Slashdot Mirror

← Back to Stories (view on slashdot.org)

All Bitcoin Wallets On Android Vulnerable To Theft

Posted by samzenpus on from the protect-ya-neck dept.

judgecorp writes "Bitcoin users have been warned that storing them in a wallet app on Android is insecure, A weakness in Android's random number generator means its random numbers may not be so random, giving attackers a chance of breaking into the wallet. those with Bitcoins have been advised to put them elsewhere, by bitcoin.org"

3 of 137 comments (clear)

  1. How can an OS have such a fundamental problem? by Karganeth · · Score: 5, Interesting

    It's ridiculous in this day and age that an OS can fail to make random numbers properly. That's one of the most basic operations. How lazy/incompetent are the Google programmers?

    1. Re:How can an OS have such a fundamental problem? by Anonymous Coward · · Score: 2, Interesting

      Question: would it be correct or incorrect to...

      suppose you take your best pseudo-random generated number, and xoror seed it with a word made by stringer together the second-lowest bit each from the temperature gauge, the gps-x the gps-y ,the compass, the ping time, and so on?

      Would that #increase# or #decrease# the entropy on the random number generator?

      It would increase it only if you aren't showing a temp of 32F and a GPS of 00N/00W heading of 0, and a ping of 0 and so on. Seeding from things that arent *surely* good and random is not a smart idea. Why didn't you mention the accelerometers? A program with a little sense to turn on the accels, ask you to shake the phone up a bit, and validate that the results aren't all the same should yield enough to do a good unpredictable RNG seed.

  2. Re:Random numbers on a mobile device by c · · Score: 4, Interesting

    Shouldn't the RNG tap into the device's accelerometer?

    The Linux kernel has has the ability to push device input into the random number entropy pool for a long time (/dev/random and /dev/urandom). If the device drivers aren't pumping accelerometer events into the pool, someone really missed an opportunity.

    In this case, it sounds like something went wrong with the Java/Dalvik random number generator. It's not clear to me from glancing at the various write-ups whether it's a failure to RTFM on the part of the Bitcoin wallet writers (or maybe whoever wrote a common Bitcoin reference implementation) or if there's something broken in the Android implementation of the RNG class.

    --
    Log in or piss off.