|
November 03, 2013, 05:47:08 PM |
|
Some suggestions/improvements for security:
- On the newer androids, the screenshot of the last state of the application is saved when switching programs. Unfortunately, there might be no way to fix this when a user switches apps. Providing an exit button would be an option for those that utilize it.
- When scanning the public key, a rogue QR app scanning app (or a third party person) can see the brainwallet passphrase. Suggestion to display the QR code with a full screen white background. Additionally, bitaddress.org has a hide/show password for the brainwallet, can add a checkbox to show typed passphrases as ********.
-Lock the screen orientation upon startup, or do not allow a change in screen orientation to exit the QR code on fullscreen. Again, a rogue QR scanning app, trojan with webcam access, or third party human will see the brainwallet passphrase and privatekey.
|