Digital Trends
Mobile

Google acknowledges critical Bitcoin flaw in Android (and bug fixes are released)

Jeffrey Van Camp
By
PayPal won't let you buy Bitcoins

Do any of you own any bitcoins? Fractions of a bitcoin? We’d love to know if you do, and issue you a lovely little warning: if you’re holding any bitcoins on an Android phone or tablet, you may want to store your stash elsewhere. Because of a bug in the way Android generates random numbers, those who use Android devices are at risk of digital theft, according to Bitcoin.org.

Updated on 8-15-2013 by Jeffrey Van Camp: Alex Klyubin, a Google Security Engineer on the Android team has acknowledged that this is a legitimate flaw in Android. The problem, as often seems to be the case, is Java.”Java Cryptography Architecture (JCA) for key generation, signing, or random number generation may not receive cryptographically strong values on Android devices due to improper initialization of the underlying PRNG,” said Klyubin. Translated out of geek speak, that means that Android is, as we thought, not generating random numbers correctly. 

You can find some patch code from Google on its official Android blog. We’ve also updated the links below because patches for all wallets have now been issued.

Article originally published on 8-12-2013.

How to know if you’re affected: There appears to be a flaw in Google’s Android operating system, making it impossible for the OS to generate “secure random numbers,” which are needed to encrypt Bitcoin transactions.. This affects those who use Bitcoin wallet apps like Bitcoin Wallet, Blockchain.info, BitcoinSpinner, and Mycelium Wallet. Some apps, like Coinbase and Mt Gox are still secure because they don’t rely on the Android OS to generate their numbers. Every one of these apps now has a patch available to fix this vulnerability, which you can find here: Mycelium Wallet patchBitcoin Wallet patch, BitcoinSpinner patch, Blockchain.info patch.

How to to re-secure your wallet: To protect yourself, Bitcoin.org recommends you do a “key rotation” to your bitcoins. Download the fix for your Wallet app in the Google Play Store as soon as it’s available, generate a new address with the repaired random number generator, and then send your bitcoins from yourself to yourself. If anyone has “stored addresses” from your device previous to the fix, you need to contact them and give them a new one. You ca also send your bitcoins to your computer until you fix up your Android wallet.

We’re hoping those of you with actual bitcoins will understand that process better than we do. Currently, we’re bitcoin broke, so we cannot test this fix. 

If you own any bitcoins, let us know below. Have you purchased anything with them? Why do you like or dislike the platform? We’re a “bit” curious.

Editors' Recommendations

Don't Miss

Cyber Monday 2018: When it takes place and where to find the best deals
Up Next

The next mouse-killer: Haptix 3D multitouch sensor turns any surface into a controller
how to use Instagram Stories
Mobile

Instagram tool accidentally exposes user passwords. Were you affected?

Instagram's Download Your Data tool accidentally exposed the passwords of a small number of users. Here is the explanation on what happened, and how to find out which Instagram accounts were compromised.
Posted By Aaron Mamiit
google chromecast branding ultra unlimited entertainment bg
Home Theater

Google Chromecast and Chromecast Ultra: Everything you need to know

Google's Chromecast plugs into your TV's HDMI port, allowing you to stream content from your tablet, laptop, or smartphone directly to your TV. Here's what you need to know about all iterations, including the 4K-ready Chromecast Ultra.
Posted By Ryan Waniata
best hp laptops chromebook 13
Computing

Here’s how to install Windows on a Chromebook

If you want to push the functionality of your new Chromebook to another level, and Linux isn't really your deal, you can try installing Windows on a Chromebook. Here's how to do so, just in case you're looking to nab some Windows-only…
Posted By Tyler Lacoma
best Wear OS apps
Wearables

Check out 25 of the best Wear OS apps for your smartwatch

Looking for some ways to spruce up that new Android smartwatch of yours? Here are the best Wear OS apps to download and use with any Android smartwatch, including a few specially enhanced for Wear OS 2.0.
Posted By Simon Hill
Pixel 3 taking a photo
Mobile

Leak shows a third, budget Google Pixel 3 with a Snapdragon 670, headphone jack

The Google Pixel 3 and Pixel 3 XL are considered to be two of the best Android smartphones, but it looks like Google could be prepping a third. A budget Pixel 3 device that boasts some of the best features of the other two has been leaked.
Posted By Christian de Looper
verizon withdraw yahoo store
Mobile

Use multiple phone numbers on one device with Verizon’s ‘My Numbers’ app

For those who have separate phone numbers and devices for your work and personal lives, Verizon wants to help you get more organized. With its new "My Numbers" app, you can use up to four additional phone numbers on a single smartphone.
Posted By Brenda Stolyar
microsoft-xiaoice
Emerging Tech

Microsoft’s friendly new A.I wants to figure out what you want — before you ask

Move over Siri and Alexa! Microsoft wants to build a new type of virtual assistant that wants to be your friend. Already making waves in Asia, could this be the future of A.I. BFFs?
Posted By Luke Dormehl
nimble eco friendly battery packs wireless charging pads
Mobile

Need a quick battery boost? Try one of our favorite portable chargers

Battery life still tops the polls when it comes to smartphone concerns. If it’s bugging you, then maybe it’s time to snag yourself a portable charger. Here are our picks of the best portable chargers.
Posted By Simon Hill
ipad pro fails bend test
Mobile

New iPad Pro’s durability in question after it fails YouTuber’s bend test

The new iPad Pro models failed a bend test that was carried out by popular YouTuber JerryRigEverything. The result raises questions about the durability of the tablets, especially since customers are also reporting bending issues.
Posted By Aaron Mamiit
Pixel 3 recovery mode
Mobile

How to use recovery mode to fix your Android phone or tablet

If you’re having a problem you can’t seem to resolve with your Android device, or maybe you want to update it or wipe the cache, recovery mode could be what you’re looking for. Here's how to use it.
Posted By Simon Hill
awesome tech you cant buy yet hover 2 drone feat
Emerging Tech

Awesome Tech You Can’t Buy Yet: A.I. selfie drones, ‘invisible’ wireless chargers

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it sure is fun to gawk!
Posted By Drew Prindle
Best Cyber Monday Deals
Deals

Cyber Monday 2018: When it takes place and where to find the best deals

Cyber Monday is still a ways off, but it's never too early to start planning ahead. With so many different deals to choose from during one of the biggest shopping holidays of the year, going in with a little know-how makes all the…
Posted By Jacob Kienlen
SanDisk 200GB MicroSD card
Mobile

How to choose the best MicroSD cards for your smartphone or tablet

If you need some extra storage space and your device supports it, then a MicroSD card is an obvious place to start. Here, we look at what to consider and suggest some of the best MicroSD cards for your smartphone.
Posted By Simon Hill
amazon black friday deals 2
Smart Home

All the best Amazon Black Friday deals for 2018

Amazon may be an online-only retailer, but that doesn’t mean its Black Friday sales are anything to sniff at. In fact, due to its online status, Amazon has huge flexibility with the range of products and deals it can offer. Here's our…
Posted By Bruce Brown