this post was submitted on 24 Jul 2024
78 points (100.0% liked)

Technology

37739 readers
759 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] corbin@infosec.pub 16 points 4 months ago (1 children)

If you want to beat inflation, dump the money in a high-yield savings account, or a 401k, or a stock index, or any of the other options that have something resembling banking protection/regulation. There are so many better options than a speculative investment that you lose entirely with a social engineering attack or a SIM swap.

[–] jarfil@beehaw.org 1 points 4 months ago (1 children)

Lower risk, lower reward. Keep in mind that 401k is not 100% guaranteed either.

lose entirely with a social engineering attack or a SIM swap.

SIM swap? You mean like SMS 2FA? (don't use SMS 2FA, BTW).

Anyway, if your risk scenario includes a "wallet inspector", you definitely shouldn't buy Bitcoin, or carry money around.

[–] prole@beehaw.org 1 points 4 months ago (1 children)

Nobody is going to SIM swap you unless you have a shitload of crypto and let everyone know about it. It's not an easy attack, so it would have to be targeted. Pretty easy to not be a target (not having millions of dollars of crypto on a wallet helps).

[–] jarfil@beehaw.org 1 points 4 months ago

I want to have a shitload of crypto and let everyone know about it... where do I post my receiving address...? 😅

Anyway, my point was more about not using a SIM as a security mechanism, ever. It wasn't designed as one, and still isn't.

As for being a target... something like 2 years ago, I had a chance to get a glimpse at a C&C panel for some malware. It didn't bother checking your balance, just vacuumed all and every password from every app on an infected phone, along with all sorts of data about the phone, SIM, SIM2, etc. Cloning a SIM is so easy, they'll do it just to get your $50 worth of NFTs.