How much do people fear key loggers?

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: italianMiner72 on October 11, 2017, 05:20:59 AM

Quote from: equator on October 11, 2017, 05:03:09 AM

Quote from: kubricktrader on October 08, 2017, 01:03:53 PM

Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.

Is this a serious risk?

How to use a wallet that solves this?

The best way of solving the problem is use the wallet on the machine where you dont use another things only use the wallet for it. So that if you got get any problem of key loggers as you wont be using any type of files and browser service.

this is exactly my approach
i setup a virtual machine when i have my wallets and i connect to network just when i need to send transaction or sync chain.
when i don't needt it, the VM is powered off..

If you have a keylogger, you would most likely also have some kind of malware, given that a lot of keylogger nowadays are now considered RAT. It is not secure to be using a VM with the wallet inside of it. A malware from your host machine could easily capture any keys or files from your VM.

elliottflz65

full member

Activity: 134

Merit: 147

As long as you do not download anything fishy and don't visit suspicious links then you can protect against them without the use of antivirus.

eternalgloom

legendary

Activity: 1792

Merit: 1283

This is not a real worry of mine, as I already do everything possible to avoid installing malware.
Usually it's through fault of the user that their computer gets infected, although a targeted attack is also possible, it's pretty unlikely.

Be wary of everything you download and never download something from an untrusted source.
Even Word or PDF documents can be infected, so also watch out for those.

If you really have to download something that could contain malware, run it in a sandbox or on a virtual machine.

It's also a good idea to install the NoScript plugin on your webbrowser and disable javascript.
I also never run Flash.

jituroych

member

Activity: 84

Merit: 10

i always do my private work on a separate machine on which i do not install or click any link and unknown software.
and yes i fear key loggers very much not just that trojans and viruses are also danger you can face.

TheUltraElite

legendary

Activity: 2898

Merit: 1253

So anyway, I applied as a merit source :)

The fact that security is a hoax is true and that one can always try everything to secure their stuff but still they will end up with losses from hackers. It is true that a hardware wallet is safer than a desktop or a web wallet. Again it is also true that keyloggers are there in your PC and mobile if you dont keep a proper antivirus and download stuff from every source in the web. What I have learnt from ethical hackers is that to keep the bitcoins safe the best thing to do is to create a paper wallet in an Arch Linux boot or CentOS boot which has been just created and never connected to the internet. That way the keys will be safe - but that is not userfriendly as well.

italianMiner72

hero member

Activity: 910

Merit: 511

Quote from: equator on October 11, 2017, 05:03:09 AM

Quote from: kubricktrader on October 08, 2017, 01:03:53 PM

Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.

Is this a serious risk?

How to use a wallet that solves this?

The best way of solving the problem is use the wallet on the machine where you dont use another things only use the wallet for it. So that if you got get any problem of key loggers as you wont be using any type of files and browser service.

this is exactly my approach
i setup a virtual machine when i have my wallets and i connect to network just when i need to send transaction or sync chain.
when i don't needt it, the VM is powered off..

equator

legendary

Activity: 1190

Merit: 1002

Quote from: kubricktrader on October 08, 2017, 01:03:53 PM

Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.

Is this a serious risk?

How to use a wallet that solves this?

The best way of solving the problem is use the wallet on the machine where you dont use another things only use the wallet for it. So that if you got get any problem of key loggers as you wont be using any type of files and browser service.

italianMiner72

hero member

Activity: 910

Merit: 511

Quote from: kubricktrader on October 08, 2017, 01:03:53 PM

Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.

Is this a serious risk?

How to use a wallet that solves this?

there are many tools to protect you data...
here some review about keylogger finder
https://www.geckoandfly.com/17868/best-free-keylogger-for-windows-mac-android-ios-to-monitor-your-kids-facebook/
https://www.raymond.cc/blog/free-and-simple-keylogger-to-monitor-keystrokes-in-windows/

Gotumoot

sr. member

Activity: 1372

Merit: 261

The key logger is a serious problem that really needs to be resolved. But how can it be solved now that anti-viruses are capable of overtaking and escape? Nothing is really safe now in the world and when you do not even know the computer you can definitely be robbed. So please do not download anything if you do not have enough knowledge about that because your download might be malware.

Casy

member

Activity: 149

Merit: 22

🔴🔵 FoxMixer.com 🔵🔴

Quote from: kubricktrader on October 08, 2017, 01:03:53 PM

Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.

Is this a serious risk?

How to use a wallet that solves this?

Actually, if your computer is infected, there is not much a wallet itself can do to solve it. The malware could hide on the system driver level, so the application in user space has no chance to detect it. If there are wallets that claim to be able to cope with it, it sounds suspicious to me.
The risk itself is quite serious, as there are many versions of malware around that are crypted by non widely known algorithms and by that they bypass a lot of AV scanners.
Problem is that a lot of this malware has special functionality to detect if a cryptocurrency wallet is installed and it filters the data to only capture this part.

In general, linux operating systems are not targeted that often. For high-volume transfer handling, I generally recommend using a dedicated machine that is set up from scratch, where only required software gets installed. Then, you can setup a firewall to only allow a specific process to communicate out of your machine. This should give you maximum security.

Better safe than sorry...

MFahad

hero member

Activity: 2506

Merit: 644

Eloncoin.org - Mars, here we come!

Quote from: kubricktrader on October 08, 2017, 01:03:53 PM

Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.

Is this a serious risk?

How to use a wallet that solves this?

Not a bit. Every keylogger is the direct result of a user doing something stupid. It is the one viral attack exploit that is always user installed or downloaded. I think it is just too simple for the hackers to deploy any other way, and it is used as a catch the bottom feeders last resort after the real hacking.

SiDtHeBeSt

full member

Activity: 420

Merit: 106

Keyloggers? well they're really very dangerous dude, with the help of keyloggers hackers can easily get to know any of the information on you computer. One should just not click on any suspicious links to prevent downloading any keyloggers, also keeping a good antivirus would help alot to protect from keyloggers

madwica

hero member

Activity: 714

Merit: 531

There are some statement that their fund are got stolen after they have transaction using their wallet who has a bitcoin inside, i think key logger is one of the reason why they got hacked. That is why i feel worried if i would be one of the victim of this kind of scam. Hoping that some developer could find a ways how to eliminate this thing to avoid increasing victim of hackers around the world.

HeRetiK

legendary

Activity: 3038

Merit: 2166

Playgram - The Telegram Casino

Quote from: SureLockLoans on October 09, 2017, 01:50:55 PM

Anti viruses only protect against known codes so really all they are doing is checking a database for known codes and then alerting you whenever they find a match and sometimes some of these programs will isolate or remove it automatically until you review it.

keyloggers are very much a threat. but is easily avoidable by not trusting external sources which do not have reputation. do not click on any links you dont trust and certainly dont download anything you do not trust.

That's the freaky part. If the attacker knows what they are doing and is only targeting a small group of people -- say, bitcointalk users -- they are likely able to infect you with a keylogger that doesn't trigger any common anti virus software as it's either hard to detect or has a yet unknown signature.

So in that regard not trusting external sources and suspicious links is probably an even better and more important defense than any anti virus software out there.

SureLockLoans

sr. member

Activity: 280

Merit: 250

Anti viruses only protect against known codes so really all they are doing is checking a database for known codes and then alerting you whenever they find a match and sometimes some of these programs will isolate or remove it automatically until you review it.

keyloggers are very much a threat. but is easily avoidable by not trusting external sources which do not have reputation. do not click on any links you dont trust and certainly dont download anything you do not trust.

Drnice

sr. member

Activity: 588

Merit: 251

Quote from: carlfebz2 on October 08, 2017, 01:48:09 PM

Quote from: kubricktrader on October 08, 2017, 01:03:53 PM

Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.

Is this a serious risk?

How to use a wallet that solves this?

Everything has risk and most people do really afraid of that keyloggers which they can easy stole up valuable information's which are related on your wallet or even on important emails but somehow this thing can be avoided if you do know how to set up things which would make you secure somehow into these threats.In terms on PC its really always recommended to have an Anti-virus so that pc would be clean on any malware or virus and you should always be prompt on downloading things on internet.

According to the little I read from this article, the Wikipedia of keystrokes (keyloggers) I don't think it gives a shit about any antivirus, if I didn't get it right, please anyone should put me through. Here is the link : https://en.m.wikipedia.org/wiki/Keystroke_logging

HeRetiK

legendary

Activity: 3038

Merit: 2166

Playgram - The Telegram Casino

Quote from: kubricktrader on October 08, 2017, 01:03:53 PM

Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.

Is this a serious risk?

How to use a wallet that solves this?

I would definitely take the dangers of keyloggers seriously.

That's why you get a hardware wallet such as the ledger in the first place. I'm not sure how much sense it makes to spread the risk among other wallets. I know Trezor supports multiple passphrases (leading to multiple accounts), Ledger should be able to do that as well. In the end that should be all the security you'll ever need.

Just don't forget to keep your seed phrase backup offline, on paper. Make a second seed phrase paper backup, stored in another, secure location. Then there's nothing you need to worry about (well, apart from the whole lot of other things that get compromised if you happen to have a keylogger on your system, that is).

BlueSword

newbie

Activity: 18

Merit: 0

Quote from: Thekool1s on October 09, 2017, 06:05:44 AM

I am trying to build an open source wallet which will use your fingerprint to encrypt the wallet.dat file, along with password and 2FA encryption, that will be one of the solutions.

I don't understand what threat model this is protecting against; can you please elaborate? If your OS is compromised with malware that can steal your encrypted wallet and your password, can't it just as easily steal your plaintext wallet after you decrypt it? Although hardware keyloggers that sit between the keyboard and the computer do exist, this requires an attacker to have physical access to your machine, and in that case you're basically screwed anyway.

Quote from: Thekool1s on October 09, 2017, 06:05:44 AM

Other than that your current best option is to get a windows copy from microsoft and do a brand new offline installation of windows

A fresh install of MS Windows is certainly more secure than an OEM install that is potentially compromised with crapware such as Superfish. But Windows itself still has a huge attack surface. Personally, I'd recommend a smaller, security-focused OS such as FreeBSD.

Quote from: Thekool1s on October 09, 2017, 06:05:44 AM

Don't use ISO files from the internet, they can be modified quiet easily.

Most ISOs have signed hashes that you can verify after downloading (e.g., https://www.freebsd.org/releases/11.1R/CHECKSUM.SHA256-FreeBSD-11.1-RELEASE-amd64.asc). Of course, this requires you to trust the public key that was used to sign the hash, but the chain of trust must be rooted somewhere.

Thekool1s

legendary

Activity: 1512

Merit: 1218

Change is in your hands

Quote from: kubricktrader on October 08, 2017, 01:03:53 PM

Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.

Is this a serious risk?

How to use a wallet that solves this?

This is the exact reason why need further encryption, I am trying to build an open source wallet which will use your fingerprint to encrypt the wallet.dat file, along with password and 2FA encryption, that will be one of the solutions. Other than that your current best option is to get a windows copy from microsoft and do a brand new offline installation of windows and never connect that pc to internet, That's the safest you can go. Also Don't use ISO files from the internet, they can be modified quiet easily.

HappyNonce

newbie

Activity: 33

Merit: 0

Just do everything on an offline machine. Who cares about keyloggers.

Topic: How much do people fear key loggers? (Read 1265 times)