Topic: Alternative Block Chains : be safe! - page 63. (Read 1407629 times)
Gosh, the original post has been 7 years old. And still very relevant! There are so many wallets abailable now and in a desire to try things, some users disable their AV. Newbies forget to use virtual machine dry runs. I am guilty of that but have learned my lesson.
Thanks for this simple yet bright reminders. I'll keep it in my mind.
I haven't seen anybody post about what would be my biggest worry if I were trying out alternative block chains. I realize this may be perceived as "Gavin is FUD'ding anything that isn't bitcoin!" (FUD == Fear, Uncertainty and Doubt) But I think some of you might be forgetting some basic computer security fundamentals in the excitement to be early adopters.
When I first heard about bitcoin, my questions were:
1) Can it possibly work (do the ideas for how it works make sense)?
2) Is it a scam?
3) If it is not a scam, could it open my computer up to viruses/trojans if I run it?
I answered those questions by:
1) Reading and understanding Satoshi's whitepaper. Then thinking about it for a day or two and reading it again.
2) Finding out everything I could about the project. I read every forum thread here (there were probably under a hundred threads back then) and read Satoshi's initial postings on the crypto mailing list.
3) Downloaded and skimmed the source code to see if it looked vulnerable to buffer overflow or other remotely exploitable attacks.
If I were going to experiment with an alternative block-chain, I'd go through the same process again. But I'm an old conservative fuddy-duddy.
If you want to take a risk on a brand-new alternative block-chain, I'd strongly suggest that you:
1) Run the software in a virtual machine or on a machine that doesn't contain anything valuable.
2) Don't invest more money or time than you can afford to lose.
3) Use a different passphrase at every exchange site.
Thank you for advice. Absolutely agree with use that better to be sure about what you begin or do. But sure we have some risks in any way. Sometimes it’s just work for our intuition When I first heard about bitcoin, my questions were:
1) Can it possibly work (do the ideas for how it works make sense)?
2) Is it a scam?
3) If it is not a scam, could it open my computer up to viruses/trojans if I run it?
I answered those questions by:
1) Reading and understanding Satoshi's whitepaper. Then thinking about it for a day or two and reading it again.
2) Finding out everything I could about the project. I read every forum thread here (there were probably under a hundred threads back then) and read Satoshi's initial postings on the crypto mailing list.
3) Downloaded and skimmed the source code to see if it looked vulnerable to buffer overflow or other remotely exploitable attacks.
If I were going to experiment with an alternative block-chain, I'd go through the same process again. But I'm an old conservative fuddy-duddy.
If you want to take a risk on a brand-new alternative block-chain, I'd strongly suggest that you:
1) Run the software in a virtual machine or on a machine that doesn't contain anything valuable.
2) Don't invest more money or time than you can afford to lose.
3) Use a different passphrase at every exchange site.
Most of the new coins coming out daily are created by ignorant developers. its scary
hi everyone!
If you are interested in a safe blockchain and exchange, take a look on digitaltokens.io
You'll be surprised to see how fast and secure are all the transactions!
These exchange and blockchain were made to support a new coin, XFC, but you can also trade with BTC, XRP, LTC, DOGE, ETH.
If you are interested in a safe blockchain and exchange, take a look on digitaltokens.io
You'll be surprised to see how fast and secure are all the transactions!
These exchange and blockchain were made to support a new coin, XFC, but you can also trade with BTC, XRP, LTC, DOGE, ETH.
Thank you Gavin.
The only things I might add is that "use a different password" isn't limited to exchanges, but applies to forums, emails, and even pools
, and that some antivirus heuristics seem to hate anything that has mining code in it and isn't explicitly whitelisted.
totally agreed The only things I might add is that "use a different password" isn't limited to exchanges, but applies to forums, emails, and even pools
, and that some antivirus heuristics seem to hate anything that has mining code in it and isn't explicitly whitelisted.
Thank you for sharing your knowledge with us, Gavin! It`s very useful for all of us.
Thank all of you!
Today’s internet has security problems that are familiar to everyone. We all rely on the “username/password” system to protect our identity and assets online. Blockchain security methods use encryption technology,so users store their data on the blockchain and it is incorruptible.
Today’s internet has security problems that are familiar to everyone. We all rely on the “username/password” system to protect our identity and assets online. Blockchain security methods use encryption technology,so users store their data on the blockchain and it is incorruptible.
Thank you for recommendations
Anyone tell me Whats is HardFork And How it impact on Coin
In software engineering, a project fork happens when developers take a copy of source code from one software package and start independent development on it, creating a distinct and separate piece of software. The term often implies not merely a development branch, but also a split in the developer community, a form of schism.
Anyone tell me Whats is HardFork And How it impact on Coin
Thanks, good advice for new comers
Generally, if you have a large amount of bitcoins on a given PC, being extra-cautious about third party software (be it an Alt-coin client or a particularly fancy casual game) is advisable.
if I am very careful with links or software that we do not know the origin of devices that we do not know and display promotions on our pc have, especially on our pc there are many important data and bitcoin data with a large amount.
Thank you for your advice. I have never encountered this and I hope that I will not get into the same situation thanks to you.
It's hard enough to get the half-baked alt chain software to run at all (and speed is of the essence knowing they are all quickly collapsing pyramids) never mind configuring a VM with appropriate hardware access. Here are steps I've taken which I think are "good enough" to be advice -- it's worked for me for 4 shitcoin chains so far.
1. Don't use Windows and pre-built .exes. Just don't. Ever. Nothing inherently wrong with Microsoft software, but it is well understood and commonly used by the botnet types. Staying out of the monoculture is a form of security by obscurity.
2. Create a new account with no group membership. I call mine "goatse" for obvious but nostalgic reasons. Make absolutely sure that account doesn't have read or write access outside of their home directory. Make doubly sure they can't read the raw hard drive device.
3. Log out of your main account and into that account whenever compiling or running the alt chain software. Remember that compilation & installation scripts are code!
4. Do not browse exchange sites you have coinage in and definitely do not save passwords in the browser when logged in as this account.
5. If you log into this account via ssh DO NOT enable X proxying. It's trivial to read your keystrokes, do screen captures, etc when X is proxied. Let me repeat this one, make sure X proxying is disabled. If you can type 'xterm' and see it show up on your main account's screen you're vulnerable.
And yes, I even follow this for official bitcoin software. On a different account than "goatse" of course.
Thank you for this advice.Hoping not to lose money again. 1. Don't use Windows and pre-built .exes. Just don't. Ever. Nothing inherently wrong with Microsoft software, but it is well understood and commonly used by the botnet types. Staying out of the monoculture is a form of security by obscurity.
2. Create a new account with no group membership. I call mine "goatse" for obvious but nostalgic reasons. Make absolutely sure that account doesn't have read or write access outside of their home directory. Make doubly sure they can't read the raw hard drive device.
3. Log out of your main account and into that account whenever compiling or running the alt chain software. Remember that compilation & installation scripts are code!
4. Do not browse exchange sites you have coinage in and definitely do not save passwords in the browser when logged in as this account.
5. If you log into this account via ssh DO NOT enable X proxying. It's trivial to read your keystrokes, do screen captures, etc when X is proxied. Let me repeat this one, make sure X proxying is disabled. If you can type 'xterm' and see it show up on your main account's screen you're vulnerable.
And yes, I even follow this for official bitcoin software. On a different account than "goatse" of course.
I find some interesting points here about dsafety. I was wondering what you guys think of the best measures to take to be safe in this game.
i hate BlockChain Because I already lost money Due to hackers
Thank you for sharing your knowledge about this subject. I will definitely take time to learn about it!
It's hard enough to get the half-baked alt chain software to run at all (and speed is of the essence knowing they are all quickly collapsing pyramids) never mind configuring a VM with appropriate hardware access. Here are steps I've taken which I think are "good enough" to be advice -- it's worked for me for 4 shitcoin chains so far.
1. Don't use Windows and pre-built .exes. Just don't. Ever. Nothing inherently wrong with Microsoft software, but it is well understood and commonly used by the botnet types. Staying out of the monoculture is a form of security by obscurity.
2. Create a new account with no group membership. I call mine "goatse" for obvious but nostalgic reasons. Make absolutely sure that account doesn't have read or write access outside of their home directory. Make doubly sure they can't read the raw hard drive device.
3. Log out of your main account and into that account whenever compiling or running the alt chain software. Remember that compilation & installation scripts are code!
4. Do not browse exchange sites you have coinage in and definitely do not save passwords in the browser when logged in as this account.
5. If you log into this account via ssh DO NOT enable X proxying. It's trivial to read your keystrokes, do screen captures, etc when X is proxied. Let me repeat this one, make sure X proxying is disabled. If you can type 'xterm' and see it show up on your main account's screen you're vulnerable.
And yes, I even follow this for official bitcoin software. On a different account than "goatse" of course.
1. Don't use Windows and pre-built .exes. Just don't. Ever. Nothing inherently wrong with Microsoft software, but it is well understood and commonly used by the botnet types. Staying out of the monoculture is a form of security by obscurity.
2. Create a new account with no group membership. I call mine "goatse" for obvious but nostalgic reasons. Make absolutely sure that account doesn't have read or write access outside of their home directory. Make doubly sure they can't read the raw hard drive device.
3. Log out of your main account and into that account whenever compiling or running the alt chain software. Remember that compilation & installation scripts are code!
4. Do not browse exchange sites you have coinage in and definitely do not save passwords in the browser when logged in as this account.
5. If you log into this account via ssh DO NOT enable X proxying. It's trivial to read your keystrokes, do screen captures, etc when X is proxied. Let me repeat this one, make sure X proxying is disabled. If you can type 'xterm' and see it show up on your main account's screen you're vulnerable.
And yes, I even follow this for official bitcoin software. On a different account than "goatse" of course.
I do not know why I have not noticed this threat for so long. Probably because he is so old. Really good reading material. Amusing. And many of the postings encourage everyone to rethink everything in this hectic time.
Jump to: