pull down to refresh

The FUD injection

Many cyber security advisors and CEOs of companies that offer security products will tell you that the battle is lost, that, for example, if you don't buy an air gap device your private keys are not secure.... That, if you used your computer instead to write the seed words in a piece of paper and then put them in a piece of metal, you will be hacked and most probably you are doomed....
IMO and experience, it is an exaggeration...
If all the fear mongering being pedaled by the cyber security enthusiasts and experts was true, oh well, with very few exceptions, we all will be drained of our funds in banks (most neither have a decent 2FA - still working with SMS for crying out-loud...), self custody wallets, etc... Even the Bitcoin blockchain encryption will be broken by "quantum computers"... oh and AI will be used by hackers to hack you as well... Just ignore the noise...

The unpopular opinion:

IMO, basic IT hygiene is enough to keep the malware, viruses and therefore, the cyber criminals away.
And the tools they tell you that are not enough and therefore, you are powerless, actually are quite helpful, keep using them, firewalls, VPNs, TOR, Linux Whirpool, etc.

Suggestions

Do your homework, acquiring cyber security skills needs reading, get on it, few tips:
  1. Learn how to verify a software security key or SHA256 before running it in your laptop or mobile if an apk. If on Microsoft, if the software you want to install does not have a .msi version (already signed by Microsoft), the .exe extension file needs to be verified, learn how, this is paramount, no matter the application, same with Linux. If the app does not offer it, do not install it, contact the developer and demand it, if no dice, forget it, look for an alternative.
  2. Use a VPN on your home router, yes, even if you acquire cyber security knowledge and apply it to your mobile and laptop, if you do not live alone, every other member of your family is a weak link that can affect you. Acquire a router that supports a VPN that does not require to know your identity to pay for the service and accepts Bitcoin as payment (otherwise do not use it, no matter how good you think it is, if free avoid, you are the product and therefore, you are better without one that with one free). As an additional measure, keep your laptop, PC and mobile with another VPN, a different service, you will be with a double VPN while at home and with one while in the road. In the past the throughput will be considerably reduced to a point of being too slow, nowadays, you will be fine.
  3. Use a router with a decent firewall and advertising guard like features, Adguard or Pi-Hole (learn to configure and to add community supported lists) , that will keep your home browsing experience safer and faster.
  4. If you do banking and Bitcoin with your mobile phone, consider having two mobiles, one left at home secured. Carry with you a mobile for your social needs and small payments in fiat or Bitcoin, if you loose your phone or you get robed, you will sleep better....
  5. If you insist on using debit cards instead of credit cards, keep the account with the debit card limited to your needs when you go out. A bit of a pain but do not use your savings account, if you lose the wallet you are screwed and there is no recurse with a debit card.... (or use credit cards and you have the option to recover the funds in case is needed)
  6. If you have stacked a considerable amount in Bitcoin and want to be sufficiently safe, consider an air gap seed signer, if you do not trust yourself, consider a service with no KYC, contrary to what many believe, there are some, recently I learn that CASA is one of them, probably there are others, do your homework. You keep one or two private keys and the company keeps another one, to remove the funds you need 2 of 3 and it has built in time locks you can set up.
  7. Avoid Microsoft and Google and Apple clouds, those are honey pots often targeted, if they get hacked the companies most probably will neither inform the clients or if they do it would be much after the incident, use other private services highly encrypted end to end, preferably FOSS, and do not upload your data unencrypted, yes, encrypt it before uploading if it is valuable information, it is a backup of data and you want it safe, if it is not in your hands, best to encrypt it, even if the company claim it is E2E encrypted, you can't be sure....

Summary

Each person is different, you need to sleep good at night knowing your cyber security is sufficient and therefore your data and funds are safe. Do the homework, read, study, acquire the skills and tools and use them properly, cyber security is not convenient, but in the age of information, it is a must to protect your family and your wealth.
'Everything we hear is an opinion, not a fact, Everything we see is a perspective, not the truth' Marcus Aurelius
-----------------------------------
Fix the Money, fix the World,
Use Bitcoin, be Unconfiscatable
Use Nostr, be Uncensorable
-----------------------------------
#Bitcoin
#LN
#Nostr
#ARK
good article, thanks
reply
+1
reply
How did I miss this thread?
reply
I am glad you found it!
reply
This is a really helpful post, thank you. Do you work in cyber security at all? Do you know and security folks building businesses? I want to connect with some btc security people.
reply
+1
reply
What does this mean?
reply
This is a really helpful post, thank you. Do you work in cyber security at all? Do you know and security folks building businesses? I want to connect with some btc security people.
reply
0 sats \ 1 reply \ @anon 24 Jan
This is great, thanks.
reply
+1
reply