Create a Safe Operating System!
In the latest post I got bashed for warning people about an actual threat that could expose people's money to huge risks. You know most people in these circles have Bitcoins or Steem's accounts, some people have accounts worth:
- 1,000$
- 10,000$
- 100,000$
- 1,000,000$ or more
And if a hack were to happen, then it would be disastrous to lose that amount of money. Yet some people think I am the crazy person for warning people against this exact possibility.
These people think I am some crazy conspiracy theorist that is just exaggerating things, but let me show you how much it is not exaggerated:
- Yahoo.com hacked , 1 billion accounts exposed, BOOM: https://www.yahoo.com/tech/yahoo-hack-shows-data-tool-information-warfare-202858183.html
- Ransomwares: http://phoenixts.com/blog/ransomware-prevention/
- Ubuntu weakness: https://donncha.is/2016/12/compromising-ubuntu-desktop/
- Skype: http://www.darkreading.com/vulnerabilities---threats/microsoft-patches-dangerous-backdoor-in-skype-for-mac-os-x-/d/d-id/1327712
And many more, these are just the recent ones, heck there are even KEYLOGGER PROOF OF CONCEPTS ON GITHUB!
You can't make this shit up, you know how easy would it be for an experienced hacker to hack an insecure computer when you can find keylogger scripts on Github?
Don't be naive to think that just because you are ignorant of the threat, the threat doesn't exist. It does, unfortunately.
Create Safe OS
My simple prevention plan is to have a Safe OS, that you can use to restore your PC from, in case some vulnerability is discovered or in worst case scenario you get a malware. I think it's crucial for everyone to make this, so that you don't get caught with your pants down in case of an emergency, be prepared for everything.
So whatever operating system you are using (preferably a good one), you can just restore it in case it gets compromised or infected. Of course you will also need to backup your data regularly for this to work.
The thing that people don't understand is that after a vulnerability is discovered you can't patch it, because your system is already exposed, and you cannot know what kind of malware that vulnerability let in, and patching it only closed the gate, but if the malware is already inside, it's game over. Here is an analogy:
- It's like if you have a cake, and your dog poops on it. If you remove the poop from the cake, it will not be the same cake, and you would not eat it. You have to make a new cake from the start.
- It's like a dam, if you open the dam, the water gets through, and doesn't matter if you close it afterwards, the village down the river is already flooded.
So after a vulnerability is discovered or you discovered malware, it's game over. You can't just patch it or update it, because the system is already compromised, and you can't know what damage the malware did, because your PC can't be trusted anymore. That is why you need a Safe OS, that you can trust, and restore the PC to it's original state.
THE STEPS
1) Backup your data regularly to a USB stick, preferably multiple ones, in case one gets corrupted.
2) Choose a live operating system that you want to use. Make sure it boots from maximum 1 DVD. (Bluray boot is not alwats supported)
- Here is a bigger list: https://en.wikipedia.org/wiki/List_of_live_CDs
3) Use an offline computer for verification: Download it, and verify it's PGP signature:
4) Get a DVD, and burn the .iso file to the DVD
5) Verify the burned image's SHA256 hash to the original ISO's SHA256 hash
- Note that since the DVD stores the data in 32768 byte block sizes, the hash will not match, because there are empty bytes being burned to the last block to make the DVD full. Unless the number of bytes of the ISO image is divisible by 32768, the hash will not match!
- So you need to subtract the 2 size numbers and take the absolute value for example:
2,549,317,421 byte (DVD) - 2,549,301,390 byte (ISO) = 16031 bytes outstanding - Now create an empty file of the size of the difference, in this case 16031 bytes:
dd if=/dev/zero of=adding_empty_bytes bs=1 count=16031 - And concatenate it to the original ISO:
cat yoursafeOS.iso adding_empty_bytes > fixed - Now the fixed file should be equal to the DVD's image, and now you can compare the SHA256 sums of the two, it must be equal. If it is, then the operating system ISO, matches byte-by-byte the one burned to the DVD. So now you have an trusted DVD with the new fixed version of your OS.
6) Now boot from this OS from the DVD, and you know that this is a trusted one if you did this instructions well, so now you can inspect/analyze/clean the OS that was exposed. Or you can just format the entire harddrive from this OS, and know that the malware will be terminated. Otherwise the malware can hide and regenerate itself it it's not formatted from a trusted setup.
7) So now you can use this DVD to boot your computer from whenever you need sensitive/confidential tasks being performed, like working with private keys, etc. Although it's recommended to only work offline with private keys, it is still certainly better if you use your trusted OS for this, than the one you have on your hard-disk.
It's a handy methodology, and whenever some vulnerability or malware is discovered you can always restore your PC to a safe state.
Disclaimer: The information provided on this page might be incorrect. I am not responsible if you lose money using the information on this page! This is not an investment advice, just my opinion and analysis for educational purposes.
Upvote, ReSteem & 
No, you got bashed for giving misleading advice, and hyping the fear.
Your example here is also faulty. A key logger is a very very old utility. However, someone has to crack into your computer and install it, then have it run and report back what it finds. I guess, if you download from non-trusted distros, you get what you get.
Your information, although it may be that you genuinely want to help, is mostly hype.
Why are you people so dismissive? Do you really think that ignoring the problem is better than facing it?
It's not hype, it's not misleading. It is what it is. The danger is real, and people who have large sums at risk don't think this way.
You have a $55.18 worth Steemit account, other's have a 500,000$ Steemit accounts, so please don't take decisions for others. Different people have different threat models and risks that they have to consider.
If you have a flat tire, you don't pull out the engine and start rebuilding it.
You misrepresented the problem. You then gave a bad way of fixing the actual problem.
You then gave a poor example trying to make your case that you are legit, and there is something to fear.
Your advice above should be how to properly download, verify and install the new patch loader. You never talked about that, the real issue. If people followed your suggestion, they would still need to properly download, verify and install a new patch loader. So, after your trying to make everyone afraid, you then give bad advice.
Furthermore, everyone who has any real money in digital currencies KNOWS THEIR COMPUTER IS COMPROMISED. Anyone who thinks differently is a fool. So, we have things like multiple signatures, two party authentication and cold storage.
So, you misrepresented the threat; it was not all linux users, it was only about half. You misdiagnosed the threat; saying you need to completely rebuild your linux system. You then went on a snipe hunt trying to tie in a known virus, that has no association with this current problem. All in all, bad advice is bad advice.
That is not a good analogy, because a flat tire is a limited problem, a malware is a full blown problem, since it can have total control over the computer.
Going with the car analogy, it would be like if the car is not starting, you cannot know if it's the engine, the pipes are clogged or what. And the car mechanic can look at the problem externally and see the broken part.
In a PC you can't look at the problem externally, unless you have a trusted OS booted from DVD, and even then you have BIOS malware and crap like that that could happen.
If a PC is exposed, it's exposed, you have to treat it like if it were some contagious biological virus in a lab , you don't just wash the jar with soap, sometimes you have to irradiate the entire building with if a contagious disease has escaped. And sometimes you have to quarantine an entire continent.
It's always about a threat model. You probably don't need to do this, and people who have smaller funds at risk. But some people here have millions of dollars at risk, and they have a different risk level entirely.
So the risk that is acceptable to 99.9% of the people is not acceptable for 0.1% of the people.
Of course, and long term keys you keep offline. But passwords and online authentication codes are exposed every single day when you login, the only defense against such threat is a clean PC.
I did correct this , it's more like 80% though, Mint Ubuntu and Debian are the most popular.
I haven't said such things. Certainly rebuilding from scratch everything would be too paranoid. Although it would be good if determinisic ISO builds would be available.
No I was just talking about vulnerabilities and malware, that come in all shapes and sizes. From phishing sites, to social engineering to keyloggers and worse. People on reddit reported such occurences many times, so we have to take these threats seriously not just shrug it off.
Great advice there. So wish I would have never opted-in for windows 10 worse move ever. Nothing but Microsofts Spyware....
Why?
Cortana always running in the background. You can disable it, but it stays running who knows when it turns on or off. By default windows 10 has auto backup and uploads files to microsoft. Most people do not know how to adjust these settings. Personally since installing it my hard drives are like constantly reading more so than windows 7. A lot of the activity seems to be "defender" it doesn't do that in 7 so who knows what it is really doing.
I know , I was referring to why don't you change your OS? Switch to Linux maybe?
Ah. Most of my apps I using are windows and do not do well with wine. I tried to downgrade to 7 since I opted in it forces the update. If it wasn't for unity3d I would do linux.
Dual boot? Or you can always buy a new PC, some of them are very very cheap nowadays.
This post has been ranked within the top 80 most undervalued posts in the first half of Dec 16. We estimate that this post is undervalued by $4.67 as compared to a scenario in which every voter had an equal say.
See the full rankings and details in The Daily Tribune: Dec 16 - Part I. You can also read about some of our methodology, data analysis and technical details in our initial post.
If you are the author and would prefer not to receive these comments, simply reply "Stop" to this comment.
Again I say, the post is way overvalued, because the guy just doesn't have a clue as to what he's talking about.