15 Aug '13, 5pm

Google Admits Bitcoin Thieves Exploited Android Crypto PRNG Flaw

This certainly affects Bitcoin the most, but a random number generator that actually produces the same "random" numbers is hardly random at all, and could present a serious problem for all types of applications. In fact, that's a thoroughly-broken random number generator and all crypto-related operations could be hosed. I'm wondering how such an egregious PRNG/seeding-algo made it this long without someone noticing. Maybe it's because Bitcoin provides a financial incentive to find these flaws, and honestly it's pretty easy to spot it from a one-minute blockchain scan -- just look for two transactions with identical r-values, plug it into the stupid-simple equation, and then steal the money. This has actually come up in the Bitcoin space before: people were rolling-their-own-ECDSA for constructing and signing transactions, and were not aware of the importance of using diffe...

Full article: http://it.slashdot.org/story/13/08/15/1726233/google-admi...

Tweets

Google Releases Patch for Android Flaw That Can...

news.softpedia.com 15 Aug '13, 7am

In a blog post published on Wednesday, Android Security Engineer Alex Klyubin confirmed the existence of the Android vulne...

Google confirms critical Android crypto flaw used in $5,700 Bitcoin heist

Google confirms critical Android crypto flaw us...

arstechnica.com 15 Aug '13, 1am

Google developers have confirmed a cryptographic vulnerability in the Android operating system that researchers say could ...

How Bitcoin thieves used an Android flaw to steal money, and how it affects everyone else

How Bitcoin thieves used an Android flaw to ste...

extremetech.com 16 Aug '13, 4pm

As anyone that’s ever dabbled in cryptography knows, the more examples you have of a code, the easier it is to break. The ...

Google confirms Android flaw that led to Bitcoi...

news.cnet.com 15 Aug '13, 2am

Google has confirmed a flaw in Android's operating system, which could make Bitcoin digital wallets vulnerable to theft. A...

Google confirms Android flaw that led to Bitcoi...

news.cnet.com 15 Aug '13, 2am

Google has confirmed a flaw in Android's operating system, which could make Bitcoin digital wallets vulnerable to theft. A...

Google confirms Android flaw that led to Bitcoi...

news.cnet.com 15 Aug '13, 2am

Google has confirmed a flaw in Android's operating system, which could make Bitcoin digital wallets vulnerable to theft. A...

Google patches Android after Bitcoin wallet iss...

pcworld.com 15 Aug '13, 4am

Google is distributing patches for a cryptography flaw in Android that may affect hundreds of thousands of applications. T...

Google patches Android after Bitcoin wallet issue

networkworld.com 15 Aug '13, 11am

IDG News Service - Google is distributing patches for a cryptography flaw in Android that may affect hundreds of thousands...

Android Flaw Could Empty Bitcoin Wallets

Android Flaw Could Empty Bitcoin Wallets

technewsworld.com 12 Aug '13, 10pm

Android device owners who use Bitcoins may have their digital currency stolen because of a security flaw in Android, the B...

Google patches Android after Bitcoin wallet issue

pcworld.com 15 Aug '13, 4am

Google is distributing patches for a cryptography flaw in Android that may affect hundreds of thousands of applications. T...

Google confirms Bitcoin-theft vulnerability in Android

Google confirms Bitcoin-theft vulnerability in ...

linuxtoday.com 16 Aug '13, 6am

Google confirms Bitcoin-theft vulnerability in Android Aug 15, 2013, 19:00 (0 Talkback[s] ) Tweet Google has verified that...

Google confirms Bitcoin-theft vulnerability in ...

zdnet.com 15 Aug '13, 6am

Google has verified that a vulnerability that existed within Android allowed for the reported theft of up to 55 bitcoins o...

Concern mounts as Google confirms Android cryptographic vulnerability

Concern mounts as Google confirms Android crypt...

theguardian.com 15 Aug '13, 5pm

Google has confirmed reports of a weakness in Android 's Java Cryptography Architecture (JCA) that has left bitcoin wallet...

Google Releases Android Patches After Bitcoin T...

securityweek.com 15 Aug '13, 5pm

The issue came to light after users of a Bitcoin forum reported Saturday their bitcoins had been stolen. According to Bitc...

Android security flaw puts Bitcoin users at risk

net-security.org 12 Aug '13, 4pm

The Bitcoin Foundation has issued a security advisory warning users that have generated their Bitcoin wallet with an Andro...