...

rok-sivante (75) in crypto • 7 years ago (edited)

7 years ago by rok-sivante (75)

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!

Sort Order:

Trending

[-]

techwizardry (65) · 7 years ago

How hard is it to put your private key and wallet.dat files into encrypted .rar archives with good passwords on a USB drive?

A specialized device like a Ledger is far more likely to be attacked due to its popularity, and you have no way of knowing if the device you bought hasn't already been compromised at the point of manufacturing.

$1.68

1 vote

[-]

timuann (59) · 7 years ago

i think that,your post really important for every steemian friend.i read to your post fully this time.i am knowing about security in crypto.every steemit friend should be knowing its matter clearly..thank you very much for your valuable and good posting sharihng..my dear friend...@rok-sivante

$0.00

[-]

chronogn (60) · 7 years ago

Just get a cheap $30 laptop on eBay, install Linux on USB drives, separate your wallets on the different Linux installs on different USB drives, and only use those Linux installs as cryptowallets. This should solve most of the issues with malwares.

$0.00

[-]

dijetechili (46) · 7 years ago

the more sophisticated the safeguard, the more sophisticated the breaker. that's the reality, but this information is very useful. let alone for a layman like me. thank you
success will always be with you @rok-sivante

$0.00

[-]

themanwithnoname (64) · 7 years ago

I was wondering how safe those were. I had heard that previous versions were able to be hacked, but that they had updated the software to prevent it. Like you said, since this is computer-based, if you plug into an infected machine, you can still lose your funds.
I keep my anti-virus up to date, I don't go to random sites on the internet where you can pick up junk, and try to use common sense when I get suspicious-looking emails and such.

$0.00

[-]

muzawir85 (51) · 7 years ago

very good security and reliable

$0.00

[-]

oredebby (66) · 7 years ago

Hmmmm its better to have and not need, than to need and not have. RHEMA!

$0.00

[-]

rumble (52) · 7 years ago

Wow this is scary stuff for people not protecting there coins. Curious what your thoughts are on paper wallets vs hardware?

$0.00

[-]

thezeit (43) · 7 years ago

This was bound to happen anyway. Where there is money there are bandits. I don't care if it is cryptocurrency or mainstream currency.

$0.00

[-]

dcj (53) · 7 years ago

Terrifying!

Thank's for the update. It seems like it would also be prudent to be vigilant around checking addresses at every step of the way.

Cheers,

@dcj

$0.00

[-]

asif20 (0) · 7 years ago

$0.00

Reveal Comment

[-]

greenrun (66) · 7 years ago

Here I was thinking I will be finally safe if I buy hardware wallet not knowing that there is a loophole that is to be exploited there too. Thank you for the timely tip as I would double check address copied to be sure it is same with what was deployed. Also, time to get a good antivirus too.

$0.00

[-]

vasil-danev (55) · 7 years ago

Better invest 50$ then losing thousands ! I agree.

$0.00

[-]

harleymechanix (61) · 7 years ago

Crap. I had been looking at both of those hardware wallets as options. But the more I think about it the more I am leaning toward a paper wallet as the way to go.

$0.00

[-]

rok-sivante (75) · 7 years ago

both are still solid options.

this is just a head's up that one REALLY needs to be careful at every step of the way in this game.

as the article said, there haven't yet been any reports of this particular hack actually happening yet - it's just a vulnerability.

similar vulnerabilities could potentially exist with the generation of paper wallets too - i.e. if there was malware active while you were generating a paper wallet address, etc.

I wouldn't be too particularly concerned with this one. Just another reason to make sure to have a good anti-malware program running all the time, and always be cautious in every interaction.

$0.00

[-]

funkylove (54) · 7 years ago

Thanks for sharing this. It is better to spend to secure something than to end up with the story that hurt

$0.00

[-]

starl1ght (46) · 7 years ago

Scanning computer for viruses as I write this comment

I feel like i need to buy a PC or laptop that is only used to access exchanges and cold storage devices. :(

$0.00

[-]

rok-sivante (75) · 7 years ago

someone mentioned that idea in a comment above - plus installing Linux, which would apparently be even more secure...

$0.00

[-]

starl1ght (46) · 7 years ago

I also think that the crypto movement will start a whole new industry of cyber security professionals that focus on the crypto industry. We all need to focus more on security!

$0.00

[-]

cryptofig (30) · 7 years ago

Excellent information. Thanks for sharing.

$0.00

[-]

spiritualmax (64) · 7 years ago

I think that if things keep going this way we risk encryption services becoming the middlemen.

I can definitely see them charge fees for their services in the future.

$0.00

[-]

sarcasm24 (6) · 7 years ago

i think this is a helpful post do you agree with me?

$0.00

[-]

bluudz (48) · 7 years ago

Thank you for good article. I personally use Bitdefender combined with Malwarebytes anti malware. So far so good. fingers crossed

$0.00

[-]

raised2b (58) · 7 years ago

This is a little misleading because it's not the Ledger hardware wallet that is vulnerable, it is the app running on a pc that is vulnerable and even then it can't get anywhere near your private keys or sign any transactions, it can only attempt to fool you.

I absolutely consider the Ledger hardware wallet to be 100% safe at this point. This vulnerability exploits software, human error and irresponsibility not any kind of hardware issue.

It's quite simple to verify the receive address is a valid address to your ledger by looking at the actual Ledger device and that is the point of having a hardware wallet in the first place, because you don't trust a computer and you verify everything on a secure isolated piece of hardware that can't be attacked.

The hardware is still 100% foolproof, but are people? Not even close.....

$0.00