Bitcoin Forum
November 10, 2024, 10:37:46 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Will jailbreaking iPhone compromise Bitcoin security? (Gox, Coinbase, etc...)  (Read 1252 times)
medialab101 (OP)
Hero Member
*****
Offline Offline

Activity: 583
Merit: 500


View Profile
December 26, 2013, 12:00:19 PM
 #1


Hi,

I generally use 2fa with Google Authenticator or SMS but I've become concerned that jailbreaking my iPhone and/ or iPad might cause a weak link in security. Any thoughts?
Kenshin
Sr. Member
****
Offline Offline

Activity: 280
Merit: 250


View Profile
December 26, 2013, 12:14:02 PM
 #2


Hi,

I generally use 2fa with Google Authenticator or SMS but I've become concerned that jailbreaking my iPhone and/ or iPad might cause a weak link in security. Any thoughts?

No, jailbreaking or rooting your phone doesn't make it less secure. In fact, you have more control of the security of your phone. Because everything it need to use privilege access. You have to let it or deny it. When it is not jailbreaked or rooted, you don't have this choice. Your phone just let it run without your knowledge.
medialab101 (OP)
Hero Member
*****
Offline Offline

Activity: 583
Merit: 500


View Profile
December 26, 2013, 12:20:13 PM
 #3


Hi,

I generally use 2fa with Google Authenticator or SMS but I've become concerned that jailbreaking my iPhone and/ or iPad might cause a weak link in security. Any thoughts?

No, jailbreaking or rooting your phone doesn't make it less secure. In fact, you have more control of the security of your phone. Because everything it need to use privilege access. You have to let it or deny it. When it is not jailbreaked or rooted, you don't have this choice. Your phone just let it run without your knowledge.



Just wondering because I heard that there were some dubious code in the recent jailbreak and I also heard about a guy who had his BTC-e account hacked the day after he jailbroke his phone. Makes me a little paranoid.
Kenshin
Sr. Member
****
Offline Offline

Activity: 280
Merit: 250


View Profile
December 26, 2013, 05:18:08 PM
 #4


Hi,

I generally use 2fa with Google Authenticator or SMS but I've become concerned that jailbreaking my iPhone and/ or iPad might cause a weak link in security. Any thoughts?

No, jailbreaking or rooting your phone doesn't make it less secure. In fact, you have more control of the security of your phone. Because everything it need to use privilege access. You have to let it or deny it. When it is not jailbreaked or rooted, you don't have this choice. Your phone just let it run without your knowledge.



Just wondering because I heard that there were some dubious code in the recent jailbreak and I also heard about a guy who had his BTC-e account hacked the day after he jailbroke his phone. Makes me a little paranoid.

I think that story about a guy who got hacked the day after jailbreak his phone, are not because his phone jailbreak. If he got 2 factor authentication, this shouldn't happen even if he jailbreak.

If a hacker put a trojan on his phone, there is no way he can use the Google authenticator. You can't VNC into an iPhone/iPad. If he didn't use 2FA, then maybe there was a keylogger. But keylogger is useless when it comes to 2FA, the hacker can't enter the same code you typed within 60 seconds.
medialab101 (OP)
Hero Member
*****
Offline Offline

Activity: 583
Merit: 500


View Profile
December 27, 2013, 07:31:20 AM
 #5


Hi,

I generally use 2fa with Google Authenticator or SMS but I've become concerned that jailbreaking my iPhone and/ or iPad might cause a weak link in security. Any thoughts?

No, jailbreaking or rooting your phone doesn't make it less secure. In fact, you have more control of the security of your phone. Because everything it need to use privilege access. You have to let it or deny it. When it is not jailbreaked or rooted, you don't have this choice. Your phone just let it run without your knowledge.



Just wondering because I heard that there were some dubious code in the recent jailbreak and I also heard about a guy who had his BTC-e account hacked the day after he jailbroke his phone. Makes me a little paranoid.

I think that story about a guy who got hacked the day after jailbreak his phone, are not because his phone jailbreak. If he got 2 factor authentication, this shouldn't happen even if he jailbreak.

If a hacker put a trojan on his phone, there is no way he can use the Google authenticator. You can't VNC into an iPhone/iPad. If he didn't use 2FA, then maybe there was a keylogger. But keylogger is useless when it comes to 2FA, the hacker can't enter the same code you typed within 60 seconds.



So it's impossible for a trojan to intercept Google Authenticator codes?
grue
Legendary
*
Offline Offline

Activity: 2058
Merit: 1452



View Profile
December 27, 2013, 08:02:56 PM
 #6

I think that story about a guy who got hacked the day after jailbreak his phone, are not because his phone jailbreak. If he got 2 factor authentication, this shouldn't happen even if he jailbreak.

If a hacker put a trojan on his phone, there is no way he can use the Google authenticator. You can't VNC into an iPhone/iPad. If he didn't use 2FA, then maybe there was a keylogger. But keylogger is useless when it comes to 2FA, the hacker can't enter the same code you typed within 60 seconds.
but he can copy the 2FA token stored on the phone, which he use to generate valid google authenticator codes.

Also, there are VNC servers on cydia for iOS.

It is pitch black. You are likely to be eaten by a grue.

Adblock for annoying signature ads | Enhanced Merit UI
medialab101 (OP)
Hero Member
*****
Offline Offline

Activity: 583
Merit: 500


View Profile
December 27, 2013, 11:27:31 PM
 #7

I think that story about a guy who got hacked the day after jailbreak his phone, are not because his phone jailbreak. If he got 2 factor authentication, this shouldn't happen even if he jailbreak.

If a hacker put a trojan on his phone, there is no way he can use the Google authenticator. You can't VNC into an iPhone/iPad. If he didn't use 2FA, then maybe there was a keylogger. But keylogger is useless when it comes to 2FA, the hacker can't enter the same code you typed within 60 seconds.
but he can copy the 2FA token stored on the phone, which he use to generate valid google authenticator codes.

Also, there are VNC servers on cydia for iOS.


So you would advise against jailbreaking your phone if you use 2fa?
grue
Legendary
*
Offline Offline

Activity: 2058
Merit: 1452



View Profile
December 28, 2013, 02:49:59 AM
 #8

So you would advise against jailbreaking your phone if you use 2fa?
I wouldn't advise against it because any discovered backdoors in popular jailbreak software will travel like wildfire. Keep in mind that a backdoor in your phone only breaks half of your 2FA, so it's not enough to gain total control of your account.

It is pitch black. You are likely to be eaten by a grue.

Adblock for annoying signature ads | Enhanced Merit UI
CSInvestments
Newbie
*
Offline Offline

Activity: 8
Merit: 0


View Profile
December 29, 2013, 06:12:07 AM
 #9

Change your root password when jailbreaking. (Assuming you have OpenSSH installed). If somebody had physical access to the phone, they could compromise half of the security using 2fa.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!