Topic: Are you using a Public DNS server? your coins are at risk ! - page 2. (Read 18194 times)

sorry about your loss, i tried to warn as many people as i could by then on Ether Mining group on FB some people got away but most were to late to act! anyway

why not get a hardware wallet? any logical explanation behind this?

thanks

I do not know what is the point of wrongly rephrasing my initial statement.

I can tell you that Google's DNS is differently more secured than your ISP, but it is SAFER to your ISP' DNS because it's less Likely to be targeted.


More Secured doesn't mean SAFER !.

it's simple you do not have to complicate it !

what is more secure a bank downtown or a house in the middle of nowhere at the side of the country?

sure is the bank has more security, but in terms of "security by obscurity". that house is safer to store money in, but it takes 1 thief with a knife to rob that house , while it takes a big force to get into the bank downtown!.

so technically GOOGLE's dns is much more secured " do your own research" . but your ISP dns is safe simply because it's less important to the majority of hackers.


and if you want to argue about the fact that  security by obscurity is a bad practice then a simple proof is the last MEW attack.
people who were accessing their MEW using their ISP were safe at the same moment that those on Google's were getting compromised.


there is no HISTORY data on this matter particularity, therefore I have no solid evidence to support this statement. because it is common sense.

if you want to build a reliable data on this keep using Google's DNS and  after a few years you tell me how many times your online wallet was compromised and we compare it to someone else's who is on their own ISP DNS

i was carelessly using public dns because my isp using it. later dns hijacked occured.
My wallet got hacked by it. i lost about 700 usd of it.
now i am no longer using myetherwallet, time to use metamask or other more secure wallet.

i think it is not as safe for me because it is likely to be hacking at any  for me,so l ask you to use a different wallet because if you use a wallet you can read it at risk.all of you go ahead

Can you clue me into which statistics you are using to formulate this conclusion? If you're saying that this is something we cannot tell in terms of their technical sophistication, then what about the statistics should reflect any differently? Either they are more secure, or they are less secure. Even if they are more technically sophisticated, is it more likely that the Google DNS gets hacked or your ISP DNS? I would argue that it's Google's that is more likely, so in certain circumstances, such as this one security by obscurity may be of higher value than other aspects for the simple fact that you will not fall into the targeted-zone of attack. As you said, there is high reward for this sort of thing, but in regular ISPs DNS there is little to gain, so unless you are causing yourself to be targeted you can bet that you won't be.

You say that it is pretty clear what you mean, but there are multiple people that are unclear on exactly that so you are misleading yourself if you honestly believe that to be the case.

Yeah it is very risky. but i didn't think using a public dns is risky first, but after the hacking occurred on myetherwallet,
i realized it was risky indeed. Use your isp dns, it is safer than public dns.

100% true ,,some people want to learn the hard way

glad  i could help. if you do not have the funds /abiliry to get  a hardware wallet for now consider a paper wallet, or at least use a windows version and use 2FA.

stay away from web-based wallets ( where you use your browser, type in xxxx walet.com and enter your info ) that is the worst practice ever especially if you do not have a 2FA

you are most welcome . glad i could help.



nothing is 100% secured,but it's not bad as you make it sound. a bad apple ammong empoloyess won't be enough to compromise your PK. it's a little bit more secured than this


I think it is pretty clear that what i meant by saying that your ISP DNS is more secured than GOOGLE's is nothing technically related. it's something we can't tell, statistically google's DNS is more secured than many other's COMBINED.
but the fact that it's widely used, it's on hackers top list!.simply due to the reward!

Well thanks for your information. I gather much from you. I use multiple browser before and i found out that there will be a vulnerability on other browser can't name one but the safest browser i use is Google Chrome. I will buy hardware soon as soon as the bull market return then i will short  my funds.

you see the most secured things are those" unknown" things. the more a service is used the more people want to hack it because the reward is much bigger.

think about it this way. you transferring a million dollars in cash from your house to your friends.

you have 1 options to secure them.

1- Do not tell anyone about the money you transferring
2-Hire a SWAT team to protect you transfer the money


now option two may seem like a more secured choice but it really is not. just the fact that you allow people to know about the 1 million $ you transferring puts you in a big risk regardless of how much protection you have.

this thing applies to public DNS perfectly. even though Google pays probably 1000000x times more than most other DNS's for security, the fact the it's well known and so many people use it. it's  very seductive  to hackers,  who would waste time and effort trying to hack a local DNS that only a handful of people use?

and yes you are 100% right. people should stay away from web-based wallet.

I thought that was the primary point that OP was getting at when they were suggesting to use your ISP DNS over a public DNS like google. The sheer fact of obscurity is quite often enough to deter an attack, simply because you were not worth targeting. It certainly isn't a good strategy, but I was simply asking because this seemed to be equivalent to what they were suggesting.


Welp. That just leaves everyone pretty much open to an attack. We need better options on a large scale.

While this is something which is pretty smart, If you have some sort of 2FA setup with your wallet you're going to be fine. So if you do have some other precautions in place then you're going to be good to go. I would always recommend having 2fa with authy or google authenticator.

Though with the chance of losing your coins low due to DNS risk when simply using google dns servers (or someone like cloudflare) You're going to be saving a lot more time with using the other dns servers, which is going to have to be put into account when thinking of what dns server to use.s

This thread suggests that the ISP DNS server is the most secure. Most devices are pre-configured to use DHCP and that will automatically choose that server, so you don't necessary have to understand DNS for basic security.

Hardware wallets can be considered hot-wallets, as they are physically connected to an online device. But I get your point.

The summary of it all is that, we just need to continue to be more secure. I have read suggestions about how to go about being secure but it seems its not as simple for someone who is just an average user. A whole lot of people don't even know what DNS stands for and its importance in all of this or what the validity of the certificate stands for what is known is to launch a browser and sail with it to site you want to visit.

The simple answer and best recommendation is have an hardware wallet to store the coins. As the Internet continues to be less secure, the best is to operate outside the internet and only come online to use the wallet when its extremely important to do that.

I'm not really into hardware wallets either to be honest, all it takes is one bad apple among employees and your private key might be compromised.

I would not use a VPN for logging into web-wallets, unless Bitcoin (or related tech) is forbidden in your country. You have to consider that all requests go through the VPN server, that is especially dangerous when the connection is not well encrypted.

Invest in a hardware wallet, it worth it. When you are new to crypto and dont own much of it you might think it is foolish to pay 80-90$ for a wallet to store our coins in but remember how you would feel if you get hacked and lose your assets.
Its a good idea to use a separate laptop/pc just for your crypto trading/storing needs. Since it doesnt have to be a brand new one, just make sure its wiped clean and doesnt have any faulty hardware and use it only for your crypto assets, not for any other internet activities (movies, torrents, downloading etc etc....)

Not really. Picking an uncommonly used DNS is really just security by obscurity. You're not actually doing anything to be more secure against attacks, you're just reducing the chances of being attacked. Kind of like how people MacOS is "safer" than Windows just by virtue of it being much less likely to get targeted.


It's not more protected. Google's isn't necessarily better either. Google's is just perceived to be better because most people trust that Google does their job in securing their DNS better than their respective ISPs. I don't know if that's true, of course, but if we go by the assumption that Google is better at security than your ISP, it would come down to a choice of "more likely to be attacked but more likely to fight them off", or "less likely to be attacked but less likely to fight them off". It's essentially hiding versus arming yourself. There's no clear winner that will always be better so you just have to decide for yourself.

I'm using a VPN too, is this safe enough?? (I'm not a tech savvy so i don't have any idea about this) Well, this makes me scared but thanks God my tokens are still safe out there, to be honest I'm just worried about MEW wallet, not exchange since I have enabled 2fa factor though it's not completely safe and bad way storing your crypto out there.

How about installing extensions such as EAL or MetaMask or Cryptonite as MEW wallet suggested, is this safe enough? in order to protect us from the DNS attack.