Preventive measures must be employed by internet users, especially within the crypto ecosystem, to conquer existing threats to personal privacy. Cointelegraph has collected the most important ones.
Adequate protection and abstinence
Most internet users who complain about privacy invasion and security breaches admit to certain careless actions on their side. Such actions range between acts of negligence and curiosity.
Inadequate and out of date security setups on devices usually leave users exposed. Visiting untrusted sites and clicking on links that you are not sure of are also careless acts that can expose devices to bugs that may become harmful in the long run.
Ken Heutmaker, Senior Software Engineer at Keepkey, says that while it is possible to set up a general purpose computer that is secure and not subject to any known vulnerabilities, it is difficult to do it so that you are not potentially vulnerable to unknown attack vectors.
There will always be new vulnerabilities discovered in iOS, Android, Windows, Linux and Mac OS X. They are vulnerable because they are large, complex chunks of code. Mistakes are bound to happen and attack scenarios are bound to be overlooked.
Heutmaker explains to Cointelegraph how to guard against this:
“Small security devices are becoming essential to protecting personal security and privacy. Devices that are relatively simple are much less vulnerable because the attack surface is smaller. This approach allows you to lock down the most sensitive data in a highly controlled environment that is very difficult to attack examples of such device include YubiKey, and bitcoin wallet devices like KeepKey.”
Need for raising the game
Doug Miller, Head of Business Development & Strategic Alliances at Keepkey, points out that the elements which are responsible for security and privacy breaches change with time.
In order to fight this trend, more companies are getting back to secure hardware that can be managed and upgraded as needed, while adding policies and procedures such as dual authentication for signing many sorts of transactions.
Common sense and technical strategies
Dana L. Coe, Director of BitLox Ltd. (HK), says that with the increased use of the Internet in our daily life, people face serious threats to their personal privacy. Thus, special technologies come into action to protect our essential right. However, according to Coe, privacy can mean different things to different people.
What many people used to consider “private” is now shared quite freely with the entire world. The question is more then, How can I keep the things I truly want private isolated from the things I want to share?
The options range from basic common sense up to elaborate isolation strategies.
Coe explains to Cointelegraph:
“Basic measures would be to not use common login names for different services, not using major hub services for logins (Facebook, Google, Disqus, Twitter etc.), using ad blockers to prevent tracking and profile building (including denying most cookies) and various browser extensions designed to stop websites from setting tracking codes to follow you around.”
Intermediate and advanced measures
Coe continues by saying that intermediate measures are somewhat more involved. This includes checking your browsers for their “fingerprint” - which may be much more distinctive than most people realize, as it may include not only the OS and browser you are using, but all the fonts installed on your system (plus any other plugins you have installed) and many more data points.
Advanced measures bring us to fully cloaking your identity. The Tor browser is the most popular method for this. However, just using Tor browser alone will not truly mask you properly. One must “Torify” the other apps that may be running and enable them to use the proxy Tor provides to the system.
Additionally, installing a very strict firewall/filter program (such as Little Snitch for Mac) will go a long way to suppressing extraneous communications that may publish your IP address or other data.
The Ultimate systems are “live os” images that are essentially single-use images. TailsOS is the best known of these. Every time it is booted, it is a fresh copy of the OS running plus all data is only sent over the Tor network.
Security within crypto ecosystem
Considering security within the crypto ecosystem, Coe says that the easiest and most basic step is to not continually use the same address for all of your transactions. With modern wallet implementations, every address should be used only twice - once to receive funds, then once again to spend them.
According to him, this prevents people from using the extremely easy method of just checking how much "balance" is available at your known address. He compares it to the bank card balance being continually published on the bank's website for everyone to see.
He continues by saying that more sophisticated methods of obfuscating a "balance" of bitcoins involves shared coin transactions where the origins of coins become difficult to discern.
General Internet privacy and cryptocurrency privacy
Where these two worlds (general Internet privacy & cryptocurrency privacy) come together is that one should be very careful when accessing one's coins if one is to keep the balances private. All it could take would be possibly collating browser fingerprints to connect your real world identity to an online wallet session.
“Lastly, we consider the strict "Know Your Customer" (KYC) regulations put in place by practically all crypto/fiat exchanges. One should never send funds to such exchanges directly from an address that carries the bulk of your funds, as the remainder of the funds would be probably belonging to you. Do you really want the exchange (who is beholden to regulators) to know the full extent of your holdings?”
Financial privacy is the fastest eroding of our basic privacy rights in these days. It is up to you to hold onto this right using the best tools at hand.