You are viewing a single comment's thread from:

RE: Actifit Daily #60: Top 10 Actifitters + Anti Abuse Reminder

in #actifit7 years ago

Well, at least I ain't worried that someone steals my passwords and blockchain keys, simply because I used the Copy + Paste feature in Android:

This project demonstrates a security hole In Android's API that allows any installed application to listen to changes to the clipboard (listen to everything that you copy and paste):
https://github.com/grepx/android-clipboard-security

Oops.

7 years ago in #actifit by
$0.00
    Reply 5
    Sort:  
  • Trending
    • [-]
     7 years ago  

    Correct!

    This is true for not just mobile devices, but also desktop OSes. For example, Windows has an event, WM_CLIPBOARDUPDATE, that any application can register for. As far as I can tell, most OSes are not designed to protect the clipboard from casual monitoring

    Keys should never be stored in any application or functions of a OS. Only safe place are trusted hardware wallets...

    $0.04
    • Past Payouts $0.04
    • - Author $0.03
    • - Curators $0.01
    2 votes
    Reply
    [-]
     7 years ago (edited) 

    I think apps in Windows Phone are isolated and locked from each other.

    The Clipboard should be one of the most secure features of any OS. This just shows me we're all still living in the 20th century.

    Also... who's going to insert a 50 character long key, every time they log into SteemIt? Do you actually know anyone that does that?

    $0.00
      Reply
      [-]
       7 years ago  

      In theory, you might use the embedded secure element that most modern phones have. This is a dedicated hardware chip for secure storage of keys and cryptographic operations

      $0.04
      • Past Payouts $0.04
      • - Author $0.03
      • - Curators $0.01
      2 votes
      Reply
      [-]
       7 years ago  

      I have never heard of such thing.

      $0.00
        Reply