Topic: Why do people keep on getting hacked? (Read 1082 times)
To be safe. Keep a separate computer for bitcoin purposes only. With fresh os installation with bitcoin and antivirus only is installed. Do not install anything on this computer. Do not use this to browse the web other than very trusted website. Do not install java and flash and other plugins. Alt coins can be installed on vps.
is there still a chance getting hacked?
You don't own your Bitcoins. MtGox does.So you would first need to solve that
Is this the same hacked as people claim on facebook that their account got 'hacked'. It didn't get hacked, you got phished for being an idiot.
The chances of the exchange itself getting hacked is small,imo. Its the end user that is to blame for not keeping their systems clean,and obviously keeping sensitive information to yourself is paramount.
IMO social engineering is probably the biggest risk of all. You can cover some of your bases by using a linux OS, a strong password, not telling people you have bitcoins, etc. But I think if you were going to get hacked, a lot of times its going to come from social engineering. Its the easiest way "in". If you are sloppy and careless you are going to get hacked (talking at parties while drinking,leaving things around your dorm,etc). Ive been to two bitcoin meetings recently... a conference and a meetup and after both times I had several attacks on my email accounts. people trying to figure out my passwords. I didnt divulge any personal info except handing out my business cards!
BOTTOM LINE = Loose lips sink ships!
BOTTOM LINE = Loose lips sink ships!
They've been clicking on suspicious links and downloading weird shit and are trying to blame everything but themselves for the mistake.
is a safe password enough to not get hacked?
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
We are going to see more and more of this as time goes by. The number of noobs that are getting into bitcoin just keeps going up and up so we'll see more coins stolen. People don't like to hear that they are at fault, so the blame will fall on bitcoin and it will have a negative impact on bitcoin's reputation. But, yeah, rick pickings for thieves. Also opens up a door for those who can offer secure wallets. Unfortunately a lot of people have failed in that area so any newcomer will struggle to do it right.
I don't think most people are aware that they probably have had numerous Trojans on their computers. The Trojans are only discovered once something goes wrong (theft of accounts, data, money, etc). The general assumption is "I've never has a virus so why would I get one now?" I used to be like that, but not anymore.
is a safe password enough to not get hacked?
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
phishing is quite easy to avoid by using certificate-patrol.lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
keyloggers are quite easy to defeat by using keyscrambler.
Keyloggers come in 2 forms:
Hardware - which no software can protect you against - this comes in the form of a device physically sitting between your keyboard and computer
Software - depends on a lot of variables, but you should generally assume that if a malicious party has code running on your computer that it is completely compromised
Phishing is easy to avoid with a few simple precautions in most cases
To answer the more general point: proper information security is a hard problem, people make mistakes and private keys or exchange/wallet credentials leak to the bad guys
is a safe password enough to not get hacked?
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
We are going to see more and more of this as time goes by. The number of noobs that are getting into bitcoin just keeps going up and up so we'll see more coins stolen. People don't like to hear that they are at fault, so the blame will fall on bitcoin and it will have a negative impact on bitcoin's reputation. But, yeah, rich pickings for thieves. Also opens up a door for those who can offer secure wallets. Unfortunately a lot of people have failed in that area so any newcomer will struggle to do it right.
is a safe password enough to not get hacked?
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
phishing is quite easy to avoid by using certificate-patrol.lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
keyloggers are quite easy to defeat by using keyscrambler.
If you use a separate computer for all the wallets (BTC, LTC, PPC, etc.) you can simply keep it offline, right? So you NEVER connect(ed) it to the internet. As long you send it to the right address, everything is fine I guess. Is that correct?
A savings-only wallet can be offline/cold/paper and you can keep sending coins to it. A wallet that you regularly spend from needs to be online at the time you spend the coins.That's not the case if you use Armory (a Bitcoin client).
You can create an offline wallet which never needs to go online, yet you can still spend from it by creating transactions online (online computer with no private keys) and signing those transactions offline (offline computer which holds the private keys).
If you use a separate computer for all the wallets (BTC, LTC, PPC, etc.) you can simply keep it offline, right? So you NEVER connect(ed) it to the internet. As long you send it to the right address, everything is fine I guess. Is that correct?
A savings-only wallet can be offline/cold/paper and you can keep sending coins to it. A wallet that you regularly spend from needs to be online at the time you spend the coins.
If you use a separate computer for all the wallets (BTC, LTC, PPC, etc.) you can simply keep it offline, right? So you NEVER connect(ed) it to the internet. As long you send it to the right address, everything is fine I guess. Is that correct?
Never ever allow a trojan to be installed on the computer which is used to access your bitcoins. Otherwise your password security (and mail-based two-factor authentication) is just gone out the Windows. High password complexity does not help, most passwords (except for the really trivial stupid ones) aren't guessed but stolen.
The safest approach is to have a computer that is only being used for wallet stuff - no web browsing, no e-mail, no filesharing, if possible running a small and safe linux...
Onkel Paul
The safest approach is to have a computer that is only being used for wallet stuff - no web browsing, no e-mail, no filesharing, if possible running a small and safe linux...
Onkel Paul
is a safe password enough to not get hacked?
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
If you aren't the sole controller of your private keys, you don't have any bitcoins.
Do whatever is necessary to make sure you are the sole controller of your private keys.
Offline wallets. Paper wallets. Cold storage. M of N wallets. Multisig addresses.
There are many tools available. I like Armory myself.
is a safe password enough to not get hacked?
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
lets say you have an account on MTGOX with a password that contains big and small letters
extra keys and numbers and is over 20 caracters long
is there still a chance getting hacked?
(except phising,keyloggers)
Jump to: