66 Percent of Popular Android Cryptocurrency Apps Don't Use Encryption (vice.com)

← Back to Stories (view on slashdot.org)

66 Percent of Popular Android Cryptocurrency Apps Don't Use Encryption (vice.com)

Posted by msmash on Wednesday November 29, 2017 @04:11AM from the keep-an-eye dept.

An anonymous reader shares a report: High-Tech Bridge used its free mobile app analysis software, called Mobile X-Ray, to peek under the hood of the top 30 cryptocurrency apps in the Google Play store at three different popularity levels: apps with up to 100,000 downloads, up to 500,000 downloads, and apps with more than 500,000 downloads. So, a total of 90 apps altogether. Of the most popular apps, 94 percent used outdated encryption, 66 percent didn't use HTTPS to encrypt user information in transit, 44 percent used hard-coded default passwords (stored in plain text in the code), and overall 94 percent of the most popular apps were found to have "at least three medium-risk vulnerabilities."

11 of 32 comments (clear)

Min score:

Reason:

Sort:

Oh great by DontBeAMoran · 2017-11-29 04:13 · Score: 2

Here comes the wave of free software designed to keep you busy while it tries to steal your wallet key in the background.

--
#DeleteFacebook
1. Re:Oh great by fisted · 2017-11-29 04:43 · Score: 2, Insightful
  
  Can we please avoid cryptocurrencies being shortened to just "crypto" in the mainstream? Pretty please?
  
  --
  CLI paste? paste.pr0.tips!
2. Re:Oh great by fisted · 2017-11-29 22:19 · Score: 1
  
  You're sadly mistaken, or time traveling.
  
  --
  CLI paste? paste.pr0.tips!
Re:BTC... yeah, I'll pass. by Baron_Yam · 2017-11-29 04:46 · Score: 1

>Until bitcoin starts offering free miles, or rewards points, or cash back or something like that
Or perhaps the ability to, you know, use it in common financial exchange scenarios?
> I can't fathom why anyone would use it.
The rapid increase in reported value on the exchanges, a few success stories, and greed outweighing common sense.
Article is largely useless by alchemistcook · 2017-11-29 05:03 · Score: 1

Names not one single name.
Re:BTC... yeah, I'll pass. by slazzy · 2017-11-29 05:11 · Score: 1

There are a few legal, important uses. Although the current price increases are making it less usable as a currency.

--
Website Just Down For Me? Find out
What is by fredrated · 2017-11-29 06:44 · Score: 1

a cryptocurrency app?
1. Re:What is by FFOMelchior · 2017-11-29 07:00 · Score: 1
  
  An app that both synergies with the fog computing ecosystem to leverage AI deep-learning and pivot the IOT into a user-managed scalable silo paradigm.
2. Re:What is by fredrated · 2017-11-29 11:30 · Score: 1
  
  Sounds like a must-have!
Re:BTC... yeah, I'll pass. by reanjr · 2017-11-29 06:55 · Score: 1

The IRS is not helping. Tracking capital gains when you purchase a stick of gum is insane.
Re:Here is a sad truth about modern software ... by ctilsie242 · 2017-11-29 07:07 · Score: 1

I think you hit the nail on the head. There are very few apps that have been maintained over the years. Most games, like the good tower defense ones (before IAP destroyed the gaming genre) likely won't work on new machines (especially on iOS 11 where none of the older, 32 bit stuff will work.)
For the most part, app developers don't give a flying fuck about security. They want to get their product stuffed into iTunes Connect or Google Play as soon as possible, security be damned. Plus, if their product craters and people lose all their cryptocurrency, it won't be the app company who will be responsible.
Good wallet programs are almost impossible to find.