Bitcoin Forum
November 11, 2024, 08:00:56 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: How can we address wallet security on mobile devices?  (Read 585 times)
Cypherpunk38 (OP)
Newbie
*
Offline Offline

Activity: 40
Merit: 0



View Profile
August 08, 2015, 05:11:49 PM
 #1

There's no doubt about it, people want to use Bitcoin on their mobile devices and, in such a connected world, there's no particular reason that mobile woudn't be the next frontier for Bitcoin. But mobile security is a pretty scary place.  So my question is pretty simple:

In your opinion, what is the safest way to run a Bitcoin wallet on a mobile device? I don't mean a watch-only wallet, I mean a fully functional wallet.  Let's assume for this discussion that "don't" and "convince the OS makers to make security better" aren't valid answers since those don't address the need right now.
BitcoinNewsMagazine
Legendary
*
Offline Offline

Activity: 1806
Merit: 1164



View Profile WWW
August 08, 2015, 05:16:14 PM
 #2

There's no doubt about it, people want to use Bitcoin on their mobile devices and, in such a connected world, there's no particular reason that mobile woudn't be the next frontier for Bitcoin. But mobile security is a pretty scary place.  So my question is pretty simple:

In your opinion, what is the safest way to run a Bitcoin wallet on a mobile device? I don't mean a watch-only wallet, I mean a fully functional wallet.  Let's assume for this discussion that "don't" and "convince the OS makers to make security better" aren't valid answers since those don't address the need right now.

Most folks are not concerned about security until they have a problem. The safest but still convenient way to use bitcoin on Android are Mycelium wallet using Trezor to hold your private keys. Yes, you have to sign each payment with the Trezor but it is not that much trouble.

Cypherpunk38 (OP)
Newbie
*
Offline Offline

Activity: 40
Merit: 0



View Profile
August 08, 2015, 05:24:34 PM
 #3

There's no doubt about it, people want to use Bitcoin on their mobile devices and, in such a connected world, there's no particular reason that mobile woudn't be the next frontier for Bitcoin. But mobile security is a pretty scary place.  So my question is pretty simple:

In your opinion, what is the safest way to run a Bitcoin wallet on a mobile device? I don't mean a watch-only wallet, I mean a fully functional wallet.  Let's assume for this discussion that "don't" and "convince the OS makers to make security better" aren't valid answers since those don't address the need right now.

Most folks are not concerned about security until they have a problem. The safest but still convenient way to use bitcoin on Android are Mycelium wallet using Trezor to hold your private keys. Yes, you have to sign each payment with the Trezor but it is not that much trouble.

I totally agree but this doesn't seem possible for the cheaper devices since some of them don't support USB2GO. For example, a friend of mine has a rooted Galaxy Tab 3 and, while the firmware supports USB2GO, the hardware apparantly doesn't. It's absolutely the most secure but is it really feasible to ask people to either buy fairly more expensive tablets plus a Trezor just to store some Bitcoin? I suppose the answer to that depends on how many Bitcoin we're talking about, but it just seems like a bit much.
unamis76
Legendary
*
Offline Offline

Activity: 1512
Merit: 1012


View Profile
August 08, 2015, 05:32:03 PM
 #4

You can use iOS, as it is a walled garden, as people say, and it is secure enough for small quantities. You can also use an unrooted Android... same thing, secure enough for small quantities. One can also argue that a rooted Android and an advanced user is a secure combination (something more questionable).

I think current mobile OS's have enough security for mobile wallets. They're made to have just some change, after all. We can address problems by having penetration testing on software releases and continuous support/updates/teams making bug fixes... which we already have.

Don't forget most problems are between the keyboard and the chair, not the keyboard and the monitor Wink
Holliday
Legendary
*
Offline Offline

Activity: 1120
Merit: 1012



View Profile
August 08, 2015, 05:40:06 PM
 #5

Just use Mycelium and treat it like a traditional wallet (don't carry more than you can afford to lose). You can even carry additional funds in the form of a paper wallet that you can import while you are out.

Is phone security really that bad? (I've never had an issue.)

If you aren't the sole controller of your private keys, you don't have any bitcoins.
Mickeyb
Hero Member
*****
Offline Offline

Activity: 798
Merit: 1000

Move On !!!!!!


View Profile
August 08, 2015, 05:42:52 PM
 #6

Well mycelium works great in my opinion. Security wise it is pretty well designed in my opinion as well. I am personally using it with the Trezor and I am feeling pretty secure.

People that don't have Trezor I think can also feel secure. But that's my opinion! Everyone should judge in their opinion and use as they feel the safest.
OROBTC
Legendary
*
Offline Offline

Activity: 2940
Merit: 1864



View Profile
August 08, 2015, 05:45:50 PM
 #7

...

I keep about BTC0.2 in my blockchain wallet on iPhone.  So far I have never "used" it (spent it), other than receiving some BTC from an ATM in NYC (tale told elsewhere), I have not been to any cafes where I could buy anything with BTC.

So, I sent the "more than I could afford" to other wallets and just keep the +/- $50 worth of BTC on my iPhone's wallet.

Almost all the larger balance is on Ledger Nano & Trezor.
Cypherpunk38 (OP)
Newbie
*
Offline Offline

Activity: 40
Merit: 0



View Profile
August 08, 2015, 05:48:51 PM
 #8

You can use iOS, as it is a walled garden, as people say, and it is secure enough for small quantities. You can also use an unrooted Android... same thing, secure enough for small quantities. One can also argue that a rooted Android and an advanced user is a secure combination (something more questionable).

I think current mobile OS's have enough security for mobile wallets. They're made to have just some change, after all. We can address problems by having penetration testing on software releases and continuous support/updates/teams making bug fixes... which we already have.

Don't forget most problems are between the keyboard and the chair, not the keyboard and the monitor Wink

Good points. I guess the ultimate answer really is just don't store large amounts of money on your mobile for long periods of time. Plan your spending and only transfer the amounts you need right now to your mobile wallet. It makes sense plus it has the added benefit of teaching people to plan their purchasing.
unamis76
Legendary
*
Offline Offline

Activity: 1512
Merit: 1012


View Profile
August 08, 2015, 05:52:14 PM
 #9

You can use iOS, as it is a walled garden, as people say, and it is secure enough for small quantities. You can also use an unrooted Android... same thing, secure enough for small quantities. One can also argue that a rooted Android and an advanced user is a secure combination (something more questionable).

I think current mobile OS's have enough security for mobile wallets. They're made to have just some change, after all. We can address problems by having penetration testing on software releases and continuous support/updates/teams making bug fixes... which we already have.

Don't forget most problems are between the keyboard and the chair, not the keyboard and the monitor Wink

Good points. I guess the ultimate answer really is just don't store large amounts of money on your mobile for long periods of time. Plan your spending and only transfer the amounts you need right now to your mobile wallet. It makes sense plus it has the added benefit of teaching people to plan their purchasing.

Exactly! We will always have this issue, on any kind of software, even if it is proven to be really secure... It might not be. Or it might be, and we'll never really know it for sure Smiley
bitbaby
Hero Member
*****
Offline Offline

Activity: 812
Merit: 1000



View Profile WWW
August 09, 2015, 07:36:57 AM
 #10

Just use Mycelium and treat it like a traditional wallet (don't carry more than you can afford to lose). You can even carry additional funds in the form of a paper wallet that you can import while you are out.

Is phone security really that bad? (I've never had an issue.)

This is the safest method and should be applied by everyone not only on their mobile device but to their hot wallet on their PC as well, keep small amount of money their for everyday needs and keep rest of them in a paper wallet and Mycelium is the only mobile wallet afaik which has the option to import private keys which makes it super safe imo.

xhoneyael
Sr. Member
****
Offline Offline

Activity: 462
Merit: 250

www.AntiBitcoinTalk.com


View Profile WWW
August 09, 2015, 09:26:30 AM
 #11

mobile is not secure..
what if your phone break what if app is fake..
there are many option to use .. but to make it sure use a lot of wallet and distribute your bitcoin

LiteCoinGuy
Legendary
*
Offline Offline

Activity: 1148
Merit: 1014


In Satoshi I Trust


View Profile WWW
August 09, 2015, 09:49:25 AM
 #12

the danger is that some people might hold 10k in BTC on their stupid phone  Lips sealed

so we need some stuff like this i guess:

http://insidebitcoins.com/news/bitsim-turns-any-mobile-phone-into-a-bitcoin-wallet/32213

Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!