Google Admits Bitcoin Thieves Exploited Android Crypto PRNG Flaw 183
rjmarvin writes "The theft of 55 Bitcoins, or about $5,720, through Android wallet apps last week was made possible because of flaws in Android's Java and OpenSSL crypto PRNG, Google revealed in a blog post. In the wake of a Bitcoin security advisory and a Symantec vulnerability report, the Android Developers Blog admitted the reason the thieves were able to pilfer their wallet apps. The flaws are already, or in the process of being repaired."
Re:Already or in the process of being repaired (Score:5, Interesting)
You know, it's not even bitcoin.
The entire crypto on the platform is vulnerable from the looks of it.
So, I would assume if there were other digital wallet type things on Android, they would be subject to the exact same vulnerability.
Better to not trust (Score:2, Interesting)
Hence why all my Android and iOS devices run a VPN (using the OpenVPN app which works great on both). Of course, the network at the VPN end-point isn't necessarily more secure, but it will be far more secure than all the networks in-between.
The real question here is... will Google at LEAST update all the phones and pads under their own control? Motorola and Nexus updates, please!
-Matt
Java has gotten to obscure (Score:3, Interesting)
Or rather the Java libraries and their documentation. My guess is that nobody working on this application even noticed that they did seed SecureRandom wrongly. At the same time, making sure this class is always seeded securely (which the spec would allow and would cause negligible overhead) would have been the right thing to do. But after looking at the problem in more detail, I am not so sure anymore this mistake by Google is the root-cause. It is also quite possible that Java programmers in general have stopped caring how classes do things internally, as long as they seem to work. The documentation for the Java crypto API is certainly convoluted and uninformative enough to be rather painful to read and left me wondering what the different methods actually do.