Apple’s App Store frequent copycat bitcoin wallet, steal user $twenty thousand, is the source of the wrong?
According to Apple (Apple) internal report shows that there are a large number of well-known bitcoin wallet copycat version of its app store. Some genuine and copycat wallet is mainly used to steal user as like as two peas, bitcoin. Before Apple completely remove the App, users have lost nearly $twenty thousand.
These copycat App could so easily realize the development and dissemination of the “success” can not help but question the characteristics of bitcoin free, open source is good or bad. Most bitcoin wallets are open source, that is to say, anyone can verify and maintain it. But from another perspective, crooks can also easily access information software, with minor modifications can be illegal to steal money.
Bitcoin wallet Jaxx, Ethernet and world currency workshop (Dash) are aware of this, and made some changes. For example, on the Jaxx website, all of the code are open to the public, but it is read-only. Everyone has the right to check the code, but can not copy, or not through the simple copy and paste code theft.
CEO Jaxx AnthonyDiIorio explained to BitcoinMagazine:
We do so, part of the reason is that we own. Because we are a company, the company must have the operation cost, if you contribute your own code for free, then you do not earn money. Another reason is to prevent malicious imitation of our wallets. As a company, we hope to provide quality services, if someone can easily mimic your products, it too failed. We have been trying to find a balance between transparency and ownership of software. At present we have embedded in the code of a specific point of friction to prevent it being stolen.
Copycat wallet one victim of the event is GreenAddress. GreenAddress has always been a completely open source, that is to say, the code can be directly copied using. However, the developers of GreenAddress LawrenceNahum or as in the past to support the free and open source software (FOSS) mode.
Wallet open source code will indeed provide convenience to the copycat. But even if a purse is not open, I think it is difficult to escape the fate of being malicious copycat. Even if the code is read-only, you can find all kinds of methods to imitate a liar or your wallet. But, don’t you also said that open source code is not after a detailed review, it would give people the impression of not safe enough. I know most of the developers never directly examine the code in the page.
However, DiIorio does not believe that the code must set permissions on behalf of a detailed review of the safety or give up.
Even if the wallet is completely open source, you can’t be sure you come from the wallet app store with the code is as like as two peas. And there’s not many people will care about. No one will go to repeatedly check code in the download wallet before. 95% users only need a wallet can be used, with this open source or open source not what relation.
Apple removed these copycat wallet after receiving the bitcoin community complaints. Bitcoin community action and Apple’s official censorship prevents the long-term harm caused by timely copycat wallet.
But Nahum believes that this solution is not a permanent solution.
Apple is like a walled garden, and not expanding the scale, so there must be a person responsible for the audit of each load application software store. Malicious software will update. Although the experience of bitcoiner was able to identify pirated software, but some software may no copycat can achieve their evil purpose.
Nahum said, in view of the current situation, there is not a sure card. The user can own carefully some potential pirated software, and take corresponding measures.
As long as we detected malware will inform apple. But I still advise to you when downloading software or to verify a source. Look at you know developers, and comment on what is said, notice that this software is submitted to bitcoin.org. Must check a few times URL and software name, make sure you download is genuine software.