Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Admits Bitcoin Thieves Exploited Android Crypto PRNG Flaw

Posted by timothy on from the oopsie dept.

rjmarvin writes "The theft of 55 Bitcoins, or about $5,720, through Android wallet apps last week was made possible because of flaws in Android's Java and OpenSSL crypto PRNG, Google revealed in a blog post. In the wake of a Bitcoin security advisory and a Symantec vulnerability report, the Android Developers Blog admitted the reason the thieves were able to pilfer their wallet apps. The flaws are already, or in the process of being repaired."

3 of 183 comments (clear)

  1. Re:Already or in the process of being repaired by gstoddart · · Score: 5, Interesting

    This is what you get for playing with bit coin. When are you going to learn?

    You know, it's not even bitcoin.

    Applications that directly invoke the system-provided OpenSSL PRNG without explicit initialization on Android are also affected

    The entire crypto on the platform is vulnerable from the looks of it.

    So, I would assume if there were other digital wallet type things on Android, they would be subject to the exact same vulnerability.

    --
    Lost at C:>. Found at C.
  2. Better to not trust by m.dillon · · Score: 1, Interesting

    Hence why all my Android and iOS devices run a VPN (using the OpenVPN app which works great on both). Of course, the network at the VPN end-point isn't necessarily more secure, but it will be far more secure than all the networks in-between.

    The real question here is... will Google at LEAST update all the phones and pads under their own control? Motorola and Nexus updates, please!

    -Matt

  3. Java has gotten to obscure by gweihir · · Score: 2, Interesting

    Or rather the Java libraries and their documentation. My guess is that nobody working on this application even noticed that they did seed SecureRandom wrongly. At the same time, making sure this class is always seeded securely (which the spec would allow and would cause negligible overhead) would have been the right thing to do. But after looking at the problem in more detail, I am not so sure anymore this mistake by Google is the root-cause. It is also quite possible that Java programmers in general have stopped caring how classes do things internally, as long as they seem to work. The documentation for the Java crypto API is certainly convoluted and uninformative enough to be rather painful to read and left me wondering what the different methods actually do.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.