How Secure Are Your Funds on the Steem Blockchain?
Well, to answer that question, you'd have to look at how many times in the past a person's account has been hacked into. And that would be a resounding "zero"! Nobody, to this day, has ever had their wealth siphoned out by an unscrupulous masked hacker breaking into our blockchain from the outside. However...
Funds have somehow still ended up being stolen from accounts, with an instance of this taking place just yesterday. How is this possible, you may ask? By Steemians using their "Master Key" (or "Owner Key" as it is sometimes referred to) as a means to interact with the Steem blockchain. This is a mistake of epic proportions and even more so given the fact the creators of this platform have provided measures against this sort of thing in the form of your "Posting Key" and "Active Key (their permission-based solution for us allowing for said user to only post blogs or transfer funds respectively). There is literally no reason to use the "Master Key" apart from changing any of your account passwords. And ironically, that is exactly what those criminal-minded lurkers have been able to get their hands on. I hate when people liberally thrown around the phrase "hacked", when in truth we ourselves voluntarily hand out the information from which spammers can then infiltrate funds and accounts. The term "hacking" doesn't even come close to what's actually happening.
One important thing to keep in mind and I cannot stress the significance of what I'm about to say. In a decentralised and free market blockchain system such as Steem (and crypto, in general), the onus is on "you" to keep your account and records intact. Some may not like this unique ideology of self-governing independence, it which case there's nothing more to see here. Move along please. The very fact of the matter is being part of a unregulated, self-autonomous environment means acting responsibly within the constructs of the infrastructure at hand. In our case that translates as, ALWAYS USING YOUR "POSTING KEY" TO LOGIN AND NEVER, UNDER ANY CIRCUMSTANCES, OPEN UNVERIFIED LINKS. It's understandable mistakes do happen but distributing out your most sensitive data online could be seen as gross negligence on our part, especially if already forewarned about such activities.
Another point I want to make and this one is a little controversial. But hell, it needs to be said. Criminal elements that spoof accounts and attempt to gain access to our accounts do perform a function on the blockchain. That being, to try and steal our valuable data. You can't stop them because this is a decentralised system. Where policed rules and choice stem from what the community dictate them to be. Spammers, spoofers and phishers have every right to be here just as you or I do. There is literally no getting round that so acceptance is key here. However, what we "can" do is strategise against them by implementing our own personal solutions that guard and protect the data we place such importance on. Kicking, screaming, cursing and abusing them after the event will do nothing but most likely cause a chuckle of defiance. Instead, focus on remain strictly on preventative actions or prepare for serious regrets in the future. Harsh, I know, but true.
I'm saying this because having your accounts defiled must be soul-destroying and I "do not" wish that on anybody here with even a modicum of dignity and respect. So I say this. Let the crooks to their very best, as long as we consistently continue do ours too.
Well said my man! A lot of stolen funds indeed occur because of a user making a fatal error. Accidentally posting their key in a memo for example ;)
There really needs to more emphasis on new users being told how to use posting and active keys within the first week after sign up. I get why it's a bit daunting to do so immediately since lots of new users on Steemit specifically come from "no crypto-background" like i did, however after a week of orientation.. that really needs to be emphasized. I think that I used my Master Key for a few month before realizing how dumb that was haha.
All be it, I barely had anything to steal during that time anyway ;)
I understand what you mean about more emphasis placed on the importance of the functions of those precious keys. I also used my master key for ages until being told otherwise.
Nice suggestions, man. I'm sure that'll be implemented in the sign-up process some time in the future. :)
Well said @ezzy. Thank you for these words of wisdom. We must do our part in protecting our wallets, as well as our minds and our families. Many things in this world can be infiltrated so we need to be aware and take necessary measures to guard against attack. Steem on!
-Ken 😀👊🏻
Posted using Partiko iOS
"Well said" right back at you, buddy. Doing our part is absolutely paramount in securing our accounts for the long-term.
Steem on! :)
The cryptocurrencies are based on the confidence of their activists, that is, there is self-regulation without any external control, therefore it means everyone's responsibility to keep the system in force. This is the Steem.
I like this pot, thanks @ezzy
Simple as, bro. :)
Good article, recently some hackers created false tokens to steal great EOS cadence through Newdex.
I heard, mate. Therefore forewarned is forearmed.
To listen to the audio version of this article click on the play image.
Brought to you by @tts. If you find it useful please consider upvoting this reply.
We All have to work together, it helps to protect us more.
Too right, buddy. :)