Alexander Bakker's Blog

Insecure seed generation in the Nano Android wallet

On the 21th of June 2018, the release of the new wallet applications for Nano was announced on Reddit. Shortly after that, another announcement was made telling users of the Android app to transfer their funds to a wallet with a seed that was not generated by the app. I quickly looked up the source code and found that the app was using a random number generator that is not cryptographically secure. Let’s analyze how bad this really is. Spoiler: it’s bad.
2018-07-02

Mutating immutable strings in Go

As most Go programmers probably know, strings are immutable in Go. This has its advantages, but there are times when one might want to make changes to a string. Using reflection, we can obtain the underlying StringHeader struct of strings and modify the contents.
2018-06-19

About me

I'm a software developer primarily interested in Security and Embedded Systems.

alexbakker

contact@alexbakker.me

RSS

Projects

I work on a number of open source projects:

Aegis
A secure OTP app for Android.

my3status
A very simple alternative to i3status, written and configured entirely in Python.

ToxStatus
Status page that keeps track of Tox bootstrap nodes.

© Alexander Bakker 2019

Content is licensed under CC BY-SA 4.0