Bitcoin Forum
December 13, 2019, 03:37:29 PM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Deleting wallet software for more security?  (Read 132 times)
Rezoyen
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
November 05, 2019, 08:20:03 PM
 #1

Hi, I'm using the blockstream green wallet on Android. I've written down my seed phrase and keep it safe and secure. Can I now uninstall/delete my green wallet app? to be less vulnerable to theft/hacking.

I can still receive but not spent this way right? Should I create a couple of addresses beforehand?

And if I want to spent/exchange, I just download green wallet app again and use the seed phrase to recover my wallet?

Can anyone confirm this is all correct?

Thank you
1576251449
Hero Member
*
Offline Offline

Posts: 1576251449

View Profile Personal Message (Offline)

Ignore
1576251449
Reply with quote  #2

1576251449
Report to moderator
1576251449
Hero Member
*
Offline Offline

Posts: 1576251449

View Profile Personal Message (Offline)

Ignore
1576251449
Reply with quote  #2

1576251449
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1576251449
Hero Member
*
Offline Offline

Posts: 1576251449

View Profile Personal Message (Offline)

Ignore
1576251449
Reply with quote  #2

1576251449
Report to moderator
1576251449
Hero Member
*
Offline Offline

Posts: 1576251449

View Profile Personal Message (Offline)

Ignore
1576251449
Reply with quote  #2

1576251449
Report to moderator
1576251449
Hero Member
*
Offline Offline

Posts: 1576251449

View Profile Personal Message (Offline)

Ignore
1576251449
Reply with quote  #2

1576251449
Report to moderator
harizen
Legendary
*
Offline Offline

Activity: 1736
Merit: 1236


View Profile
November 05, 2019, 08:35:45 PM
 #2

Can I now uninstall/delete my green wallet app? to be less vulnerable to theft/hacking.

Not necessary but it's up to you. Kind of a hassle if you will install/uninstall it again for every session.

To lessen your worries if you decided not to uninstall the app, set up a security passcode. It should have that feature as it was common for any crypto wallet*. Then for additional security, set up an application lock which is a default feature of an Android phone nowadays.



I can still receive but not spent this way right? Should I create a couple of addresses beforehand

Make sure you have the correct address. Since you will uninstall the app, you don't have any references beforehand.



Honestly, I'm not aware of this wallet.

Are you really sure you want to use that one and not considering those recommended ones for Android e.g Mycelium, Electrum for Android etc.

peempeem
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile WWW
November 05, 2019, 08:41:36 PM
 #3

Yep, some people do this as a method of cold storage.
o_e_l_e_o
Hero Member
*****
Offline Offline

Activity: 770
Merit: 3055


Decent


View Profile
November 05, 2019, 09:27:14 PM
Merited by harizen (1)
 #4

-snip-
Yes, this is all correct. There are three particularly risky parts of your set up.

The first is as harizen points out - you will be unable to verify your receiving addresses. If you are subjected to clipboard or other malware, the addresses you saved to receive to may be edited at some point between storage and entering them to a website/handing them over to someone who wants to pay you. You have no reference point to double check they are correct. This could be mitigated by printing out your addresses and double checking them against your wallet prior to deleting it, and then using your print out as a reference for all future address use.

The second is you are relying entirely on your seed phrase to be able to access your coins. It would be good practice to back it up in at least two separate locations, in case one back up becomes damaged or irretrievable.

The third is entering your seed phrase to restore you wallet. Typing your seed phrase in to a phone or computer is inherently risky as you may have a keylogger or other malware which is recording your key presses. Unlikely sure, but possible. The only way to be 100% sure your seed phrase isn't been stolen is to never enter it in to an online device.

You also don't need to reinstall Green Wallet to restore from your seed phrase. Your seed phrase will be compatible with almost all good wallets, on phone or computer.



Honestly, I'm not aware of this wallet.
I've never used it, but Blockstream was founded by and employs people like Gregory Maxwell and Pieter Wuille. The wallet is open source and the github is available here: https://github.com/Blockstream/green_android. It's a perfectly safe wallet to be using.

hatshepsut93
Legendary
*
Offline Offline

Activity: 1358
Merit: 1007


Bitcoin realist


View Profile
November 05, 2019, 09:30:41 PM
 #5

You can instead just delete the wallet file, since that's the place where they keys are stored. Deleting and redownloading the software won't make you more secure, it might even add a small risk, because each time you download a wallet you might accidentally download a fake wallet.

The first is as harizen points out - you will be unable to verify your receiving addresses. If you are subjected to clipboard or other malware, the addresses you saved to receive to may be edited at some point between storage and entering them to a website/handing them over to someone who wants to pay you. You have no reference point to double check they are correct. This could be mitigated by printing out your addresses and double checking them against your wallet prior to deleting it, and then using your print out as a reference for all future address use.

Green wallet has a watch-only mode, which solves this problem.

o_e_l_e_o
Hero Member
*****
Offline Offline

Activity: 770
Merit: 3055


Decent


View Profile
November 05, 2019, 09:38:25 PM
 #6

Deleting and redownloading the software won't make you more secure, it might even add a small risk, because each time you download a wallet you might accidentally download a fake wallet.
That's a good point about added risk, but it may make him more secure depending on what kind of threat he is trying to protect against. If he is worried about physical attacks on his person, then deleting the app might be safer. If someone was to forcibly take his phone and find a bitcoin wallet app, even one with no coins, they might be inclined to use physical force to get him to reveal the location of his seed phrase. Having no wallet app present may prevent this.

If you are very concerned regarding theft or hacking, then your best bet would be to either take the simple option of buying a hardware wallet, or the somewhat more complicated option of setting up a wallet on an airgapped (no internet connection) PC. Both of these would be much more secure than using a mobile wallet.

Velkro
Legendary
*
Offline Offline

Activity: 2002
Merit: 1011


<3 Vanity Addresses :)


View Profile
November 05, 2019, 09:39:33 PM
 #7

Hi, I'm using the blockstream green wallet on Android. I've written down my seed phrase and keep it safe and secure. Can I now uninstall/delete my green wallet app? to be less vulnerable to theft/hacking.

Yes. If you have written down seed you can always recover your wallet/addresses.
Deleting wallet software WILL grant you more security when you install malware app that scans any trace of bitcoin to hack it will find bitcoin wallet (target) or not. Its minor security, but always something.

kooboat
Member
**
Offline Offline

Activity: 135
Merit: 10


View Profile
November 05, 2019, 10:29:22 PM
 #8

Fortunately, hackers dont usually attack android applications with their malwares. You are just on the right track and don't forget to store your seed words or recovery phrase for your wallet very securely. This is very important since you cannot recover your wallet or funds without it.
hello_good_sir
Hero Member
*****
Offline Offline

Activity: 756
Merit: 510

CryptoTalk.Org - Get Paid for every Post!


View Profile
November 05, 2019, 10:48:26 PM
 #9

You'll need 2 things for the paper wallet you are talking about:

1. Addresses (I haven't used greenaddress in a couple of days, but I do believe it's possible to keep 1 address, and it won't delete it or do anything to it, but it'll still generate other addresses (which I would recommend you use so people can't spy on your transactions).

2. Seed/private key, to access to your wallet.

No point deleting, to be honest, you should be fine - but up to you.

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
.CryptoTalk.org.|.MAKE POSTS AND EARN BTC!.🏆
AverageGlabella
Sr. Member
****
Offline Offline

Activity: 468
Merit: 630


CryptoTalk.Org - Get Paid for every Post!


View Profile
November 05, 2019, 11:33:09 PM
 #10

Generating a wallet on a android device is not safe to start with but I won't go into that as its up to you. As for your question deleting wallet software will not increase the security level of your device or wallet unless malicious software are specifically searching your phone for apps installed instead of the wallet extension file which in my opinion would not make sense. Most viruses will be searching for wallet.dat extensions and other similar file types.

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
CryptoTalk.org| 
MAKE POSTS AND EARN BTC!
🏆
Kyraishi
Hero Member
*****
Offline Offline

Activity: 686
Merit: 507

CryptoTalk.Org - Get Paid for every Post!


View Profile
November 06, 2019, 12:32:36 AM
 #11

Generating a wallet on a android device is not safe to start with but I won't go into that as its up to you.
Yep, this is a pretty big issue since your mobile phone is usually more connected to the internet to your other devices (laptop, desktop computer, eg). I'd recommend using GreenAddress online compared to just using your phone if you have a laptop/PC.

If you're so tight about security, wouldn't it just be smarter to get a ledger wallet? They are 100 percent safer then greenaddress, and the private keys would never enter your phone, and they added a ledger app for mobile a decent time ago.

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
.CryptoTalk.org.|.MAKE POSTS AND EARN BTC!.🏆
joinfree
Sr. Member
****
Offline Offline

Activity: 826
Merit: 256


View Profile
November 06, 2019, 12:43:29 AM
 #12

Hi, I'm using the blockstream green wallet on Android. I've written down my seed phrase and keep it safe and secure. Can I now uninstall/delete my green wallet app? to be less vulnerable to theft/hacking.

I can still receive but not spent this way right? Should I create a couple of addresses beforehand?

And if I want to spent/exchange, I just download green wallet app again and use the seed phrase to recover my wallet?

Can anyone confirm this is all correct?

Thank you
That's all correct but it feels like a tiring task to me if you would have to install and uninstall every time you need to spend your cryptocurrencies. The best thing to do is to make sure you have saved those pass phrase somewhere no one else would have access to you except you. Also,  add extra security such as google authentication, sms notification per log ins, withdrawal etc. All these would help keep your wallet safe and no need to go through that stress all for the sake of safety reasons.

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
CryptoTalk.org| 
MAKE POSTS AND EARN BTC!
🏆

Hero/Legendary
 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.
      .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .██████████████████████████████████████████████████
pooya87
Legendary
*
Online Online

Activity: 1848
Merit: 2111


Remember tonight for it's the beginning of forever


View Profile
November 06, 2019, 04:18:45 AM
 #13

Yep, some people do this as a method of cold storage.

unless the phone that was used to create this wallet has never been connected to ANY NETWORK and will never be connected to any network in the future, you can not consider this method a safe "cold storage" method. it would be like buying meat then leaving it outside under the sun for a couple of days and then refrigerate it thinking everything is fine now that you've frozen the meat!

adaseb
Legendary
*
Offline Offline

Activity: 2170
Merit: 1165



View Profile
November 06, 2019, 05:49:13 AM
 #14

Yep, some people do this as a method of cold storage.

unless the phone that was used to create this wallet has never been connected to ANY NETWORK and will never be connected to any network in the future, you can not consider this method a safe "cold storage" method. it would be like buying meat then leaving it outside under the sun for a couple of days and then refrigerate it thinking everything is fine now that you've frozen the meat!

Very strange analogy but I agree with your post.

In my opinion whether that phone is ever going to connect to a Wifi or cellular tower or not, cell phones are NEVER considered cold storage because they can easily transmit data.

Unlike a laptop that you can open up and take out the bluetooth and wifi adapter, you can't do this with a cell phone.

Androids are full of malware and who knows if his seed was leaked in some way. Even deleting the wallet might not remove all traces. The hacker might just wait for a deposit and then sweep all the funds.

My advice is to just get a hardware wallet or use Electrum in cold storage mode. Never a cell phone.

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
Palider
Hero Member
*****
Offline Offline

Activity: 1034
Merit: 503


CryptoTalk.Org - Get Paid for every Post!


View Profile
November 06, 2019, 06:45:40 AM
 #15

This is a good idea especially if you do not need to use your crypto. But you must be sure that your seed pharase is secure so you have nothing to fear. And you should also make sure that your seed pharase is written on a piece of paper as there is a greater chance that it will be detected by the hacker if it is only hidden on your pc.

We know that an unexpected virus could infiltrate our pcs resulting in hackers stealing our private keys. So we should always be prepared for these events.

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
.CryptoTalk.org.|.MAKE POSTS AND EARN BTC!.🏆
joniboini
Hero Member
*****
Offline Offline

Activity: 770
Merit: 1181


Exchange Bitcoin quickly-https://blockchain.com.do


View Profile WWW
November 06, 2019, 06:48:18 AM
 #16

Androids are full of malware and who knows if his seed was leaked in some way. Even deleting the wallet might not remove all traces. The hacker might just wait for a deposit and then sweep all the funds.

He could flash his phone, insert an OTG with the wallet apps ready to be installed. Install the apps, generate new seeds, store it, and leave it. Uninstall the apps, reflash the phone and done. But this is inefficient and ineffective. Agree with the HW part, if the point is having a cold wallet, a phone is not the best choice.

Kakmakr
Legendary
*
Offline Offline

Activity: 1862
Merit: 1385


View Profile
November 06, 2019, 07:42:25 AM
 #17

Fortunately, hackers dont usually attack android applications with their malwares. You are just on the right track and don't forget to store your seed words or recovery phrase for your wallet very securely. This is very important since you cannot recover your wallet or funds without it.

You are wrong my friend. Around 2.5 billion devices around the world use the Google owned Android, which is the world's most popular operating system. One thing we know for sure, is that hackers and scammers are focusing their efforts on the most widely used operating systems now.

It looks like OP wants to use his phone as a cold storage and not as a wallet for frequent use, so I would rather suggest that he creates some paper wallets for the coins that he want to store in cold storage and that he only store a small amount of coins in his phone for daily use. <This way, he will not have to be that paranoid about the potential loss of coins>  Grin

Signature space for rent - PM me.
o_e_l_e_o
Hero Member
*****
Offline Offline

Activity: 770
Merit: 3055


Decent


View Profile
November 06, 2019, 12:57:30 PM
 #18

I'd recommend using GreenAddress online compared to just using your phone if you have a laptop/PC.
I agree software wallets in general aren't great, but in what way is using a web wallet going to be safer?

Also,  add extra security such as google authentication, sms notification per log ins, withdrawal etc.
SMS is a very poor 2FA method to choose, since text messages are sent unencrypted and can be intercepted, and SIM jacking is fairly easy to perform with a minimal amount of social engineering. You should be using a 2FA app as a minimum, and using something like AndOTP or Aegis instead of Google.

And you should also make sure that your seed pharase is written on a piece of paper as there is a greater chance that it will be detected by the hacker if it is only hidden on your pc.
Your seed phrase should never touch an internet capable device. You should not be saving it or entering it on any device for any reason except when it is your only option to recover your wallet. As soon as it has touched an internet capable device, you should consider it compromised.

cell phones are NEVER considered cold storage because they can easily transmit data.
Exactly. Even when phones are turned off, they can still be tracked or even be used to spy on you. There's plenty of malware out there which can turn on your mobile data or WiFi without your knowledge, and there's even malware which can be distributed via SMS. Unless you have physically removed all the hardware allowing a device to transmit data, then it's not proper cold storage.

adeandro
Jr. Member
*
Offline Offline

Activity: 40
Merit: 1


View Profile
November 06, 2019, 02:12:18 PM
 #19

I don't think that it will provide you much security.
BrewMaster
Hero Member
*****
Offline Offline

Activity: 1386
Merit: 861


There is trouble abrewing


View Profile
November 06, 2019, 02:15:27 PM
 #20

Androids are full of malware and who knows if his seed was leaked in some way. Even deleting the wallet might not remove all traces. The hacker might just wait for a deposit and then sweep all the funds.

He could flash his phone, insert an OTG with the wallet apps ready to be installed. Install the apps, generate new seeds, store it, and leave it. Uninstall the apps, reflash the phone and done. But this is inefficient and ineffective. Agree with the HW part, if the point is having a cold wallet, a phone is not the best choice.

the real question is why bother with this much workarounds just to increase the security of something that is inherently insecure by design. in other words unless OP doesn't own a PC or has no kind of access to one whatsoever, i don't see any reason to take the risks of creating a wallet with a phone for storage purposes.
HW wallets would also require a PC so if he has one then he should use that to create a cold storage.

Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!