TheRomMistress · Aug 12, 2013 at 07:00 am

Security Vulnerability in Android Creates Bitcoin Fraud Threat

Despite previous claims by Bitcoin developers that its open-source wallet application provides “a strong level of protection against many types of fraud,” developers announced Sunday that weaknesses within the Android operating system are responsible for rendering all Android wallets generated to date vulnerable to theft.

The issue lies within the area of the OS that should be generating secure and random key codes, which is why the problem only affects wallets generated by Android applications.

Some applications affected include Bitcoin Walletblockchain.info walletBitcoinSpinner, and Mycelium Wallet. Front-end applications such as Coinbase or MtGox are not vulnerable since private keys are not generated on the Android device.

Updates are still being prepared for clockchain.info and BitcoinSpinner. The update for Bitcoin Wallet is currently under beta testing, and Mycelium Wallet has already received an update. It is strongly recommended to update as soon as a new version is available. In the meantime, key rotation is necessary, according to the Bitcoin developers in their Aug. 11 blog post. “This involves generating a new address with a repaired random number generator and then sending all the money in your wallet back to yourself…Once your wallet is rotated, you will need to contact anyone who has stored addresses generated by your phone and give them a new one.”

The discovery just so happened to coincide with a ruling made by Magistrate Judge Amos Maazant of the Eastern District of Texas federal court that the online payment form be thought of as a true currency. The ruling sets a precedence that anyone committing fraud with the “online crypto-currency” could be looking at more severe penalties. Jon Matonis, executive director of the Bitcoin Foundation, predicted that the International Standards Organization may eventually classify the currency as a “non-national” commodity, which does not need to be issued or backed by any government. Matonis said the ruling “highlights the fact that Bitcoin is becoming recognized as commodity money in the same way that gold and silver are recognized as money.”


_________
Want something on the XDA Portal? Send us a tip!

TheRomMistress

TheRomMistress is an editor on XDA-Developers, the largest community for Android users. View TheRomMistress's posts and articles here.
Mario Tomás Serrafero · May 25, 2015 at 02:00 pm · 2 comments

XDA Office Space: Frankenstein’s Perfect IM Client?

The portal’s decentralized XDA office lies in a Hangouts chatroom, where we discuss the latest developments that hit the blogosphere, critique them and figure out what we can do to add a new or original point of view. We came to love this little virtual office, which sees messaging 24/7 due to the international nature of our team. The main problem that we have faced since early on is that Hangouts is not versatile enough for in-depth discussion.   What...

XDA NEWS
Emil Kako · May 25, 2015 at 12:32 pm · 4 comments

Which IM Client on Android is best?

With so many different messengers to choose from, it can be tough to find the best one for you and your friends to use. Hangouts, Whatsapp, Telegram and more are all battling it out for the number one spot. Let us know which IM client you think is best on Android and why.

DISCUSS
Jimmy McGee · May 25, 2015 at 12:00 pm · 2 comments

Android Factory Reset Security Flaw and More – XDA TV

Nvidia is releasing a 500Gb SHIELD TV Pro! That and much more news is covered by Jordan when he reviews all the important stories from this weekend. Included in this weekend's news is the announcement of an Android factory reset security flaw and be sure to check out the article talking about the Nexus Player getting TWRP. That's not all that's covered in today's video! Jordan covered the LG G4 First Impressions and Unboxing video from TK released this weekend...

XDA NEWS
Share This