Topic: SECURITY, Have you been a victim? How safe are your bitcoins? (Read 1709 times)

You are right but I see the normal windows user running in problems and loosing all data on their first try with any Linux, but again I suggest for windows the portable electrum and for linux you do this:

sudo apt-get install python-qt4 python-pip
and
sudo pip install https://download.electrum.org/2.6.4/Electrum-2.6.4.tar.gz

and have fun with a handy small good working wallet.

I didnt tested the OSX app yet - I dont like 2/3 apple signs on my machines
And no time or need for the android app - but I will test it soon.

Use electrum for the daily fun / needs with smaller amounts.

As Multisginature wallet you even can configure complexe rules, but in a very easy way.
For a club, clan, community, household etc. - shared money etc.

I do agree that Linux is relatively more safer than Windows OS but it's for more tech-savvy people that are not afraid to work with command line. I know that graphical environments for Linux have advanced a lot but still it's not for the average joe to fiddle with settings and modifications every other day to get things to work when with Windows 10 everything is ready right out of the box. And if you are a gamer you will have a hard time trying to run games on that. I think if you are serious with upping your online security you could dual-boot Linux and Windows on the same machine. Windows for your daily work and Linux when you are dealing with sensitive information prone to attack.

Thanks God, currently I am full safe , no one has tried to attack me till now, But I am afraiding, as there are a lot of people who are well expert in the field of bitcoin and they got hacked.

With the introduction of 2FA things got a lot better for the average user. We are not there but honestly i feel quite safe that a hacker needs to hack both my mail, account and phone to get to my money.

Yes. *nix or *nux is best for it.
But not all are in running some debian/ubuntu - even not in a desktop mode!  
(dont use S.U.s.E. - all I have to say about this...)

Anyways.
Run a multi-signature wallet - even the easy Electrum wallet can with the portable version!
You always will need n+1 keys (how much you want) but dont forget - if the rule is 2/3 then you need 2 of those keys or you never can open your own wallet again.

Best would be to use a hardware wallet (cold wallet) with verification on button press or touchpad for the big money.
And use a small wallet for collecting bitcoin (and transfering it to the big wallet) and load up the small wallet (electrum for example) on windows only with what you want to spend.

And maybe try MultiBitHD - I was not fine with it on windows but it has additional security features against some other wallets.

If you are really serious about security, first step is to avoid Windows. It is very, very weak and has a pile of vulnerabilities.

I had people "invading" my Windows OS and planting/modifying shortcuts without my consent. All I had to do was to connect to internet for that to happen.

Now, I use a Linux based operating system where no one can modify a thing as easy. Downloading external programs can be completely avoided if I wanted, on Windows they can be executed as soon as the download has finished (imagine if you authorized the download by accident).

There are no safe or idiot proof tips when you are using Windows. Then I won't waste my time giving you tips.

But if you use a Linux based operating system (Debian, Ubuntu, Mint) then all you should care about probably is:
  1.Avoid downloading programs from external sites, if you do make sure it is from a trusted source.
  2.Do not install countless extensions in your browser (install only what is absolutely necessary and if they're trusted), do not install modified browsers unless you know what you are doing.
  3.Do not install remote desktop client, if you do make sure your password is strong enough and shutdown the server when it is not needed.
  4.Use a decent password for both your root and user account, preferably different. Disable/Uninstall SSH server if it is not needed.
  5.Do not install or run any command someone told you on forum, chat, or whatever unless you are sure those commands are not evil.
  6.Backup your wallet regularly, use a password manager to make accounts with random and strong passwords and backup often and when needed. Do not repeat passwords across sites.
  7.Keep both local and online backups of critical files, make sure your backup is encrypted so only you can access it in case they are stolen. You never know when a natural disaster will occur and wipe your house.
  8.Avoid doing things via smartphone.

By following those simple rules I believe you are pretty safe and can sleep well at night.

I never lost a single penny to outside attacks using a Linux based operating system and by following simple rules above.

I have another safe option. Use Bread wallet. Keep the private key safe. Now transfer funds to your wallet.
Now uninstall it from iPhone. You're safe for sure.

The other advice was good, but the above is sort of a myth: well designed operating software doesn't need "anti-virus", the virus thing was just a symptom of the Microsoft software culture i.e. why bother fixing OS vulnerabilities when you can start an "anti-exploit software" industry all of it's own. A load of BS word-salad garbage, designed to fleece the consumer, in other words.

Nope. Cold wallets in the main. I keep peanuts on Mycelium and don't particularly care what happens to that. Nothing has so far. I gave up blockchain.info as I couldn't trust my own machines.

Your practices are really amazing.

But I have simple suggestion who live in village of developing countries :
Use a Desktop wallet,keep it safe from virus and unauthorized access. Keep the private key safe and then no one will ever able to hack it.

they should add 2fa to bitcoin client itself, other than the passphrase, some newbie put low effort into making  a good passphrase so for them it would be good to have an additional layer of security

A friend of mine got hacked a while ago, but he admitted to re-using passwords for different sites. He also used online services for email and those accounts were not protected with 2FA. You will get hacked, if you make the basic mistakes like this.

# Never re-use the same password for multiple sites.
# Use 2FA where available
# Store the majority of your coins offline and hide your private key.
# Buy a Hardware wallet for day to day payments.
# Update your AV software
# Use Virtual machines to test out new services or websites.

I hope these tips will be helpful to anyone reading this, it has worked for me thus far. ^smile^

Since you are using a 2FA no one can enter your wallet but you alone this is a great security that blockchain.info have.

highly secure I save bitcoin and keep it in wallet blockchain even I'm currently very trouble to try to enter. because I lost my cell phone where I had to use SMS verification. This makes the hacker could not enter also

So far I have been lucky enough to not become victim of any hack but just being lucky is not it, I take all the security measures to ensure my money remains safe and I think unless one becomes too careless, keeping your coins safe is not that big of a challenge and I am not talking about investing in hardware wallets, even the biggest volume of coins can be kept safe free if one knows how to.

But having said that, if you're running a service of some sort then it is a little different since you would then be dependent on some of your employees who may end up stealing themselves, as most recently happened with shapeshift.

When I first got into Bitcoin I looked for wallets on Google Play and found 2 that looked promising. Bitcoin wallet and Blockchain.info. I liked the UI of blockchain.info's app a little more so I used it over Bitcoin wallet (on Android). I bought BTC0.05 off of an exchange and within 24h it was stolen from my wallet. I didn't have any malware on my phone (I have an encrypted BlackBerry) and I hadn't set up 2FA because I was a newbie and didn't know how. I got robbed and went to blockchain.info for answers. I got useless generic information from them saying I must have malware, sorry this happened to you, nothing we can do etc.

Lesson learned. Luckily at the time it was about an $18CAD lesson for me. Never use an online wallet. They're so easily compromisible. I looked at the address that my funds were sent to and the person was constantly getting huge amounts of Bitcoins sent to their wallet, from what I can only assume were other victims.

What I do now is create paper wallets on a fresh OS. I use an Ubuntu Live USB. I'm 99.99999% guaranteed not to have a virus on the fresh OS, then I never import the private key until I need to spend the funds. I would highly recommend you look into paper wallets (cheap, relatively easy-to-use) or hardware wallets (expensive, but more practical for moving large amounts with ease and protection).

I've never used a hardware wallet because I don't have enough Bitcoins to store to make it worthwhile.

I sell Ubuntu Live USBs, if you're looking for an easy way to make very secure paper wallets, check out my thread here.

I never got any single satoshi stolen by hacking or security breaches, and I can't say I adopt the most hardcore security practices, I even leave Bitcoin in exchanges and online wallets.

Maybe the fact that I use Linux has something to do with it, also I don't install altcoin stuff

Yeah, I had a breach of my trust.  My trust got hacked by a green-trusted member and I got hit for 0.3 bitcoin.  I'M STILL NOT OVER IT BUT I'M GETTING THERE.

But as far as having my wallet hacked, or my account--no, not yet.  But there are tons of people here who've been victims, and even Mt. Gox and Cryptsy say they're victims of hacking.  That's up for debate but it definitely happens.  People here are going to tell you to make paper wallets and that's probably your safest bet.

i have never lost my bitcoin a bit or even my altcoin, to protect my pc i keep my antivirus up to date, installing 2factor auntheticator ,typed the password with screenkeyboard to protect our pass from keylogger, and so on, you must installing 2fauntheticator even though for spendable amount, and for big amount make sure to keep it safe on cold storage
the point is you have ultimate controll over your bitcoin

Even if you are a newbie, if you place your coins in cold storage, they are reasonably safe.
I use an electrum offline wallet and have not faced any issues so far.