If you are anything like me, security is important to you. In the world of digital assets, it has to be. Whether you are brand new, or a salty veteran of the crypto space. It's the line of defense against your finances and the world around you.
There is a myriad of methods you need to employ to protect against intruders, remember passwords, and secure accounts to protect your cryptocurrency. At times It can be overbearing, especially while using Windows. Antiviruses, firewalls, malware,and spyware programs are all needed to stay safe, and they can work well, but most PCs still get infected from time to time.
I have come across too few methods that were easy, foolproof, or let alone cheap, to further protect against these breaches. A breach on a computer or a phone could be the difference between financial sovereignty or financial ruin. In the world of digital assets, that is a no-no ??. You, and only you, are responsible for your finances in the digital asset world. Users are forced to spend money on hardware devices to protect their investments, but simply using a Hardware wallet on its own is not enough.
In my search to find a way to secure my finances, and do so on a tight budget, I have compiled a list of methods that were easy, relatively inexpensive or free in some cases with promotions, and others that were completely free altogether to further secure interactions with my finances. Today, I would like to share a few of those methods that can drastically improve the odds in securing digital assets against attack, and I would also like to share a way I came up with getting the only thing mentioned in the article that costs money for free right now. This will work on PC, Linux, or macOS.
Start With Linux. It will drastically speed up old computers, provide better security, and is always free.
I was a die-hard windows 7 fan. Upon its death one year ago, I refused to switch to windows 10. For all windows 10 "improvements', it's quirks always outweighed any good they provided, including the drain on system resources. All of these things I could live with. It's permissionless updates and program installs were a different story, though. The viruses were just icing on the cake.
If Microsoft could just up and install software on my computer without even asking me, like they did with the edge browser, or just force my computer to update whenever they wished, who was really in control of the system? It certainly wasn't me.
What implications could this have on storing or interacting with my digital assets? What good is a LEDGER or TREZOR hardware wallet if the underlying operating system is compromised? No good at all.
Should I have to go onto YouTube to look up how to shut off Microsoft's access to my PC, my data, and possibly my cryptocurrencies on an operating system and machine I paid for? No. The answer is no.
Deciding that Windows was not the answer, I went in search of alternative operating systems, and found Linux. Linux is the most secure operating system when compared to Windows or MacOs, and It does not have viruses in the same way windows does.
Not wanting to lose the look and feel of windows was important to me, and eventually stumbled on Linux Mint. It's the closest operating system to Windows that is fully supported by a community of developers that I've found. It's really a beautiful operating system. One that is very polished and provides the most Windows-like user experience. It even offers a comparable suite to Microsoft office, Libre Office. The coolest feature is it only takes 1GB of ram to run the entire operating system to run at blazing fast speeds, even on old computers ??.
All Linux has a nifty little feature called root privileges. A user must know the password to the system to make any changes, download, or install anything. That means no surprise updates out of the blue without permission, no installs of programs I don't want, no more viruses, or hacks.....
.....or does it?
While Linux is free of viruses, including the corporations controlling your system ??, It's still open to attack from hackers. There are ways of breaching Linux operating systems as well, so, it's not just install Linux and forget it. Linux operators should use preventive measures to harden their operating system just like any normal windows user does. Including a firewall, and an antivirus to scan for malicious code, even if it is more secure. Linux is impervious to it, so your computer is safe, but can still infect other Windows computers on the network.
A clever hacker or malicious actor can still gain access to your machine given enough motivation and time though, and your root password can be compromised through various means. This leaves the attacker free to do as they will with your computer, and defeats the entire purpose of using Linux. To solve this, you can take it a step further and password protect root privileges with a key.
Even if you want to use Windows, U2fa is key, but it's c?o?s?t?l?y? ... Free
Root privileges are great until you log onto your computer to find that somebody else is root. Then it's not so great. To avoid this, use a U2fa hardware device called a Yubikey. It's a hardware authentication device that works much like google authenticate does, providing a second layer of security for logins to websites or passwords, or in this case, operating systems. A user must confirm the secondary authentication to gain access to the site, app, or operating system. The distinct difference here is that the Yubikey is a physical USB device that only you have. It can't be hacked like a google authentication can, and you are the only one in the possession of it.
With about 5 minutes of work, you can require all root privileges and "sudo" commands to be U2fa verified before they run. Now, when a user on the operating system wants to change anything, they not only need a password, but need to be in possession of the Yubikey to physically touch it, otherwise, the operating system rejects it.
If a user can't install programs because root or sudo requires the device, that means they are going to have a difficult time trying to install any programs. No SSH access, no option to install programs or files without my consent, no key loggers, no running scripts or executables on the machine without permission.
Here is a short tutorial on it if you already have Linux or a Yubikey
But that's not all Yubikeys can protect. They can be used to protect your trading accounts on exchanges like Coinbase, Kraken, BitFinex, etc because Yubikeys also function as a password device. It even works on Brave, YouTube, AWS and tons of others as well to secure accounts. There is an impressive list of services that work with Yubkey including Windows. No more remembering long and complicated passwords for logins.
Ybikeys can be bought for as little as $25 and come in a wide variety of form factors to fit and connect to any type of device. Some come with NFC communication also (not NFT, sorry, folks), so they work just by placing them near your phone, tablet, or computer.
You were looking for the free part?
Wanting to earn bitcoin or cashback on all my purchases, I found two platforms that have partnered with Yubikey that offer forms of rewards on purchases. Lolli offers 4% back in bitcoin, which doesn't really equate to much of a discount, let alone free.
On the other hand, Rakuten has also partnered with Yubico offering 5% cashback, but they are also offering a $30 sign-up bonus for new users that make a purchase of $30. I purchased my Yubikey and the total came to $30.39. With my $30 Sign-on bonus + the 5% cashback rewards, the Yubikey was free ??. I immediately spent this $30 cashback to pay for half of a Ledger Nano S, but that is unrelated ??
Stop right there.
Even these two things alone might not stop the most savy of people, so as a last line of defense, I use Fail2Ban.
Fail2Ban is an intrusion prevention software framework that protects computer servers from brute-force attacks.
I'll leave this short and sweet. Fail2ban will block malicious IP addresses that It believes are up to no good, and the user can define banning parameters and the duration of the bans. It's an excellent tool to get to know, and can be that extra layer of frustration. This is more of an inconvenience to anyone wanting to SSH into the computer, but using this in conjunction with a firewall, and U2fa root authentication is a pretty great combo.
If you are already using Linux and want to use fail2ban to protect your machine from SSH here is a short tutorial
Conclusion
Security is important in the digital asset world, and this cannot be overstated. Security is the difference between securing your financial sovereignty, and financial ruin in the digital asset world. Simply using a hardware device can improve security, but it's not a foolproof method, same as others when they are when used alone. There are a few different methods that a user can add to their repertoire to help improve their security, including a more secure operating system used for trading, storing cryptocurrencies, or interacting with hardware wallets. A few extra layers of protecton like fail2ban, or a hardware authentication device as a fail-safe in the event of a breach, can provide extra security to protect your financial sovereignty, and prevent heartbreak. But also keep in mind, there is no 100% guarantees in security.
Example of how Linux Mint can be configured for trading.
