Replies (46)
Honestly impressive though
another reason to not give apps permission to access your photo gallery. it's insane to me that apps request access to all photos... its completely unnecessary.
On Graphene you can set very good limits and if an app requires access to all photos but you don't want it to have that access, you can turn on a setting that makes the app think it has full access but really only has access to photos you selected.
That's why I always use a different phone to take pictures of my seed.
Wow that’s quite sophisticated
😂
You are joking, right?
The latest Android media picker from the Googs has similar outcomes, granting access to just specific photos.
The official implementation is a bastardized version of how Graphene implements it; cool, you let me pick individual images for apps to access.
Give me the ability to pick specific folders.
Genius
Yes but on the Google one it tells the app it's limited so it doesn't work for apps that require full permissions to work.
Don’t store any screenshots.
I purge mine from time to time.
It’s a good idea
👀
#GrapheneOS storage scopes permissions ftw
Derek Ross
Malware has been found in both Google Play and Apple's App Store that uses optical character recognition to steal cryptocurrency wallet recovery phrases from users' photo galleries.
That's...kind of cool and an interesting attack vector. Don't take screenshots or photos of your wallet's recovery phrases.
Bad practice.
The first thing people do is creating screenshots after I've explicitly mentioned that you should never do it. I guesd people think storing stuff in the cloud is safe.
Luckily creating screenshots on your mobile is disabled by some Bitcoin wallets. That should be the standard.
What I meant to say is I take a picture of it using an old phone that is never connected to the internet.
Writing seeds on paper is dumb. I don't even have paper anymore so what am I supposed to do.
At least download openkeychain pgp and encrypt the seed (asymmetric or symmetric encryption), or compress the photo in a 7zip format with a password.
It's too many passwords. The phone already has a password on it. So why do I need to go even farther and put another password on it. I'm not going to remember the password or if I lose it then I'm screwed.
I zipped a seed in the past and then put it in my email and forgot the password then I found a copy of the seed without a password. That saved me.
That was a total of 3 passwords. Computer, email and zip. I did it because people told me. I think that's too much security.
How do people with a lot of Bitcoin keep it safe? Do they really secure it with that many passwords? I'd be stressed out if I had a lot of Bitcoin.
Taking a photo of phrases is a rookie mistake.
I'm not sure why but I always give permission to all because sometimes it's a pain to try and add a photo then it asks again and you add the photo again
Wow, that’s wild. Shouldn’t be surprising considering the crazy things happening with AI these days but still.
Need to send this to all my newbie holder friends.
When they prompted me to "write down your seed phrase" they didn't mean take a screenshot? damn... 😏
So what happens if your home burns down tomorrow?
Consider working on your opsec.
There stealing is will not work soon.
😅
Why not just use your hands, grab a pen and paper, write it down…
iOS has per-image access permissions, #GrapheneOS has storage scopes. Please use these features. You shouldn't be saving copies of your seed phrase like this too.
Derek Ross
Malware has been found in both Google Play and Apple's App Store that uses optical character recognition to steal cryptocurrency wallet recovery phrases from users' photo galleries.
That's...kind of cool and an interesting attack vector. Don't take screenshots or photos of your wallet's recovery phrases.
That's literally exactly why I'm using a new nsec. Leaked my own key in a screenshot. Thankfully only my Nostr key and not Bitcoin.
I only keep paper copies of my bitcoin keys, though.
On my PC I have cron script that deletes files older than 30 days in my download directory. I think it's a great solution to purse digital minimalism and make myself aware of what I save.
My whole world would be destroyed without my downloads folder
I can understand. But this forces me to move to the right place the files I really need to keep. It's both zen and coercive.
Does anyone actually save their seeds by taking a picture of them?
Step one is not not download random shit from the play and app stores.
@Zapstore is also a good alternative.
Its weird though because in damus we don’t have to request any permissions yet its easy to pick and choose any photos? When apps ask for everything it makes me suspicious now
Exactly.
I do see what you mean , just about every app asks it 😂 it's a bit much
On another note when about is your Android Damus dropping?
Or just leave this cucked OS's altogether
Derek Ross
Malware has been found in both Google Play and Apple's App Store that uses optical character recognition to steal cryptocurrency wallet recovery phrases from users' photo galleries.
That's...kind of cool and an interesting attack vector. Don't take screenshots or photos of your wallet's recovery phrases.
DDF and your ttyy yyyyy
We should start making tons of fake seeds
lol
I am surprised that there are people taking screenshots or photos of their recovery phrases.
I've done it when testing a new wallet app. But I also know that I won't be savings any funds in there and will delete the app shortly. When I do I also delete the screenshot. So if I do it for testing purposes, I can totally see people doing it for normal use cases.
👍
