Sort:  

the private keys must be stored somewhere within steemit, which is the same thing that happens when you put your coins on an exchange.

Was wondering the same thing. And is it possible to keep steem in cold storage?

There's a wallet on google play https://play.google.com/store/apps/details?id=steem.org.freewallet.app&hl=en .......BUT, it seems shifty. Some bad reviews of stolen steem etc.