Are you using a Public DNS server? your coins are at risk !

[jseverson]

It sounds like the biggest concern is a public DNS server that is very commonly used. If you are able to find a public DNS server that is relatively unused would that then mitigate most of the concern for hacking through that route?

Not really. Picking an uncommonly used DNS is really just security by obscurity. You're not actually doing anything to be more secure against attacks, you're just reducing the chances of being attacked. Kind of like how people MacOS is "safer" than Windows just by virtue of it being much less likely to get targeted.

I'm pretty new to all of this, but how is your ISP DNS anymore protected than a public DNS that is used equally as much?

It's not more protected. Google's isn't necessarily better either. Google's is just perceived to be better because most people trust that Google does their job in securing their DNS better than their respective ISPs. I don't know if that's true, of course, but if we go by the assumption that Google is better at security than your ISP, it would come down to a choice of "more likely to be attacked but more likely to fight them off", or "less likely to be attacked but less likely to fight them off". It's essentially hiding versus arming yourself. There's no clear winner that will always be better so you just have to decide for yourself.

[1715119957]

1715119957

[1715119957]

1715119957

[1715119957]

1715119957

[denis-z12]

Invest in a hardware wallet, it worth it. When you are new to crypto and dont own much of it you might think it is foolish to pay 80-90$ for a wallet to store our coins in but remember how you would feel if you get hacked and lose your assets.
Its a good idea to use a separate laptop/pc just for your crypto trading/storing needs. Since it doesnt have to be a brand new one, just make sure its wiped clean and doesnt have any faulty hardware and use it only for your crypto assets, not for any other internet activities (movies, torrents, downloading etc etc....)

[Aura]

I always use VPN to transact. I do not know if this is risky or not for me. And so far I am grateful my coins are always safe. Whether through MEW or Exchangers, I'm always wary of using both because we know that Hackers can use DNS from MEW or Exchangers to get Private keys and Passwords. They are smart. However, risk is the part we have to deal with.

I'm using a VPN too, is this safe enough?? (I'm not a tech savvy so i don't have any idea about this) Well, this makes me scared but thanks God my tokens are still safe out there, to be honest I'm just worried about MEW wallet, not exchange since I have enabled 2fa factor though it's not completely safe and bad way storing your crypto out there.

I would not use a VPN for logging into web-wallets, unless Bitcoin (or related tech) is forbidden in your country. You have to consider that all requests go through the VPN server, that is especially dangerous when the connection is not well encrypted.

[左]

I'm not really into hardware wallets either to be honest, all it takes is one bad apple among employees and your private key might be compromised.

[audaciousbeing]

The summary of it all is that, we just need to continue to be more secure. I have read suggestions about how to go about being secure but it seems its not as simple for someone who is just an average user. A whole lot of people don't even know what DNS stands for and its importance in all of this or what the validity of the certificate stands for what is known is to launch a browser and sail with it to site you want to visit.

The simple answer and best recommendation is have an hardware wallet to store the coins. As the Internet continues to be less secure, the best is to operate outside the internet and only come online to use the wallet when its extremely important to do that.

[Aura]

The summary of it all is that, we just need to continue to be more secure. I have read suggestions about how to go about being secure but it seems its not as simple for someone who is just an average user. A whole lot of people don't even know what DNS stands for and its importance in all of this or what the validity of the certificate stands for what is known is to launch a browser and sail with it to site you want to visit.

The simple answer and best recommendation is have an hardware wallet to store the coins. As the Internet continues to be less secure, the best is to operate outside the internet and only come online to use the wallet when its extremely important to do that.

This thread suggests that the ISP DNS server is the most secure. Most devices are pre-configured to use DHCP and that will automatically choose that server, so you don't necessary have to understand DNS for basic security.

Hardware wallets can be considered hot-wallets, as they are physically connected to an online device. But I get your point.

[squatz1]

While this is something which is pretty smart, If you have some sort of 2FA setup with your wallet you're going to be fine. So if you do have some other precautions in place then you're going to be good to go. I would always recommend having 2fa with authy or google authenticator.

Though with the chance of losing your coins low due to DNS risk when simply using google dns servers (or someone like cloudflare) You're going to be saving a lot more time with using the other dns servers, which is going to have to be put into account when thinking of what dns server to use.s

[EthanB]

Picking an uncommonly used DNS is really just security by obscurity. You're not actually doing anything to be more secure against attacks, you're just reducing the chances of being attacked. Kind of like how people MacOS is "safer" than Windows just by virtue of it being much less likely to get targeted.

I thought that was the primary point that OP was getting at when they were suggesting to use your ISP DNS over a public DNS like google. The sheer fact of obscurity is quite often enough to deter an attack, simply because you were not worth targeting. It certainly isn't a good strategy, but I was simply asking because this seemed to be equivalent to what they were suggesting.

It's not more protected. Google's isn't necessarily better either.

Welp. That just leaves everyone pretty much open to an attack. We need better options on a large scale.

[mikeywith]

Yeah it is risky if you use public dns. what i wonder is why google dns can be hijacked.
for me, using myetherwallet alone is not secure to operate. just use metamask or other secure wallet.

you see the most secured things are those" unknown" things. the more a service is used the more people want to hack it because the reward is much bigger.

think about it this way. you transferring a million dollars in cash from your house to your friends.

you have 1 options to secure them.

1- Do not tell anyone about the money you transferring
2-Hire a SWAT team to protect you transfer the money


now option two may seem like a more secured choice but it really is not. just the fact that you allow people to know about the 1 million $ you transferring puts you in a big risk regardless of how much protection you have.

this thing applies to public DNS perfectly. even though Google pays probably 1000000x times more than most other DNS's for security, the fact the it's well known and so many people use it. it's  very seductive  to hackers,  who would waste time and effort trying to hack a local DNS that only a handful of people use?

and yes you are 100% right. people should stay away from web-based wallet.

[benalexis12]

Well thanks for your information. I gather much from you. I use multiple browser before and i found out that there will be a vulnerability on other browser can't name one but the safest browser i use is Google Chrome. I will buy hardware soon as soon as the bull market return then i will short  my funds.

[mikeywith]

wow, thanks for the information, I even found out if using google DNS is very dangerous, I used to use it to stabilize my modem connection, and now I will never again do, thanks again for the information

you are most welcome . glad i could help.

I'm not really into hardware wallets either to be honest, all it takes is one bad apple among employees and your private key might be compromised.

nothing is 100% secured,but it's not bad as you make it sound. a bad apple ammong empoloyess won't be enough to compromise your PK. it's a little bit more secured than this

It sounds like the biggest concern is a public DNS server that is very commonly used. If you are able to find a public DNS server that is relatively unused would that then mitigate most of the concern for hacking through that route?

Not really. Picking an uncommonly used DNS is really just security by obscurity. You're not actually doing anything to be more secure against attacks, you're just reducing the chances of being attacked. Kind of like how people MacOS is "safer" than Windows just by virtue of it being much less likely to get targeted.

I'm pretty new to all of this, but how is your ISP DNS anymore protected than a public DNS that is used equally as much?

It's not more protected. Google's isn't necessarily better either. Google's is just perceived to be better because most people trust that Google does their job in securing their DNS better than their respective ISPs. I don't know if that's true, of course, but if we go by the assumption that Google is better at security than your ISP, it would come down to a choice of "more likely to be attacked but more likely to fight them off", or "less likely to be attacked but less likely to fight them off". It's essentially hiding versus arming yourself. There's no clear winner that will always be better so you just have to decide for yourself.

I think it is pretty clear that what i meant by saying that your ISP DNS is more secured than GOOGLE's is nothing technically related. it's something we can't tell, statistically google's DNS is more secured than many other's COMBINED.
but the fact that it's widely used, it's on hackers top list!.simply due to the reward!

[mikeywith]

Well thanks for your information. I gather much from you. I use multiple browser before and i found out that there will be a vulnerability on other browser can't name one but the safest browser i use is Google Chrome. I will buy hardware soon as soon as the bull market return then i will short  my funds.

glad  i could help. if you do not have the funds /abiliry to get  a hardware wallet for now consider a paper wallet, or at least use a windows version and use 2FA.

stay away from web-based wallets ( where you use your browser, type in xxxx walet.com and enter your info ) that is the worst practice ever especially if you do not have a 2FA

[mikeywith]

Invest in a hardware wallet, it worth it. When you are new to crypto and dont own much of it you might think it is foolish to pay 80-90$ for a wallet to store our coins in but remember how you would feel if you get hacked and lose your assets.
Its a good idea to use a separate laptop/pc just for your crypto trading/storing needs. Since it doesnt have to be a brand new one, just make sure its wiped clean and doesnt have any faulty hardware and use it only for your crypto assets, not for any other internet activities (movies, torrents, downloading etc etc....)

100% true ,,some people want to learn the hard way

[Raggie]

Yeah it is very risky. but i didn't think using a public dns is risky first, but after the hacking occurred on myetherwallet,
i realized it was risky indeed. Use your isp dns, it is safer than public dns.

[EthanB]

I think it is pretty clear that what i meant by saying that your ISP DNS is more secured than GOOGLE's is nothing technically related. it's something we can't tell, statistically google's DNS is more secured than many other's COMBINED.
but the fact that it's widely used, it's on hackers top list!.simply due to the reward!

Can you clue me into which statistics you are using to formulate this conclusion? If you're saying that this is something we cannot tell in terms of their technical sophistication, then what about the statistics should reflect any differently? Either they are more secure, or they are less secure. Even if they are more technically sophisticated, is it more likely that the Google DNS gets hacked or your ISP DNS? I would argue that it's Google's that is more likely, so in certain circumstances, such as this one security by obscurity may be of higher value than other aspects for the simple fact that you will not fall into the targeted-zone of attack. As you said, there is high reward for this sort of thing, but in regular ISPs DNS there is little to gain, so unless you are causing yourself to be targeted you can bet that you won't be.

You say that it is pretty clear what you mean, but there are multiple people that are unclear on exactly that so you are misleading yourself if you honestly believe that to be the case.

[Shakawat]

i think it is not as safe for me because it is likely to be hacking at any  for me,so l ask you to use a different wallet because if you use a wallet you can read it at risk.all of you go ahead

[AlexAtom]

i was carelessly using public dns because my isp using it. later dns hijacked occured.
My wallet got hacked by it. i lost about 700 usd of it.
now i am no longer using myetherwallet, time to use metamask or other more secure wallet.

[mikeywith]

I think it is pretty clear that what i meant by saying that your ISP DNS is more secured than GOOGLE's is nothing technically related. it's something we can't tell, statistically google's DNS is more secured than many other's COMBINED.
but the fact that it's widely used, it's on hackers top list!.simply due to the reward!

Can you clue me into which statistics you are using to formulate this conclusion? If you're saying that this is something we cannot tell in terms of their technical sophistication, then what about the statistics should reflect any differently? Either they are more secure, or they are less secure. Even if they are more technically sophisticated, is it more likely that the Google DNS gets hacked or your ISP DNS? I would argue that it's Google's that is more likely, so in certain circumstances, such as this one security by obscurity may be of higher value than other aspects for the simple fact that you will not fall into the targeted-zone of attack. As you said, there is high reward for this sort of thing, but in regular ISPs DNS there is little to gain, so unless you are causing yourself to be targeted you can bet that you won't be.

You say that it is pretty clear what you mean, but there are multiple people that are unclear on exactly that so you are misleading yourself if you honestly believe that to be the case.

I do not know what is the point of wrongly rephrasing my initial statement.

I can tell you that Google's DNS is differently more secured than your ISP, but it is SAFER to your ISP' DNS because it's less Likely to be targeted.


More Secured doesn't mean SAFER !.

it's simple you do not have to complicate it !

what is more secure a bank downtown or a house in the middle of nowhere at the side of the country?

sure is the bank has more security, but in terms of "security by obscurity". that house is safer to store money in, but it takes 1 thief with a knife to rob that house , while it takes a big force to get into the bank downtown!.

so technically GOOGLE's dns is much more secured " do your own research" . but your ISP dns is safe simply because it's less important to the majority of hackers.


and if you want to argue about the fact that  security by obscurity is a bad practice then a simple proof is the last MEW attack.
people who were accessing their MEW using their ISP were safe at the same moment that those on Google's were getting compromised.


there is no HISTORY data on this matter particularity, therefore I have no solid evidence to support this statement. because it is common sense.

if you want to build a reliable data on this keep using Google's DNS and  after a few years you tell me how many times your online wallet was compromised and we compare it to someone else's who is on their own ISP DNS

[mikeywith]

i was carelessly using public dns because my isp using it. later dns hijacked occured.
My wallet got hacked by it. i lost about 700 usd of it.
now i am no longer using myetherwallet, time to use metamask or other more secure wallet.

sorry about your loss, i tried to warn as many people as i could by then on Ether Mining group on FB some people got away but most were to late to act! anyway

why not get a hardware wallet? any logical explanation behind this?

thanks

[12tribes]

A public DNS server is open to a lot of risks, except it is properly protected using failsafe methods that disconnects the server from the stream in the event of an attack say DDoS.  First of it is that public servers when compromised can bring a lot of pain  to every client who has their sensitive documents, data, etc loaded via the server. All this is usually possible when the server is the target of a worm, host, or virus if the hackers feel something important lies deep in the purpose the servers convey. No one is invulnerable and as such, it is safer to use a private secured protocol that gives a higher degree of safety. never trust public servers no matter how safe they look and never carry out financial transactions over them as your details may be compromised without your knowledge.