Bitcoin Forum

Local => Pilipinas => Topic started by: mk4 on January 06, 2020, 06:09:45 AM



Title: ❗ [Security] Iwasang Gumamit ng Custodial Wallets, at iba pang Security Tips
Post by: mk4 on January 06, 2020, 06:09:45 AM
Alam ko, mejo naging paulit ulit na ang pag sabi ng mga tao about this, pero naisip kong kailangan ko ulit ipaalala ito after ko nabasa tong post na to: https://bitcointalk.org/index.php?topic=5215173

Please. 2020 na. Spend a bit more effort into learning about the kinds of wallets at kung ano risks nila. Kahit gawin niyo na tong New Year's resolution niyo. Unfortunately, kahit sa sobrang daming tao na ang na sscam at nahahack since nung nag simula ang Bitcoin, wala parin masyadong nakikinig sa payo na "NOT YOUR KEYS, NOT YOUR COINS". Pag hindi mo ginagamit ung coins na pangtrade, walang rason para mag iwan ng funds sa custodial wallets at exchanges.

And yes, ang Coins.ph ay under custodial wallet/exchange.

By storing your funds sa custodial wallets at exchanges, eto ang ilan sa mga risks:

  • Pag nahack ung custodial wallet or exchange, paktay ka.
  • Pwedeng i-lock ang custodial wallet or exchange account mo for whatever reason, and sometimes sobrang hirap mag gain back ng access.
  • Sim swap attacks: https://hackernoon.com/my-sim-swap-attack-how-i-almost-lost-dollar71k-and-how-to-prevent-it-tj39q3aju
  • Enforced unnecessary KYC
  • etc

Question: "Pero.. hindi pa naman nahahack ang Coins.ph ah? Safe naman ata tong wallet/exchange na to.."

- oo. "unhacked" rin naman ung Bitfinex at MtGox dati at some point diba? Tingin rin ng mga tao sobrang safe tong mga platforms na to. Pero anong nangyari? Nawala ung mga bitcoin ng mga tao na naka store sa exchanges na to. Props to Coins.ph sa pagbigay ng magandang serbisyo saatin, pero always remember na ang mga exchanges ay mainit na target ng mga hackers dahil marami silang pwedeng makuha pag naging successful sila sa paghack nito. Wag na nating hintayin na mahack ang Coins.ph bago tayo matuto.



Security Tips:

1. Wag submit lang ng submit ng personal information sa kung ano anong website.

2. Gumamit ng iba ibang password sa lahat ng online accounts, preferably, with 40+ characters. Para hindi mahirapan, gumamit ng reputable na password manager gaya ng KeePass (https://keepass.info/) at Bitwarden (https://bitwarden.com/). Also, sigaraduhing secure ang master password ng password manager mo.

3. Palitan ang passwords, lalo na ung mga finance related accounts, every few months or so.

4. Gumamit ng Linux operating system instead of Windows, para ma-decrease ang chances nagkaroon ng malware/virus ang computer mo. For beginners, go with Ubuntu (https://ubuntu.com/) or Linux Mint (https://linuxmint.com/).

5. I-check ang email addresses sa haveibeenpwned.com (https://haveibeenpwned.com/) once in a while.



Reading materials:
  • [General] Bitcoin Wallets - Which, what, why?: https://bitcointalk.org/index.php?topic=1631151.0
  • Bitcoin & Cryptocurrency Wallets: The Definitive Guide: https://cryptosec.info/cryptocurrency-wallets/
  • BITCOIN SECURITY & RESOURCES: https://www.lopp.net/bitcoin-information/security.html

Ilang noob-friendly non-custodial wallets

  • Software wallets: BRD (https://brd.com/) | Electrum (https://electrum.org/#home) | Mycelium (https://wallet.mycelium.com/)
  • Hardware wallets: Ledger (https://ledger.com/) | Trezor (https://trezor.io/) | ColdCard (https://coldcardwallet.com)



NOT YOUR KEYS, NOT YOUR COINS


Title: Re: Reminder: WAG MAG IIWAN NG COINS SA CUSTODIAL WALLETS & EXCHANGES
Post by: Ailmand on January 06, 2020, 06:27:57 AM
Salamat sa paalala. Dati halos lahat ng pondo ko nakatabi sa coins.ph dahil ito ang pinaka trusted na site sa Pilipinas. Simula ng nagkaroon ako ng ledger dito ko na tinatabi lahat ng iniipon kong bitcoin. Mas maigi na ang secured ang pondo kaysa mailagay sa risk ang pinaghirapan ipuning bitcoin.


Title: Re: Reminder: WAG MAG IIWAN NG COINS SA CUSTODIAL WALLETS & EXCHANGES
Post by: mk4 on January 06, 2020, 06:51:15 AM
Salamat sa paalala. Dati halos lahat ng pondo ko nakatabi sa coins.ph dahil ito ang pinaka trusted na site sa Pilipinas. Simula ng nagkaroon ako ng ledger dito ko na tinatabi lahat ng iniipon kong bitcoin. Mas maigi na ang secured ang pondo kaysa mailagay sa risk ang pinaghirapan ipuning bitcoin.

Since may Ledger hardware wallet ka na, mukhang hindi mo na kailangan ng paalala. :P

Ang kelangan mo lang gawin ay i-secure ang 24-word seed mo offline, iwasan ang $5 wrench attacks[1], and good to go ka na. Happy hodling!


[1] https://bitcointalk.org/index.php?topic=5183760


Title: Re: Reminder: WAG MAG IIWAN NG COINS SA CUSTODIAL WALLETS & EXCHANGES
Post by: Edraket31 on January 06, 2020, 06:51:30 AM
Tama lang po na paulit ulit nating paalalahanan dahil madami din pong mga newbies dito na hindi pa aware sa mga ganito kaya malaking tulong din sa kanila to.

For me, hindi na din ako nagiiwan ng pera sa coins.ph, more on pang load lang or pag need to pay bills nagiipon saglit then doon ako magbabayad ng aking bills, pero hindi din ako dun naghohold ng crypto doon.


Title: Re: Reminder: WAG MAG IIWAN NG COINS SA CUSTODIAL WALLETS & EXCHANGES
Post by: Bttzed03 on January 06, 2020, 07:22:03 AM
Question: "Pero.. hindi pa naman nahahack ang Coins.ph ah? Safe naman ata tong wallet/exchange na to.."
- oo. "unhacked" rin naman ung Bitfinex at MtGox dati diba? Tingin rin ng mga tao sobrang safe tong mga platforms na to. Pero anong nangyari? Nawala ung mga bitcoin ng mga tao na naka store sa exchanges na to. Wag niyo na hintayin na mahack ang Coins.ph bago tayo matuto.
Another argument na sinasabi ng mga custodial wallets users ay kapag na-hack ang wallet like coinsph ay mare-refund naman daw sila hindi kagaya kapag na-compromised yung non-custodial wallet nila. Well, kagaya din dun sa Mt. Gox, ilang taon na ang inabot pero marami pa din ang naghihintay maibalik pera nila. Ganun din case nung sa Cryptopia although last year lang na-hack.



~
Simula ng nagkaroon ako ng ledger dito ko na tinatabi lahat ng iniipon kong bitcoin.
Maliban sa $5 wrench attacks na binanggit ni mjglqw, huwag mong i-access ang ledger mo gamit ang anumang browser extension kagaya nung nabiktima recently https://cointelegraph.com/news/ledger-wallet-user-allegedly-lost-16k-to-malicious-browser-extension



Kung mag-mobile wallet na din lang, huwag na sa coinsph mag-store. Marami naman non-custodial options kagaya ng Abra, Coinomi, Mycelium, Electrum, at iba pa. Maganda din magbasa dito https://bitcointalk.org/index.php?board=37.0


Title: Re: Reminder: WAG MAG IIWAN NG COINS SA CUSTODIAL WALLETS & EXCHANGES
Post by: joshy23 on January 06, 2020, 07:30:34 AM
Malaking bagay na maunawa itong concerned na to, Hindi natin masisigurado ang panahon may chance na madale ang coins.ph ng hackers or magbago ng business ung may ari at bigla na lang magdeclare ng bankruptcy. Mabuting hawak natin sa sarili nating wallet ang mga asset natin. Kung nandito ka na rin naman at kaya mo naman mapagipunan ang hardware wallet mas okay yun for long term security.


Title: Re: Reminder: WAG MAG IIWAN NG COINS SA CUSTODIAL WALLETS & EXCHANGES
Post by: Mr. Big on January 06, 2020, 07:47:05 AM
Pinned.

Report posts that does not contribute anything or posts na mema lang...


Title: Re: Reminder: WAG MAG IIWAN NG COINS SA CUSTODIAL WALLETS & EXCHANGES
Post by: mk4 on January 06, 2020, 08:09:50 AM
Pinned.

Report posts that does not contribute anything or posts na mema lang...

Thanks! Will edit the main topic in a bit para mas malinis at mas malinaw ung message.


Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: Palider on January 07, 2020, 03:55:02 PM
Ito dapat ang alalahanin natin palagi dahil kahit na sabihin nating safe ang coins.ph at ito ay hindi pa nahahack sa loob ng maraming taon mayroon parin itong posibilidad kagaya nalang ng iyong nabanggit. 

Quote
oo. "unhacked" rin naman ung Bitfinex at MtGox dati at some point diba? Tingin rin ng mga tao sobrang safe tong mga platforms na to. Pero anong nangyari? Nawala ung mga bitcoin ng mga tao na naka store sa exchanges na to

Nabanggit mo na rin yan dito.
https://bitcointalk.org/index.php?topic=5206575.msg53254902#msg53254902

Alam ko na hindi maiiwasan ang maglagay ng pondo sa coins pero dapat ay tama lang ito at base narin sa ating pangangailangan lamang gawin natin itong secondary wallet. At ilagay natin ang malaking porsyento ng ating pondo sa wallet na Hawak natin ang private key



Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: mk4 on January 08, 2020, 04:23:09 AM

Quote
oo. "unhacked" rin naman ung Bitfinex at MtGox dati at some point diba? Tingin rin ng mga tao sobrang safe tong mga platforms na to. Pero anong nangyari? Nawala ung mga bitcoin ng mga tao na naka store sa exchanges na to

Nabanggit mo na rin yan dito.
https://bitcointalk.org/index.php?topic=5206575.msg53254902#msg53254902

Yea. To be honest para na akong sirang plaka sa paulit ulit ko ng sinasabi ito. Pero wala parin, dami paring matitigas ang ulo. Oh well, unfortunately mga ibang tao talaga mas gustong matuto the hard way, pag tipong nawala na sakanila ung pera nila.

And salamat ulit kay mod Mr. Big at na-pin tong topic na to.


Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: lionheart78 on January 08, 2020, 02:11:49 PM
I just want to share an experience regarding this reminder.  I was once active sa trading sa Poloniex.  Lahat ng cryptocurrency ko iniiwan ko doon.  Medyo newbie pa ako that time siguro wala pa akong isang taon sa crypto industry.  I left my account ng walang 2fa, then at the same time kahit hindi ako nagtitrade ay iniiwan ko rin ang aking mga coins doon.  

Sa katangahan ko at hindi pag-iingat, nahack ang account ko at nalimas lahat ng coins and token ko doon sa exchange.  It won't hurt sana kung hindi ko ginawang taguan ng coins ko yung exchange wallets kahit na nahack but since andun lahat ng portfolio ko.. ayun iyak tawa ako hehehe.  

Another experience is from my old friend here sa Bitcointalk, ang ginawa nya namang taguan ay ang Bittrex exchange at ang second layer na security nya ay ang email.  Nagulat na lang ako at nagsabi siya na he is quitting cryptocurrency dahil lahat ng ipon nya na nakatago sa Bittrex ay nalimas.  Though nagfile siya ng support ticket, hindi na nya nabawi ang mga nahack sa kanya.

I hope these two examples are good enough para malaman nyo kung gaano kadelikado ang magiwan ng mga coins sa custodial at exchanges kung hindi rin lang kayo nagtitrade or walang importanteng activity na gagawin.  I hope you learned a lesson from our experience at iwasan nyo hangga't maari na magiwan o gawing imbakan ng inyong portfolio ang custodial wallets at exchanges.


Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: crwth on January 10, 2020, 03:01:37 AM
An important thing to add is to be vigilant with all the “promos” and “free stuff” na linalagay minsan para makapag hack. Isipin niyo ba naman na, why would someone give you “free money” without any exchange of service or yung mga lumilitaw na lang bigla na “Congratulations you have won...” mga ganyan na tactics pero ibang klase lang ang pag portray.

It’s important to have layers of security and backup when it comes to your account. Sometimes people just have to learn it the hard way bago madala. Ako din mismo naexperience ko na yan. Sayang pera.  Iwasan ang mga ganung scams and possible ways to hack you.

Free WiFi? - Use a trusted VPN
Never login in an unknown device


Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: mk4 on January 10, 2020, 04:30:45 AM
An important thing to add is to be vigilant with all the “promos” and “free stuff” na linalagay minsan para makapag hack. Isipin niyo ba naman na, why would someone give you “free money” without any exchange of service or yung mga lumilitaw na lang bigla na “Congratulations you have won...” mga ganyan na tactics pero ibang klase lang ang pag portray.

I'd figure na masyado na ata tong common experience para i-mention, though obviously hindi ito common knowledge kasi madami paring nahahack sa ganitong paraan unfortunately. Will edit the main post in the future baka gawin ko nalang security tips general topic para mas kumpleto. Thanks!


Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: Dabs on January 14, 2020, 02:32:50 PM
Good reminder na ang mga wallet na control mo ay yung either nasa computer or laptop, or mobile phone at hindi app ng isang company o website.

Specifically, websites like coins.ph and rebit.ph and other local exchanges have addresses where you can deposit coins to, but you do not control the wallet, you do not have the private keys. Ang tawag dyan ay custodial.

Meron batas that regulates them, pero hindi sila kagaya ng mga banko na meron PDIC (philippine deposit insurance).

If you need to use an exchange, keep your coins there only for as long as you need to do your transaction, then withdraw everything back to your own desktop or mobile wallet. Usually 15 minutes pwede na. You don't keep your coins there longer than overnight.


Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: mk4 on January 14, 2020, 05:43:47 PM


Yeap, unfortunately kailangan pang ipaalala ng paulit ulit sa mga kababayan natin about ung risks ng holding funds sa centralized exchanges(after how many years already), pero wala talaga.  ??? Convenience > security talaga sa karamihan, kahit ung mga iba pa e mas matagal pang registered sakin dito sa Bitcointalk.


Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: akosiMalakas on January 15, 2020, 07:40:33 PM
Lumalakas ang panawagan natin sa lahat lalo na sa mga tiwalang tiwala sa Coins.ph hindi parin pala tapos ang ganitong aksidente ng pag hack at maraming nagsasabi na inside job daw ang nangyari.  Dahil mismong coins ang nagtext ng confirmation na nawithdraw ang pera nya sa BDO ngunit hindi nya naman ito ginawa. Sa lahat po ng may coins.ph hindi naman sa naninira ang post na ito, ito ay babala sa lahat ng mga gumagamit! Na maging maingat at maging sigurado dahil nga sabi narin ng ating mga highranks "NOT YOUR KEYS, NOT YOUR COINS".

https://i.imgur.com/yo7mLcj.png https://i.imgur.com/PSNNPAy.png



Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: Dabs on January 15, 2020, 08:01:46 PM
Someone got phished ... fake text maybe to fake site. Official address should have been coins.ph

So ... meron minalas. Not the fault of coins, but the user made a mistake and got tricked by someone else.


Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: mk4 on January 16, 2020, 05:47:49 AM
Lumalakas ang panawagan natin sa lahat lalo na sa mga tiwalang tiwala sa Coins.ph hindi parin pala tapos ang ganitong aksidente ng pag hack at maraming nagsasabi na inside job daw ang nangyari.  Dahil mismong coins ang nagtext ng confirmation na nawithdraw ang pera nya sa BDO ngunit hindi nya naman ito ginawa.

Yeap, in this case definitely hindi coins.ph ang may kasalanan. Kusang inenter ng biktima ung pro-coin.asia website, which is obviously obviously a phishing link. If coins.ph man talaga ang magsend ung URL, 100% going to be under the "coins.ph/xxxx" domain. Again, knowledge concerning online security parin talaga ang pagkukulang ng karamihan ng ating kababayan.


Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: john1010 on January 16, 2020, 02:01:45 PM
Pinaka-safe na talaga na gumamit ng core wallet at keep safe the private key, dahil kahit ano man ang mangyari pwede mo itong magamit just incase na masira ang pc/laptop.


Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: mk4 on January 16, 2020, 05:58:00 PM
Pinaka-safe na talaga na gumamit ng core wallet at keep safe the private key,
Great choice talaga ang Bitcoin Core especially pag ang pinag uusapan e privacy, pero di ko talaga ito irerecommend na gamitin ng mga taong hindi ganun kataas ang kaalaman tungkol sa computers. Dahil pag Bitcoin Core ang wallet na gagamitin mo, kung talagang gusto mong secure, separate na computer na Qubes/Tails OS ang naka install na OS dapat para ma maximize ung security as much as possible. Hindi lang talaga ganun ka safe(imo) maghold ng mas malalaking halaga ng bitcoin sa program na naka install lang sa personal computer na ginagamit natin online araw araw. Hardware wallet + handwritten recovery seed parin in terms of security in my opinion.

dahil kahit ano man ang mangyari pwede mo itong magamit just incase na masira ang pc/laptop.
Same thing naman with lahat ng wallets na nagbibigay ng access sa private keys; hindi lang sa Bitcoin Core.


Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: bL4nkcode on January 16, 2020, 11:56:21 PM
Lumalakas ang panawagan natin sa lahat lalo na sa mga tiwalang tiwala sa Coins.ph hindi parin pala tapos ang ganitong aksidente ng pag hack at maraming nagsasabi na inside job daw ang nangyari.  Dahil mismong coins ang nagtext ng confirmation na nawithdraw ang pera nya sa BDO ngunit hindi nya naman ito ginawa. Sa lahat po ng may coins.ph hindi naman sa naninira ang post na ito, ito ay babala sa lahat ng mga gumagamit! Na maging maingat at maging sigurado dahil nga sabi narin ng ating mga highranks "NOT YOUR KEYS, NOT YOUR COINS".

This is not inside job, tingin ko lang, most probably phished account or any other hacking method used.
These happens talaga pag hindi activated 2fa, lahat ng account ko sa lahat ng exchanges famous man o hindi, laging mat 2fa except sa mga wallets ko since tago ko yung recovery phrase.
That's why I recommend lahat ng coins.ph user na i activate 2fa para iwas sa mga ganitong problema.


Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: Dabs on January 17, 2020, 01:41:35 PM
Isa pa... use a separate email address if possible just for your crypto wallets. Use different emails for each site, pero ok lang siguro kung iisa lang for them. What I mean is, separate from your personal email address.

Hindi mahirap gumawa ng bagong email account, or gmail using any older android phone. Then activate mo 2FA for the gmail account as well.

So both gmail and your exchange accounts have separate 2FA... and no one else will know the email address you used kasi bago o hiwalay sa personal email mo.

Granted, hassle siguro, but better security, better separation, better compartmentalization .. whatever you call it, basta hiwalay.

Pati phone number ko for banks hiwalay sa personal number ko, and only for receiving SMS. Meron ako prepaid, and since I don't even reply on it, it costs me 10 pesos a YEAR....


Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: TheCoinGrabber on January 19, 2020, 07:28:31 AM
No hardware wallet for me so Electrum lang na-try ko, nag-save ng kaunti. Nag-iiwan pa rin talaga ako sa Coins.ph ng panghold eh, para direkta na convert. So kayo ba nilalagay nyo pa sa ibang wallet yun and then saka nyo lang isesend sa Coins.ph kapag mataas na? Kasi hindi ba minsan nadedelay yung transaction, baka bago makapasok yung BTC bagsak na yung rate.


Title: Re: ❗ Reminder: IWASANG MAG IWAN NG COINS SA CUSTODIAL WALLETS AT EXCHANGES
Post by: mk4 on January 19, 2020, 02:37:33 PM
No hardware wallet for me so Electrum lang na-try ko, nag-save ng kaunti. Nag-iiwan pa rin talaga ako sa Coins.ph ng panghold eh, para direkta na convert. So kayo ba nilalagay nyo pa sa ibang wallet yun and then saka nyo lang isesend sa Coins.ph kapag mataas na? Kasi hindi ba minsan nadedelay yung transaction, baka bago makapasok yung BTC bagsak na yung rate.

Personally, nag iiwan talaga ako sa Coins.ph, para may pambili ako ng load. Besides that, wala naman. Mostly long term holder rin lang naman ako, nagsesell rin, pero paminsan minsan. Personally pag gusto ko magbenta ng konti pag tumaas ung price, simple lang naman; taasan lang ung transaction fee. Mas gusto ko na ung mag bayad ako ng $1-2 transaction fee para sure na safe ung funds ko, kesa iiwan sa custodial exchanges/wallets ung pera ko.


Title: Re: ❗ [Security] Iwasang Gumamit ng Custodial Wallets, at iba pang Security Tips
Post by: Oasisman on January 21, 2020, 03:20:11 AM
There's a good news coming from our very own Coins.ph, they added another layer of security, siguro dahil na rin sa mga concerns about unauthorized withdrawals/account hacking. Simula noong January 18, 2020 (I think that was the time when they required a mandatory app update) they added the OTP or One Time Passcode that will be sent to your registered email or mobile number, and the code will be inputted para ma complete ang any transactions . Though marami pa ring mga risks kapag nag store tayu ng Bitcoin or Php sa Coins.ph pero atleast medyo nadagdagan yung safety ng ating pundo.

Pero kung sa loading parang hindi na ata need ng OTP, kasi nakakapag load naman ako using their app sa messenger. I don't know kung required din ba yung OTP kung mag babayad ng bills, hindi ko pa kasi na try mag bayad ng bills through Coins.ph.


Title: Re: ❗ [Security] Iwasang Gumamit ng Custodial Wallets, at iba pang Security Tips
Post by: TheCoinGrabber on January 21, 2020, 08:49:33 AM
No hardware wallet for me so Electrum lang na-try ko, nag-save ng kaunti. Nag-iiwan pa rin talaga ako sa Coins.ph ng panghold eh, para direkta na convert. So kayo ba nilalagay nyo pa sa ibang wallet yun and then saka nyo lang isesend sa Coins.ph kapag mataas na? Kasi hindi ba minsan nadedelay yung transaction, baka bago makapasok yung BTC bagsak na yung rate.

Personally, nag iiwan talaga ako sa Coins.ph, para may pambili ako ng load. Besides that, wala naman. Mostly long term holder rin lang naman ako, nagsesell rin, pero paminsan minsan. Personally pag gusto ko magbenta ng konti pag tumaas ung price, simple lang naman; taasan lang ung transaction fee. Mas gusto ko na ung mag bayad ako ng $1-2 transaction fee para sure na safe ung funds ko, kesa iiwan sa custodial exchanges/wallets ung pera ko.

Kabado na tuloy ako. Siguro aantaying ko muna itong isang cycle na to. Kapag naibenta ko na to PHP, antay na lang ako ng dip, then saka ako magsend ng BTC sa Electrum.

There's a good news coming from our very own Coins.ph, they added another layer of security, siguro dahil na rin sa mga concerns about unauthorized withdrawals/account hacking. Simula noong January 18, 2020 (I think that was the time when they required a mandatory app update) they added the OTP or One Time Passcode that will be sent to your registered email or mobile number, and the code will be inputted para ma complete ang any transactions . Though marami pa ring mga risks kapag nag store tayu ng Bitcoin or Php sa Coins.ph pero atleast medyo nadagdagan yung safety ng ating pundo.

Pero kung sa loading parang hindi na ata need ng OTP, kasi nakakapag load naman ako using their app sa messenger. I don't know kung required din ba yung OTP kung mag babayad ng bills, hindi ko pa kasi na try mag bayad ng bills through Coins.ph.

Last week nagconvert ako ng XRP at ipinangbayad ko ng bill, parehong walang OTP. I guess kasi siguro if ever mag dispute na hindi ikaw yung naglabas ng pambayad eh pwedeng i-track kung sino yung account holder nung binayarang bill.


Title: Re: ❗ [Security] Iwasang Gumamit ng Custodial Wallets, at iba pang Security Tips
Post by: cryptoMANIAC281015 on January 31, 2020, 08:23:27 AM
mas ok pa ren talaga ang mga HARDWAREwallets like ledger . makakasigurado kang safe yung mga naiipon mo .. pero kung walang budget para sa hardware wallet marami namang safe na wallet dyan. para sateng mga pilipino tulad ng ABRA wallet non-custodial sya so ikaw may hawak ng private key mo . ;D ;D ;D ;D ;D


Title: Re: ❗ [Security] Iwasang Gumamit ng Custodial Wallets, at iba pang Security Tips
Post by: Dabs on January 31, 2020, 12:42:54 PM
Is there a way to export or see the private keys (or the seeds) using this ABRA wallet? I've never tried it. Ang siguradong sayo talaga ang private keys or seeds are Electrum and Bitcoin Core QT wallets. Yung iba, hindi ako sure.


Title: Re: ❗ [Security] Iwasang Gumamit ng Custodial Wallets, at iba pang Security Tips
Post by: rosezionjohn on January 31, 2020, 01:22:50 PM
Is there a way to export or see the private keys (or the seeds) using this ABRA wallet? I've never tried it.
Before you can use the wallet, you will be prompted to save your seed or recovery phrase.

Quoting from https://www.abra.com/blog/abra-recovery-phrase/

Quote
Step 1. Show your recovery phrase

There are several opportunities to have the app show you your recovery phrase, including when you first install the app, when you are reminded to verify your recovery phrase, and when you press the “Backup” button in the main menu of the app.

When you select the option to show your recovery phrase, you will be shown a screen with thirteen words to copy. These thirteen words are your recovery phrase. The recovery phrase is unique to your phone – no one else has a copy.



Post edit

I guess this is what you are really looking for

Quoting from https://support.abra.com/hc/en-us/articles/115003160508-Where-can-I-find-my-recovery-phrase-

Quote
Instructions for backing up your Abra wallet:

  • Open your Abra app, to the main screen (now your portfolio view)
  • Tap: the icon in the upper left corner to go to the menu screen
  • Tap: 'Wallet Security'
  • Tap: 'View recovery phrase'
  • Write down your unique backup phrase and keep it in a safe place, such as where you would store other valuable documents and cash savings.
  • Tap: 'Yes, I wrote it down'
  • Write down the previous 13 random words from the previous step
  • Tap: 'Confirm Phrase'

If you've made a typo, a red alert box will show on the app prompting you to check the phrase and try again.  If successful, you will see the next screen with a 'You are all set!' message.


Title: Re: ❗ [Security] Iwasang Gumamit ng Custodial Wallets, at iba pang Security Tips
Post by: Dabs on January 31, 2020, 04:55:37 PM
Where else can you use those 13 word phrase? Can you use it in Electrum or other wallets? Is it a standard format or specific for the ABRA wallet?


Title: Re: ❗ [Security] Iwasang Gumamit ng Custodial Wallets, at iba pang Security Tips
Post by: Text on February 05, 2020, 02:06:34 AM
Meron din kasing third party wallets na kahit nasayo yung seed phrase ay hindi naisasama yung address + private key ng another wallet. I mean, if you are trying to transfer or import funds from a wallet to another wallet. So parang wala rin.
The best pa rin kung private key talaga ng mismong public address at hindi yung seed phrase.



May sikat na namang pinagkakaabalan ang mga social media users ngayon yung "JuanCash". Basta basta na lang sila nag sasubmit ng personal informations/identifications for KYC kahit hindi naman ito verified o trusted na company.


Title: Re: ❗ [Security] Iwasang Gumamit ng Custodial Wallets, at iba pang Security Tips
Post by: serjent05 on February 08, 2020, 06:45:22 PM
Meron din kasing third party wallets na kahit nasayo yung seed phrase ay hindi naisasama yung address + private key ng another wallet. I mean, if you are trying to transfer or import funds from a wallet to another wallet. So parang wala rin.
The best pa rin kung private key talaga ng mismong public address at hindi yung seed phrase.



May sikat na namang pinagkakaabalan ang mga social media users ngayon yung "JuanCash". Basta basta na lang sila nag sasubmit ng personal informations/identifications for KYC kahit hindi naman ito verified o trusted na company.

As far as I know JuanCash is from Zybi Tech company na nakareceive ng license from BSP way back 2018.  Hindi lang siguro popular sa  atin kasi maki coins.ph tayo.  But, I think they are legit company licensed by the authority to operate.  

You can check the information here (https://www.unbox.ph/play/zybi-tech-debuts-juancash-and-juanexchange-fintech-apps/) and here (https://bitpinas.com/feature/list-licensed-virtual-currency-exchanges-philippines/).

Zybi Tech’s Juan Exchange received its license in 2018 and intended to launch a crypto exchange, a mobile wallet, and many other solutions concerning cryptocurrency and blockchain. The exchange had a grand launching last July 2019. BitPinas attended the soft launching last May.




Title: Re: ❗ [Security] Iwasang Gumamit ng Custodial Wallets, at iba pang Security Tips
Post by: Bttzed03 on February 09, 2020, 04:47:12 AM
Another day, another exchange hack - Altsbit - an Italian CEX was hacked (https://bitcointalk.org/index.php?topic=5224057) 
.....or exit scam. Who knows?! They said almost all funds were in their hot wallet and a small part are in their cold wallet ;D
Tell me again why you are confident to use exchanges as your storage.

Kelan lang noong nakita ko thread na ito @OP, baka pwede isama as reference - Hacked Exchanges since 2011 (https://bitcointalk.org/index.php?topic=5090869)


Title: Re: ❗ [Security] Iwasang Gumamit ng Custodial Wallets, at iba pang Security Tips
Post by: Text on February 09, 2020, 06:33:12 AM
As far as I know JuanCash is from Zybi Tech company na nakareceive ng license from BSP way back 2018.  Hindi lang siguro popular sa  atin kasi maki coins.ph tayo.  But, I think they are legit company licensed by the authority to operate.  

You can check the information here (https://www.unbox.ph/play/zybi-tech-debuts-juancash-and-juanexchange-fintech-apps/) and here (https://bitpinas.com/feature/list-licensed-virtual-currency-exchanges-philippines/).

Zybi Tech’s Juan Exchange received its license in 2018 and intended to launch a crypto exchange, a mobile wallet, and many other solutions concerning cryptocurrency and blockchain. The exchange had a grand launching last July 2019. BitPinas attended the soft launching last May.
Thanks for this, at least alam ko ng legit din ang company nila, at meron din silang sariling exchange. Pero for now, stick muna ako kay Coins.ph. Saka ko na siguro subukan ang service nila kapag well-establish kagaya ng growth ng Coins. Pero pansin ko na gumagawa na sila ng hakbang upang marecognize din sila ng mga crypto users gaya na lamang ng ongoing promotional events nila.


Title: Re: ❗ [Security] Iwasang Gumamit ng Custodial Wallets, at iba pang Security Tips
Post by: serjent05 on February 14, 2020, 11:46:10 AM
Another thing, we all know na using VPN is a good way to protect our privacy pero, isa sa mga dapat nating tandaan na hangga't maari ay iwasan natin ang mga FREE VPN services.  Alam naman natin na karamihan sa mga nagsesetup ng VPN ay para kumita dahil ito ay isang negosyo.  Kung hindi tayo nagbababayad ng kanilang produkto paano sila kikita?Maari kaya na ang mga users nila ang kanilang produkto?

Narito ang mga links na pwede nating pagbasehan kung bakit napakahalagang umiwas sa mga free VPN's

5 Reasons You Need to Stop Using Free VPNs Right Now (https://www.makeuseof.com/tag/biggest-risks-using-free-vpns/)
7 Hidden Dangers to Using Free VPNs in 2020 (https://www.vpnmentor.com/blog/free-vpns-are-not-safe-to-use/)
Best free VPNs: 5 reasons why there are no such things (https://www.cnet.com/how-to/best-free-vpns-5-reasons-why-there-are-no-such-things/)


List of issues ng FREE VPN

  • Your Security (#post_Compromise)
  • Tracking Your Online Activity (#post_Tracking)
  • Limiting the Amount of Data You Can Use (#post_Limiting)
  • Slowing Down Your Internet (#post_Slowing)
  • Bombarding You with Ads (#post_Bombarding)
  • Selling Your Bandwidth (#post_Selling)

(Iclick para sa pagpapaliwanag ng mga issue)



Explanation:

Compromising Your Security
https://i.imgur.com/PL5cyv7.pngTracking Your Online Activity
https://i.imgur.com/LNaFR3g.png
https://i.imgur.com/AOvWsKz.pngLimiting the Amount of Data You Can Use
https://i.imgur.com/coY1OTt.pngSlowing Down Your Internet
https://i.imgur.com/iUUwTrP.pngBombarding You with Ads
https://i.imgur.com/2eOqD6Q.png
https://i.imgur.com/sUxwQV4.pngSelling Your Bandwidth
https://i.imgur.com/MCTmmQj.png

Images captured from: https://www.vpnmentor.com/blog/free-vpns-are-not-safe-to-use/


Title: Re: ❗ [Security] Iwasang Gumamit ng Custodial Wallets, at iba pang Security Tips
Post by: Dabs on February 18, 2020, 05:41:21 PM
If you're just going to use free VPNs, might as well stick to Tor. Yung talagang libre at halos walang problema. Minsan lang nga, mga ibang sites, ayaw nila na gumagamit ka ng Tor exit node, o alam na Tor ang ip address mo. Di bale, at least hindi ka parin ma trace.

You can also combine usage of both Tor and a VPN. At kung marunong ka, pwede ko kumuha ng VPS at gumawa ng sariling private VPN na ikaw lang ang may gamit.