Pages:
Author

Topic: Discussion: "Cybersecurity and Privacy" board + Poll (request v1) - page 4. (Read 3330 times)

legendary
Activity: 1708
Merit: 1048
If the Cybersecurity and Privacy board was added any time in the last 3 months after the situation with julerz12, maybe a post there (such as one explaining and emphasizing that all users should be using Linux over Windows) may have prevented the OP from being hacked.
That's very unlikely to happen. I wrote this years ago:
How to prevent this
1. Don't use Windows, but we both know you're not going to change that.
A more realistic suggestion would be to use a hardware wallet, but both julerz12 and Avirunes knew that already.

If people don't change behaviors, these problems will continue to arise! It doesn't matter what OS you use or whether or not you have a cold wallet, if your online browsing attitude continues carelessly, you may have these or other problems. Of course, using a more secure OS or using the cold wallet more may be less exposed to problems, but what really makes the difference is the overall behavior.

How are we going to change behaviors? This is difficult, but we are trying and warning.

You're right, however this post would be most accurate pre-2020's and just minding behavior (no matter how vigilant) is not entirely enough. The advancement of threats in the last couple of years has grown exponential. As I highlighted on Avirunes thread, attacks such as Reverse shell attacks can compromise your system just by you connecting to a website that might not even seem malicious. In this case, it is actually imperative that you're using a secure OS or else you are exposed at all times, even if you are using Windows and behaving with pre-existing knowledge and taking precautions. The fact is, Windows is absolutely not the OS to use for day-to-day activities let alone crypto activity, where coins can be very easily stolen.

My point being - We are at a stage now where minding behavior such as not downloading unknown files and blocking inbound connections via firewall are simply not enough. More steps are needed to prevent vulnerabilities from being exploited. It should be noted that this discussion only talks about cybersecurity as well, covering the base of privacy too is an entirely new discussion in itself.
legendary
Activity: 1862
Merit: 5154
**In BTC since 2013**
If the Cybersecurity and Privacy board was added any time in the last 3 months after the situation with julerz12, maybe a post there (such as one explaining and emphasizing that all users should be using Linux over Windows) may have prevented the OP from being hacked.
That's very unlikely to happen. I wrote this years ago:
How to prevent this
1. Don't use Windows, but we both know you're not going to change that.
A more realistic suggestion would be to use a hardware wallet, but both julerz12 and Avirunes knew that already.

If people don't change behaviors, these problems will continue to arise! It doesn't matter what OS you use or whether or not you have a cold wallet, if your online browsing attitude continues carelessly, you may have these or other problems. Of course, using a more secure OS or using the cold wallet more may be less exposed to problems, but what really makes the difference is the overall behavior.

How are we going to change behaviors? This is difficult, but we are trying and warning.



legendary
Activity: 1708
Merit: 1048
If the Cybersecurity and Privacy board was added any time in the last 3 months after the situation with julerz12, maybe a post there (such as one explaining and emphasizing that all users should be using Linux over Windows) may have prevented the OP from being hacked.
That's very unlikely to happen. I wrote this years ago:
How to prevent this
1. Don't use Windows, but we both know you're not going to change that.
A more realistic suggestion would be to use a hardware wallet, but both julerz12 and Avirunes knew that already.

You've referred to one sentence in a thread that is out of sight for a lot of the time. A detailed, well reasoned thread giving reason and proof as to why Windows is so dangerous paired with a detailed guide to switch to Linux might help to persuade those who are still using it to make the transition. A detailed thread would provide the ability to ask questions about making the change, inform people about why Windows is so dangerous and push them much more toward making a change. If this request is never attended to, I'll go ahead and make the thread myself. Though I would be much more motivated to post it in a section where it belongs instead of a board that anyone who doesn't consider themselves a beginner to Bitcoin itself (a lot of bitcointalk members I am sure) would never read.

I thoroughly believe that if this board was introduced around the time julerz12 was hacked, which was one of the prompts for this request, this guide would have been posted by myself or someone else and it is very possible that the scenario with Avirunes have a chance of being avoided.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
If the Cybersecurity and Privacy board was added any time in the last 3 months after the situation with julerz12, maybe a post there (such as one explaining and emphasizing that all users should be using Linux over Windows) may have prevented the OP from being hacked.
That's very unlikely to happen. I wrote this years ago:
How to prevent this
1. Don't use Windows, but we both know you're not going to change that.
A more realistic suggestion would be to use a hardware wallet, but both julerz12 and Avirunes knew that already.
legendary
Activity: 1708
Merit: 1048
On April 30 2023, Avirunes received a loan from shasan and was reportedly hacked of the whole amount lent (0.015 BTC, approx $450 USD market value). The hack shows a lot of similarities to the situation that occurred with julerz12, Avirunes was likely to have been infected with malware that was able to either grab the secret/seed phrase of the Electrum wallet, or sweep/send from the electrum wallet to the hackers address.

If the Cybersecurity and Privacy board was added any time in the last 3 months after the situation with julerz12, maybe a post there (such as one explaining and emphasizing that all users should be using Linux over Windows) may have prevented the OP from being hacked.

The Cybersecurity and Privacy board is becoming imperative for the safety of BitcoinTalk users as two incidents have now effected and caused damage to the BitcoinTalk economy.



Update May 01, 2023:
- Updated OP to include one call to action and necessary information relating to the request. Also cleaned and improved the look and layout of the thread for cleaner reading.
- Move past calls to action into the second post
legendary
Activity: 1708
Merit: 1048
The good news: Significantly less people are falling for ponzi schemes similar to BitConnect than in 2017:

Its good to see the crypto community getting matured and not falling to ponzi schemes anymore. Its time may be for ponzi schemes to change there strategy as existing ones are no longer getting success. On the other hand the community should be ready for new wave of frauds/ponzi.

Ponzis that aren't ponzis, aren't ponzis (if that makes sense Smiley). The strategy can't really be changed, just the face of it. They should change their strategy to just building legitimate products!

The bad news: Over $1.9 billion has been hacked or stolen from protocols and users during the first 7 months of 2022

This is an inherit feature of Bitcoin and can never be fixed. The weakest link in digital security of every entity is the human link. As long as humans are willing to make some mistakes, the hacking business will continue to exists. 

The non-refundable nature of transactions will never be fixed, sure, but that is not a downfall of Bitcoin nor is it a digital security issue. Strengthening each human link is one of the motivations toward the Cybersecurity & Privacy board. The more people that learn, the more people become strong enough to resist attacks. Even web administrators and smart contract developers could benefit from the cybersecurity part of the board. It might not be something that can be completely eliminated (unless security innovation beats hacking innovation) however it can be significantly be reduced...especially when you think about how many users still use flawed Microsoft and Apple products over how many people know about let alone use Linux.
hero member
Activity: 1120
Merit: 571
20BET - Premium Casino & Sportsbook
The good news: Significantly less people are falling for ponzi schemes similar to BitConnect than in 2017:

Its good to see the crypto community getting matured and not falling to ponzi schemes anymore. Its time may be for ponzi schemes to change there strategy as existing ones are no longer getting success. On the other hand the community should be ready for new wave of frauds/ponzi.

The bad news: Over $1.9 billion has been hacked or stolen from protocols and users during the first 7 months of 2022

This is an inherit feature of Bitcoin and can never be fixed. The weakest link in digital security of every entity is the human link. As long as humans are willing to make some mistakes, the hacking business will continue to exists. 
legendary
Activity: 1708
Merit: 1048
Theymos, enable us to increase our online armor and to help do the same for individuals who are otherwise vulnerable by adding the Cybersecurity & Privacy board!




This is a rather older article that I stumbled across recently however I believe that it highlights the shift from being a victim of deception (controllable by common sense, experience, reduced naivety, skepticism and/or wisdom) to being a victim of hacks - which is controllable only with exposure to knowledge. The majority of people don't have access to accurate information without looking for it, which is what I hope the Cybersecurity & Privacy board here on BitcoinTalk would achieve!

Source: https://edition.cnn.com/2022/08/16/tech/crypto-hack-rise-2022/index.html
The good news: Significantly less people are falling for ponzi schemes similar to BitConnect than in 2017:
Quote from: cnn
But there may be at least one silver lining in the report: The amount of money lost in cryptocurrency scams, such as the $2 billion dollar Ponzi scheme carried out by BitConnect founder Satish Kumbhani, was 65% less than the year prior as the falling value of crypto made it a less enticing investment opportunity for potential victims.
The bad news: Over $1.9 billion has been hacked or stolen from protocols and users during the first 7 months of 2022

Some more validation of the need for the Cybersecurity & Privacy board below.



As of March 2023, ransomware attacks are increasing
Source: https://www.ghacks.net/2023/04/22/ransomware-attacks-record-march/

Basic cybersecurity measures can very easily prevent the threat of non-targeted ransomware.



GDAC hot wallet hacked for $13 million

List of some recent exchange hacks: https://www.hedgewithcrypto.com/cryptocurrency-exchange-hacks/

The end-user could have easily prevented their exposure to centralized exchange hacks by not using them altogether or keeping their coins off-exchange unless they need to use the exchange (last resort, many alternatives out there nowadays).  




Some other non-crypto hacks in 2023 where the end-user may have been able to reduce their exposure if they were taking intermediate to advanced privacy measures:

Quote
April 10

Pizza Hut/KFC Data Breach: Yum! Brands, which owns fast food chains Pizza Hut, KFC, and Taco Bell, has informed a number of individuals that their personal data was exposed during a ransomware attack that took place in January of this year. The hospitality giant confirmed that names, driver's license, and ID card info was stolen. An investigation into whether the information has been used to commit fraud already is currently underway.

How risk for the end user could have been mitigated:
- Don't upload personal/sensitive information where you don't need to (why on earth would you upload a drivers license/ID card to these companies anyway?)
- Use non-identifiable information and a pre-paid debit card to make purchases, if possible.
- Don't trade your identity/privacy/payment information for convenience.

Quote
March 24

ChatGPT Data Leak: A bug found in ChatGPT's open-source library caused the chatbot to leak the personal data of customers, which included some credit card information and the titles of some chats they initiated.  “In the hours before we took ChatGPT offline,” OpenAI said after the incident, “it was possible for some users to see another active user’s first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date. Full credit card numbers were not exposed at any time.”

How risk for the end user could have been mitigated:
- Using PVA's to create a ChatGPT account in conjunction with a VPN/Proxy to make the data less/non-identifiable to the chatGPT user.

Quote
Chick-fil-A Data Breach: fast food chain Chick-fil-A is investigating “suspicious activity” linked to a select number of customer accounts. The company has published information on what customers should do if they notice suspicious activity on their accounts, and advised such customers to remove any stored payment methods on the account.

How risk could have been mitigated by the end user:
- Using a pre-paid debit card solution separate from the main bank account would allow the user to easily disable access to funds without effecting day to day life.

Quote
February 21

Activision Data Breach: Call of Duty makers Activision has suffered a data breach, with sensitive employee data and content schedules exfiltrated from the company's computer systems. Although the breach occurred in early December 2022, the company has only recently revealed this to the public. According to reports, an employee's credentials were obtained in a phishing attack and subsequently used to infiltrate the system.

Quote
Twitter Data Breach: Twitter users' data was continuously bought and sold on the dark web during 2022, and it seems 2023 is going to be no different. According to recent reports, a bank of email addresses belonging to around 200 million Twitter users is being sold on the dark web right now for as little as $2. Even though the flaw that led to this leak was fixed in January 2022, the data is still being leaked by various threat actors.

How risk for the end user could have been mitigated:
- Using a privacy-friendly, disposable email with non-identifiable information for the activision account to make the mistake of the employee of no concern for the end-user.

Quote
PayPal Data Breach: A letter sent to PayPal customers on January 18, 2023, says that on December 20, 2022, “unauthorized parties” were able to access PayPal customer accounts using stolen login credentials.

PayPal goes on to say that the company has “no information” regarding the misuse of this personal information or “any unauthorized transactions” on customer accounts and that there isn't any evidence that the customer credentials were stolen from PayPal's systems.

How risk could have been mitigated by the end user:
- Don't use paypal (there are many alternatives that serve the same purpose out there)

Quote
December 1

LastPass Data Breach: Password manager LastPass has told some customers that their information was accessed during a recent security breach. According to LastPass, however, no passwords were accessed by the intruder. This is not the first time LastPass has fallen victim to a breach of their systems this year – someone broke into their development environment in August, but again, no passwords were accessed.

How risk could have been mitigated by the end user:
- Using offline encryption methods on external storage to protect passwords instead of using supposedly "encrypted" and "secure" cloud storage services


Source: https://tech.co/news/data-breaches-updated-list
legendary
Activity: 1708
Merit: 1048
Since the demise of ChipMixer, users have begun to question lately about whether or not it is a wise move to participate in mixing signature campaigns, and if there are any risk to users who are being paid to have these services in their signatures around the forum, such as in this thread:
Participating in Mixer Signatures

BitcoinTalk staff were allegedly asked not to promote these services, raising more cause for concern:
staff were asked to stop advertising mixing services

Additionally, recent news has exposed that an unknown person or group (dubbed "LinkingLion") may be collecting IP addresses from Bitcoin nodes/users.

If the Cybersecurity & Privacy board were added, I would be almost certain that there would be a bountiful amount of knowledge and resources that would allow people to reduce their fears and take comfort in the measures that they are taking to keep their privacy from being compromised. The reasons for adding this board are only increasing by the day and I could bet that it would soon become a necessity if we want to help to assist the (unfortunately) wider, currently unaware/uninformed portion of the community in upholding their anonymity and privacy.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Bump.

Never forget this request.
hero member
Activity: 1120
Merit: 571
20BET - Premium Casino & Sportsbook
Great to see some more support! Congratulations on passing your exam WatChe. It sounds like you would be one of the many assets to the board if it were to be added Cool

Thanks a bunch.

Defiantly I will be there on cyber security board once it's created. Getting new board these days is not easy, we are also trying to get a local board for Pakistani community and thread is there but no success so far. But we are fully motivated and will keep reminding the administrator about our request. Same is required to create a separate thread for Cybersecurity. We may not get that in a week or two but keep this thread active.
https://bitcointalksearch.org/topic/request-new-local-board-for-pakistan-urdu-5430735
legendary
Activity: 1708
Merit: 1048
That's a good idea, we definitely need Cybersecurity and Privacy board, it will attract not only bitcoin enthusiasts but other people who are looking for enhanced security.
To be honest, we need structured WIKIs in each section too. For example, have a look at the wiki of buildapc subboard: Planning on building a computer but need some advice? This is the place to ask!
If you read and follow steps on this WIKI, you will understand what to consider when building a pc, when and where to buy components, how to assemble it and even more.

It will be amazing if we create similar wiki about bitcoin development, economics, etc. Since this thread is focused at cybersecurity and privacy, imagine how good it will be to have wiki on bitcointalk that will cover the information about:
1. Linux distros like TailsOS.
2. Browser Privacy
3. Tor and VPN
4. Information encryption including messages, videos, files, disk, etc.

If we create Cybersecurity and Privacy board with sticked Wiki thread and ombine all the information in Wiki thread, this will enlighten more people and will truly do amazing job for society.

I will support this idea of creating cyber security and privacy board since cybersecurity is a necessity these days. Most of us take security forgranted and embrace it only once we are hacked or experience any cyber security breach. All of us can contribute to cybersecurity according to our knowledge.
I recently cleared 'ISACA Cyber security' exam and can help ( to best of my knowledge) who is trying to pursue ISACA certification in cyber security.

I want to support this request, it is a subforum in my opinion useful for grouping these news or articles that have no place at the moment
in the end it seems like a sector destined to remain with smart working which has now become a normal thing

Great to see some more support! Congratulations on passing your exam WatChe. It sounds like you would be one of the many assets to the board if it were to be added Cool

Gave that a shot!...

Though on this day of March 06, 2023, we still have no Cybersecurity & Privacy board  Undecided

I'll ask him myself. It seemed to work for me last time.

Hopefully we get some feedback Smiley I hope that that new "no" vote was not him! If you receive any response, let us all know Cheesy
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Gave that a shot!...

Though on this day of March 06, 2023, we still have no Cybersecurity & Privacy board  Undecided

I'll ask him myself. It seemed to work for me last time.
legendary
Activity: 1862
Merit: 1327
I want to support this request, it is a subforum in my opinion useful for grouping these news or articles that have no place at the moment
in the end it seems like a sector destined to remain with smart working which has now become a normal thing
hero member
Activity: 1120
Merit: 571
20BET - Premium Casino & Sportsbook
That's a good idea, we definitely need Cybersecurity and Privacy board, it will attract not only bitcoin enthusiasts but other people who are looking for enhanced security.
To be honest, we need structured WIKIs in each section too. For example, have a look at the wiki of buildapc subboard: Planning on building a computer but need some advice? This is the place to ask!
If you read and follow steps on this WIKI, you will understand what to consider when building a pc, when and where to buy components, how to assemble it and even more.

It will be amazing if we create similar wiki about bitcoin development, economics, etc. Since this thread is focused at cybersecurity and privacy, imagine how good it will be to have wiki on bitcointalk that will cover the information about:
1. Linux distros like TailsOS.
2. Browser Privacy
3. Tor and VPN
4. Information encryption including messages, videos, files, disk, etc.

If we create Cybersecurity and Privacy board with sticked Wiki thread and ombine all the information in Wiki thread, this will enlighten more people and will truly do amazing job for society.

I will support this idea of creating cyber security and privacy board since cybersecurity is a necessity these days. Most of us take security forgranted and embrace it only once we are hacked or experience any cyber security breach. All of us can contribute to cybersecurity according to our knowledge.
I recently cleared 'ISACA Cyber security' exam and can help ( to best of my knowledge) who is trying to pursue ISACA certification in cyber security.
legendary
Activity: 1708
Merit: 1048
Despite the poll slowly gaining some new positive votes, the request seems to be stagnant. So far there has not been an official response from Theymos. I have sent another PM as of this message in the hopes for some feedback!


Attention, not overdoing the PM.

Sometimes these things take some time to have an answer. So we really have to wait with patience.  Wink

Definitely not over doing. I've only sent two PM's and I probably will not send another. Other supporters can in the future if they really feel like it Smiley I won't annoy him anymore Wink

So far, no response from theymos unfortunately guys. I guess no news can sometimes be good news though! Maybe it's in the works  Lips sealed

Maybe he's on holiday Wink so wait for a week or so and "Quote" the PM to him again in another reply. I had to do that like twice in order to get bitcoincleanup.com a factoid.


Gave that a shot!...

Though on this day of March 06, 2023, we still have no Cybersecurity & Privacy board  Undecided

legendary
Activity: 1862
Merit: 5154
**In BTC since 2013**
Despite the poll slowly gaining some new positive votes, the request seems to be stagnant. So far there has not been an official response from Theymos. I have sent another PM as of this message in the hopes for some feedback!


Attention, not overdoing the PM.

Sometimes these things take some time to have an answer. So we really have to wait with patience.  Wink
legendary
Activity: 1708
Merit: 1048
That's a good idea, we definitely need Cybersecurity and Privacy board, it will attract not only bitcoin enthusiasts but other people who are looking for enhanced security.
To be honest, we need structured WIKIs in each section too. For example, have a look at the wiki of buildapc subboard: Planning on building a computer but need some advice? This is the place to ask!
If you read and follow steps on this WIKI, you will understand what to consider when building a pc, when and where to buy components, how to assemble it and even more.

It will be amazing if we create similar wiki about bitcoin development, economics, etc. Since this thread is focused at cybersecurity and privacy, imagine how good it will be to have wiki on bitcointalk that will cover the information about:
1. Linux distros like TailsOS.
2. Browser Privacy
3. Tor and VPN
4. Information encryption including messages, videos, files, disk, etc.

If we create Cybersecurity and Privacy board with sticked Wiki thread and ombine all the information in Wiki thread, this will enlighten more people and will truly do amazing job for society.

Right on, very much with you on the wiki idea! I can't speak for the other boards but I am very sure that wiki(s) would naturally arise after the boards creation. Privacy is kind of limited as to how much you can know and apply, but Cybersecurity is extremely widespread. I can visualize a ton of information with this addition.

I am still very excited every time I see PowerGlove's snapshot of where the board might sit. I hope that it becomes a reality.

It's a yes from me. It would be nice to have a place to post about security/privacy topics (e.g. Tor, Tails, Qubes, Whonix, etc.) and help other members to improve their opsec and keep their BTC safe.

Right between B&H and Off-topic seems like a good spot:


hero member
Activity: 882
Merit: 792
Watch Bitcoin Documentary - https://t.ly/v0Nim
That's a good idea, we definitely need Cybersecurity and Privacy board, it will attract not only bitcoin enthusiasts but other people who are looking for enhanced security.
To be honest, we need structured WIKIs in each section too. For example, have a look at the wiki of buildapc subboard: Planning on building a computer but need some advice? This is the place to ask!
If you read and follow steps on this WIKI, you will understand what to consider when building a pc, when and where to buy components, how to assemble it and even more.

It will be amazing if we create similar wiki about bitcoin development, economics, etc. Since this thread is focused at cybersecurity and privacy, imagine how good it will be to have wiki on bitcointalk that will cover the information about:
1. Linux distros like TailsOS.
2. Browser Privacy
3. Tor and VPN
4. Information encryption including messages, videos, files, disk, etc.

If we create Cybersecurity and Privacy board with sticked Wiki thread and ombine all the information in Wiki thread, this will enlighten more people and will truly do amazing job for society.
legendary
Activity: 1708
Merit: 1048
Despite the poll slowly gaining some new positive votes, the request seems to be stagnant. So far there has not been an official response from Theymos. I have sent another PM as of this message in the hopes for some feedback!
Pages:
Jump to: