Integrity of a ComputersteemCreated with Sketch.

in security •  8 years ago 


It is very important for crypto aware people to pay close attention to their security practices, if you own any kind of digital wealth (not limited to cryptocurrencies, but including online accounts), then you should really focus on the security of your computer, and it's trustworthyness.

Of course everyone should do it, but I expect more caution from our community and the cryptocurency community, since as you may know, crypto transactions are irreversible. It's not like a bank account, where you can reverse a malicious transaction, not that those are secure, they get hacked all the time too. But a crypto wealth is even more volatile, and requires a lot more responsibility, and care.

We don't want a crypto police guarding people's wealth, you know how that turned out with the banking system, but we will probably get one, since a lot of people are irresponsible. But at least those that pay attention, at least won't lose their money to hackers.


I believe the most traditional strategy so far has been, the search & destroy strategy, whereas you install an anti-virus, that constantly monitors your RAM and Disk of your PC to search for malware activity or active/dormant malwares on the PC. Now this may sound efficient, but it has a lot of flaws, so much that in some situations the anti-virus might be worse than the actual virus.


  • It may not find the virus in time, and or it can't find all viruses
  • The Anti-virus database always lags behind a virus, whereas if the virus is created, it can infect a lot of people computers before the fix to it appears. So it leaves a window of vulnerability there. A big one (we could talk about months here, before a virus is detected).
  • The Anti-virus is very invasive in it's search, and it leaves you 0 privacy. Basically it could be a spyware, since it has all access to your PC when it "searches for viruses"
  • You have to put all faith in the anvi-virus, that has administrator privileges, so if the anti-virus itself is the virus, then it can be one of the worst viruses on the planet ( total surveillance module + remote access of your PC)

It's the Cop vs. Criminal analogy, sometimes the Cop becomes worse than the Criminal, in it's quest for law & order:

“Beware that, when fighting monsters, you yourself do not become a monster... for when you gaze long into the abyss. The abyss gazes also into you.” (Friedrich Nietzsche)

So it's a very very risky strategy, and I believe it's a net risk, which has nearly zero benefits. Even if the anti-virus is open source, it still has to have access to a database, and you still have to trust 3rd parties to deliver their promises.

So you have 3 options:

  • Install Nothing, and then hope that you won't get hacked.
  • Install an Anti-virus and cross your fingers that it will do less harm
  • My solution


Use Linux with open source softwares only and cryptographically verify the softwares. First by ditching Windows, because it's not just privacy invading, but it also provides very shallow security with it's system allowing Admin access to nearly all softwares, no file-system encryption, and it's not even open source, so nobody knows what it does.

Linux is just the minimum, but that is not enough, since Linux can still be infected by malware. So you have to install only open source softwares (preferably compile it yourself), and also verify it's PGP signatures. And not just that, but also limit the softwares that you install, and only give Admin privileges to software that you fully trust (open source can still have vulnerabilities)

So to sum up the strategy is the following:

  • Linux based operating system (like Debian or Ubuntu)
  • Only have open source softwares/packages on it (avoid Flash, Java, or other plugins, definitely avoid proprietary browser addons and extensions)
  • Verify the GPG signature of the file, or it's hash
  • Optionally compile the software from it's source code by yourself
  • Limit the use of your Admin password, only install software to your local non-admin profile, so if the system gets compromised, you can delete that profile and create a new one, instead of having to reinstall the entire OS.

I believe my strategy is much better than to just chase the viruses, like chasing ghosts. It's better to just make them obsolete, and fix all vulnerabilities, by rendering them harmless. After all they are just a bunch of (0,1) without their ability to infect.


Upvote, ReSteem & bluebutton

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Nice article, if you do work on your computer then most times you will need to install additional software though.

I have no real value in cryptocurrency, but do keep some account information locally. I am considering having a separate machine for wallets etc. that has only what is absolutely needed. May be a compromise between all utility and security?

May be a compromise between all utility and security?

Never, just use a Live USB, if the material you are working with is too confidential (passwords, private keys ,etc) - or hardware wallets

It pays to go for paid anti-virus, the free ones have myriad of limitations. And they're at their best when updated regularly!