Topic: [EDU] Bitcoin Beginners Guide - page 3. (Read 5792 times)

You are welcome , both of you .
Also I just Updated the topic with more informations and I hope you found them useful aswell , I hope members still give more suggestions about things to add and if there is anything wrong on what I said feel free to correct it .

this is a nice EDU topic, well done.
the way that i like to protect my wallet is an offline wallet created in a secure linux environment and printing the keys on a piece of paper.

Thank you for these tutorials it was really easy to do when there were all these basic steps I am a user of windows 10 and I was actually really impressed when I saw tutorial for it

I just emailed their support team and I will post once I get a reply about those things . I read an interview between Qiran ( their CEO)and TechRepublic blog and on that time protection against Keylogging wasen't available so I'am not sure about now .

for what comes to KeePass , it's listed here : https://www.qfxsoftware.com/applications.htm so I assume it should be protected as should be

Yes. Keylogging hardware intercept the text before it goes into the system. Keyscramblers would not help at all.

Depending on the keyscrambler's features, it might not offer protection against clipboard logging. If you were to copy it to clipboard, the malware would be able to intercept it.

These things might be best installed in a sandbox, like sandboxie. Though i'm not sure how safe this software is nowadays. I mean usually security softwares are beaten, then the malware is beaten and so on. It's a ping-pong game... so i wonder if sandboxie is still a good protection.

What do you mean with "Keyscramblers does not protect against keylogging hardware"? You mean keyscrambler is useless or that it can't help when someone is using a hardware keylogger?

Would keyscrambler at least be secure against software attacks?

By the way... entering passwords with something like that is one thing. But using keepass? I mean you oft enough would have to copy the password in your clipboard. Or when you want to type you would need to type the pass for keepass anyway, then show the pass.

I wonder if there can be done much anyway.

SSL certs are surprisingly cheap at some sites, others charge a fortune.  But I received some more security training recently.   Replacing certs with ones that have wildcards are kinda scary to say the least.

If they get to the point they are replacing your certs though chances are they have your pc pretty much compromised.   And it most likely is keylogging along with many other things.

You should really dedicate a computer to making your private key if your going to do it.  A fresh install of OS with scans of virus/malware after.   And I would blow OS away after making cold storage.   I would be over cautious myself.

Currently my main side project is learning Radio Frequency security better.   Still have a way's to go fun with it being new though.

Yes thank you for all the support guys .
I will try to update this topic as soon as possible so no worries I will keep adding a lot of things daily and I'am still to open to suggestions (ty litecoinguy & shorena)

thx for the thread but a good antivirus program would be good too.

i run several security programs with no problems.

but the average joe will not do that. he will always install "free games" and "bitcoin-generators" = maleware. you have do use something that is even safe on a compromised pc - like a hardware wallet (Trezor).

The problem is: if microsoft can do it, others might be able to do it as well. E.g. microsoft does not use certificate pinning[1] for the transfer of your sensitive data. It might be possible for someone to replace the SSL cert by another one and sniff the data on the way.

Hardware becomes a problem in that regard as well. Which is a very disturbing development.


I agree that downloading suspicious files is a big problem. I could also add a variety of things OP might want to add, but instead I will just leave you with this[2] paper. I think it will give OmegaStarScream a few ideas how to improve this further. I like the thread btw.

[1] http://security.stackexchange.com/questions/29988/what-is-certificate-pinning
[2] https://www.usenix.org/system/files/conference/soups2015/soups15-paper-ion.pdf

thank you for all this information, i recently installed windows 10 on my pc and im really happy that i saw the method for it, will definitely do it as soon as possible

Keyscramblers does not protect against keylogging hardware so its not an option if people have access to your computer. Majority of the virus does not get detected and most antivirus would be useless here. The best way is to not download any suspicious files or go to any suspicious website. A RAT can easily automatically send your money when you unlock your wallet. As most unconfirmed transactions are irreversible, it would be quite dangerous.

I know that but you can't know if your private keys gets on the wrong hands also having our privacy is our right and this tutorial isn't only for Windows 10 as you can see the first two softwares all for all users (even for those who use Windows 10)

well i doubt microsoft will ever steal your wallet, so your bitcoin are safe anyway with windows 10, i could be wrong but weren't the old windows version running something similar inside the kernel, hard coded?
because i doubt that they were 100% anti-privacy free, maybe only the first version like windows 3.1, 95 and 98, and perhaps xp, also i remember that in the cpu, intel installed something that can send them info

I'am not an expert on those stuff to be honest but I will share with beginners and newbies around the forum what I know about this matter and anyone who have any suggestion that I should add to this topic have to let me know and I will do it .

I will try to keep this thread updated as I can and add always new stuff .

Things you should consider doing to start :

• Most , if not all websites related to Bitcoin are known here on the Bitcointalk community , if you are going to use a website (new for you) then make sure to search for it on Bitcointalk before doing anything .
• Don't use any of the websites listed here :  [EDU] Bitcoin-related Scam Websites  .
• Never store your Bitcoins on an exchange for a long time , once you do the exchange withraw to your real wallet .
• If you are planning to use online Web or Smartphones wallet then you should use BlockTrail.com instead of Blockchain wallet because It's more secure [Two-Factor authentification , HD & it's Multi signature] .
• If you are planning to use Desktop wallet for your PC then Electrum should be the best choice for you because you will have 13 words seed which can be used to recover your wallet incase of a computer failure . (print it and keep it safe)
• Always make sure to use Two-Factor Authentication in your wallets [Both Electrum & BlockTrail.com wallets support that]
  

How to Protect your wallet :

• Use Adblock plus Chrome Plugin - Firefox plugin - Opera Plugin -
• Disable Adobe Flash Player Chrome - Firefox - Opera  |  Why should I disable it ? | YouTube and simillar famous websites can use HTML5 which is more secure then Flash player.
• Always make sure that your Anti-Virus/Malware is updated .
• Don't click on random URL's - Example : Hacked account spreading malware - syahrere
• Do not download any wallets that they are not listed here Bitcoin.org - Choose your wallet
• Most important of all : There is no such a thing like Bitcoin Generator , Do NOT download and run unkown source files.

Softwares needed :


Use one of the following programs (choose between 1 and 2) :

1.Malwarebytes Anti-Malware : Malwarebytes - Download Link
Most of you know Malwarebytes and how good this software is it , in case you are visiting a phishing/malicious website this software will most likely block it , same goes for any executables .

2.Hitman Pro : HitmanPro - Download link
Same goes HitmanPro it's another famous anti malware that people use however it have somethings that may makes you feel uncomfortable like scan only using the internet so if you don't have internet you may not be able to scan .

---

KeyScrambler : KeyScrambler - Download Link

KeyScrambler encrypts every key you type deep in the Windows kernel. It protects your private info against known and unknown keylogging malware on millions of websites and in hundreds of essential apps.
If you are afraid that you have Keylogger on your PC then this is definitly for you , note that this software support a lot of application including Bitcoin wallets  & check this KeyScrambler - Different versions

---

BitDefender : BitDefender [Total Security] - Download Link

BitDefender is considered as one of the best Anti-virus around and also won few awards in the last few years ! Yes more security always helps even while you are using KeyScrambler and Malwarebytes on the same time .
Key : BHKIYB3  [I found this key on the internet and it worked just fine for me , it gives you more then 1 Year subscription]



Windows 10 Users :

Updated : 4 October 2015 (Whoever downloaded the tool before that , should redownload it once again)

We all know how our privacy got screwed on this version of Windows 10 . Yes Microsoft do have a keylogger on your PC and I'am not sure how sophisticated is it and since it's on the Operating it self I'am not sure about the power of KeyScrambler on this matter .

As you can see on the picture above , this software allow you to disable all tracking made by Microsoft on Windows 10 .
HowTo & Source code : DisableWinTracking

DisableWinTracking is not made by a company or anything it's made by an individual and since I don't know Python I'am not sure how safe is it but since it's open source I'am sure that people can check it and see how legit it is .








I guess that's it , as I said on the top of the topic I'am not an expert and english is not my native language so I'am trying ...
Feel free to post any suggestions that should be added .

for what comes to KeyScrambler some of you will say that we need Premium version to get full support for Bitcoin wallets . Well, Indeed you have to to buy a licence
I got an email and code from a friend and I'am using the Premium just fine and I guess you can use it more then once and on more then one PC but since some of your countries don't allow that etc ... idk