/ Mon Feb 19 21:07:37 2018 No.7802918 [View] In light of the recent events I'm making this thread again. These barely get any replies and here we are: Here's some tips that I reccommend everyone to implement right now on their trading computers/laptop. - I CANT STRESSS THIS ENOUGH: Close all unneeded ports. No one recommends this but for me is a nobrainer, it reduces the surface attack by a large margin and you can do it easily on windows and linux. Only forward the ports you absolutely need: 80, 443, 53 (dns), 67 (dhcp) and 9943 (this port is needed for Binance, for whatever reason, the chart and price doesn't update automatically unless you open this). - Don't play videogames on the same computer you trade, especially if you play pirate games like the fit girl repacks and shit like that. - OS: Either Windows 10 (always updated) or pretty much any Linux diestro will do. Windows 7 is extrictly forbidden. - Browser: Either Chrome or Firefox - Plugins: uBlock Origin, uBlock Origin extra, HTTPS Everywhere (or smart https if you have issue with your RAM) - Others: DnsCrypt. SimpleDNScrypt is very user friendly for both Windows and Linux so use that. - Waiting for feedback: Cryptonite.
NOTE: For me the godtier setup is LEDE+DnsCrypt+unbound+dnssec and closing all ports on the router since I'm not a gaymer but everyone is different. Any suggestions? What do you guys use?
0 replies Enjoy getting hacked fsggot, 50% of all of you will eventually lose fucking everything for not paying attention when they should've
Austin Morris
No worries, I've read it and you actually put the topic of security back on my mind. But there's not a lot to discuss I feel like, it's just general computer security that people either already know or are too stupid to understand why it's important. I appreciate your post anyhow.
Ryan Adams
some more;
create a local user account, don't login as a local admin account. when using your wallets and store them in a folder with NTFS permissions that deny all except that user (local admin will still be able to access but still lowers risk), then use a different local user for your main pc usage and only elevate permissions as required. alternatively, dual boot to an OS only used for trading / wallets with full disk encryption.
2FA/MFA all of your accounts, e-mail, exchanges (most require it anyway), password manager, anywhere that gives you the option.
Never re-use passwords across sites.
Keep all applications up to date, regularly remove old applications you no longer use.
Schedule anti-virus scans, keep your scanner up to date. never use a cracked scanner.
Keep backups! one off-site or cold-store backup encrypted.
Don't go to sites and download shit that you don't know are safe.
t. infosec risk analyst
Asher Bell
How do I go about securing my phone? I only have 1 phone so I use it for everything, binance trading app + google auth + SMS 2fa... That's not exactly smart, right?
Anthony Ward
When I upgraded my phone i used my old one as a 2fa only device, I wiped it and only connect it to my home wifi with my 2fa accounts on it. That's a easy way to do it.
It's hard to secure a phone for everyday use and secure use, corporations use tools for mobile device management but as a consumer it's hard to do on your own so usually a second device is the easiest way.
Evan Cooper
How exactly could 2FA be hacked though?
Cooper Williams
Dont use the same network for everything. Get a sim and a cheap plab and use that. Or get a cheap chink phone to use for 2fa codes and keep it always offline. If one day your main network gets rekt they would have access to all your 2fa codes and thats bad.
Camden Perry
> not running an airgapped openBSD with your cold wallets > not storing your wallets in a double encrypted setup (luks-dm and blowfish3/AES) > not having a trading laptop running Linux with a free BIOS and hardware without non-free blobs > owning more than 21 bitcoin and using Windows Vista
Shaggy daggy
Carson Jenkins
Explain this, does your 2fa codes not only exist on the device? Why would they be able to access them from the network?
Nathan Brown
Why use a non-admin local user account for trading/wallets? I think I understand the reasoning for everything else, but I'm not sure I get that part. If someone I don't know somehow has Admin permissions on my own PC at that point I'm already thoroughly fucked anyway, right?
Owen Kelly
Device can be compromised Cell Network can be compromised especially SMS 2FA
Mason James
If they got remote access to your network (aka some virus pastes a dyndns config into your router/modem) they can open the 2fa app and copy the codes
Ryan Wright
the most common scenario of 2fa being attacked is it being intercepted or phished.
with SMS you can social engineer the phone carrier to divert the number, so you can't do much to prevent that one. A smart attacker can also use phishing to make you think your exchange is requesting your 2fa for an action you are trying to complete when really the auth token is being used for another action. both of those a very targeted and hard to pull off but they do happen in the banking world especially.
the reason i keep it on another phone is mostly to prevent an issue where i could lose my phone, or if these is an unknown compromise of my phone that gives access to the one time token (google auth) and my credentials are also stolen. In most cases the risk is fairly low for this, but keeping both methods of authentication on one device kind of defeats the purpose of the second factor.
Mason Myers
>Windows 7 is extrictly forbidden. Thanks I just bought 100,000k Win7.
Camden Reyes
its the principle of least privillege, so a local user vs a local admin have very different rights to change and access the operating system. If you are a local user it will be harder for most rootkits or malware to install (in some cases depending on its class and purpose), but it will also mean the user access control prompts will ask you for an admin password anytime an application is going to make a change to the operating system or install software.
Adam Adams
if someone already has admin the game is already over for your pc, but 2fa should slow them down for their next step.
Matthew Ward
Makes sense, thanks for the tips OP. I actually learned some stuff on Veeky Forums today, wtf I love Veeky Forums now.
Alexander Thompson
How about MacOS. Should I buy an antivirus packet? (which one do you recommend)
How do I know if there's a keylogger on my laptop? To me it feels like it is never possible to know because of sophisticated viruses.
With all unneeded ports you mean apps and browsers?
Wyatt Davis
OSX is actually fairly good security wise, but it will depend on who is behind the keyboard.. installing unsigned applications is your biggest risk, then dodgy browser extensions.
I can't reccomend a anti-virus for mac because I don't really use osx much myself, maybe kaspersky, bitdefender or webroot.. I'm pretty sure each of those have mac products and they're pretty good at detection and prevention.
without anti-virus or the knowledge to do dynamic malware analysis or incident response forensics it's pretty hard to know, you're safest bet is to stay updated and have anti-virus.
OP was talking about firewall ports, closing unnecessary ports on your router/firewall but it's the same basic principle for removing unnecessary applications.
Robert Sanders
Nice tips and all, hope you are not using intel because all your hard work is worth shit. Google Intel ME null pass.
t. I have a very solid set up but using intel atm so I know I might as well be using win XP.
Isaiah Gonzalez
no known attacks in the wild for meltdown and spectre, extremely limited use cases. the ability to read out of bounds kernal data and memory is not something easy to use in a mass exploit scenario and way outside the threat model of a person doing crypto trading.
more of a problem for the exchanges if they have someone lurking in their networks.
Eli Cox
>Intel ME null pass sorry misread yeah management engine is trash, but updates
Elijah Ramirez
This guy fucks raptorcs.com/TALOSII/ This is what you want to do high value staking/trading on
Jackson Garcia
Thank you
Does your computer only get infected if you install something or even when you download certain files or open an infected browser/email?
What are the most common ways for someone who is not a complete retard to get their hardware infected (and what kind of infections/consequences)?
Robert Rodriguez
No problem
In my experience the most common way people get infected are opening attachments from emails where they don't know the sender (macro enabled documents) or downloading pirated software or software which is dodgy to begin with. Malware can also be installed from just visiting some malicious sites if you have java or flash enabled, so its important to keep java and flash up to date or remove them entirely if you don't need them (use a second browser only for sites that you trust if you do need them).
That's probably the most common ways to infect machines. Phishing emails to steal credentials, like fake google or microsoft emails are very common as well. They will usually say something like "your account will be closed if you don't login and click this", most phishing emails will try to make you think an urgent action is required, always check the URL bar of where you are typing your password and never run a document from an unknown sender.
There are a lot of other ways, but I would say they are the most common and easiest to fall for.
Lucas Fisher
Protect your router/modem, don't use default passwords Trojans nowadays are aimed to change settings there because once they are infected you can't detect it with an antivirus
Anthony Williams
that's a good one i forgot, changing default creds on your devices... fucking internet of things and default credentials.. your fridge is now a botnet, weee.
yeah most trojans are pretty shit at persistance though, most malware authors don't go to trouble of rootkits and accept that only 60-80% (probably lower) of people have up to date anti-virus at home so only the top few will actually disable anti-virus or try to rootkit and keep persistance.
Ian Nguyen
i'm off, thanks for the thread OP.. important topic not enough traders think about.
Lucas Walker
>Barely get any replies
What is going on? Why is Justin involved in a security shill. I am obviously no the most informed and I would like to know what you're trying to tell us here, friend.
