Cryptocurrencies are a fairly new technology, with the Bitcoin whitepaper released on October 28th, 2008, and its Genesis Block having been mined on January 3rd, 2009.
Comparing Bitcoin to the public Internet: the public internet was born on January 1st, 1983(https://www.usg.edu/galileo/skills/unit07/internet07_02.phtml), but it wasn’t until Netscape released its browser on December 1st, 1994(https://en.wikipedia.org/wiki/Netscape_Navigator) that the internet went from something only geeks knew about as innovators ( and early adopters), to mainstream adoption per the Technology Adoption Cycle(https://www.gainsight.com/glossary/what-is-the-technology-adoption-lifecycle/). So it took years for a technology that was at first considered a novelty to become commonplace and totally indispensable. Internet technology has come very far since it’s advent. It started with static pages and then eventually morphed to full-blown computer games that can be played in your browser, screen share, etc.
Naturally, the early software that supported the internet, was a far cry from today’s hi-tech browsers. Most people probably don’t even think about it, but the pages that we browse today, may not even open if you were using an older web browser. The initial browsers were text based, there were no mouses or touchscreens or images or videos. And people LOVED to make text flash to get your attention! Do you remember that?
Similarly, cryptos started with basic wallets that had no graphic interface (command line only). Then came the GUIs for those wallets, followed by the multi-currency wallets with cool animations that we have today. These wallets integrate with other services to allow you to earn staking rewards or exchange between cryptos inside your own wallet.
The heart of all cryptocurrencies modelled after Bitcoin is the Private Key, which is the only thing that maintains your control over your wallet.
What does all that mean? It is very technical, but think of it as a number that only you know, and it allows you to transact privately with others without having to share it to receive transactions. Instead, from your Private Key, you generate Public Keys which is what is visible on the Blockchain.
Wait, what is the blockchain? Think of it as a big check ledger in the sky, containing all the transactions that have ever been executed on a given blockchain (like Bitcoin). Instead of your name or private key, the public keys show up and give you a level of privacy. It is impossible to calculate the private key by looking at a public key thanks to a complex mathematical formula (hash).Most wallets today abstract that private key by means of a 12-word seed phrase. They use those words to generate a unique private key and it is saved in the wallet. Since the private key is how you can control your funds, it is the most important thing to protect from hackers and spyware.
There are a multitude of ways that attackers use to get your information. Each one of us has unique circumstances, so it’s best you look at the list below as different levels of protection you can get, and you pick and choose what best fits your needs or level of paranoia.
Are you Julian Assange? Then you probably will want to go much deeper than this list.
Are you a public person? Then you might want to go as far as Julian, or just a little less.
Are you just a regular Joe, and not too tech savvy? Then take the steps you can and increase your security as the value of your crypto grows over time.
Ultimately, we are all responsible for our own crypto, and no amount of crying or tantrums will get our crypto back if we have lost it to our own lack of knowledge or mistakes. Crypto is the ultimate wild frontier, and ultimate personal responsibility reigns here. Your greatest weapon is knowledge! Having crypto is very similar to having cash in a billfold. If you lose your billfold you have lost your cash.
In order to compromise your funds, an attacker needs your private key. They can either access it over the internet or can physically get your computer. You need to protect yourself for both scenarios. Over the internet, they need you to run malicious code in e-mails or websites, code that will let them install software to get information from your computer to the attacker.
Here are some ways to protect your private key/wallet from attackers:
## 0. Keep your private keys/12-word seed phrases written down on a piece of paper in a water-tight and fire-proof container, and in a safe location (e.g. a hidden safe).
With this information you can restore your wallet anywhere in the world, on any computer or phone… but so can someone else, so keep this information secure.
## 1. Keep your private keys away from the internet on a computer without internet, a hardware wallet (e.g. Trezor) or a paper wallet (cold storage)
## 2. Make sure your computer/wallet are secure
a. Consider using Linux instead of Windows or OSX, and keep your system up-to-date
b. Use a good anti-virus/anti-malware and keep it up-to-date
c. Use software to disrupt keyloggers (software that logs your keystrokes, including passwords)
d. Always password protect your computer and your wallet, and use a long password — the longer the better — and make sure your wallet and computer passwords are different. Ideally, keep a different password for every system, exchange, phone, computer, etc.
e. If your wallet (or exchange) offers Multi-Factor Authentication (aka Two Factor Authentication), use it
f. Make sure you use a trusted open-source Authenticator like Aegis Authenticator, whose code is public and can be audited
## 3. Only put on your phone the cryptos you’re about to use (and don’t mind losing)
Cell phones are the most insecure piece of technology, which were designed to collect data about you first, and serve you later.
Besides, phones can be lost, people can borrow it and find your crypto… possibilities are endless.
Only keep the cryptos you’re about to use to make a purchase and put the leftover back into your main wallet as soon as you can.
Consider using a phone with GrapheneOS, CalyxOS or LineageOS instead of Google’s Android. NEVER USE APPLE PHONES for handling crypto. Apple phones cannot be made safe.
## 4. Do not leave your crypto on the Exchange
If you buy your crypto from Kraken or Coinbase or some such exchange, take it out as soon as you can. #NotYourKeysNotYourCrypto
If you’re day or swing trading crypto, leave only the crypto you don’t mind losing on the exchange. Take the rest out. When you pull profits, take them out of the exchange.
## 5. Always double-check URLs
Whether it’s in an e-mail, or on a webpage, always float your mouse and make sure the hyperlink is legitimate — does the last portion of the address seem correct? Like, microsoft.com or apple.com or startpage.com
Attackers will often replace a character or use randomized character domain names — if you see that, stay away.
Hovering your mouse over a link will generally show you where it’s pointing. Always make sure you’re not clicking on a fake link.
Look at the lock icon to the left of the URL – if it is not there, or it is broken, do not use that website. It is not safe.
## 6. DO NOT INSTALL SOFTWARE YOU DO NOT KNOW
Do not install software you don’t know! If you’re not downloading the software from a trusted site, you may be installing viruses, spyware, or malware on your computer. Be very careful with this. This is the number 1 way for attackers to gain access to your computer.
When in doubt, ask a more knowledgeable friend.
## 7. NEVER USE PUBLIC WI-FI
Ideally, use only your crypto on networks you trust. Your home network, your phone, your hotspot.
If you’re connecting to another network, never connect to a network without a password. Attackers can sit and sniff your traffic on their networks and will often leave those open to attract more people.
Even on a password protected network, you don’t know who put it up, nor how safe it is. Attackers can also log onto the same network (e.g. the local coffee shop) and monitor your traffic and perform other attacks.
## 8. Use a VPN service
A VPN service protects your location on the internet. You connect to a server, and navigate the internet through that server. All your traffic goes through that server, and websites you visit are giving pages to that server, not you.
Never use a Free VPN, as nothing good is free.
There’s a lot to learn, and it keeps evolving, since technology constantly changes. Learn what you can, apply what you can, and take baby steps. You don’t have to learn or do everything on day one. Go at a comfortable pace, but keep learning. As technology evolves, it gets easier, but it’s always good to know what’s under the hood. Makes you a better, more empowered user.
We are here to help you adopt crypto personally or in your business. Give us a ring and we will point you in the right direction.