Personal security in the age of Cryptocurrencies

Each day I am more and more interested in security. Like many people from Generation Y, who grew up during the boom of personal computers, Edward Snowden and fsociety, I was always a little paranoid about it. But, to be honest, I did very little to ensure my privacy and security. AdBlock, HTTPS Everywhere, and a couple more extensions for Chrome — that was my setup for years.

But new times are coming. Both exciting and dangerous! Those are the times where your crypto money can be stolen from you simply by providing a fake version of the wallet. That is why personal security is as important as ever. Thus, it is better to take some measures, which, of course, do not guarantee 100% security, but at least significantly reduce the attack vector.

DISCLAIMER: I’m not at an expert in security. So I thought the best I can do for my friends is to gather as much information, filter it to the best of my knowledge and share it in one place. Use the resources provided at your own discretion.

Mac OS

Basic guide (recommended): A practical guide to securing macOS.

Plus some extra steps that are not in ^^^: 22 best Mac security tips and tricks.

A slightly outdated but still useful article with tips from the NSA: How the NSA snoop-proofs its Macs.

Turn off Java and uninstall Flash Player: 11 easy tips to secure your Mac against hackers.

Tips from John Galt: Effective defenses against malware and other threats.

> How to increase chances of finding stolen or lost Mac?

Turn on Find My Mac (note that the guest account must be enabled). How come most of the thieves still not aware of the fact that they may get exposed while using guest account!? More interesting projects include Undercover and Prey. But alas, they do not work with FileVault 2 (built-in encryption).

Malware detector and other neat utilities

Free OS X Security Tools from Objective-See.

Network monitor

Little Snitch

Search Engine

DuckDuckGo

VPN

NordVPN

@andy_one: Unconditional VPN is not about safety at all. AWS / DO / Azure / GoogleCE + Algo VPN.

Secure communication

Browser

Chrome or Firefox.

I also want to try Brave browser.

Extensions:

If ScriptSafe seems too radical for you, you can do the following: create two profiles (1) standard for trusted resources (2) secure with ScriptSafe, disabled Javascript and Cookies for browsing the Internet.

Tor

Tor provides Web browser, messenger and an open network, effectively combining 3 above categories.

2FA

Yubikey or OnlyKey

Enabling 2FA to improve your security by 
Jackson Palmer

Password manager

1Password or KeePassX

Note most of 2FA devices now can be used either as a substitute for password manager or in conjunction with it [1, 2].

iPhone

Android

Ubuntu

I am still thinking about going back to the good old Linux. Buying Lenovo Thinkpad and setting up an Ubuntu Desktop. Interestingly, there are only a few security manuals on the Internet for Linux. Is this because it’s harder to crack? Probably not. Just the number of users an order of magnitude smaller.

Basic manual (recommended): How To Protect Your Privacy On Linux

Toolkit

Other OS

Qubes OS


If I am missing something, please drop a comment below. Thank you. And stay safe! Oh, and check if you have been pwned already.

Acknowledgments: thank you to my colleagues for introducing me to Signal and OnlyKey and Edward Snowden for his opinions ([1, 2]) on Twitter.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.