Various security-related questions (a lot to read, but small tip offered)

[oda.krell]

First, my apologies if this is the wrong subforum. I hope the 'Technical Support' forum is the right place to ask the following questions.

A quick preliminary clarification:

I'm not completely new to Bitcoin (but not a veteran either), and I've already read a number of security suggestions/tutorials/etc. With that in mind, I want to say that I am *not* looking for 'best practice' solutions, which presumably would mean offline usage of a full Bitcoin client, creating a paper wallet, etc. This would be the most secure, I understand, but it would not be practical for me, since I actively trade. I am just mentioning it because I want to avoid being scolded for e.g. using an online computer for transfering btc. This means I am interested in *understanding* what I do right now better, and if necessary, *improving* my practices, but please note that I am not aiming for an absolute maximum of security, but a careful balance between security and usability.

Here are my questions, grouped by topic:

(1) OS security

As mentioned above, I perform transfers on an online (more about that aspect later) computer. The OS I use is whatever is the latest stable version of Ubuntu.

Question (1.1) How safe am I from attacks during runtime, that are based on OS vulnerabilites, or programs that run on my computer. Assume that an attacker has *no physical* access to my machine, but knows my IP address and attempts to target me. My knowledge of Linux isn't particularly deep, so I don't know if I'm correct in my belief that a properly patched Linux distribution like the one I'm using is more or less 'safe' from, for example, trojans/software keyloggers, etc. How safe am I really, and what can I do to be safer? :D


(2) Bitcoin client security questions

I'm using Electrum. The electrum wallet is protected by a strong password.

Question (2.1) How safe am I using Electrum as my client? I understand that Electrum is not completely trustless because I don't have a full copy of the blockchain and rely on servers that I need to trust. So how likely are attacks on me via my choice of client? For example, is there any chance I could be connected to a "dishonest" Electrum server, who will be able to re-direct my btc transaction, or double spend?


(3) Network security

There are two scenarios in which I would possible use Electrum, or trade on a Bitcoin exchange webpage: at home, and at a public place.

Question (3.1) How safe am I when I am connected to my own WiFi network at home, which is WPA2 secured? Is there a plausible chance someone in the vicinity could intercept and decrypt my communication (i.e. break WPA2), and get for example access to the account data at my exchange? (please assume again a sufficiently strong password was set at both the exchange, and for my WiFi network)

Question (3.2) How safe is a *public* WiFi connection? Assume the WiFi connection itself is *unsecured*, but the webpage I'm using is reached via https. I'm sorry to be so clueless, but I don't really know if in that case my communication with the exchange webpage is in clear text or not? Can someone (the network admin of the unsecured network, or someone else eavesdropping) intercept my communication with the exchange website in clear text and interfere with it?


That's all.

Sorry for the wall of text :D To offer a small incentive to read through all of my dumb questions and even *answer* them, I offer a 0.025 btc = 25mBTC ~= 19 USD tip to the first poster who answers all of my questions in satisfactory detail (alternatively, I'll split the tip up between answers if no single poster answers all of them). Not much, I know, but just a small token of gratitude. If you prefer not to be tipped, please say so.

[1714025171]

1714025171

[1714025171]

1714025171

[1714025171]

1714025171

[1714025171]

1714025171

[michagogo]

1.1: It's complicated. You should be mostly safe, as long as you're not going around running random programs and you don't have exploitable services listening on the network, but there's plenty of information online about the security of Linux distros.

2.1: With light clients such as Electrum or Multibit, you aren't fully trusting other nodes. You're doing SPV verification. Your private keys don't leave your machine, so a rogue server couldn't, for example, redirect your transactions, because you haven't signed the other transaction. (note that I don't know exactly how Electrum works in terms of its servers, but I do know that it doesn't just trust them blindly)

3.1: WPA2 is fairly secure, as long as you disable WPS.

3.2: Public networks shouldn't be assumed safe, but if you're using HTTPS you should be fine.

[Ecurb123]

For the OS security, I think the risk is pretty low running Ubuntu. I would think the most likely way in this case would be if you installed some small software tool that also had some malicious code inserted into it. Let me also ask a question to the security experts, are there risks to my bitcoin stash having java enabled in my browser? 

[Abdussamad]

Question (1.1) How safe am I from attacks during runtime, that are based on OS vulnerabilites, or programs that run on my computer. Assume that an attacker has *no physical* access to my machine, but knows my IP address and attempts to target me. My knowledge of Linux isn't particularly deep, so I don't know if I'm correct in my belief that a properly patched Linux distribution like the one I'm using is more or less 'safe' from, for example, trojans/software keyloggers, etc. How safe am I really, and what can I do to be safer?

Make sure you have a firewall up and running. Disable the open SSH server if you don't use it. If you do use it enable public key authentication and disable password authentication and remote root login.

Install chkrootkit and rkhunter and run scans regularly.

To protect your wallet you can place it under a different user account than the one you are using for your other activities. That means create a new user, login and create a new electrum wallet (just run electrum while logged in as that user. make sure you backup the seed) and transfer all your coins to an address in the new wallet. For convenience sake you can create a new watch only wallet under your regular user account. This will allow you to hand out addresses, view transactions and balances using your regular user account but will require you to switch users to spend any coins.

(2) Bitcoin client security questions

I'm using Electrum. The electrum wallet is protected by a strong password.

Question (2.1) How safe am I using Electrum as my client? I understand that Electrum is not completely trustless because I don't have a full copy of the blockchain and rely on servers that I need to trust. So how likely are attacks on me via my choice of client? For example, is there any chance I could be connected to a "dishonest" Electrum server, who will be able to re-direct my btc transaction, or double spend?

Electrum is fine. The downsides are given below:

Electrum servers can't double spend your transactions. They can *not* broadcast them though. And they can give you fake data about transactions that never took place. But your private keys are entirely within your control. If you are worried about the authenticity of transaction data just double check it on blockchain.info.

Also you loose out on privacy because all your addresses are revealed to the servers.

(3) Network security

There are two scenarios in which I would possible use Electrum, or trade on a Bitcoin exchange webpage: at home, and at a public place.

Question (3.1) How safe am I when I am connected to my own WiFi network at home, which is WPA2 secured? Is there a plausible chance someone in the vicinity could intercept and decrypt my communication (i.e. break WPA2), and get for example access to the account data at my exchange? (please assume again a sufficiently strong password was set at both the exchange, and for my WiFi network)

Question (3.2) How safe is a *public* WiFi connection? Assume the WiFi connection itself is *unsecured*, but the webpage I'm using is reached via https. I'm sorry to be so clueless, but I don't really know if in that case my communication with the exchange webpage is in clear text or not? Can someone (the network admin of the unsecured network, or someone else eavesdropping) intercept my communication with the exchange website in clear text and interfere with it?

You actually can't trust any internet connection. The encryption used in your private wifi network is designed to prevent unauthorized persons from leeching your bandwidth. It won't magically make the Internet at large a safe place. It doesn't change the fact that you are connected to the global, wild west, free for all that is the Internet.

That is why we have firewalls, HTTPS, GPG etc. because we can't trust the network. So WiFi, wired, public or private doesn't matter. Whether it is properly encrypted or not does.

[oda.krell]

You actually can't trust any internet connection. The encryption used in your private wifi network is designed to prevent unauthorized persons from leeching your bandwidth. It won't magically make the Internet at large a safe place. It doesn't change the fact that you are connected to the global, wild west, free for all that is the Internet.

That is why we have firewalls, HTTPS, GPG etc. because we can't trust the network. So WiFi, wired, public or private doesn't matter. Whether it is properly encrypted or not does.

One follow-up question:

The corollary to what you said would be that I am safe (no matter what wifi network I use) if I connect to a site via HTTPS (and the certificate is valid). Did I get that right?

[Rannasha]

(1) OS security

As mentioned above, I perform transfers on an online (more about that aspect later) computer. The OS I use is whatever is the latest stable version of Ubuntu.

Question (1.1) How safe am I from attacks during runtime, that are based on OS vulnerabilites, or programs that run on my computer. Assume that an attacker has *no physical* access to my machine, but knows my IP address and attempts to target me. My knowledge of Linux isn't particularly deep, so I don't know if I'm correct in my belief that a properly patched Linux distribution like the one I'm using is more or less 'safe' from, for example, trojans/software keyloggers, etc. How safe am I really, and what can I do to be safer?

Almost all malware/keyloggers is targeted at the low-hanging fruit, that is: Windows users. They're the vast majority and have a large fraction of computer illiterates. So when using Linux, you're "safe" from most common threats, simply because cyber-criminals are also interested in maximizing efficiency.

Attacks specifically targeted at you are a different matter. How much can be done by someone knowing your IP address, depends on your network setup. If you're behind a router, then typically not much can be done. The router will drop any unsolicited incoming traffic unless explicit forwarding rules have been created by you (or another user with access to the routers configuration).

The largest threat is in phishing attacks: Luring you to fake websites to get you to input credentials or to execute a browser/plugin exploit to install malware. Disable extensions such as Java/Flash and/or run with an addon like NoScript to prevent this. Always be vigilant to ensure that the site you think you're on is the site you're actually on.

(2) Bitcoin client security questions

I'm using Electrum. The electrum wallet is protected by a strong password.

Question (2.1) How safe am I using Electrum as my client? I understand that Electrum is not completely trustless because I don't have a full copy of the blockchain and rely on servers that I need to trust. So how likely are attacks on me via my choice of client? For example, is there any chance I could be connected to a "dishonest" Electrum server, who will be able to re-direct my btc transaction, or double spend?

Electrum connects to multiple servers, so the chance of a successful attack is minimal. As others have said, your private keys are safe, so the scope of an attack is limited to not broadcasting your tx or feeding you false data about your current balance. You can create a watch-only wallet with Blockchain.info or another service to verify that Electrum shows the correct balance/transactions.

(3) Network security

There are two scenarios in which I would possible use Electrum, or trade on a Bitcoin exchange webpage: at home, and at a public place.

Question (3.1) How safe am I when I am connected to my own WiFi network at home, which is WPA2 secured? Is there a plausible chance someone in the vicinity could intercept and decrypt my communication (i.e. break WPA2), and get for example access to the account data at my exchange? (please assume again a sufficiently strong password was set at both the exchange, and for my WiFi network)

WPA2 is considered safe for now. An attacker without the WPA2-key won't be able to monitor your communication.

Question (3.2) How safe is a *public* WiFi connection? Assume the WiFi connection itself is *unsecured*, but the webpage I'm using is reached via https. I'm sorry to be so clueless, but I don't really know if in that case my communication with the exchange webpage is in clear text or not? Can someone (the network admin of the unsecured network, or someone else eavesdropping) intercept my communication with the exchange website in clear text and interfere with it?

The communication with the exchange is encrypted, but check that the SSL certificate is valid for the website you're visiting to prevent man-in-the-middle attacks. And even though the content of the HTTPS connection is encrypted, other users on the network will be able to see you connect to the exchange website and might use "offline methods" such as walking up to you and stealing your laptop if they're malicious and find out that you're about to trade Bitcoins.

In general, your security practices are fine. They may not be guaranteed to hold up against a truly dedicated person that is specifically targeting you, but these type of attacks are rarely worth the effort.

[Rannasha]

You actually can't trust any internet connection. The encryption used in your private wifi network is designed to prevent unauthorized persons from leeching your bandwidth. It won't magically make the Internet at large a safe place. It doesn't change the fact that you are connected to the global, wild west, free for all that is the Internet.

That is why we have firewalls, HTTPS, GPG etc. because we can't trust the network. So WiFi, wired, public or private doesn't matter. Whether it is properly encrypted or not does.

One follow-up question:

The corollary to what you said would be that I am safe (no matter what wifi network I use) if I connect to a site via HTTPS (and the certificate is valid). Did I get that right?

The content of the connection is encrypted, but others on the network will be able to see that you are connecting to this specific site.

[Abdussamad]

You actually can't trust any internet connection. The encryption used in your private wifi network is designed to prevent unauthorized persons from leeching your bandwidth. It won't magically make the Internet at large a safe place. It doesn't change the fact that you are connected to the global, wild west, free for all that is the Internet.

That is why we have firewalls, HTTPS, GPG etc. because we can't trust the network. So WiFi, wired, public or private doesn't matter. Whether it is properly encrypted or not does.

One follow-up question:

The corollary to what you said would be that I am safe (no matter what wifi network I use) if I connect to a site via HTTPS (and the certificate is valid). Did I get that right?

Yes. I was about to edit my answer and clarify that.

Of course there are caveats to that as well. If someone else has installed a different set of CA certificates on YOUR system then even invalid certs would show up as valid. For example: a legitimate use case of this is when companies do this to their employee's systems to make the company's self-signed certs for internal systems appear valid.

[oda.krell]

Thanks a lot, Rannasha & Abdussamad. Very helpful answers!

If it's okay with you I'll split the tip (in which case I still need your address, Abdussamad).

[Abdussamad]

Thanks a lot, Rannasha & Abdussamad. Very helpful answers!

If it's okay with you I'll split the tip (in which case I still need your address, Abdussamad).

Ok thanks: 13m4SSVYXHdiA5jQM3i1w44UtPQj2yMwp2