Bitcoin Forum
May 23, 2019, 02:33:44 AM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 »  All
  Print  
Author Topic: How to stay safe when browsing on hotspots or public wifi  (Read 424 times)
Kristinnspence
Jr. Member
*
Offline Offline

Activity: 64
Merit: 1


View Profile WWW
April 10, 2019, 11:06:54 PM
 #1

Hi there, Kristinn Spence here with a new short tutorial for you guys

How to stay safer when using hotspots or public wifi that other people have access to as well
because now a day attacks such as arp poisoning and others are pretty common and as well as honey pot attacks that hackers utilize
to steal cryptocurrencies from people and also of course standard viruses and trojans.

But how to make yourself pretty much immune to Man-In-The-Middle MITM attacks and ARP poisoning and Honeypots
is basically best to run through a VPN and change your DNS servers for basic protection

Now a VPN is a virtual private network that routes all your internet traffic through a secure server out in the world so that all your traffic is handled by that server before you even go to a website or do anything on the internet it goes directly to that server before anything else.

But of course it will not 100% make you safe but it will increase the safety a lot and decrease the chances that you will be hacked.
you can get any VPN server on the internet like express VPN, tunnelbear, hotspot shield or others a simple google search will do the trick or you can find cheap ones on underground forums.

then after you do that right click on your connection and you are going to change your dns servers so that your ISP is not handling your DNS
also sometimes your internet connection becomes faster
here are details on how to change it
https://developers.google.com/speed/public-dns/docs/using

now, these are fairly simple and the most basic protection measures that you can take for your internet connection and I highly recommend doing at least this to protect your traffic because apart from this hackers can sniff your internet as well using tools like Wireshark and others but it is impossible to sniff encrypted traffic.
1558578824
Hero Member
*
Offline Offline

Posts: 1558578824

View Profile Personal Message (Offline)

Ignore
1558578824
Reply with quote  #2

1558578824
Report to moderator
GET 25 FREE SPINS AT REGISTRATION
GET 100% BONUS ON FIRST DEPOSIT
PLAY NOW
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1558578824
Hero Member
*
Offline Offline

Posts: 1558578824

View Profile Personal Message (Offline)

Ignore
1558578824
Reply with quote  #2

1558578824
Report to moderator
BitMaxz
Legendary
*
Offline Offline

Activity: 1442
Merit: 1174


Bitmain miners is getting worst.


View Profile WWW
April 10, 2019, 11:42:17 PM
Last edit: April 10, 2019, 11:53:33 PM by BitMaxz
 #2

I don't recommend a public DNS from google because I heard that google monitor's your activity through Google DNS.
You can try comodo DNS if you want to protect your self from phishing websites.

DNS SERVER of COMODO:8.26.56.26
DNS SERVER of COMODO:8.20.247.20

I got this DNS from here https://bitcointalk.org/index.php?topic=3395101.0 you can use google translator if you want to follow his guide.

And I think you can protect your browsing activity from public wifi if you use some 3rd party apps or software to encrypt your internet like using a VPN(recommended one is IPvanish) and antivirus(Kaspersky is recommended. Just make sure for android user's you are not rooted because I already tested that if you are rooted with antivirus it can't prevent some viruses/apps to modify your system files.

bitperson
Full Member
***
Offline Offline

Activity: 210
Merit: 113


View Profile
April 11, 2019, 02:59:45 AM
Merited by suchmoon (9), o_e_l_e_o (2), Pmalek (1)
 #3

you can get any VPN server on the internet like express VPN, tunnelbear, hotspot shield or others a simple google search will do the trick or you can find cheap ones on underground forums.
So you wouldn’t trust a random wi-fi, but you would trust just any old malicious VPN you happened to find on ‘underground forums’. That’s bad advice.

Only connect to wi-fi networks you have reason to trust. I avoid open ones, but I often use password-protected networks operated by some bona fide entity.

Similarly, if you decide to use a VPN, make sure it’s trustworthy. After all, whoever controls the VPN will be able to read and change all your plain-text traffic. Even when you’re using encrypted applications, the VPN owner will know where you connect and how much information you send and receive.

F-Secure Freedome is a widely used VPN with good reputation, but of course past performance doesn’t predict future results. With huge userbases comes huge responsibility, and as we’ve seen with Facebook and others, sometimes the temptation can grow too big. Remember those are all companies that seek to make a profit. ‘If you’re not the paying customer, you’re the product.’

How to ask questions the smart way
When you’re happy with the answers in a thread you have started, please click ‘lock topic’ to prevent spam.
1NFJFJgFc1ia7Y1DtyJWgvJLxCovt5v2RH
jseverson
Hero Member
*****
Offline Offline

Activity: 980
Merit: 677


View Profile
April 11, 2019, 03:04:15 AM
 #4

I don't recommend a public DNS from google because I heard that google monitor's your activity through Google DNS.
You can try comodo DNS if you want to protect your self from phishing websites.

I could be wrong, but I don't think your DNS actually matters if you're using a VPN service with built-in DNS leak protection, since you'll always be using the VPN-provided DNS.

I'm still very iffy about suggesting Kaspersky (or any other third party antivirus for that matter) because common sense + Windows Defender should be enough to protect you in normal day-to-day activities. To each his own though.

whotookmycrypto
Member
**
Offline Offline

Activity: 112
Merit: 174

WhoTookMyCrypto.com


View Profile WWW
April 11, 2019, 04:20:46 AM
Merited by CryptopreneurBrainboss (1)
 #5

Binance has a good article on this: https://www.binance.vision/security/why-public-wifi-is-insecure

Some of the recommendations they listed:
Quote
- Turn off any setting that allows your device to connect automatically to available WiFi networks.
- Turn off file sharing and log out of accounts you are not using.
- Use password-protected WiFi networks wherever possible. When there is no option but to use a public WiFi network, try not to send or access sensitive information.
- Keep your operating system and antivirus updated.
- Avoid any financial activity while using public networks, including cryptocurrency transactions.
- Utilize websites which use the HTTPS protocol. Keep in mind, however, that some hackers perform HTTPS spoofing, so this measure is not entirely foolproof.
- Using a Virtual Private Network (VPN) is always recommended, especially if you need to access sensitive or business-related data.
- Be wary of fake WiFi networks. Do not trust the name of the WiFi just because it is similar to the name of a store or company. If in doubt, ask a member of the staff to confirm the authenticity of the network. You may also ask if they have a secured network you could borrow.
- Turn off your WiFi and Bluetooth if you are not using. Avoid connecting to public networks if you do not really need it.

Xenrise
Sr. Member
****
Offline Offline

Activity: 672
Merit: 251



View Profile
April 11, 2019, 05:05:00 AM
 #6

I really don't recommend people to connect in public wifi or hotspots that are not trusted. Since, I saw a video on youtube that every transaction people made on that while connected can be viewed by the person with authority. For example, somebody moved his money to his savings account. As much as possible don't connect to public wifi or hotspots. Scammers are everywhere. And what if you are connected to a person that is an IT or a computer engineer and hacks you.
tranthidung
Sr. Member
****
Offline Offline

Activity: 476
Merit: 320


Tran Thi Dzung


View Profile
April 11, 2019, 05:29:20 AM
 #7

Binance has a good article on this: https://www.binance.vision/security/why-public-wifi-is-insecure

Some of the recommendations they listed:
Quote
- Turn off any setting that allows your device to connect automatically to available WiFi networks.
- Turn off file sharing and log out of accounts you are not using.
- Use password-protected WiFi networks wherever possible. When there is no option but to use a public WiFi network, try not to send or access sensitive information.
- Keep your operating system and antivirus updated.
- Avoid any financial activity while using public networks, including cryptocurrency transactions.
- Utilize websites which use the HTTPS protocol. Keep in mind, however, that some hackers perform HTTPS spoofing, so this measure is not entirely foolproof.
- Using a Virtual Private Network (VPN) is always recommended, especially if you need to access sensitive or business-related data.
- Be wary of fake WiFi networks. Do not trust the name of the WiFi just because it is similar to the name of a store or company. If in doubt, ask a member of the staff to confirm the authenticity of the network. You may also ask if they have a secured network you could borrow.
- Turn off your WiFi and Bluetooth if you are not using. Avoid connecting to public networks if you do not really need it.
You give me great tips to secure my life when connect to Internet. By the way, I would like to ask you and others that how to secure and stay safely from animated images? I read somewhere else that such animated images have higher security risks on static images. Does it right? If yes, how to stay safe from animated images when my friend send them to me?

███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
#1
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
BTC 
  ●
   BTC
  BTC  
.
    ▄▄▄▀▀▀▀
 ▄██▀
███        ▄▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄▄▄
▀███▄▄▄▄▀▀▀                 ▀▀▄▄
  ▀▀▀██████████████████████████▀
   ▄█▄     ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀██▄▄█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀▀
      ▄  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
      ▀██▄  ▄▀▀▀▀▀▀▀▀▀▀▀▀▄
        ▀█▀██████████████▀▀
         ▀█▄▄ ▄▄▄▄▄▄▄▄▄▄
            █▀▄▄▄▄▄▄▄▄▄▄▀
             ▀▀▄▄▄▄▄▄▄
.
     BTC
  BTC   
  ●
  BTC  
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
dothebeats
Legendary
*
Offline Offline

Activity: 1834
Merit: 1122

don't ruin my PCRs dammit.


View Profile
April 11, 2019, 06:12:25 AM
 #8

I'm still very iffy about suggesting Kaspersky (or any other third party antivirus for that matter) because common sense + Windows Defender should be enough to protect you in normal day-to-day activities. To each his own though.

I second this. Usually I see antivirus software as a clog to my finely-working system, and I could live without them knowing that I only use my computer to just browse this forum and do some work-related stuff. The other aspects of my internet life I use a different machine for that, especially for gaming, downloading things and streaming movies online. In no way would I ever install Kaspersky or any other antivirus on my PC since Windows Defender had been pretty much a good company for my machine for the past 3 years.

hilmy
Member
**
Offline Offline

Activity: 126
Merit: 10

★Bitvest.io★ Play Plinko or Invest!


View Profile
April 11, 2019, 06:34:27 AM
 #9

use your own VPN server if you know how-to setup maybe thats will be better safe i think.
much more cheap server and support for TUN/Tap Tunning like OpenVPN, etc.

▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ ★ ★ ★ ★ ★ ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
PLINKO    |7| SLOTS     (+) ROULETTE    ▼ BIT SPINBITVESTPLAY or INVEST ║ ✔ Rainbot  ✔ Happy Hours  ✔ Faucet
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ ★ ★ ★ ★ ★ ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
whotookmycrypto
Member
**
Offline Offline

Activity: 112
Merit: 174

WhoTookMyCrypto.com


View Profile WWW
April 11, 2019, 11:04:34 AM
 #10

You give me great tips to secure my life when connect to Internet. By the way, I would like to ask you and others that how to secure and stay safely from animated images? I read somewhere else that such animated images have higher security risks on static images. Does it right? If yes, how to stay safe from animated images when my friend send them to me?

Hey mate, unfortunately don't have a good answer to this. However, getting viruses from opening pictures (static or animated) is hard in general. Your best prevention in such scenarios is simply not opening photos from suspicious sources. Would update you if there is a better way to deal with this. Thanks for highlighting it.

Kristinnspence
Jr. Member
*
Offline Offline

Activity: 64
Merit: 1


View Profile WWW
April 11, 2019, 12:47:20 PM
 #11

You can disable most all scripts in firefox using NoScript addon and more
turn off js and all the others so that the images don't autoload

or just download tor browser it's fairly safe
bob123
Hero Member
*****
Offline Offline

Activity: 896
Merit: 1014



View Profile WWW
April 11, 2019, 02:06:46 PM
 #12

So you wouldn’t trust a random wi-fi, but you would trust just any old malicious VPN you happened to find on ‘underground forums’. That’s bad advice.

This. VPN provider can read and modify and save all traffic.


The best way to stay safe when being connected to an open wifi is to connect to your own vpn server at home.

Simply get a raspberry pi if you don't want to have your PC running when your not at home, and install OpenVPN.
You will be able to route the whole traffic through your home-network.

When only rarely being in an open wifi, this seems to be overkill. But if you regularly use open wifi's it might be worth to get a raspberry pi to host a vpn server.

khaled0111
Sr. Member
****
Online Online

Activity: 714
Merit: 344

Does people really read this!


View Profile
April 11, 2019, 03:15:19 PM
 #13

Just don't connect your device to public WI-FI networks unless you have to do so.

If you are connected to a public WI-FI make sure to access only HTTPS websites and never transmit any sensitive data.
Also make sure to turn off "file sharing" on your device.
 
A hacker on the same network will try to exploit old vulnerabilities, hence, a good practice is to always update all your softwares to patch security flaws.   
nakamura12
Member
**
Offline Offline

Activity: 462
Merit: 56

★777Coin.com★ Fun BTC Casino!


View Profile
April 11, 2019, 04:00:28 PM
 #14

It is very risky to use VPN which required an access to your device(mobile device)/application(computer browsers) before you can use it. Avoid data sharing and more program that will ask permission to access your data that can be shared without you noticing.

How to secure and stay safely from animated images?
Well, animated images can be combined with link that may have program that can take information or files after you got redirected to somewhere else that only bring harm in your device like viruses, malwares and more. What I meant about that is an animated images on internet. Some animated images like GIF will take you to a site that will automatic downloading a file that you haven't downloaded. I don't know any solution to this but make sure you update your anti-virus up to date most of the time and avoid clicking any images especially if it is given by a person on real time. It is the same in an animated button that will help you navigate which some will use it in hacking.

tranthidung
Sr. Member
****
Offline Offline

Activity: 476
Merit: 320


Tran Thi Dzung


View Profile
April 11, 2019, 04:26:38 PM
 #15

My computers always installed internet security and updated database. Maybe you raised a good point here about the hidden threats from animated images, and their operational mechanism to spread threats. However, as you said, and as I wanted, I would like to get solutions to check potential threats inside animated images.
I have rarely download animated images, despite of I sometimes like them. If there are ways to check threats in animated images, I might download safe ones after checking.
Well, animated images can be combined with link that may have program that can take information or files after you got redirected to somewhere else that only bring harm in your device like viruses, malwares and more. What I meant about that is an animated images on internet. Some animated images like GIF will take you to a site that will automatic downloading a file that you haven't downloaded. I don't know any solution to this but make sure you update your anti-virus up to date most of the time and avoid clicking any images especially if it is given by a person on real time. It is the same in an animated button that will help you navigate which some will use it in hacking.

███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
#1
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
BTC 
  ●
   BTC
  BTC  
.
    ▄▄▄▀▀▀▀
 ▄██▀
███        ▄▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄▄▄
▀███▄▄▄▄▀▀▀                 ▀▀▄▄
  ▀▀▀██████████████████████████▀
   ▄█▄     ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀██▄▄█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀▀
      ▄  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
      ▀██▄  ▄▀▀▀▀▀▀▀▀▀▀▀▀▄
        ▀█▀██████████████▀▀
         ▀█▄▄ ▄▄▄▄▄▄▄▄▄▄
            █▀▄▄▄▄▄▄▄▄▄▄▀
             ▀▀▄▄▄▄▄▄▄
.
     BTC
  BTC   
  ●
  BTC  
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
r1a2y3m4
Full Member
***
Offline Offline

Activity: 406
Merit: 110


Free Crypto in Stake.com Telegram t.me/StakeCasino


View Profile
April 11, 2019, 04:39:52 PM
 #16

It is very risky to use VPN which required an access to your device(mobile device)/application(computer browsers) before you can use it. Avoid data sharing and more program that will ask permission to access your data that can be shared without you noticing.

How to secure and stay safely from animated images?
Well, animated images can be combined with link that may have program that can take information or files after you got redirected to somewhere else that only bring harm in your device like viruses, malwares and more. What I meant about that is an animated images on internet. Some animated images like GIF will take you to a site that will automatic downloading a file that you haven't downloaded. I don't know any solution to this but make sure you update your anti-virus up to date most of the time and avoid clicking any images especially if it is given by a person on real time. It is the same in an animated button that will help you navigate which some will use it in hacking.
I don't think using VPN can make you safe in browsing using hotspot of public wifi since you are connected to it and you are being surveillance by the owner of that wifi you are connected to.

nakamura12
Member
**
Offline Offline

Activity: 462
Merit: 56

★777Coin.com★ Fun BTC Casino!


View Profile
April 11, 2019, 04:46:38 PM
 #17

My computers always installed internet security and updated database. Maybe you raised a good point here about the hidden threats from animated images, and their operational mechanism to spread threats. However, as you said, and as I wanted, I would like to get solutions to check potential threats inside animated images.
I have rarely download animated images, despite of I sometimes like them. If there are ways to check threats in animated images, I might download safe ones after checking.
I don't know if this is working 100% because I haven't tried checking images that may/had contained hidden codes that will be activated once the animated images loaded. You can try this one to check if an image contains a threat that can harm/take vital information that you stored on your device.

Take Note: Test their tools in another device which is not yours or in an internet cafe before using it on your own devices for safety purposes.

Here are the links:
Tools:
https://metadefender.opswat.com/#!/
https://www.opswat.com/free-tools

Explanation:
https://www.opswat.com/blog/hacking-pictures-stegosploit-and-how-stop-it

tranthidung
Sr. Member
****
Offline Offline

Activity: 476
Merit: 320


Tran Thi Dzung


View Profile
April 11, 2019, 05:35:21 PM
 #18

I thank you for those sites, but I won't try using it now.
Some reasons:
- I don't actually have demand to use it for now (don't have need to download animated images at the moment).
- I will wait to get opinions or confirmations of others on those sites.

By the way, I felt happy to see you (one of my challenge's winners) moved nearly half of your pathway to Full Member.
Take Note: Test their tools in another device which is not yours or in an internet cafe before using it on your own devices for safety purposes.

Here are the links:
Tools:
https://metadefender.opswat.com/#!/
https://www.opswat.com/free-tools

Explanation:
https://www.opswat.com/blog/hacking-pictures-stegosploit-and-how-stop-it

███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
#1
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
BTC 
  ●
   BTC
  BTC  
.
    ▄▄▄▀▀▀▀
 ▄██▀
███        ▄▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄▄▄
▀███▄▄▄▄▀▀▀                 ▀▀▄▄
  ▀▀▀██████████████████████████▀
   ▄█▄     ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀██▄▄█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀▀
      ▄  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
      ▀██▄  ▄▀▀▀▀▀▀▀▀▀▀▀▀▄
        ▀█▀██████████████▀▀
         ▀█▄▄ ▄▄▄▄▄▄▄▄▄▄
            █▀▄▄▄▄▄▄▄▄▄▄▀
             ▀▀▄▄▄▄▄▄▄
.
     BTC
  BTC   
  ●
  BTC  
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
Kristinnspence
Jr. Member
*
Offline Offline

Activity: 64
Merit: 1


View Profile WWW
April 11, 2019, 07:13:13 PM
 #19

Guys, you know you easily bind malicious software to images using a file binder after the virus or exploit has been encrypted to be undetectable it is usually bound together with a normal program or installs or an image file or doc file and then when it is run there is no trace of it.

What you can do if you want to check the image file is you can reverse engineer the image by using some tools like ida and check if you find some abnormalities in the code that you reverse engineer.

I used to do a fair share of malware research back in the day as well so if you find the jump point in the code that shows where the software itself starts or the image therefor and you find a jump point inside the code after you reverse engineer it that says something about running software or downloading something then you have found the virus.

but you would have to actually download the image and run it to get infected
nakamura12
Member
**
Offline Offline

Activity: 462
Merit: 56

★777Coin.com★ Fun BTC Casino!


View Profile
April 11, 2019, 09:18:37 PM
 #20

I thank you for those sites, but I won't try using it now.
Some reasons:
- I don't actually have demand to use it for now (don't have need to download animated images at the moment).
- I will wait to get opinions or confirmations of others on those sites.
But once you have tested the tools in that site I was hoping that you could share your results after you have used the site. I am planning to compare the results the image you have use the tools in that site and I'll use the same tools of the same image you have download but before I can do that, I also need the source where you downloaded the image. Some cloud storage change the file size when uploaded in a cloud storage. File Size: 1.2MB and uploaded to the cloud storage then downloaded but the file size is now 1mb or less.

By the way, I felt happy to see you (one of my challenge's winners) moved nearly half of your pathway to Full Member.
Thank you for the sweet message. I did read your post about your achievement on becoming senior member which came into my mind that anyone can achieve full member rank as long as you tried your best. I'm even surprise when I open my account the next day and saw my account having what I have right now.

Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!