How easy BTC could be susceptible to computer security threats?

[Smartprofit]

In my opinion, it is impossible to completely eliminate the risk of hacker attacks.  
However, you can significantly minimize the risk of successful attacks from criminals.  Your goal is to create a system to safely store and use your Bitcoins.  
This system should be as good as possible for your level of technical competence.  By creating unnecessarily complex security, you risk that you yourself will make some kind of mistake that will lead to loss of money.  The general principles of creating such a secure Bitcoin storage system are that your funds should be stored in different places (storage diversification) so that one mistake or successful hacker attack does not deprive you of all your capital.  Also, special attention should be paid to complete control over private keys (seeds).  
Hardware wallets are more secure for storing Bitcoin than smartphones, and smartphones are more secure for storing Bitcoin than laptops and desktops.

This is right that security should not go to an extent that you yourself feel uncomfortable in accessing them. There are few simple things we have to do to secure our Bitcoins. As far as seed security is concerned there is no way better to secure it but to write it on piece of paper. Seed security is first and foremost step in security of Bitcoin. If you have funds then go for Hardware wallets but if you are sticking with mobile make sure it's hardened enough to secure your Bitcoins.

Securing Bitcoin seeds is a very serious task.  I had a special notebook in which I wrote down the Bitcoin seed.  And it was very convenient for managing your satoshi.  
I like the analog world more than the digital one.  But now I constantly live with a girl and my notebook had to be destroyed (much to my regret).  
I burned it.  Because girls are very curious.  Therefore, my girlfriend would probably sooner or later discover a notebook with private keys, passwords and seeds.  And I’m not ready to share such information even with my girlfriend.  
Even if she couldn't figure out what it was, she could copy the information and show it to third parties.  
From this I concluded that storing seeds on paper is not always (unfortunately) the best option.

[1714632910]

1714632910

[1714632910]

1714632910

[Z-tight]

and smartphones are more secure for storing Bitcoin than laptops and desktops.

This is not true, a mobile phone poses more security threat than a computer for obvious reasons, i.e. their OS. However it still depends on the user's opsec and how safely they use their device, because a desktop wallet run in an unsafe environment is more vulnerable than a mobile wallet run in a safe environment.

 
From this I concluded that storing seeds on paper is not always (unfortunately) the best option.

So how do you now back up your seed phrase?

[WatChe]

Securing Bitcoin seeds is a very serious task.  I had a special notebook in which I wrote down the Bitcoin seed.  And it was very convenient for managing your satoshi.  
I like the analog world more than the digital one.  But now I constantly live with a girl and my notebook had to be destroyed (much to my regret).  
I burned it.  Because girls are very curious.  Therefore, my girlfriend would probably sooner or later discover a notebook with private keys, passwords and seeds.  And I’m not ready to share such information even with my girlfriend.  
Even if she couldn't figure out what it was, she could copy the information and show it to third parties.  
From this I concluded that storing seeds on paper is not always (unfortunately) the best option.

I would say there must be some person apart from yourself who is aware of your seed or private keys to take care of our Bitcoins in case anything happen to owner. We live in uncertain world and there is guarantee of how long we will be around. Lots of Bitcoins are lost because there owners lost the keys or they are no more here to access them. In case you don't want your hard work to be lost forever, make sure there is next of kin to access them in case anything happen to you. 

[Medusah]

This is not true, a mobile phone poses more security threat than a computer for obvious reasons, i.e. their OS.

The OS is not the main problem.  The reason why mobile devices are more risky for security is because they're made to connect to lots of different networks like Wi-Fi, Bluetooth, GPS, NFC, and more.  The more networks they connect to, the more ways there are for hackers to attack them.  It also makes privacy worse for the same reason. 

[goldkingcoiner]

Can you give me a few hints on what to look for on the topic?

Bitcoin itself? Not at all. The blockchain has never been hacked, exploited or abused in any way. Centralized entities that own Bitcoin like regular users, centralized cryptocurrency exchanges on the other hand, yes, those points are vulnerable to security threats.

My advice:

Do some research on the wallet software you plan to use. Has it been vetted by the Bitcointalk community? Is it open source? Is it non-custodial?

Devices that contain important data pertaining to your wallet (like your seed phrase, for example) should be disconnected from the internet and other devices - in fact, if you use the same device to download, click on a links, visit unknown websites, etc. then your Bitcoins are already not safe.

Don't share your seed phrase and don't connect your wallet to anything fishy. Be wary of strange currencies or strange transactions. When in doubt, best get a new wallet and transfer the coin to the new wallet.

[ABCbits]

and smartphones are more secure for storing Bitcoin than laptops and desktops.

This is not true, a mobile phone poses more security threat than a computer for obvious reasons, i.e. their OS. However it still depends on the user's opsec and how safely they use their device, because a desktop wallet run in an unsafe environment is more vulnerable than a mobile wallet run in a safe environment.

Actually mobile OS usually have better security by default compared with desktop OS. For example, Android offer Application and Privacy sandbox which limit what an application can do.

--snip--

Securing Bitcoin seeds is a very serious task.  I had a special notebook in which I wrote down the Bitcoin seed.  And it was very convenient for managing your satoshi.  
I like the analog world more than the digital one.  But now I constantly live with a girl and my notebook had to be destroyed (much to my regret).  
I burned it.  Because girls are very curious.  Therefore, my girlfriend would probably sooner or later discover a notebook with private keys, passwords and seeds.  And I’m not ready to share such information even with my girlfriend.  
Even if she couldn't figure out what it was, she could copy the information and show it to third parties.  
From this I concluded that storing seeds on paper is not always (unfortunately) the best option.

That's why many OS offer feature called full disk encryption. For example, bitlocker for windows and LUKS for linux.

[WatChe]

Actually mobile OS usually have better security by default compared with desktop OS. For example, Android offer Application and Privacy sandbox which limit what an application can do.

That's correct. There are not much hacks that happen because of vulnerabilities present in OS but because of negligence of people. There is no way a malware can make it to your mobile unless you download some fishy app or click on some suspicious link. Rather then focusing on security of devices alone, human vigilance is also required in cyber world (or securing bitcoins). A chain is as strong as it's weakest link, and in security of Bitcoins the weakest link is human.   

[BTTUSERNAME]

Actually mobile OS usually have better security by default compared with desktop OS. For example, Android offer Application and Privacy sandbox which limit what an application can do.

That's correct. There are not much hacks that happen because of vulnerabilities present in OS but because of negligence of people. There is no way a malware can make it to your mobile unless you download some fishy app or click on some suspicious link. Rather then focusing on security of devices alone, human vigilance is also required in cyber world (or securing bitcoins). A chain is as strong as it's weakest link, and in security of Bitcoins the weakest link is human.   

It seems your major concern is basically on human vigilance. But we can all agree that, inasmuch as human vigilance and carefulness is essential when it comes to Bitcoin security, the technological advancement in Blockchain security plays a more vital role when it comes to Bitcoin security because there are so many measures provided to enhance security even when humans are not being super careful it'll be difficult for scammers and hackers to exploit them. Let's consider the Zero knowledge proofs and the multi-signature wallets for example. If you're familiar with these technologies then you'll know that these techniques makes it almost impossible for scammers and hackers to access people's wallets.

We can equally consider development and advancements in encryption and cryptography. They are also quite helpful techniques that helps to secure the bitcoin wallet. I'm not saying Human vigilance isn't important or essential, but I stand to believe that it's not the primary as there are things that are more important.

[ABCbits]

Actually mobile OS usually have better security by default compared with desktop OS. For example, Android offer Application and Privacy sandbox which limit what an application can do.

That's correct. There are not much hacks that happen because of vulnerabilities present in OS but because of negligence of people. There is no way a malware can make it to your mobile unless you download some fishy app or click on some suspicious link. Rather then focusing on security of devices alone, human vigilance is also required in cyber world (or securing bitcoins). A chain is as strong as it's weakest link, and in security of Bitcoins the weakest link is human.   

It seems your major concern is basically on human vigilance. But we can all agree that, inasmuch as human vigilance and carefulness is essential when it comes to Bitcoin security, the technological advancement in Blockchain security plays a more vital role when it comes to Bitcoin security because there are so many measures provided to enhance security even when humans are not being super careful it'll be difficult for scammers and hackers to exploit them. Let's consider the Zero knowledge proofs and the multi-signature wallets for example. If you're familiar with these technologies then you'll know that these techniques makes it almost impossible for scammers and hackers to access people's wallets.

Can you tell us which Bitcoin wallet which use zero knowledge proof?

We can equally consider development and advancements in encryption and cryptography. They are also quite helpful techniques that helps to secure the bitcoin wallet. I'm not saying Human vigilance isn't important or essential, but I stand to believe that it's not the primary as there are things that are more important.

Encryption is part of cryptography. Most Bitcoin wallet software already use strong encryption cryptography (usually AES-256), assuming you don't use weak weak password.

[Z-tight]

They are also quite helpful techniques that helps to secure the bitcoin wallet. I'm not saying Human vigilance isn't important or essential, but I stand to believe that it's not the primary as there are things that are more important.

Your funds is only as safe as the device you store it in, i.e. if you store your funds in an airgapped wallet, it is safer that someone who stores theirs in an online machine. However, you must also know exactly what you are doing, so many people create their airgapped wallet in an unsafe environment and end up losing their funds. Opsec is also very important, as well as implementing extra layers of security, i.e. extending your seed phrase with a passphrase or setting up a multisig wallet.

[ranochigo]

Your funds is only as safe as the device you store it in, i.e. if you store your funds in an airgapped wallet, it is safer that someone who stores theirs in an online machine. However, you must also know exactly what you are doing, so many people create their airgapped wallet in an unsafe environment and end up losing their funds. Opsec is also very important, as well as implementing extra layers of security, i.e. extending your seed phrase with a passphrase or setting up a multisig wallet.

Storage is important but so is the usage. You'd have to be sure to use your keys only in sanitized environment, and preferably separate from each other in the case of multisig or it'll negate the benefits. Extending your seed phrase would ensure that the adversary won't directly gain access to your wallet but it doesn't mean that you won't be susceptible to extortion or a $5 wrench attack. A good way to keep backups would be either in a safe or if you know what you're doing, hidden with steganography.

[Z-tight]

Extending your seed phrase would ensure that the adversary won't directly gain access to your wallet but it doesn't mean that you won't be susceptible to extortion or a $5 wrench attack.

Extending your seed phrase with a passphrase can save you from a $5 wrench attack through plausible deniability, if you load the base wallet with a small amount of funds, you may be lucky to deceive the attacker that it is the only coins you have, without them knowing that you have a wallet 'hidden' by a passphrase.

[NotATether]

Could recent 'ordinals' congestion be considered as an attack to blockchain? If so, how easy is it to upload a virus into blockchain itself?

Already done a couple of years ago without the use of Ordinals as they did not even exist at the time.

At the end of the day, transactions are just bytes, and it is possible to stuff a bunch of data inside the transaction which is never evaluated. Most of the time this will make the output unspendable (pre-ordinals), but storing data on-chain is becoming expensive, so it will probably be restricted to storing malicious payloads which can be downloaded and ran to hijack a system, rather than attack the protocol itself.

Extending your seed phrase with a passphrase can save you from a $5 wrench attack through plausible deniability, if you load the base wallet with a small amount of funds, you may be lucky to deceive the attacker that it is the only coins you have, without them knowing that you have a wallet 'hidden' by a passphrase.

No, it won't. That will just get you amputated or killed.

[Z-tight]

No, it won't. That will just get you amputated or killed.

That is only if your have gone about telling everyone you have a lot of money in BTC, and due to that the attackers specifically target you because they know you have a lot of coins. However, if robbers break into your house to steal fiat and valuables from you, and then find your wallet file in your device, they might believe you have just the $100-500 in your base wallet. If you have a lot of coins, then loading the base wallet with a higher amount is even better.

[suzanne5223]

No, it won't. That will just get you amputated or killed.

That is only if your have gone about telling everyone you have a lot of money in BTC, and due to that the attackers specifically target you because they know you have a lot of coins. However, if robbers break into your house to steal fiat and valuables from you, and then find your wallet file in your device, they might believe you have just the $100-500 in your base wallet. If you have a lot of coins, then loading the base wallet with a higher amount is even better.

How would the robber find the device where the wallet files were kept if the person kept the device in a secure location if the user made security his/her priority rather easy to access the device?
To begin, I believe the best thing is to never showcase our holding, or hire good security personnel because the economic hardship has increased the cases of robber attacks in some countries.