checklists,

Be Your Own Bank (PDF Guide & Checklist)

GoodOpSec.org GoodOpSec.org Follow Dec 20, 2019 · 4 mins read
Be Your Own Bank (PDF Guide & Checklist)
Share this

The Swiss bank account in your pocket. Be your own bank. It sounds all cool and that, like stick it to the man.

But how do you actually do that?

When they say be your own bank, there is more in it than you would perhaps expect from a simple phrase: You do need to adopt routines and habits like you were in fact either a bank, or an employee with access to a corporate account.

Crypto holdings management should be seen as actual banking

Let’s take a look what are the best practices for accessing business online banking, as recommended by the cybersecurity legend Brian Krebs:

Be Your Own Bank Security Checklist

Tiered devices:

You should not access the bulk of your crypto holdings from your everyday computer. Even if you just use it to check your email and browse the internet, which makes you feel like “you are not doing anything” on it. This still makes your device vulnerable to malicious ads, malware payload hidden in images distributed as memes or to infection from ad banners. Clean installation:

If you are not using a new device, you will need to scrape your hard drive, reinstall the system and follow all security recommendations when doing it.

No exceptions:

Your ‘banking device’ needs to be actually a dedicated device, not a device on which you are ‘just a bit more careful’. With hardware wallets, until recently you would need a laptop for that as they’d connect via USB. With the Ledger Nano X though you can also use an Android phone, because the Nano X connects via Bluetooth. But remember, you cannot ever use this phone for anything everyday: ,,Making occasional exceptions undermines the whole purpose of this approach.”

Only keep software that you use:

Even though your device is a single-purpose one, you need to keep it updated and clean from any software that you aren’t using. Typically Java, Flash and anything Adobe shouldn’t really be on your banking device.

Use Linux:

This is a tricky one but now that crypto is not super niche thing for geeks it seems to hold true again. In general, using Linux shifts the odds of getting anything malicious on your machine, because the vast majority of attacks targets Windows. There is more and more exploits targeting Mac as well, and of course Linux threats exist - mainly to target activists. There used to be a lot of Linux users in crypto back in the day but the ratio is now skewed back to the general population, so you can get this relative protection by running Linux again. Distros like Elementary OS are very user-friendly, but if you still don’t want to deal with Linux, you can still install it as the main OS and then boot Windows from a live CD.

Dig into your firewall or DNS settings:

You can use a firewall to restrict which websites your device can access at all. This is what you sometimes get in work environments - when online at work, some websites will come as not available but they are in fact just blocked by the settings of the company network.

OPSEC If you have a spare laptop…

There is a pretty extensive guide on GitHub about how to secure a modern MacBook to improve your privacy and opsec. You will need to reinstall your system unless the laptop is new, but all that and more is explained in detail in the guide here.


Download the guide as PDF


It is pretty solid, it has you start with creating a model (what are you trying to protect, from whom, etc) and it walks you through all the tech aspects including the OS installation and activation, using of package managers and even DNS modifications and host files which is used to restrict the available online locations, as mentioned above.

OPSEC If you have a spare phone…

The easiest way here is probably to buy a new Android, they are not expensive and you will save yourself a lot of the hassle. Nevertheless, if you are not afraid to get your hands dirty with the tech, there are Android OS on the market that are crafted for better privacy. RattlesnakeOS is probably the best known of them.

Other than your OS choice, there is a lot you can do by playing with DNS, using password managers, blocking ads and other small modifications like this. As with Mac OS, someone summarized in a comprehensive guide here.


Download the guide as PDF


Summary

Don’t slack off on security. Your crypto holdings can be your future, if you are not careful about how you handle them, you can be the equivalent of the guy who lost 10.000 bitcoins mined back in the day when they had next to no value.

Crypto Wallets for Good Opsec
  • Ledger Nano S hardware wallet for your daily use or trading wallet.
  • Ledger Nano X hardware wallet for a bigger chunk of your holdings that will accessed only from a [tiered device](/ownbank/).
  • Metal wallet for your cold storage: Fire-proof, impact-resistant stainless steel by either BillFodl for shipping from the US or CryptoSteel for EU.
Join us on Reddit
Get the latest posts from the crypto opsec community!
 
Related posts

Be Your Own Bank (PDF Guide & Checklist)

The Swiss bank account in your pocket. Be your own bank. It sounds all cool and that, like stick it to the man.

In checklists, Dec 20, 2019
GoodOpSec.org
Written by GoodOpSec.org Follow
GoodOPsec.org - Resources for crypto opsec.