Stop Using Blockfolio App - Its Calling Home with Too Much Info (+Small Safety Tutorial)

in #bitcoin7 years ago

What is Blockfolio

I have done a review of Blockfolio long ago here if you are not familiar its an app which allows you to track prices of chosen coins and has almost all altcoins you can imagine.

But it also has another neat option - you can add there amounts of coisn you have, price you bought at and it will constantly show you how much your whole coin portfolio is worth, you can check stats of all coins you have and more.

The app looks and works amazing. No doubt in this.

Blockfolio Tracks All Your Moves and Coins

While i knew this app is great i have only used it to track prices, i have never put there single info about my orders or amouns of what i own. Due to years online and 7th year in cryptocurrency (omg.. im so old) ive expected abuse to happen.

I hate tracking of any kind and imagine here you give full info on your net worth to randoms.

Due to todays findin it gets even better - they have over 100 000 downloads and can fully track move of everyone to not only track people but track and predict moves on markets.

The Finds

Website BitcoinErrorLog went by code and all homecalls in the app and found some sneaky things there.

But as i said - its nothing surprising. Possibly after this went public app owners will stop this or mangle it more..
Either way its never good to use such 3rd party apps that track you and trusting them with your money.

How to Stay Safe in Crypto World

  • Obviously - if you dont have key to your coins, they are not yours. Never trust exchanges or webwallets.
  • In Bitcoin a like coins - often change wallets, use new addresses for deposits.
  • Have backups of your keys for coins also outside home.
  • Use VPN and change IPs on it often, i currently use Traceless.
  • Never share your keys with anyone on internet.
  • Add 2FA on exchanges, if they dont have this option.. Dont even use them.

This are the basics to get you started.

Follow, Resteem and VOTE UP @kingscrown creator of http://fuk.io blog for 0day cryptocurrency news and tips!

Sort:  

Nice post @kingscrown. I feel the same about keeping my private keys to myself. I use blockfolio too! I swear everyone has a motive lol. Thanks for the great post as always. Cheers.
Mark

If you want to continue using it while significantly minimising the risk of hackers taking notice of you, here is a solution for you:
https://steemit.com/bitcoin/@blockchainttmft/how-to-use-blockfolio-app-without-risking-losing-your-money

OMG blockfolio... I'm removing you right now... I feel so violated. I freaking loved this app. I was not concerned because i don't put actual tokens on there but this is just sad.

I'm in the same boat.. sepecially since I just re-balanced my holdings ¡Mierda DAMN!

Hi, Steemit community! Please check out my steem t-shirt, I was working for a long time on it!
front.jpg
https://teespring.com/steem-to-the-moon

Agree that everyone has a motive. You should always prefer open source project or a paid tool. You can checkout an alternative cryptocurrency portfolio manager like Cointracking which has both free and pad version.

i didn't use yet but info will bring me there.

Also, I've listed a few alternatives on this post. I used to be hooked up on Blockfolio as well. Regardless of how I feel about them, it's always good to have some alternatives !

Hi @oceancoinz, if you want to get rid of the commercial Blockfolio, I have written a simple and straightforward IPython Blockfolio.

Takes advice from 7 year old crypto king and unistalls the app.

Congratulations! This post has been upvoted from the communal account, @minnowsupport, by wayfaraway from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, theprophet0, and someguy123. The goal is to help Steemit grow by supporting Minnows and creating a social network. Please find us in the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.

If you like what we're doing please upvote this comment so we can continue to build the community account that's supporting all members.

This comment has received a sweet gift of Dank Amps in the flavor of 21.84 % upvote from @lovejuice thanks to: @wayfaraway. Vote for Aggroed!

This comment has received a 3.16 % upvote from @booster thanks to: @wayfaraway.

I assumed this was how they were making money, using trade data. I still feel it's a useful app, just be cautious about putting buy and sell info into it.

Yeah, knowing this is only gonna stop me from updating my amounts. I still love the app.

The data provided to them is completely unreliable, anyone could enter $100m in some random coin and completely skew the data. The data is also after trades have been completed, this sort of data would be fairly hard to game.

I agree. I wouldn't necessarily let it worry me. But to be cautious, don't input all details on your blockfolio app. For example, I don't change what exchange I use to what's on my blockfolio that way there is less tracking, in a sense.

Whoaaaa! 😲😲😲
Nice 👍 pass @kingscrown
With the value of crypto and information... I've always suspected this a possibility.

Nothing surprising as you say but still kinda whooaaa wtf right?

Excellent tips and pointers on keeping things locked and tight.
And may I say, congrats on your 7th year in the space 🚀
😉😏😎

Stay well and Steem on kingscrown 🐳!

Blockfolio released a statement regarding this issue an hour ago:
https://www.blockfolio.com/june_30_privacy_statement.html

Good. Maybe they just got caught redhanded. Lol

It seems like a reasonable response. At least they reacted and fixed the major issues.

Are you saying that the data wouldn't be stored in a database on a centralized server anyway? B/c, if so, API calls don't mean anything. You'd be far better to data mine with SQL queries than send some kind of API call from the app itself.

right answer lol

Thanks for the heads-up. I have the Blockfolio app but haven't put any of my transaction info on it yet. Glad I found your post!
Do you know if cryptocompare.com might be doing this too?

I'm actuallying using coincap's app. its helpful!

I think it's safe to say, these kinds of things are rarely ever free. Your data is much more valuable then the cost of an app. READ THE FINE PRINT!

If its free.. you are the product!

Nice find. People in general are way too trusting with their private information. Especially financials is not something one should put in a random app.

Good advice on security too.