Altcoins Talks - Cryptocurrency Forum
Local => Nigerian Languages => Topic started by: Cantsay on July 28, 2024, 04:32:34 PM
-
I just came across this thread (https://bitcointalk.org/index.php?topic=5504400.0) in Bitcointalk and decided to bring it here for those that might not have an account there or that haven’t visited that board.
(https://talkimg.com/images/2024/07/28/4e6c3.png)
https://www.wublock123.com/index.php?m=content&c=index&a=show&catid=10&id=29686
As you all can see, it is possible for a dev to add a backdoor to any program and if it’s not open sourced then no one would be able to inspect the code alto see if there’s any risk involved in using it, just like what happened in the article above. .
This thread was copied from HERE (https://bitcointalk.org/index.php?topic=5504400.0)
-
Omor, na why to gain technical knowledge sef dey good. Make person no just dey make use of something without knowing how to protect emself or keep im asset safe. Imagine say one of us na victim to that kind tin, e no go easy at all, na all this kind tins dey make people to talk say crypto na scam because, the routes to use take scam people just too many, and if you no dey careful, one day e fit reach your turn. E don tay wey I dey crave to learn technical deep tins on cryptocurrency, though I don take step, but e belike say I go fire am small, because this tin no be joke again. Though there are other reputable wallets wey don dey and na those among those ones I dey use, wallet like electrum, blue wallet... no be every new tin we go try, you guys should stay safe out there.
-
Have your forgotten about bx which is open source but that got a lot of people coins stolen? Before the hack, people have been warned that the way it was generating seed phrase was not secure.
Some wallets may use bx for their wallet generation. People will not know because they are close source. This is the reason close source wallets are very more dangerous and not advisable. You do not know if there is a backdoor or even a vulnerability that is intentionally included by the wallet developers.
Use the wallet that are reputed and recommended but which are open source.
-
Have your forgotten about bx which is open source but that got a lot of people coins stolen? Before the hack, people have been warned that the way it was generating seed phrase was not secure.
Some wallets may use bx for their wallet generation. People will not know because they are close source. This is the reason close source wallets are very more dangerous and not advisable. You do not know if there is a backdoor or even a vulnerability that is intentionally included by the wallet developers.
Use the wallet that are reputed and recommended but which are open source.
This is one problems that is always associated with close source wallet because it could cause serious damage at the later ends. Most time it's import to use only a recommendable wallet, then for exchange is not advisable to leave fund over there since they aren't part of their private keys and some of dev could have access to the investors funds.
-
OP, thanks for the reminder because newbies might not know which wallet is best to use and with this thread, they can know that not all wallets are the same. It is also good that when you are downloading a wallet, you download it from their official site and not from a random site to avoid downloading a fake version of the wallet created by scammers. Electrum wallet, Blue wallet, Sparrow wallets are some good wallets to use.
-
If we really care about our assets, then we will as well be interested in learning towards the required means whereby we can use in holding our assets without handing over them to a third party in disguise, the truth is that some users don't know how to different between which wallet is best for them and the security standards they must check in before choosing a wallet to use.
-
the truth is that some users don't know how to different between which wallet is best for them and the security standards they must check in before choosing a wallet to use.
The way they started also contributes to it - there are lots of users that entered into crypto space knowing just Trust wallet (due to one airdrop or something similar) if those type of people are not properly educated they’ll still use that same Trust wallet to handle their large money.
-
This does not end at using an open source wallet to be honest, because without you or me knowing how to read and identify error or malicious data in codes, it still won't benefit us using open source wallets.
But on the other hand, I understand that even if we don't know how to identify what I mentioned above, some one somewhere might know how to and will alert other potential users, but all the same, to be on a more safer side in crypto, have a hot and cold wallet, get a hardware wallet that you can into a cold storage for funds that are not going to be used anytime soon, while one can download good and trusted wallet which can be used as a hot wallet for every day crypto transactions, and always make sure the hot wallet has way lesser funds than the cold wallet at all times.
-
I think I saw that thread in the forum there. And from the story the op narrated there, the hacker is someone working in the company and that was why he was able to hacked the wallets. And there was a way he did to collect their seed phrases or the passwords to hacked them. Since he was the ICT person in the company, he might have asked them to summit information to send the coins to their wallets and he use that opportunity to hacked them.
-
This is a good reminder. I think with this post, members could be able to really do a proper research before making use of wallets so they could not be sure of what they are using mostly the newbies joining Crypto space. But somehow, this exercise is a kind of technical because not everyone knows how to read codes or talk of understanding programming language. The truth is that once they check google app and they see a million downloads, they assume it is a safe wallet without checking for some certain features since there is a reasonable number of downloads, they just go straight to using the app and you would not blame them. Although ignorance is not an excuse but what would one say in the case of those.who have no knowledge about programming languages as the case may be.
-
And there was a way he did to collect their seed phrases or the passwords to hacked them.
What this would be about is that the victims seed phrase is compromised, not the password. In a noncustodial wallet, password do not mean anything than to encrypt the wallet on your device. But on a wallet that has a password on your device, only what is needed to access it on another device is the seed phrase if passphrase is not included.
-
And there was a way he did to collect their seed phrases or the passwords to hacked them.
What this would be about is that the victims seed phrase is compromised, not the password. In a noncustodial wallet, password do not mean anything than to encrypt the wallet on your device. But on a wallet that has a password on your device, only what is needed to access it on another device is the seed phrase if passphrase is not included.
+1
You are absolutely right, password means absolutely nothing when it comes to non custodial wallet, and it makes me laugh when I see some people try to secure their wallet password much more than they secure their pass or seed phrase.
A friend of mine was creating a non custodial wallet the other day, he screenshot the seed phrase and saved the shot on his device image gallery, after successfully creating the wallet, he brought out his jotter and wrote down the password he set for the wallet, ignoring the seed phrase which is the most important key to the wallet.
He was just lucky I wasn't that kind of person, I was viewing pictures on his phone and saw the seedphrase he screenshoted, I asked him why; and that was how he told me everything, I scorned him for doing that, cus he's been in crypto for more than a year and ought to have understood how things like this work and how best to secure them.
Lack of knowledge, or pure ignorance to knowledge is the reason why many people will lose their money in this internet era.
-
A friend of mine was creating a non custodial wallet the other day, he screenshot the seed phrase and saved the shot on his device image gallery, after successfully creating the wallet, he brought out his jotter and wrote down the password he set for the wallet, ignoring the seed phrase which is the most important key to the wallet.
He was just lucky I wasn't that kind of person, I was viewing pictures on his phone and saw the seedphrase he screenshoted, I asked him why; and that was how he told me everything, I scorned him for doing that, cus he's been in crypto for more than a year and ought to have understood how things like this work and how best to secure them.
Lack of knowledge, or pure ignorance to knowledge is the reason why many people will lose their money in this internet era.
Your friend should go and give testimony about this encounter of his because if you hadn’t seen the gallery there’s a high probability of him doing the same thing with a wallet that has a lot of money in it.
This type of errors are the reason why some wallets have started disabling wallet secret phrases from being screenshotted - there are wallets out there when creating a new wallet the app won’t allow you take a screenshot of the secret phrase it must be written down with a pen before you can proceed with the creation.
-
Snip
we all know that self custodial wallet has nothing to do with password if it is login in another device but if the person person is the one opened the wallets for those people because that is an organization and the management might asked the workers to go there and create their wallets and the hacker might use that opportunity to compromise the wallets.
-
Atomic Wallet is another real example, although it claims to be a noncustodial cryptocurrency wallet, many users have reported losing their cryptocurrency. If the wallet is not open source and is downloaded and used by many, there is no guarantee that it does not have backdoors.
-
Atomic Wallet is another real example, although it claims to be a noncustodial cryptocurrency wallet, many users have reported losing their cryptocurrency. If the wallet is not open source and is downloaded and used by many, there is no guarantee that it does not have backdoors.
Atomic wallet is not completely open sourced - it has several open source libraries[1] but some parts of it are still kept from the public, the fact that not everything is made public still makes it possible for it to have a backdoor.
I haven’t used it before, the wallet I’m current using in my phone is BlueWallet probably more secure than atomic.
[1] https://support.atomicwallet.io/article/184-why-is-atomic-wallet-not-open-source
-
Atomic wallet is not completely open sourced - it has several open source libraries[1] but some parts of it are still kept from the public, the fact that not everything is made public still makes it possible for it to have a backdoor.
I didn't say it's open source but noncustodial cryptocurrency wallet just like trust wallet which is trusted and used by millions around the world. If the wallet gives you seeds it doesn't mean it's safe as some of them record those seeds or are not generated randomly enough.