It’s not news that Android
has some security
problems, but here’s another one: Android wallets aren’t secure. According to Bitcoin
, the issue stems from a secure random number generator in the OS itself, which is vulnerable to exploits. The generator is needed to secure the wallets, so thus, the wallets are not secure.
Bitcoin notes that apps where users don’t control private keys, such as exchange frontends Coinbase or Mt Gox, aren’t affected, but many apps are. Bitcoin posted an “incomplete list” that includes Bitcoin Wallet, BitcoinSpinner, Mycelium Bitcoin Wallet, and blockchain.info.
The apps are being updated, so users can head over to the Google Play
store (or Google Code or mycelium.com as the case may be) and get the latest versions. Further, Bitcoin suggests rotating keys by generating a new address and sending your wallet money back to yourself.