Digital Trends
Mobile

Google acknowledges critical Bitcoin flaw in Android (and bug fixes are released)

Jeffrey Van Camp
By
PayPal won't let you buy Bitcoins

Do any of you own any bitcoins? Fractions of a bitcoin? We’d love to know if you do, and issue you a lovely little warning: if you’re holding any bitcoins on an Android phone or tablet, you may want to store your stash elsewhere. Because of a bug in the way Android generates random numbers, those who use Android devices are at risk of digital theft, according to Bitcoin.org.

Updated on 8-15-2013 by Jeffrey Van Camp: Alex Klyubin, a Google Security Engineer on the Android team has acknowledged that this is a legitimate flaw in Android. The problem, as often seems to be the case, is Java.”Java Cryptography Architecture (JCA) for key generation, signing, or random number generation may not receive cryptographically strong values on Android devices due to improper initialization of the underlying PRNG,” said Klyubin. Translated out of geek speak, that means that Android is, as we thought, not generating random numbers correctly. 

You can find some patch code from Google on its official Android blog. We’ve also updated the links below because patches for all wallets have now been issued.

Article originally published on 8-12-2013.

How to know if you’re affected: There appears to be a flaw in Google’s Android operating system, making it impossible for the OS to generate “secure random numbers,” which are needed to encrypt Bitcoin transactions.. This affects those who use Bitcoin wallet apps like Bitcoin Wallet, Blockchain.info, BitcoinSpinner, and Mycelium Wallet. Some apps, like Coinbase and Mt Gox are still secure because they don’t rely on the Android OS to generate their numbers. Every one of these apps now has a patch available to fix this vulnerability, which you can find here: Mycelium Wallet patchBitcoin Wallet patch, BitcoinSpinner patch, Blockchain.info patch.

How to to re-secure your wallet: To protect yourself, Bitcoin.org recommends you do a “key rotation” to your bitcoins. Download the fix for your Wallet app in the Google Play Store as soon as it’s available, generate a new address with the repaired random number generator, and then send your bitcoins from yourself to yourself. If anyone has “stored addresses” from your device previous to the fix, you need to contact them and give them a new one. You ca also send your bitcoins to your computer until you fix up your Android wallet.

We’re hoping those of you with actual bitcoins will understand that process better than we do. Currently, we’re bitcoin broke, so we cannot test this fix. 

If you own any bitcoins, let us know below. Have you purchased anything with them? Why do you like or dislike the platform? We’re a “bit” curious.

Editors' Recommendations

Don't Miss

Samsung Galaxy S10 to launch February 20: Here's everything we know
Up Next

The next mouse-killer: Haptix 3D multitouch sensor turns any surface into a controller
swatchpay swatch watch switzerland news china
Wearables

Swatch and Mastercard team up for on-the-wrist, on-the-go mobile payments

Swatch has announced its Swatchpay technology is now available in Switzerland, enabling mobile payments from your Swatch watch. It works in a similar way to Apple Pay and Google Pay. Here's everything about it.
Posted By Andy Boxall
how to clear cookies
Computing

Delete tracking cookies from your system by following these quick steps

Cookies are useful when it comes to saving your login credentials and other data, but they can also be used by advertisers to track your browsing habits across multiple sites. Here's how to clear cookies in the major browsers.
Posted By Jon Martindale
apple new york iphone doj passcode
Mobile

Having trouble logging in? Here’s how to reset your Apple ID password

To use any of Apple's services, you need to have an Apple ID and know your password. Thankfully, there are ways to deal with forgotten passwords and regain access to your account. Here's how to reset your Apple ID password.
Posted By Brie Barbee, Will Nicol
iPhone XS review
Mobile

Join the Apple club with our complete guide to switching from Android to iOS

If Android simply isn’t cutting it for you anymore, then you might be considering Apple’s warm embrace. Here’s how to make the switch from Android to iOS without losing your contacts, sleep, or hair!
Posted By Simon Hill
pixel 3 camera lens
Mobile

We tried all the latest and greatest smartphones to find the best of 2019

Smartphones are perhaps the most important and personal piece of tech on the planet. That’s why it’s important to pick the best phone for your individual needs. Here are the best smartphones you can buy.
Posted By Julian Chokkattu
sony xperia xz3 pocket
Mobile

Sony is showing something off at MWC -- will it be the Xperia XZ4?

Sony may have released the Xperia XZ3 in the past few months, but already it's preparing to release a follow-up, the Xperia XZ4. We're learning plenty about the phone now some details have started to leak out, and it's getting exciting.
Posted By Mark Jansen
moto z3 play back top half
Mobile

Do these Geekbench results accurately represent the Moto G7?

The Moto G6 range is still relatively new to the market, but rumors have already started about the Moto G7, which is expected some time in 2019. Apparently, a G7 Power version will be joining the G7, G7 Play, and G7 Plus.
Posted By Mark Jansen, Steven Winkelman
Sennheiser Momentum true wireless earbuds review
Home Theater

Set your ears free with the best completely wireless earbuds

If you can't stand the tangle of cords, or you're just excited about completely wireless earbuds, you're going to need some help separating the wheat from the chaff. Our list serves up the best true wireless earbuds around.
Posted By Parker Hall
samsung galaxy s9 review
Mobile

Is this the first image of a Galaxy S10 being used in real life?

It won't be long now; With 2019 underway, the Samsung Galaxy S10 is almost here. Before it arrives, here's absolutely everything you need to know about all three of Samsung's next flagships.
Posted By Mark Jansen, Andy Boxall
Omron HeartGuide
Wearables

Omron HeartGuide brings blood pressure monitoring to your wrist

High blood pressure leads to heart attacks, strokes, and many other health problems, so it's important to keep an eye on. Omron's HeartGuide is a fitness tracking watch that can also monitor your blood pressure from your wrist.
Posted By Simon Hill
Fossil Sport Review
Business

Google is buying mysterious smartwatch tech from The Fossil Group for $40 million

Google is about to step up its smartwatch game. The company has agreed to buy an unnamed smartwatch technology from The Fossil Group for a hefty $40 million. Considering the acquisition, it's clear Google is serious about smartwatches.
Posted By Christian de Looper
how to play YouTube in the background
Mobile

Learn how to play YouTube in the background on iOS and Android

We show you how to play YouTube in the background with apps such as Opera, Chrome, and Firefox -- along with the premium offerings like YouTube Premium -- whether you have an Android or iOS device.
Posted By Mark Jansen
android vs ios v cameras feat
Mobile

Android vs. iOS: Which smartphone platform is the best?

If you’re trying to choose a new phone and you’re not sure about the merits and pitfalls of the leading smartphone operating systems, then come on in for a detailed breakdown as we pit Android vs. iOS in various categories.
Posted By Simon Hill
iphone xs
Mobile

Verizon’s deal could get you a free iPhone XR — but there’s some fine print

Verizon launched a new deal for its smartphones aimed at encouraging customers to open a new line. If you're willing and you want two new phones, you could get a free Samsung Galaxy S9, iPhone XR, or Pixel 3.
Posted By Christian de Looper