Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: IOTA
by
tasbin
on 29/08/2017, 13:32:58 UTC
Quote from: R-J-F on August 29, 2017, 12:47:19 PM
Quote from: R-J-F on August 29, 2017, 12:41:50 PM
Quote from: tasbin on August 29, 2017, 12:21:36 PM
Quote from: carajillu on August 28, 2017, 10:20:44 AM
Quote from: Wekkel on August 28, 2017, 10:02:52 AM
Quote from: tasbin on August 28, 2017, 10:00:09 AM
I have tried the android application available on the playstore. it is a joke in term of security.
Some users even complain about missing tokens with a balance equal to zero, quite the lottery.

I will not put anything more than 10 bucks on it until it is more secure.

The wallet works fine. Used it for some ping pong transaction between it and the desktop client. It now has a simple password logging system so the seed only has to be entered once.

It is always newbie accounts with less than 10 messages FUDding , a lot of jealousy around I guess. Byteballers are angry people.
First,  I did not mention that the application behave strangely for me but you can read the comments below the application section on playstore.
You cannot imagine that I forged them with multiple accounts right?

Second, from a security perspective, for example, there is just no password policy at all.
You can creat very weak password (like single space) to protect your wallet for example.
If you reply that is up to you to decide the complexity and lenght of password, then it is a dead discussion with a newbie that I will not follow.


That is just one amongst other discovered flaws after 10 minutes of playing with it with no tool.

Also I am working in IT security but hey see the reality... i have just less than 1k messages in your forum, so I am probably wrong right ?



If you are talking about the desktop, Windows wallet:

Addressing the password comment: Your seed is your password. You cannot access your funds without it nor can anyone else. I think 81 characters is quite adequate, even a little overkill, for a seed/password. IOTA may have issues but, security is not one of them. And you say you can use a single space password. Again, not correct, the wallet will complain if the password is less than the minimum required, 60 characters.

If you are talking about Android, sorry, don't use anything Android, just asking for trouble.

PS: I also work in IT security, the IOTA desktop wallet is not a risk as far as we know.

My comments was clearly related to the Android application.(i mentionned Android) See my 1st message.