Pages:
Author

Topic: How to lose your Bitcoins with CTRL-C CTRL-V - page 5. (Read 4427 times)

legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
December 16, 2019, 03:56:54 PM
#72
I have another suggestion which I already posted here:
KeePass is password manager but it's really helpful when it comes to save bitcoin addresses.
I made a simple setup just to test it and it works fine. see the pics below.
You can modify pretty much everything, and you can have it on a USB drive as well (there is a portable version).

What you do is just save as many keys as you want, then open a website or select a place where you want to type your key and go back to KeePass, right click the key you wnat and just click "AutoType". The address will be automatically written. No copy -paste.

The KeyPass is password protected, free, open-source and one of the top password managers. But if you don't trust a single password break point protection it's perfect for storing crypto addresses.
There are browser add-ons as well.

You can choose what to type, how to type and where to type it.
legendary
Activity: 2268
Merit: 18771
December 08, 2019, 04:17:37 AM
#71
The solution to this problem is really to avoid getting infected with malware. If your computer is infected with malware, and you are interacting with your coin, your coin is likely gone. Once you discover that your computer is infected, you should stop interacting with your coin via that computer and also stop using that computer.
Few people are going to willingly access their coins on a computer that they know is infected with malware. The idea is protect yourself against potential malware that you don't know you are infected with, and that's why hardware wallets are such a big improvement over software wallets as I said above. Even in the case of clipboard malware or malware which changes the address you are sending to a website as you describe, it can't change the address on the screen of your hardware wallet. As long as you double check the screen of your hardware wallet against the screen of your computer as described in this thread, then you won't lose your coins.


copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
November 29, 2019, 03:24:35 PM
#70
The solution to this problem is really to avoid getting infected with malware. If your computer is infected with malware, and you are interacting with your coin, your coin is likely gone. Once you discover that your computer is infected, you should stop interacting with your coin via that computer and also stop using that computer.

Some malware can change what is displayed on your computer. So if you paste/type a certain address, that address may be displayed on your screen, but the address transmitted to any website you are on would be changed. Even if you are taken to a second conformation page, the website may transmit the address that the malware changed to but your computer would display the original address that was on your screen. The same would apply if you received a confirmation email and read the email on the same computer that is infected.
legendary
Activity: 2268
Merit: 18771
November 29, 2019, 06:28:46 AM
#69
I am confusing to know how they record my data when I use a hardware wallet?
They can't. With a hardware wallet, your private keys do not leave the hardware wallet. Any transactions you make are generated on your computer, sent to your hardware wallet to be signed by the private key(s), and then the signed version returned to your computer to be broadcast. The whole point of a hardware wallet is that you can use it safely on any computer, even one infected with malware, without risk of losing your coins (provided you double check the addresses and amounts you have entered are correct).
legendary
Activity: 2366
Merit: 2054
November 29, 2019, 06:22:40 AM
#68
Your statement aware me, for example, when I copied my private key or seed into electrum they will be recorded and sent to the company.
I am confusing to know how they record my data when I use a hardware wallet?.
legendary
Activity: 2268
Merit: 18771
November 29, 2019, 06:04:36 AM
#67
-snip-
I'm afraid you are kidding yourself if you think changing those settings does anything at all to protect your privacy.

Have a look at the other articles I linked to in my post which you quoted. Even with all these settings turned off, even with telemetry, Cortana, monitoring, diagnostics, etc., turned off in services.msc and in gpedit.msc, even after installing third party tools designed to block these features, Windows 10 still monitors what you do and sends it back to Microsoft thousands of times a day. Sure, if you turn off "Typing Personalization", then your predictive suggestions might not be as relevant, but Windows will still be recording and sending back your keystrokes. They are still using your data, just not in a way you can see.

It's like when you turn off Location History in Google. Google still have a complete record of your entire location history, it's just that you can't see it anymore. It's an illusion of privacy, nothing more.
legendary
Activity: 2366
Merit: 2054
November 28, 2019, 09:36:38 PM
#66


Those article for old version on windows 10

I Try to Guide how to disable it on Windows 10 1903 Version

Settings >> Privacy

Inking & Typing Personalization



Diagnostics & feedback



Activity history



Setting >> system >> clipboard
Turn off clipboard


When We On a Clipboard, Copied anything will save on clipboard
legendary
Activity: 2268
Merit: 18771
November 13, 2019, 06:47:27 PM
#65
Don't forget to add the WebRTC
Yup, already disabled. Thanks.

always use the private browsing of Firefox as it gives you more protection it can remove all traces of your browsing activity and it can protect you from keyloggers and block websites from tracking your PC.
Although I auto-delete most cookies and history, removing all traces of browsing activity isn't high on my priority list since I use whole disk encryption, and no one else has access to my computer. I'm not sure private browsing will protect you from key loggers though.

it is likely you are browsing anonymously except for IP.
I only ever connect via VPN +/- Tor, so no IP concerns there. This set up doesn't make you anonymous, though. By changing all these things I'm very aware that I have a probably unique browser fingerprint. You have to go to extra steps to spoof what you can to blend back in to the crowd.
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
November 13, 2019, 06:15:41 PM
#64
I use a handful of add-ons, but they are all directed at doing what you are doing: Increasing privacy and security whilst decreasing tracking. Even if you are aiming for the "bare-bones", I would still recommend uBlock Origin, HTTPS Everywhere and Privacy Badger.

Don't forget to add the WebRTC which can block your chat, voice, and video from monitoring and always use the private browsing of Firefox as it gives you more protection it can remove all traces of your browsing activity and it can protect you from keyloggers and block websites from tracking your PC.

If you completely have these tools in your browser you have 99% secured and no leaks for your privacy it is likely you are browsing anonymously except for IP.
legendary
Activity: 2268
Merit: 18771
November 13, 2019, 08:40:01 AM
#63
I'm one of those types that don't use any add ons. Just the bare bones browser. Just two actually, the Tor browser (which is based on Firefox) and plain Firefox. I even go into the settings and disable a bunch of different things, don't save any history, don't save anything, and rearrange the icons to somewhat resemble some classic look.
I use a handful of add-ons, but they are all directed at doing what you are doing: Increasing privacy and security whilst decreasing tracking. Even if you are aiming for the "bare-bones", I would still recommend uBlock Origin, HTTPS Everywhere and Privacy Badger.

I'd be interested to know which settings you are changing in Firefox or Tor? Do you just mean the ones under Tools -> Settings, or anything more advanced? I have quite a list of things I change in about:config whenever I am installing/reinstalling Firefox or Tor, everything from limiting the Referer header to refusing/auto-deleting cookies, and I'm always on the lookout for any more changes I could be making.

I also use DDG as my default search engine, and occasionally searX if DDG isn't finding what I want. Startpage used to be good too, but was recently bought out by a company which tracks you to serve you targeted ads, so is now just a privacy-invading as Google.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
November 10, 2019, 03:55:06 PM
#62
there are a grand total of less than 10 good browser add ons. Anything else is not only unnecessary but also introduces unnecessary risk.

I'm one of those types that don't use any add ons. Just the bare bones browser. Just two actually, the Tor browser (which is based on Firefox) and plain Firefox. I even go into the settings and disable a bunch of different things, don't save any history, don't save anything, and rearrange the icons to somewhat resemble some classic look.

I got Firefox Focus on my android devices. Kinda a hassle since it doesn't remember anything after closing it, but good for taking a quick look at different sites or just finding out the answers to a couple of simple questions.

And yeah, default search engine is the duck, I delete everything else.

whereas the vast majority of online bitcoin payments are made through copying and pasting an address. It would be much easier to change the later than the former.

A lot go through so called bitcoin payment processors (bitpay / btcpay / clones), but that's still correct, you have to copy and paste to those addresses.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
November 10, 2019, 03:14:17 PM
#61
Right before opening this thread the first thing that came to my mind after reading the title is because of clipboard hijacking. This victim didn't double check the wallet address that he pasted and hit send right after. I think it is a lesson learn for the victim and also a loss of his bitcoin.
legendary
Activity: 2268
Merit: 18771
November 10, 2019, 12:15:55 PM
#60
I don't think it is too difficult to create a chrome extension that does this (disguised under something else of course).
It's an interesting thought. Certainly we know that people will download any old browser extension or mobile app without so much as a second thought, let alone actually spend time reviewing the code. We've seen people lose bitcoins due to downloading apps which give them a sparkly background or a new font on their keyboard, for crying out loud. The best defence against such a hypothetical attack is prevention; there are a grand total of less than 10 good browser add ons. Anything else is not only unnecessary but also introduces unnecessary risk.

If that's possible in a browser, I'd expect it to be exploited for banks first: there's much more money to get and they have much more users.
The vast majority of online banking payments are made through a secure payment processor, whereas the vast majority of online bitcoin payments are made through copying and pasting an address. It would be much easier to change the later than the former.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
November 10, 2019, 02:33:08 AM
#59
With enough care, this type of clipboard malware can be prevented. However, I am more concerned with the next type of malware that will change the address in the browser (source). For example, if you want deposit bitcoin to an exchange, the malware could change the address that the browser shows you to the attackers address. I don't think it is too difficult to create a chrome extension that does this (disguised under something else of course). You can compare the addresses (source and destination) and you will see no difference. How do you fight such an attack?
If that's possible in a browser, I'd expect it to be exploited for banks first: there's much more money to get and they have much more users.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
November 09, 2019, 11:53:23 PM
#58
Although your use case is highly improbable, there's counter measure for that too.
For example if you use Electrum, instead of pressing Send, you can press Preview and check there. Then Sign and Broadcast. If you go on this path there's no place they can change anything, no matter what.

For some reason, I almost always do this. Do a preview... invariably because I'm trying to adjust the fee all the time or tweaking the transaction to avoid using change or change addresses if my goal is to send everything.

That's another reason to always use the preview then before broadcasting. While you're at it, the more paranoid could use multi-sig with another computer / mobile device that also has Electrum, although that's more work to do.

I've only been infected once in my life (ok, a few times) but all those times can be attributed to carelessness.

Knowing that vanitygen / vanitysearch takes a long time with 5 or more character prefixes / suffixes, I find that checking BOTH the first 5 and last 5 are usually good enough. If some hacker / malware got on your system without you knowing and matched the first 5 and last 5 of the address you wanted to use, they must have targeted you specifically to generate that kind of address. Check your house and work place, they already bugged everything.
newbie
Activity: 14
Merit: 16
November 09, 2019, 06:07:31 PM
#57
With enough care, this type of clipboard malware can be prevented. However, I am more concerned with the next type of malware that will change the address in the browser (source). For example, if you want deposit bitcoin to an exchange, the malware could change the address that the browser shows you to the attackers address. I don't think it is too difficult to create a chrome extension that does this (disguised under something else of course). You can compare the addresses (source and destination) and you will see no difference. How do you fight such an attack?
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
November 08, 2019, 08:24:15 AM
#56
I took the computer to the store and ran the window software again. There was a lot of data lost
Although slightly off-topic here, you made 2 mistakes that could have been prevented:
1. You didn't make backups.
2. You shouldn't trust anyone else with your data.
jr. member
Activity: 43
Merit: 6
I'm AMA Hunter!
November 07, 2019, 10:10:33 PM
#55
I have encountered this case! I copied the address of a friend and pasted it into the deposit address. However, I have observed and found it unusual. I feel fortunate to have observed it! I tried to copy several times and it only shows someone's address. I took the computer to the store and ran the window software again. There was a lot of data lost
full member
Activity: 266
Merit: 214
Analist - Trader - Yazar
I can translate it too for the Romanian sub-forum.
Translating any topic is okay, as long as you give credits to the original post. So go ahead Smiley

Of course, thanks for your efforts.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I can translate it too for the Romanian sub-forum.
Translating any topic is okay, as long as you give credits to the original post. So go ahead Smiley
Pages:
Jump to: