• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

PRESSLED

Your Leading News Source

PRESSLED
Your Leading News Source

  • Home
  • BUSINESS
  • MONEY
  • POLITICS
  • REAL ESTATE
  • US
  • Meet the Reporters
  • About/Contact

New app makes Bitcoin more secure

May 14, 2021 by Staff Reporter

A computer science engineer at Michigan State University has a word of advice for the millions of bitcoin owners who use smartphone apps to manage their cryptocurrency: don’t. Or at least, be careful. Researchers from MSU are developing a mobile app to act as a safeguard for popular but vulnerable “wallet” applications used to manage cryptocurrency.

“More and more people are using bitcoin wallet apps on their smartphones,” said Guan-Hua Tu, an assistant professor in MSU’s College of Engineering who works in the Department of Computer Science and Engineering. “But these applications have vulnerabilities.”

Smartphone wallet apps make it easy to buy and trade cryptocurrency, a relatively new digital currency that can be challenging to understand in just about every way except one: It’s very clearly valuable. Bitcoin was the most valuable cryptocurrency at the time of writing, with one bitcoin being worth more than $55,000.

But Tu and his team are uncovering vulnerabilities that can put a user’s money and personal information at risk. The good news is that the team is also helping users better protect themselves by raising awareness about these security issues and developing an app that addresses those vulnerabilities.

The researchers showcased that app — the Bitcoin Security Rectifier — in a paper published for the Association for Computing Machinery’s Conference on Data and Application Security and Privacy. In terms of raising awareness, Tu wants to help wallet users understand that these apps can leave them vulnerable by violating one of Bitcoin’s central principles, something called decentralization.

Bitcoin is a currency that’s not tied to any central bank or government. There’s also no central computer server that stores all the information about bitcoin accounts, such as who owns how much.

“There are some apps that violate this decentralized principle,” Tu said. “The apps are developed by third parties. And, they can let their wallet app connect with their proprietary server that then connects to Bitcoin.”

In essence, Bitcoin Security Rectifier can introduce a middleman that Bitcoin omits by design. Users often don’t know this and app developers aren’t necessarily forthcoming with the information.

“More than 90% of users are unaware of whether their wallet is violating this decentralized design principle based on the results of a user study,” Tu said. And if an app violates this principle, it can be a huge security risk for the user. For example, it can open the door for an unscrupulous app developer to simply take a user’s bitcoin.

Tu said that the best way users can safeguard themselves is to not use a smartphone wallet app developed by untrusted developers. He instead encourages users to manage their bitcoin using a computer — not a smartphone — and resources found on Bitcoin’s official website, bitcoin.org. For example, the site can help users make informed decisions about wallet apps.

But even wallets developed by reputable sources may not be completely safe, which is where the new app comes in.

Most smartphone programs are written in a programming language called Java. Bitcoin wallet apps make use of a Java code library known bitcoinj, pronounced “bitcoin jay.” The library itself has vulnerabilities that cybercriminals could attack, as the team demonstrated in its recent paper.

These attacks can have a variety of consequences, including compromising a user’s personal information. For example, they can help an attacker deduce all the Bitcoin addresses that wallet users have used to send or receive bitcoin. Attacks can also send loads of unwanted data to a user, draining batteries and potentially resulting in hefty phone bills.

Tu’s app is designed to run at the same time on the same phone as a wallet, where it monitors for signs of such intrusions. The app alerts users when an attack is happening and provides remedies based on the type of attack, Tu said. For example, the app can add “noise” to outgoing Bitcoin messages to prevent a thief from getting accurate information.

“The goal is that you’ll be able to download our tool and be free from these attacks,” Tu said.

The team is currently developing the app for Android phones and plans to have it available for download in the Google Play app store in the coming months. There’s currently no timetable for an iPhone app because of the additional challenges and restrictions posed by iOS, Tu said.

In the meantime, though, Tu emphasized that the best way users can protect themselves from the insecurities of a smartphone bitcoin wallet is simply by not using one, unless the developer is trusted.

“The main thing that I want to share is that if you do not know your smartphone wallet applications well, it is better not to use them since any developer — malicious or benign — can upload their wallet apps to Google Play or Apple App Store,” he said.

###

Also collaborating on this project were MSU’s Professor Li Xiao as well as Ph.D. students Yiwen Hu and Sihan Wang, all from the Department of Computer Science and Engineering. This work was funded in part by the National Science Foundation.

Disclaimer: AAAS and EurekAlert! are not responsible for the accuracy of news releases posted to EurekAlert! by contributing institutions or for the use of any information through the EurekAlert system.

Originally Appeared On: https://www.eurekalert.org/pub_releases/2021-05/msu-nam050421.php

Filed Under: TECH/SCIENCE, Uncategorized

Primary Sidebar

More to See

EJ Jenkins Hopes to be a Versatile Receiving Threat for Georgia Tech This Season

One of Georgia Tech's most impactful incoming transfers could be EJ Jenkins. Jenkins is coming over from South Carolina, where he was used as a wide … [Read More...] about EJ Jenkins Hopes to be a Versatile Receiving Threat for Georgia Tech This Season

Stock futures dip following S&P 500’s third winning week in a row

Traders on the floor of the NYSE, Aug. 4, 2022.Source: NYSEStock futures traded slightly lower in overnight trading Sunday, following the S&P 500's … [Read More...] about Stock futures dip following S&P 500’s third winning week in a row

Why it is a must to choose your Realtor wisely?

In 2021, Las Vegas experienced its most frenzied market in years. Any agent could put a house on the market and it had a considerable chance to sell. … [Read More...] about Why it is a must to choose your Realtor wisely?

Privacy Policy | Terms and Conditions | About/ Contact
Copyright © 2022 · PRESSLED · As Amazon Associates we earn commissions from qualifying purchases · Log in

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT