|
kubricktrader (OP)
|
 |
October 08, 2017, 05:03:53 PM |
|
Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.
Is this a serious risk?
How to use a wallet that solves this?
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Even in the event that an attacker gains more than 50% of the network's
computational power, only transactions sent by the attacker could be
reversed or double-spent. The network would not be destroyed.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
carlfebz2
|
|
October 08, 2017, 05:48:09 PM |
|
Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.
Is this a serious risk?
How to use a wallet that solves this?
Everything has risk and most people do really afraid of that keyloggers which they can easy stole up valuable information's which are related on your wallet or even on important emails but somehow this thing can be avoided if you do know how to set up things which would make you secure somehow into these threats.In terms on PC its really always recommended to have an Anti-virus so that pc would be clean on any malware or virus and you should always be prompt on downloading things on internet. |
|
|
|
|
|
liviux
|
|
October 08, 2017, 07:32:57 PM |
|
Every time you connect to the internet (using mobile, windows, Linux, Mac, toaster, etc) consider yourself compromised. Never trust nobody and nothing.
You can minimize risks of being hacked, but no one can say for sure they have a 100% safe system.
Try multiple levels of controlling your keys
|
|
|
|
|
|
RichardBTC
|
|
October 08, 2017, 07:50:28 PM |
|
yeah i agree, now a days you have to be so vigilant about what site you visit or what program you donwload or who you let on your pc to help. there are thieves every where looking to make a quick buck at the expense of others. Just recently i saw a guy get robbed of 14K VIVO coins worth approximately 70K dollars. Simply dont trust no body or anything on the net.
|
|
|
|
BlueSword
Newbie
 Offline
Activity: 18
Merit: 0
|
|
October 08, 2017, 09:31:13 PM |
|
Best bet is to use a clean machine with a wired keyboard. (Wireless/Bluetooth keyboards have a greater attack surface.) A simple trick is to not enter your password completely sequentially, but instead to enter some of it, then reposition your cursor using the mouse, and then type the rest of it. This will likely thwart attacks not targeted specifically at you, at least as long as this technique isn't widely used.
|
|
|
|
|
HappyNonce
Newbie
Offline
Activity: 33
Merit: 0
|
|
October 08, 2017, 10:06:05 PM |
|
Just do everything on an offline machine. Who cares about keyloggers.
|
|
|
|
|
Thekool1s
Legendary
Offline
Activity: 1512
Merit: 1218
Change is in your hands
|
|
October 09, 2017, 10:05:44 AM |
|
Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.
Is this a serious risk?
How to use a wallet that solves this?
This is the exact reason why need further encryption, I am trying to build an open source wallet which will use your fingerprint to encrypt the wallet.dat file, along with password and 2FA encryption, that will be one of the solutions. Other than that your current best option is to get a windows copy from microsoft and do a brand new offline installation of windows and never connect that pc to internet, That's the safest you can go. Also Don't use ISO files from the internet, they can be modified quiet easily. |
|
|
|
|
BlueSword
Newbie
Offline
Activity: 18
Merit: 0
|
|
October 09, 2017, 12:31:03 PM |
|
I am trying to build an open source wallet which will use your fingerprint to encrypt the wallet.dat file, along with password and 2FA encryption, that will be one of the solutions.
I don't understand what threat model this is protecting against; can you please elaborate? If your OS is compromised with malware that can steal your encrypted wallet and your password, can't it just as easily steal your plaintext wallet after you decrypt it? Although hardware keyloggers that sit between the keyboard and the computer do exist, this requires an attacker to have physical access to your machine, and in that case you're basically screwed anyway. Other than that your current best option is to get a windows copy from microsoft and do a brand new offline installation of windows
A fresh install of MS Windows is certainly more secure than an OEM install that is potentially compromised with crapware such as Superfish. But Windows itself still has a huge attack surface. Personally, I'd recommend a smaller, security-focused OS such as FreeBSD. Don't use ISO files from the internet, they can be modified quiet easily.
Most ISOs have signed hashes that you can verify after downloading (e.g., https://www.freebsd.org/releases/11.1R/CHECKSUM.SHA256-FreeBSD-11.1-RELEASE-amd64.asc). Of course, this requires you to trust the public key that was used to sign the hash, but the chain of trust must be rooted somewhere. |
|
|
|
|
HeRetiK
Legendary
Offline
Activity: 2912
Merit: 2080
Cashback 15%
|
|
October 09, 2017, 03:07:16 PM |
|
Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.
Is this a serious risk?
How to use a wallet that solves this?
I would definitely take the dangers of keyloggers seriously. That's why you get a hardware wallet such as the ledger in the first place. I'm not sure how much sense it makes to spread the risk among other wallets. I know Trezor supports multiple passphrases (leading to multiple accounts), Ledger should be able to do that as well. In the end that should be all the security you'll ever need. Just don't forget to keep your seed phrase backup offline, on paper. Make a second seed phrase paper backup, stored in another, secure location. Then there's nothing you need to worry about (well, apart from the whole lot of other things that get compromised if you happen to have a keylogger on your system, that is). |
.
.HUGE. | | | | | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | | |
|
|
|
|
Drnice
|
|
October 09, 2017, 05:24:13 PM |
|
Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.
Is this a serious risk?
How to use a wallet that solves this?
Everything has risk and most people do really afraid of that keyloggers which they can easy stole up valuable information's which are related on your wallet or even on important emails but somehow this thing can be avoided if you do know how to set up things which would make you secure somehow into these threats.In terms on PC its really always recommended to have an Anti-virus so that pc would be clean on any malware or virus and you should always be prompt on downloading things on internet. According to the little I read from this article, the Wikipedia of keystrokes (keyloggers) I don't think it gives a shit about any antivirus, if I didn't get it right, please anyone should put me through. Here is the link : https://en.m.wikipedia.org/wiki/Keystroke_logging |
|
|
|
|
|
SureLockLoans
|
|
October 09, 2017, 05:50:55 PM |
|
Anti viruses only protect against known codes so really all they are doing is checking a database for known codes and then alerting you whenever they find a match and sometimes some of these programs will isolate or remove it automatically until you review it.
keyloggers are very much a threat. but is easily avoidable by not trusting external sources which do not have reputation. do not click on any links you dont trust and certainly dont download anything you do not trust.
|
|
|
|
HeRetiK
Legendary
Offline
Activity: 2912
Merit: 2080
Cashback 15%
|
|
October 09, 2017, 10:10:15 PM |
|
Anti viruses only protect against known codes so really all they are doing is checking a database for known codes and then alerting you whenever they find a match and sometimes some of these programs will isolate or remove it automatically until you review it.
keyloggers are very much a threat. but is easily avoidable by not trusting external sources which do not have reputation. do not click on any links you dont trust and certainly dont download anything you do not trust.
That's the freaky part. If the attacker knows what they are doing and is only targeting a small group of people -- say, bitcointalk users -- they are likely able to infect you with a keylogger that doesn't trigger any common anti virus software as it's either hard to detect or has a yet unknown signature. So in that regard not trusting external sources and suspicious links is probably an even better and more important defense than any anti virus software out there. |
.
.HUGE. | | | | | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | | |
|
|
|
|
madwica
|
|
October 10, 2017, 02:23:52 PM |
|
There are some statement that their fund are got stolen after they have transaction using their wallet who has a bitcoin inside, i think key logger is one of the reason why they got hacked. That is why i feel worried if i would be one of the victim of this kind of scam. Hoping that some developer could find a ways how to eliminate this thing to avoid increasing victim of hackers around the world.
|
|
|
|
|
|
SiDtHeBeSt
|
|
October 10, 2017, 02:27:37 PM |
|
Keyloggers? well they're really very dangerous dude, with the help of keyloggers hackers can easily get to know any of the information on you computer. One should just not click on any suspicious links to prevent downloading any keyloggers, also keeping a good antivirus would help alot to protect from keyloggers
|
|
|
|
|
|
MFahad
|
|
October 10, 2017, 04:13:25 PM |
|
Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.
Is this a serious risk?
How to use a wallet that solves this?
Not a bit. Every keylogger is the direct result of a user doing something stupid. It is the one viral attack exploit that is always user installed or downloaded. I think it is just too simple for the hackers to deploy any other way, and it is used as a catch the bottom feeders last resort after the real hacking. |
▄▄████████▄▄
▄▄████████████████▄▄
▄██████████████████████▄
▄█████████████████████████▄
▄███████████████████████████▄
| ███████████████████▄████▄
█████████████████▄███████
████████████████▄███████▀
██████████▄▄███▄██████▀
████████▄████▄█████▀▀
██████▄██████████▀
███▄▄████████████▄
██▄███████████████
░▄██████████████▀
▄█████████████▀
█████████████
███████████▀
███████▀▀ | | | .
| | ▄▄███████▄▄
▄███████████████▄
▄███████████████████▄
▄█████████████████████▄
▄███████████████████████▄
█████████████████████████
█████████████████████████
█████████████████████████
▀███████████████████████▀
▀█████████████████████▀
▀███████████████████▀
▀███████████████▀
▀▀███████▀▀ | .
ElonCoin.org | │ | | .
| │ | ████████▄▄███████▄▄
███████▄████████████▌
██████▐██▀███████▀▀██
███████████████████▐█▌
████▄▄▄▄▄▄▄▄▄▄██▄▄▄▄▄
███▀░▐███▀▄█▄█▀▀█▄█▄▀
██████████████▄██████▌
█████▐██▄██████▄████▐
█████████▀░▄▄▄▄▄
███████▄█▄░▀█▄▄░▀
███▄██▄▀███▄█████▄▀
▄██████▄▀███████▀
████████▄▀████▀█████▄▄ | .
"I could either watch it
happen or be a part of it"
▬▬▬▬▬ |
|
|
|
Casy
Member
Offline
Activity: 149
Merit: 22
🔴🔵 FoxMixer.com 🔵🔴
|
|
October 10, 2017, 08:23:14 PM |
|
Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.
Is this a serious risk?
How to use a wallet that solves this?
Actually, if your computer is infected, there is not much a wallet itself can do to solve it. The malware could hide on the system driver level, so the application in user space has no chance to detect it. If there are wallets that claim to be able to cope with it, it sounds suspicious to me. The risk itself is quite serious, as there are many versions of malware around that are crypted by non widely known algorithms and by that they bypass a lot of AV scanners. Problem is that a lot of this malware has special functionality to detect if a cryptocurrency wallet is installed and it filters the data to only capture this part. In general, linux operating systems are not targeted that often. For high-volume transfer handling, I generally recommend using a dedicated machine that is set up from scratch, where only required software gets installed. Then, you can setup a firewall to only allow a specific process to communicate out of your machine. This should give you maximum security. Better safe than sorry... |
|
|
|
|
Gotumoot
|
|
October 11, 2017, 04:15:01 AM |
|
The key logger is a serious problem that really needs to be resolved. But how can it be solved now that anti-viruses are capable of overtaking and escape? Nothing is really safe now in the world and when you do not even know the computer you can definitely be robbed. So please do not download anything if you do not have enough knowledge about that because your download might be malware.
|
|
|
|
|
|
|
equator
Legendary
Offline
Activity: 1190
Merit: 1002
|
|
October 11, 2017, 09:03:09 AM |
|
Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.
Is this a serious risk?
How to use a wallet that solves this?
The best way of solving the problem is use the wallet on the machine where you dont use another things only use the wallet for it. So that if you got get any problem of key loggers as you wont be using any type of files and browser service. |
|
|
|
|
|
italianMiner72
|
|
October 11, 2017, 09:20:59 AM |
|
Im gonna buy a ledger but i still want to.spread the risk among some other wallets. Problem is most now apart frrom core uses a 12 word passphrase. Problem is John Mcafee says millions of phones and computers have keyloggers so they can take photo.and send your passphrase quite easily.
Is this a serious risk?
How to use a wallet that solves this?
The best way of solving the problem is use the wallet on the machine where you dont use another things only use the wallet for it. So that if you got get any problem of key loggers as you wont be using any type of files and browser service. this is exactly my approach i setup a virtual machine when i have my wallets and i connect to network just when i need to send transaction or sync chain. when i don't needt it, the VM is powered off.. |
|
|
|
|
