The Importance of Security

The course is part of this learning path

The Importance of Security
Overview
Difficulty
Intermediate
Duration
36m
Students
19
Ratings
5/5
starstarstarstarstar
Description

This course will help to ensure you have the most secure cryptocurrency setup possible, which is fundamental in ensuring that your cryptocurrency isn't vulnerable to hackers.

Transcript

This lecture is of much importance as it sets the tone for why we are going to be covering what we'll be covering in this lecture. The security of your cryptocurrencies and further your wallet. Staying safe and secure is an inherent part of using cryptocurrencies. Cryptocurrencies allow you to hold your own money and secure yourself, which is very empowering. But as you know, with great power comes great responsibility. Allow me to explain. If you lose your private keys, your money is gone, period. That's the sad reality of it. And it's better to understand this reality sooner rather than later. This is not only true for when someone else gets ahold of your keys, but also when you don't back up your seed and lose your phone or forget where you kept your backup, which today is by far the most common way to lose your crypto. Cryptocurrency has no customer service to call. There is no public relations department, there is no account insurance or anything like that. So it's absolutely key to secure your money. The internet is filled with people who have lost their backups which has resulted in them losing hundreds of thousands of dollars in cryptocurrencies. Backing up your 12-24 word passphrase is imperative. So please do it if you haven't already. Do it for any new wallet you open and make sure you insist on it with everyone you bring into the cryptocurrency ecosystem. Now, the key feature of cryptocurrencies is that no one can take your money away from you if you don't want to give it to them. But that certainly doesn't prevent people from taking your money if you've been fooled into giving it to them. Irreversible anonymous money, which is what cryptocurrencies are, attracts a lot of scammers and thieves from exchanges that run away with your money to fake stores, Ponzi schemes and a whole host of other scams. In fact, the first exchange to claim to get approved by the regulators in its home country of Cyprus, Neo & Bee, turned out to be an investment scam. People invested millions into it and they just took the money and disappeared. With Bitcoin and other cryptocurrencies, you must always ask yourself first, why should I trust these guys? Does what they say make sense? What are my guarantees? This kind of critical thinking could have saved friends of mine and many others a lot of heartache and precious coins. In the old days, the Bitcoin community was very small and it was dispersed all around the world with no resources available to help with the most common issues. If you came across an issue, you had to ask for help from strangers online and in many cases it worked but Bitcoin users soon learned a couple of important lessons. Always ask for help in a public space, for example, in a Facebook group or forum and never give, send, or show your private keys online publicly. When you ask for help in a public place, people are going to be able to point out mistakes and fraud on the answers you're getting. It will also keep out casual fraudsters which don't want their reputations ruined by publicly defrauding you. Remember to always second check advice that is given to you, especially, advice that involves your password or passphrase. Now, hopefully you have been adequately convinced of the importance of using security measures and common sense when it comes to cryptocurrencies, but in case you haven't here are a few prominent cases that will drive this point home. On one occasion, a guest on a talk show brought along a Bitcoin paper wallet to show the host. It turns out that a few seconds of the video, the private key showing, was just enough exposure for a hacker to take the Bitcoins that were in that wallet and within minutes of the show airing, someone transferred it into a wallet they controlled. Another memorable and highly referenced occasion in the short history of Bitcoin is the Mt. Gox hack. Up until 2013, the vast majority of Bitcoin trading was done on just one exchange called Mt. Gox. The site started off as an exchange trading cards for video games, Magic: The Gathering Online. It had very few security measures and simply wasn't built for security. Then, in 2013, the inevitable happened, Mt. Gox was presumably hacked and $400 million worth of Bitcoin was stolen. Needless to say that all of the people that held their Bitcoin in Mt. Gox lost it and to this day there's a legal battle going on in regards to the Bitcoins that were lost. Maybe someday in the future, these people will get a fraction of their coins back. And by the way, even if the exchange you're dealing with isn't hacked, that doesn't mean your coins are safe. I'd like to go into more detail on the story of a Bitcoin user losing approximately $8,000 within 15 minutes because it's an interesting one that shows that any weakness in your security ecosystem can cause a total breach of your safeguards. If any of the terms or security features I mentioned here are unfamiliar to you, don't worry we're going to explain all of them and do a play by play of how this all could be avoided in the coming lectures. So, the way that this hack worked is as follows; in late May 2017, Cody Brown reposted a friend's Facebook post about being hacked by Coinbase, which this friend thought was secure. Mistake one, both Cody and Adam were keeping all of their cryptocurrencies in Coinbase's so called wallet and not their own secure wallets. Mistake two, Cody announced to the whole world exactly where he was trading. On May 24 at 11:31PM, Cody got a text from Verizon wireless saying that he was on the phone with them. Since Cody was not on the phone with them, he then immediately calls Verizon who, unfortunately, had just closed for the evening. Cody frantically tweets to Verizon support who writes back asking for more information but it's too little too late. Cody's phone number was linked to his Gmail account in case he forgot his password had been changed then to another device's besides his. This was a mistake three, using SMS as a form of authentication for a forgotten password, without realizing that someone can claim to be you and take control of your phone simply by knowing a few personal details, such as, your billing address. You can probably imagine what happened next. Within a few minutes Cody's Gmail signs out, the password has been changed. Mistake five, Cody didn't have any two factor authentication method enabled on his Gmail account. Next, with access to his Gmail, the thieves were able to change his Coinbase.com password. Mistake six, not using a secure two factor authentication method on Coinbase. What happened next is just painful to think about, Cody watched in real time as the thieves liquidated his account. At 11:44PM, they send themselves 1.18 Bitcoin, a minute later 70.96 light coin, and finally one minute after that 16.0 free Ether. And just like that, Cody Brown lost over $8,000, all because of a few small mistakes. Had he enabled just one or two of the security features, you're going to learn about in the coming lectures, all of this could have been avoided. With each of these horror stories, the lessons need to be learned and they're  all the same as you've already heard. all the same as you've already heard. First, don't keep your cryptocurrencies in an exchange unless you're actively trading with those funds, which we don't normally recommend anyway. Remember, there's no good reason to keep your money in other people's hands. While today's cryptocurrency exchanges are among the most secure Internet businesses out there and some of them are leading the pack in regards to Internet security in general, there's still big honey pots and they are vulnerable to social engineering hacks like the one that happened to Cody. Remember, we're not dealing with financial institutions that have several decades worth of reputation with maintain or government backing and insurance. Any entity that is holding your crypto can theoretically disappear in one day with your money and nothing will bring it back unless they decide to give it back. So, rely on yourself, hold your own crypto. You also already know that your cryptocurrencies aren't truly yours unless you're the only person using the keys to access them. So, keep your Bitcoins within your own wallet where you control the private keys and use the advanced security measures that you're about to learn about without exception and everything from your email account to your hardware wallet. To conclude though, there are a lot of different ways to get scammed or become another cryptocurrency horror story. They all share one major similarity, they could have all been prevented by the users avoiding unnecessary third party services and instead relying on themselves and their own security measures. So, the key here, pun intended, is to hold your own seed and take the appropriate steps to secure it. Now, let's learn how to do it. I look forward to seeing you in the next lecture where we will go into how to begin safeguarding your cryptocurrency portfolio.

About the Author
Students
193
Courses
7
Learning Paths
1

Ravinder is an expert instructor in the field of cryptocurrencies and blockchain, having helped thousands of people learn about the subject. He's also the founder of B21 Block, an online cryptocurrency and blockchain school.

Covered Topics