joshua/dash-docs
1
0
Fork 0
mirror of https://github.com/seigler/dash-docs synced 2025-07-27 09:46:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add Android team blog post about SecureRandom

Browse source
This commit is contained in:
Saivann 2013-08-16 13:19:19 -04:00
parent 379cd59ea9
commit 160f8d0ab4
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
_alerts/2013-08-11-android.html
View file

@ -7,7 +7,7 @@ banner: ""
<h2>What happened</h2> <h2>What happened</h2>
<p>We recently learned that a component of Android responsible for generating secure random numbers contains critical weaknesses, that render all Android wallets generated to date vulnerable to theft. Because the problem lies with Android itself, this problem will affect you if you have a wallet generated by any Android app. An incomplete list would be <a href="https://play.google.com/store/apps/details?id=de.schildbach.wallet">Bitcoin Wallet</a>, <a href="https://play.google.com/store/apps/details?id=piuk.blockchain.android">blockchain.info</a> wallet, <a href="https://play.google.com/store/apps/details?id=com.miracleas.bitcoin_spinner">BitcoinSpinner</a> and <a href="https://play.google.com/store/apps/details?id=com.mycelium.wallet">Mycelium Wallet</a>. Apps where you don't control the private keys at all are not affected. For example, exchange frontends like the Coinbase or Mt Gox apps are not impacted by this issue because the private keys are not generated on your Android phone.</p> <p>We recently learned that a component of Android responsible for generating secure random numbers contains <a href="http://android-developers.blogspot.com.au/2013/08/some-securerandom-thoughts.html">critical weaknesses</a>, that render all Android wallets generated to date vulnerable to theft. Because the problem lies with Android itself, this problem will affect you if you have a wallet generated by any Android app. An incomplete list would be <a href="https://play.google.com/store/apps/details?id=de.schildbach.wallet">Bitcoin Wallet</a>, <a href="https://play.google.com/store/apps/details?id=piuk.blockchain.android">blockchain.info</a> wallet, <a href="https://play.google.com/store/apps/details?id=com.miracleas.bitcoin_spinner">BitcoinSpinner</a> and <a href="https://play.google.com/store/apps/details?id=com.mycelium.wallet">Mycelium Wallet</a>. Apps where you don't control the private keys at all are not affected. For example, exchange frontends like the Coinbase or Mt Gox apps are not impacted by this issue because the private keys are not generated on your Android phone.</p>
<h2>What has been done</h2> <h2>What has been done</h2>