Anti-Keyloggers, Keystroke Encryption and other means of protection

[Larzsolice]

Hey, I was wondering is anyone had any advice on how to best protect our wallets.

I've been looking at the protection that security software provides and realized that anti-viruses are a waste of time. My BitDefender subscription recently ended, so I bought a new anti-virus (which shall not be named because I do not know if it is wise to do so.) I installed the new anti-virus while BitDefender was still working AND IT FOUND A LOT OF SUSPICIOUS ACTIVITY WHICH BitDefender COMPLETELY MISSED! This is worrisome because it implies that anti-viruses only offer the concept of protection. Here I should note that I only buy the complete packages, meaning that Internet security is included.

So I started looking on the internet for more specific forms of security. The anti-keyloggers and keystroke encrypters looks like a good idea to begin with, but I don't know which is the best to use for my wallets or which ones I can trust.

So, if anyone has any advice on how to protect ourselves please post it here in a clear and non-technical way (so that noobs can understand)

Also if anyone has knowledge on the methods being used to hack our wallets or steal our passwords, please inform us here as well.

[kikeda]

May I ask on what antivirus did you installed? Since im on the IM game, and paypal/website accounts are like IM counterparts of crypto wallet accounts, i tend to have 1 anti malware software which is malwarebytes and 1 antivirus which is nod, but im kinda new to cyrpto currencies and wallet stuff. I havnt been hacked yet as far as i know, except for server side hacking. I have 2 computers, one for work and one laptop for everything important on which ive stored my accounts and wallets.

[c789]

For now, if you just want something to secure your wallet, get a DVD/USB of Ubuntu Privacy Remix (https://www.privacy-cd.org/en) and generate a paper wallet.

For long term consideration, give Ubuntu (Linux) a try, or Linux Mint. That may sound intimidating, but you can download the disk image for both ("iso" file), burn them to a DVD or USB drive, and try them without installing them on your hard drive. There are free support forums for both versions of linux, so if you have questions or problems, it shouldn't be too hard to get help. That's how I started. Most of the more popular linux varieties have Open Office, or Libre Office, which do what Microsoft Office products do, but they're free and fully compatible with Office files. You can also run Windows programs in Linux with the free "Wine" software in linux. Later, if you do want to install linux, you can dual boot with your existing Windows OS from the same hard drive if you'd like.

You can find the top versions of linux (called distributions) on www.distrowatch.com. Linux can get malware but it's much, much more of a rare event than with Windows.

 

[Larzsolice]

I read this yesterday: https://bitcointalk.org/index.php?topic=349072.0 which is why I started this topic.

Since I do not know how to compile wallets, I am forced to use the qt forms. Cryptocurrencies are (somewhat) difficult to get in South Africa because most of the sites where you can buy do not accept ZAR as payment, and I don't have or want a credit card. So that leaves me collecting altcoins from faucets.

Because I do not know which wallets (or even which altcoins) I can trust, I need to find a way of being secure in the event that I do download a bad wallet or visit the wrong site. I like the idea of anti-keyloggers and keystroke encryption because they offer a type of protection which is useful beyond the world of cryptocurrencies.

My problem is I don't know if this is enough to be safe because I do not know which methods they use to attack and/or steal info.

PS. I am using McAfee because they explicitly state that they have protection against hacking (and my university recommends it)

[c789]

Many of the pre-compiled Qt wallets available for download also have a PGP signature, or some kind of hash file with which you can compare to your download (before running the .exe). Definitely check the signature vs the downloaded file.

The assumptions here are that the person who compiled the code and posted the corresponding signature did not introduce malevolent code, and that nobody has hacked the website and replaced the qt and signature files (unlikely, but possible).

Whether in Windows or Linux, create a different user for each coin wallet. It will take up disk space and other resources, but for me it's worth it. I have a user account for each of my alt-coins, so in case one of the Qt files has virus, it won't be able to get to the other wallets (because they're in different user accounts and they don't have permission).

[Larzsolice]

I also collect from faucets on the wallets on my PC and send the coins to the wallets on my tablet.
This provides extra protection since I don't think it is likely that both will be hacked

[Larzsolice]

Many of the pre-compiled Qt wallets available for download also have a PGP signature, or some kind of hash file with which you can compare to your download (before running the .exe). Definitely check the signature vs the downloaded file.

Thanks for the advise, but how do I check the PGP signature or hash file?

[LiteCoinGuy]

if you have more than just 1000 bucks you should buy a laptop (linux) with which you only do BTC / LTC trading,

[Larzsolice]

if you have more than just 1000 bucks you should buy a laptop (linux) with which you only do BTC / LTC trading,

1000 USD = 10 500 ZAR... As America keeps printing more money, our currency suffers because we get the deflation That is why I'm getting into crypto-currencies.

But having a dedicated computer is a good idea. Just not sure how it's gonna improve security

[c789]

There are guides online of how to verify signatures, but I'll try and post back later after work.

On a side note, I and many other Americans are not in favor of the US just printing more money. It's just a bad idea, no matter how it's presented.