Experts Disagree With Samsung Over Cryptocurrency Security

Samsung Electronics argued that smartphones are the best secure storage option for contemporary cryptocurrencies early last month but a number of experts interviewed by The Next Web are now dismissing those claims, pointing to a number of shortcomings of such solutions. The South Korean technology giant previously argued that Trusted Execution Environments (TEEs) supported by some modern handsets, including those from its own portfolio equipped with the Knox security platform, are extremely suitable for storing a broad range of data, including blockchain assets.

While none of the interviewed experts argued against the very concept of TEEs and agree that having them is better than not having them, most pointed to smartphones themselves being vulnerable to a wide variety of other attack vectors, many of which could also compromise such sandboxed environments in certain cases, depending on the implementation. Cryptography professor Matthew Green and Bitcoin developer Jameson Lopp share that view, though they're quick to point out that speaking in hypotheticals on such topics is largely frivolous and details of specific cases and platforms are extremely important to answering the question whether TEEs by themselves are secure enough to be recommended as the go-to cryptocurrency storage solutions, which is what Samsung claims.

Since TEEs would still have to accept requests from third-party apps in order to actually be useful as cryptocurrency management solutions, compromising those mobile tools would be enough to steal someone's digital money without ever glancing at the complex protection mechanisms utilized by sandboxed environments, Mr. Green argues. The sole fact that smartphones are a breed of always-connected devices that are constantly communicating with either cellular networks, Wi-Fi, or both makes the number of their potential vulnerabilities much greater as exploiting any factor in the communication equation that includes them could allow attackers to compromise cryptocurrency holders and steal their assets. Over $760 million worth of cryptocurrency has been stolen in 2018 alone, with attacks targeting blockchain-based holdings being expected to become more numerous in the near future.

You May Like These
More Like This:
About the Author
2018/10/2018-10-23.jpg

Dominik Bosnjak

Head Editor
Dominik started at AndroidHeadlines in 2016 and is the Head Editor of the site today. He’s approaching his first full decade in the media industry, with his background being primarily in technology, gaming, and entertainment. These days, his focus is more on the political side of the tech game, as well as data privacy issues, with him looking at both of those through the prism of Android. Contact him at [email protected]
Android Headlines We Are Hiring Apply Now