A Simple Security Guide for Avoiding Online Attacks
Today, the most appreciated themes on Bitcoin forums are the security related ones. Many people write their thoughts about how to protect private data from government, hackers and, sometimes business competitors. Let’s discover what can you do to prevent different bad people from stealing your personal data or bitcoins.
Also read: ItBit and TradeBlock: Blockchains and Big Data
3 Layers of Personal Security
It isn’t so dangerous to visit the internet these days, but users still risk losing valuable assets each time the browse. Internet security includes three major levels:
- Physical: how well-protected are your computer hardware and accessories?
- Software: how much encryption do you use, how good is your antivirus, which OS do you have installed?
- Online: which sites do you visit? What online services do you use? What data do you leave there?
Let’s examine your “Internet Visiting System” and discover if it has any security holes.
Physical Level of Security
On this level, we will check if we have everything needed for physical safety. Here is a standard list of what you should and shouldn’t do or have near your home PC:
- A USB flash drive with a minimum of 4 Gb of memory
- An installation image of any Linux distribution (and another one with any Windows distribution) on a USB flash drive or a CD
- If you have a printer, make sure it’s not connected to the Internet, has password protection, and can’t store and resend your documents after printing
- Use your WiFi spot, don’t trust your neighbors or public hotspots
- Notebook cameras and standard webcams should be covered when not in use
- Don’t underestimate the Kensington lock — especially when in a company office
- Never work near windows in positions where your monitor(s) can be seen from outside. Also try to avoid bringing any unnecessary attention from your friends and neighbors to what you do with your PC.
- If you have a large or secret business, don’t invite suspicious guests in a room with your computer
- Don’t use somebody else’s USB flash drives with your PC
- When you buy new things like larges TVs or news computers, make sure no one sees the boxes from them; hide them somewhere or destroy them before disposal.
USB flash drives are important for storing valuable data, including bitcoin wallets, files containing books, music, or films created by you, your company’s secret documents, and off-the-book accounting.
Installation images are valuable while reinstalling or fixing systems and managing files and partitions on your hard drives. Learn how to use programs like Gparted because they might be useful someday. Also, it’s better to use Linux systems instead of Windows, details about why can be found below.
Software Level of Security
Software integrity is key to your computer’s security. Don’t let someone else rule your machine.
PGP encryption
It’s a big laugh to watch politicians talking on TV about scary terrorists using PGP encryption. When they do so, all they are really saying is that people can use PGP to have full control over what they post on the web. But the funniest thing is that many normal people use it in real life for pretty peaceful purposes.
Encryption can save your life some day, and this is not a joke. While using encryption, you can protect your emails from being read and your files from being stolen. To protect your e-mail, learn to use PGP on your system; this won’t take more that 1 to 2 hours or days, depending on your level of knowledge. Here are some tips on using encryption in various ways to help you get the hang of it faster.
Windows
You can learn how to set up and use encryption on your Windows PC in this EFF article.
Also, you may want to try TrueCrypt 7.1a. This version is the last 100% safe iteration of TrueCrypt; the project itself is closed, and version 7.2 only deals with decrypting old files. Although the official site says the software has security issues, independent auditors say the code works perfectly.
Linux
Use your pre-installed GnuPG module through console commands or Kleopatra interface (native in Linux Mint KDE editions). You also can use a Geany text editor for programmers to write and encrypt, decrypt, and sign letters by accessing encryption in “GeanyPG” under the ”Tools” menu. Before using GeanyPG, you must set your encryption correctly.
To set up your PG encryption in ordinary e-mail account, please read this EFF article.
Mac
You can use this EFF article.
Mobile OS
Any mobile smartphone has security problems that may cause you to lose all your coins. For example, this Android security issue made all the wallets generated by Android wallet apps vulnerable to theft. Also, read this CNN article to learn how hackers can break into your mobile phone with a single SMS, or turn on your camera without you noticing.
You cant set everything to work in a safe, encrypted way. When encryption isn’t possible, just be careful with what you install on your phone. Try not to install suspicious software, or apps from sites you can’t trust. Additionally, change your phone’s passwords at least once a month.
OTR Encryption for Chatting
If you wish to use encrypted chat, then XMPP technology might be the best choice for you. Try installing Psi+ client or Pidgin and use OTR plug-ins. Check here for more info.
Antivirus
Any computer user should use antivirus. Take note of the most lightweight and fast firewall, like COMODO or Outpost (you can choose any firewall you like), and combine it with light antivirus software. You can also use complex solutions like Dr.Web Security Space. Keep in mind though, that using antivirus does not mean you have 100% protection. Antivirus will guard your PC from a wide range of viruses from the Internet, but its still just a program and can have issues.
Online Level of Security
Firewalls are a good method of online security for Windows users. Linux users also can find one or two firewalls in the Program Manager. But what else should you do to strengthen your online presence?
Passwords
Passwords should be in the forefront of your online security plan. Here are some basic tips for password security:
- Make sure you don’t use simple passwords on user profiles. Even setting a middle-strength password can prevent many hackers from stealing your personal data
- Dedicate a special partition on your hard drive (remember Gparted?) to store your valuable data and encrypt it (remember TrueCrypt?).
- Important rule: don’t ever take any screenshots or photos with seed keys or any other private information! These pictures can be stolen in 1 to 2 mins!
Invent the Password Creating Algorithm
If you have many accounts on many sites, you need to invent an easy way to manage your the passwords. Of course, there are tons of extensions and apps for browsers that allow users to store their passwords, but these services get hacked from time to time. So, it’s better to use your brain for storing passwords by and invent your own “Password Creating Algorithm.”
The Password Creating Algorithm is a logical method of mentally generating passwords in a quick and secured way. One way of doing this is by making a password that describes a website’s notable features like logo, colors and slogans. Also remember to alternate between upper and lower case, a well as adding numbers and symbols.
Another way to create secure passwords is by taking a set of numbers and mixing it with words written backwards. If you speak English in addition to your native language, you can also write words of your native tongue with the English alphabet. If you have a 2-language keyboard, you have almost unlimited possibilities.
Turn Your Browser Into a Fortress
The best choice for safe web browsing is TOR; Firefox with extensions is also a great option. If you’re a fan of a very fast browsing, you also can equip your Opera browser with some useful security extensions.
These extensions are important because they allow you to have control over what happens to your browser when you visit a website. Most sites use cookies, and while they usually do benign things like storing session data, your shopping cart contents, and theme settings, they can also be used to collect your private data or track your activity across the web.
Here are some good extensions to help with browser privacy in Firefox (Opera usually has analogs):
- AdBlock Plus: This tool cuts out online ads. You can use its menu to choose what kind of ads you would like to block.
- SelfDestructingCookies: This tool makes all your unnecessary, long-living cookies to self-destruct after closing that site’s tab.
- Ghostery: Become invisible on the web!
- NoScript: A brilliant extension that blocks all the scripts on a page. You can manage the tool’s restriction policy on its menu. Only allow the scripts that are used by the site you are actually visiting, and avoid those provided by third-parties like Facebook, vkontakte and Yahoo.
- Zen Mate: The easiest way to use a light proxy to avoid local web restrictions (like in China or Russia).
Don’t Rely on HTTPS/SSL
HTTPS isn’t 100% secure, you can read why the details in this article. The only way to surf in full anonymity is to install TOR and buy a good VPN service. A list of trustworthy VPN providers can be seen here.
Run Your Bitcoin Wallet Through the TOR Network
Simply open Network settings of your favorite wallet and set:
- Proxy: SOCKS4 or SOCKS5 (preferred),
- IP Proxy: 127.0.0.1 (or ”localhost”)
- Port: 9150
That’s it! Your Bitcoin wallet will now only work if the Tor Network is available. Don’t forget to turn it on before running the wallet.
Don’t Underestimate Hackers with Social Super-Powers
Hackers could get information about you and your tight wallet from anywhere in the web. Don’t trust people on the web and don’t share any unnecessary info about your crypto-assets via social networks, chats, polls and web forms. Everything is transparent on the web; if you post a picture there, you might as well put it on every large billboard on the planet. It’s easy to track someone’s digital activity, even without being a secret agent.
Don’t Rely Solely on 2FA Apps
Two-factor-authentication is fine, but don’t forget to cover your associated e-mail with a strong password. Otherwise, a hacker can break your e-mail and fool the support desk of 2FA service you use. If a hacker controls your e-mail, he essentially controls your online identity. By simply writing to the support department of a certain site or service, a hacker can convince company staff that he or she is you. If successful, the hacker can change your phone number to his own, and your e-mail too.
Use Unhackable E-Mail Services with PGP Encryption
Regular e-mail is also vulnerable to inner intervention. Employees of your email service’s host company can access your account. However, most of the time companies use this ability to analyze keywords within your e-mails and drop some related ads on your mailbox page — annoying, but not dangerous.
If you’re tired of ”context ads” and corporate rats lurking in the backyard of your virtual post office, use free and encrypted e-mail services like ProtonMail or Tutanota. There is no such thing as a 100% secured system, but those guys are mad about hardcore e-mail encryption. While using services like these, with a support of the inner encryption, you can be confident about your privacy. Even if a ProtonMail or Tutanota worker tries to steal your e-mails, he will only get an unreadable encrypted text. The architecture of this kind of services leaves you without many shiny features available in ordinary mail services, but this is necessary to provide you with a fully encrypted e-mailing mechanism. If you feel you need a good privacy solution for your company or personal use, consider having an e-mail on these two leading platforms.
Have any questions or suggestions about online privacy? Let us know in the comments below!
Images courtesy of
The tips in this article are not necessarily endorsed by Bitcoin.com. Use at your own risk.
