at risk.

Faisal2202

hero member

Activity: 1386

Merit: 513

Payment Gateway Allows Recurring Payments

Wow, authorities are saying on-chain data helped them a lot in catching these bad actors. I thought the government never appreciated crypto technologies. I guess I was wrong hehe. Speaking of private keys, I was always skeptical about Houbi products when the last time the community found a phishing link on their sites and the team was unaware of it. Some members from this forum reported that issue to the team and they said we would look into it.

And now after reading the article, I can say again, if you don't own the keys, then you don't own the crypto. Always prefer dexs although people are using CEXs all the time so if they want to, then I prefer to use a good one like OKX, Binance, ByBit, etc. These are doing good at the moment Robinhood and Bitstamp are also good

hosseinimr93

legendary

Activity: 2380

Merit: 5213

Quote from: ranochigo on July 28, 2024, 09:43:40 PM

That is the problem with custodial wallets, they are the check and the balance with their own codes and internal processes.

You are right about custodial wallets and how insecure they can be, but huobi wallet (now known as itoken wallet) is a non-custodial wallet and gives users access to their private keys.
The problem with huobi wallet is that it's close-source and there was a backdoor which made some of their employees gain access to users private keys.

Dr.Bitcoin_Strange

hero member

Activity: 770

Merit: 538

Leading Crypto Sports Betting & Casino Platform

Well, the possibility of your private key leaking depends on you and the kind of wallet you are using. When choosing a Bitcoin wallet to use, it has to be a reputable and open-source wallet. Also, I think that a crypto enthusiast should understand the need to have a cold wallet and a hot wallet because if you have your wallet in your device (like a phone or laptop) and you are always using those devices to browse the internet, chances that you might get attacked are there, so for you to prevent such, you need to have a cold wallet that doesn't go online all the time. You can get a hardware wallet to be safer. Keep your private keys offline and in a safer place, and then you will not be compromised.

Sebas.tian

full member

Activity: 2184

Merit: 184

Hire Bitcointalk Camp. Manager @ r7promotions.com

It depend the kind of wallet you are using to hold your coins, because there are some wallet you will use to store your coins for long term other people can have access to your coins without your permission, which you need to make use of safe and solid wallet to store your coins. I make use of electrum wallet to store my Bitcoin and all my seeds phrase are been written down and kept in a secret place which only me can have access to it for now, and it will be difficult for scammers or friends to have access to my Bitcoin wallet, because I know electrum wallet is among the best Wallet to hold Bitcoin for long term. If you look at the incident very well, you will discovered that the Wallet they use to stored the coins are not a safe wallet, because there are many cases like that for Court to help some people to get their coins back from scammers because the evidence was very clear, that his friends or relative stole the coins from him.

Apocollapse

hero member

Activity: 1148

Merit: 796

Although it's happened to iToken wallet, but this should be a warning for people who're use blockchain wallet, Trust wallet, Atomic wallet, Exodus wallet, and any other closed source wallets.

If you want to invest in Bitcoin only, use Electrum or Blue wallet.

If you looking for multi crypto wallet, use Unstoppable wallet.

ChiBitCTy

legendary

Activity: 2282

Merit: 3014

After having gone through some serious shit myself thanks to the fckn scumbags at AT&T who don't believe in investing in proper security to keep their clients data safe, I've come to realize that security and privacy are not something to get lazy about what damn bit. I'm operating in a way I never have and still have a long way to go. Personally I'm buying new computers for single use task..one for this, one for that, etc.

It's crazy but hacking hasn't /malware/spyware etc has gotten so much more advanced and in an extremely quick fashion..gotta keep up! So yes, you really can't be too careful.

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

That is the problem with custodial wallets, they are the check and the balance with their own codes and internal processes. Overly lax or colluding employees can always insert backdoors into any of their software and collect malicious data. There is simply nothing that our consumers can do if we choose to use a custodial wallet.

Quote from: FatFork on July 28, 2024, 09:27:45 AM

Not always. This is exactly one of the main reasons why we prefer open source wallet solutions. While no system is completely immune, open source allows for extensive scrutiny by the community, making it harder for vulnerabilities or exploits to hide.

If anything xz backdoor has taught us not to just trust open source projects blindly. Just because it is open source, doesn't mean someone is vetting the program and software for you. Wallets like Bitcoin Core are signed and vetted by multiple people which reduces the chances of this happening.

Topic: You Can't Be Too Careful Over Private Keys, Can You? (Read 358 times)