More funds have been lost because of people who doesn't have the knowledge to properly handle multisig than funds being actually stolen. As a developer I always suggest avoiding multisig unless they really (REALLY) know what they are doing... I always receive questions like: "I lost the second signer, is it possible to remove it so I can make a payment?"You can use a multi-signature solution such as casa.
I'll be honest with you: I haven't use an antivirus since ~2015. If you don't download random stuff you see/get and are not in P**N/crap sites, you won't catch a virusMaybe a unpopular opinion but: use a good anti virus. Its funny how often people use those rules but then get their funds stolen by a stealer.
Crypto stealer replace the receiving address. You can also just use a device soley for crypto.
No I'm notI suspect you're not serious and just shilling these services/companies here - right?
That's why I recommended casa as they safeguard one of the multi-signature keys in case you lose it.More funds have been lost because of people who doesn't have the knowledge to properly handle multisig than funds being actually stolen. As a developer I always suggest avoiding multisig unless they really (REALLY) know what they are doing... I always receive questions like: "I lost the second signer, is it possible to remove it so I can make a payment?"
You mean this casa? Casa | Secure Storage for Bitcoin and EthereumYou can use a multi-signature solution such as casa.
There is merit for such type of service. But if I'm willing to give a signature on my accounts in order to be able to recover it if I lose the private key... I will go with a full custodial solution right away because there is no extra benefit for the absurd price. In my opinion having multi-signature in an account is only worth the hassle for pooled funds/DAO treasuries (for example my company's wallet requires 4 out of 6 signatures from the partners to move funds)That's why I recommended casa as they safeguard one of the multi-signature keys in case you lose it.
I'm a Windows user on desktop, had AVG in 1999 in Win98 (R.I.P.) for the last time and never ever installed an antivirus since - not a single problem whatsoeverI'll be honest with you: I haven't use an antivirus since ~2015. If you don't download random stuff you see/get and are not in P**N/crap sites, you won't catch a virus
Totally agreed. I had more of hassle uninstalling McAfee from my recently bought laptop than from any virus I could catch-up by visiting morally questionable sites.I'm a Windows user on desktop, had AVG in 1999 in Win98 (R.I.P.) for the last time and never ever installed an antivirus since - not a single problem whatsoever
antivirus is like most insurance products - powered by fear of practically non-existent threat and FOMO
Careful eyes can protect you, but in times were its getting more and more easy to launch pretty sophisticated attacks and sideloading some small btc stealer is pretty easy.I'll be honest with you: I haven't use an antivirus since ~2015. If you don't download random stuff you see/get and are not in P**N/crap sites, you won't catch a virus
hassle uninstalling McAfee from my recently bought laptop
Careful eyes can protect you, but in times were its getting more and more easy to launch pretty sophisticated attacks and sideloading some small btc stealer is pretty easy.
There are more than enough ways with spoofed domains, hacked accounts and so on. When billion dollar companies with EDRs and what they all have still manage to get infiltrated, someone in a busy business day can fall vicitim to the same thing.
Example:
And a lot of ways with Word documents with macros etc.
Best bet: Clean/empty device + HW wallet or protected pc would be my go to. Additional protection doesnt hurt and the tracking that happens is negligible to that of what a stock windows system with its tools & browsers does. Im not saying some should use an AV and then be blind, go download cracks or whatever file looks interesting. Just keep those careful eyes and have a backup.
Also Windows own AV is enabled by default on Win10 & 11 unless you disable it in the regedit, group policy or with Defender Control.
It’s not so hard to securely hide a small piece of paper, use your imaginationWhat is the best method to store/secure Hardware Wallet Recovery Seeds ?
What would you suggest for this ?
@JohnnyDoe
Yeah 2FA wont protect you from session/token stealer, which nearly all RATs/Malwares and so on got. 2FA is good just in case the credentials got leaked but for that you could use a PW for each website and then you should be good. There are a lot of ifs and so on. A basic "noob" user is still better of with an AV or the setup I mentioned.That's why I said "If you don't download random stuff you see/get" because I'm aware of such types of session tokens stealing methods, I even wrote an article explaining that in order to share it when I see som random crypto "influencer" who always says "use 2fa if you don't want to get hacked" like if that is the only thing that matter basically to tell them "news flag: even with 2fa, if someone gets a session token there is nothing you can do and it's more important what you do after that"...
But if you want to know how "different" I manage my keys against what many people in the crypto space say: I keep all my mnemonic phrases backups in the cloud
I keep them on the cloud, keeping them on paper is stupid in my opinion... But not everybody should do what I doWhat is the best method to store/secure Hardware Wallet Recovery Seeds ?
What would you suggest for this ?
@JohnnyDoe
what? you would save the seed in electronic form or even on a cloud? joking?I keep them on the cloud, keeping them on paper is stupid in my opinion... But not everybody should do what I do
No joking, have been doing it for many years without issues and yet I have never lost a single key. I developed my own shamir secret sharing tool and I break my seed phrases into different pieces which they are encrypted and saved on different clouds. Cryptocurrencies were made in order to not trust paper money... Yet I find it hilarious that we still use a piece of paper to back them up (the keys).what? you would save the seed in electronic form or even on a cloud? joking?
nice... so if (god forbid) you'll get hit by a bus tomorrow your wife or whoever you care about and who is supposed to inherit your wealth will have an interesting quest ahead... not only gathering the shamir chunks but also looking for your software, source code to compile or documentation to your proprietary algorithmNo joking, have been doing it for many years without issues and yet I have never lost a single key. I developed my own shamir secret sharing tool and I break my seed phrases into different pieces which they are encrypted and saved on different clouds.
who said that?Cryptocurrencies were made in order to not trust paper money...