Topic: . (Read 322 times)

Hello there, Point 1 is true, but I believe there are people who don't activate this feature, they choose network manually, so if they choose true network then it will automatically connect, and if they choose wrong network then they will be asked to enter the password and here it begins.

Point 2 is what kevin meant. There are tools that create a Hotspot with the same name as your network, and monitor the access switches, that is, when you type in a password and the network and it does not work, it does not matter to them. The important thing is that the password you are trying to enter has been sent to them, and then they enter your original network through it. Ie: entering the password into the wrong network is same as chatting the hacker your original network password.

Point 3 is true, but I don't think hacker is going to make an open network because their goal is to know your password, so I believe it should be wpa or wp2.

Very good point, i never thinking such social engineering attack. I would fell to such engineering attack and thought i simply mistyped password.

You're being paranoid. Even if attacker create malicious network with conflicting ID, there are few ways to avoid it
1. Your device will auto connect to correct network (if you already connected to it before and set it to auto-connect)
2. If both connection uses password, the malicious network should've use different password, where you shouldn't be able connect to malicious network.
3. If the fake network don't use password, you should realize it by check the security type of the WiFi network.

oh its the honor system on their end, im sure its fine /s

gotta trust at some point or just simply not run AV at all.

Isn't their software closed source though? Excluding folders from scanning and turning off stuff related to file uploading sounds more like turning your phone into airplane mode and thinking it'd stop anyone from eavesdropping..

i use paid AV and have for years. one thing i do is go through and turn off any stuff related to "upload suspicions samples" and anything else that might inadvertently send sensitive data to the AV company.

just make sure to exclude from scanning any folders or drives that have blockchains on them.

Most of the vulnerabilities you are talking about are only exploitable when you and the attacker are connected to the same local network. However, aside from encrypting the traffic, vpns, as the name suggests, connect your device to a private network. Meaning it isolates it which make any other device on the local network unable to access it.
But it always recommended to always update your OS and all the softwares installed on it to patch any known vulnerability.

I disagree. Any device that has a wireless component poses a risk of security. As long as the device emits waves, with the right devices you could get to some pretty significant information through it. Besides this, there's most likely the possibility of finding hidden networks around you. Hidden SSIDs do not mean you're safe from hacks, nor does placing your Bluetooth device on "hidden". Moreover, you're prone to the WiFi attack: someone finds your cloaked SSID and creates a malicious network with a conflicting SSID, making you possibly choose that one instead of yours. Ethernet makes you 100% sure that the network connecti9n is coming from your ISP.

But if you're the one who owns it and you can monitor who are the ones connected, there's nothing to worry about. Yes, it's hackable but there's a feature that you can hide your own wife connection into the other device and that means you're the only one who knows how to unveil it.

Yes, it's a case to case basis. But there are many people that don't think about this matter and it's fine to have them reminded.

^^
If your home WiFi isn't protected by a strong password and doesn't use good encryption such as WPA2 then anyone can connect to it and become part of your local network wich allows him to execute a man-in-the-middle-attack, for example.
It's also possible for anyone who is connected to your local network to intercept all the data your device sends/receives. To mitigate this risk you should connect through a vpn which will encrypt the transmitted data and render it useless for the attacker.

Not using your home wifi?  I dont get this part.  I mean even if you visit bad sites... it shouldn't or can't affect your wifi or internet connection right?

The risk is if you use software that is free and has a very low level of protection, and also collects your data and sells it to third parties. For anyone who uses Windows OS, I would recommend some kind of protection (I mean pay protection), and for me personally Malwarebytes Premuim + Norton do a great job - I haven't had a virus or malware on my computer for more than 5 years.

I know that W10 users have Windows Defender + firewall turned on by default, maybe for some it's enough protection - I personally think that every user can get much better protection for relatively little money - and when it comes to cryptocurrencies, we are all even more exposed to online threats - many realized this after it was too late.

I've heard that before, but are there any case where it actually happen?


On most cases, i agree.

Whole-disk encryption is unrecommended because the encrypting is part of the operating system, and it can lead to lockout problems even if the files themselves are fine. One error can literally lock you out of the whole drive.

File-and-folder encryption can be just as secure as whole-disk encryption.

It's fast because it only encrypt/decrypt file which need to be read/written. I tried it with SSD once and can't notice the difference, unless i run 3D application ir copy lots of files. However, if you use HDD and use it to boot the OS, you'll notice your computer run slower.

But i wouldn't use encryption if you're regular user, since recovering the file will be far more difficult.

It depends on which type of encryption you want to use. The standard settings are "AES" encryption and "SHA-256" hash algorithm, which are very good choices.
AES is a symmetric key encryption cipher, and it is generally regarded as the "gold standard" for encrypting data. Encrypting and decrying data with symmetric encryption much faster than with asymmetric encryption. Generally, symmetric ciphers are said to be around "1000 times faster" than asymmetric ones.

You can read more about how AES encryption work here: https://proprivacy.com/guides/aes-encryption

I get the point and it's useful assuming dangerous application rely on drive letter, but it's possible to access the drive directly (with admin privilege) without drive latter.


It's possible with VeraCrypt, besides the decryption process is quite fast. Here's a guide, https://www.howtogeek.com/howto/6169/use-truecrypt-to-secure-your-data/.

As it has already been said, if one wants to store one's crypto in a secure way, a reliable hardware wallet is the way to go.
Now, implying this si not only about the assest but also about general security, privacy and ways to avoid malware, then I believe some of the measures you described are correct.
But i am afraid the regular user might be not familiarized with Linux for example, for most of people it has always been easier to go mainstream and stay in Windows.

I would avoid using that device to surf internet if I am having a dedicated device for crypto storage, and its possible to make payments from other device which is connected to internet which is normally called airgapped wallet, more secure but little bit complicated for everyday user.

Windows operating systems are definitely a risk, but which OS is 100% secure? I've always used this OS and I never had any serious problem - although a lot depends on how someone uses their computer. Anyone looking for trouble in pirated software, torrents and suspicious sites will pick up something malicious sooner or later.


This is something I fully support, because you never know what a friend or acquaintance may install on your device without your knowledge - or what they can use your IP address for - to send a threatening message to a politician


This has never happened to me, and I have been using AV for a very long time - always of course paid and reputable versions that have always been helpful to me. Why would AV delete any data at all? Each AV I used will quarantine any suspicious file or program, and the user can decide whether to leave it there, delete it, or exclude it as a threat.


Public wireless networks are definitely a bad choice, bad guys have a great selection of hacking tools that can steal everything we type on a compromised public network - avoid it at all costs. A wired connection to a home modem (landline) is the most secure way to access the Internet, although properly protected wi-fi (wpa-psk2 + WPS off + random password) provides a sufficient level of protection for the home network.


I would not agree that people were more aware of computer security before, although we can talk about the fact that some parts of the world use more pirated software than others or have a better education where children learn the basics of using the Internet in primary school. More and more people have moved online since we had the pandemic, which means they spend a lot more time online and are more exposed to various internet threats.

You might want to consider using Tails for a far easier setup.

Some software that you might use would probably not be open source. If you're using it for a single purpose only, then its probably quite possible to only install things that are open source on it. It really doesn't mean much if you don't verify it and compile yourself; there were plenty of instances where supply chain attacks compromised well known programs and installed their own backdoor into it. Whenever possible, minimize the applications that you're using on the computer.

Eavesdropping on your network is possible, whether you're using WiFi or not. Fact is, most sites uses TLS which really just negates the risk. If you want to protect your funds, just get an airgapped wallet or a hardware wallet. Maintaining security of any device that is connected to the internet is a tedious task.

I agree with @Welsh.

None of OS, devices or AVs can protect our crypto if we have unhealthy internet-surfing. Linux is better than Windows and that OS is less favourited by hackers but OS can not completely protect you.

Reference topics

• Keep Your Crypto #SAFU (CZ's Tips)
• How to Install Tails OS on USB flash drive for Wallet Purpose
• Why you should upgrade Windows 7 to Ubuntu
• Basic security guide (firewall, backups, antivirus..) - not only for beginners

Surfing the Internet, as you indicated above, can also be different. And here the browser and its settings are important. In a Linux system, it is difficult to download anything without administrator rights, but the most common clicks on various kinds of links are also dangerous. I agree that a hardware wallet is more reliable, and if you use your device for transactions, then surfing the Internet should be quite limited.

As long as it's my own flash drive and I know that it's free from any virus or malware, why would I stop connecting it if it's a personal use flash drive?

I agree about public networks/wifi. I don't connect to them with my device but if it's your personal or home wifi why wouldn't you connect?

Because there are a lot of windows users worldwide, many hackers are targeting them. But if you know how to protect yourself and you're very much aware how your PC becomes infected by their malware and phishing links, you only need to be a responsible pc user.

IMO avoiding Home's WiFi is too much, unless you let guest use it or you can't trust your family.


What's the point of removing drive letter? If you don't want windows and windows application access the drive, you better use drive encryption (such as LUKS).

Security, and vulnerability is significantly linked with how the user uses their system. Although, Linux is not only safer because of the way its been designed. Its safer because its much less of a target, than Windows. This is simply because the vast amount of population is using Windows as their primary operating system, there's also the correlation, that Linux tends to attract more advanced users, and not the users which are prime targets for malicious users.

Although, you could in fact increase your security ten fold, by either physically compartmentalizing or using software that virtually does it for you. I've talked about Qubes OS a few times, but it basically allows you to isolate different parts of your machine, so that if one is compromised, it won't all be compromised. The benefit here, other than the clear benefit of compartmentalizing is Qubes OS due to the way its designed, operates a little different from other virtualization software, and traditional operating systems, it means that there's much less malicious attacks out there that will compromise the system.

Physically compartmentalizing is the best approach, although its likely overkill for most people. Plus, it can be tedious. I've tried doing it physically, and depending on your needs it can be rather expensive if you need powerful machines for your activity. So, Qubes OS or another compartmentalizing operating system is the next best thing.

However, to return to your original point. Of course, Linux users can be attacked. Linux isn't impenetrable, but the security is definitely an improvement over Windows, and therefore your reducing your scope of error even if you are security conscious. 

Your post is good for Linux users. But agree that not everyone can handle it properly. I also prefer Linux systems, but they cannot be a guarantee of user safety. Moreover, the systems themselves must be correctly selected for their needs.
Recent news reports that a backdoor was discovered on Linux systems that went unnoticed by VT for three years.
Just read what he could control: https://blog.netlab.360.com/stealth_rotajakiro_backdoor_en/
Therefore, all manuals are, of course, useful, but all responsibility for their safety always rests on the shoulders of the user.
It is necessary not only to keep your devices clean but also to constantly monitor news about emerging viruses to take timely action to protect against them.

New device? Just reflashing the OS is enough which almost removes 99.999% from your device if there is any harm while you can still can be hacked or at potential of losing your privacy whenever you are connecting your device to internet, for example Google chrome the biggest spyware of this world but still everyone using it.

Just buying a hardware wallet is more reliable than maintaining a separate device for your crypto wallets for various reasons.

.