08

Important dos and don'ts

The practical world of Bitcoin is very much like the wild west. No rules, no laws, no protection from the law or support from the community. If you lose in the game, if you’re cheated, if you make an error or have a technical glitch, you’re stuck with the consequences. Since Bitcoin is designed to work outside the legal system and be absolute in its activities Bitcoin users have to look out for their own interests. This process involves having to learn new ways of operating online and participating in the Bitcoin community. This chapter will point out some of the basics involved in self-protection for a regular user.

IMPORTANT DOS AND DON’TS

The Bitcoin world is a dangerous place and many precautions are needed to make sure that your money is safe. In this chapter we give advice on how to manage your Bitcoins.

The practical world of Bitcoin is very much like the wild west. No rules, no laws, no protection from the law or support from the community. If you lose in the game, if you’re cheated, if you make an error or have a technical glitch, you’re stuck with the consequences. Since Bitcoin is designed to work outside the legal system and be absolute in its activities Bitcoin users have to look out for their own interests. This process involves having to learn new ways of operating online and participating in the Bitcoin community. This chapter will point out some of the basics involved in self-protection for a regular user.

Common Mistakes and Precautions

Wallet Management

Bitcoins do not have a physical form and are stored virtually in wallets stored on your computer. These digital wallets serve the same purpose as a real one and just like real wallets they are vulnerable. There a number of steps necessary to secure these digital wallets, most of which are common sense but are worth reminding.

As people shift further towards using Bitcoin’s it’s natural for the number of Bitcoins in a wallet to increase. It’s wise to ensure that not these Bitcoins are not stored in one wallet and instead divided amongst a number of wallets for protection. In case of theft or error, the likelihood of all wallets being lost becomes less and your investment is secured.

Particular care is necessary when dealing with multiple wallets and vast number of Bitcoins. The attitude should be similar to how cash is handled in the real world, with vigilance and care. In this way, it is also advisable that a share of your Bitcoin wallets is kept offline and all the wallets be regularly backed up. Just as you would set up restore points for your computer, it is necessary to make up to date backups of your wallets in case of loss.

Wallets appear on devices as portal which can be used to send and receive Bitcoins. They are also available on certain mobile devices.

Encryption

In the digital world, encryption is the lock that protects your money. Wallets can also be encrypted so that even in case of theft or an online attack, they are not exploited and you can revert back to a back up. In order to ensure this various encryption measures can be taken, especially when sending copies of the wallet online, in backups and when using them on alien machines such as those at work. Not all systems are secure and the only thing protecting your money is the encryption on the wallets. For those especially paranoid, encrypted wallets should be backed up in multiple locations so that complete and total loss is recoverable.

Without encryption for your wallets, your money is as easy to steal as smashing this piggy bank.

Password Protection

As citizens on the online community the importance of password protection has always been of concern. In case of Bitcoin management, this concern takes on a very tangible face - money. So it’s especially important that greater care be taken with wallet encryption password than with regular email or online websites.

The passwords used when encrypting wallets should be completely unique and not a recycled version of email or work passwords. In the case of Bitcoin protection, complexity and difficulty are more crucial than ever. It’s necessary to find a balance between complexity and recall - but if the password is easily remembered then there is a greater likelihood that it can be hacked. The need to be clever in password creation becomes very critical. It may even be necessary to have a copy of a complex password stored in hard-copy in the real world where more obvious protection can be given such as inside a locker etc.

Machine Protection

The machine used when operating online is similar to the safe that stores our valuables. If the safe gets stolen the money inside is lost to us as well. Similarly, the machine we use to access the internet and use our Bitcoins on need just as much security as the Bitcoins themselves. If our machines are compromised then it is more likely that our money is at risk.

For this reason all the advice that we usually can afford to ignore such as regular anti-virus update or the installing of questionable software needs to be given special attention. It’s important to not use our Bitcoin wallet on any machine that we can’t vouch for as being secure - this means machines at work, at a friend’s place, at cyber cafes etc. shouldn’t be used to operate our wallets.

If your machine is vulnerable, so is your money. Take all possible precautions.

It is also important that we avoid illegal softwares, hacks, patches and other anonymous developer warez on the machines that we use for our Bitcoin wallets. These softwares are a vulnerability that can be exploited to attack our wallets for theft. In this regard, original operating systems should be used for Bitcoin wallets since they can be trusted more than pirated ones. These original systems can also be upgraded with security patches that ensure protection of the system and our money.

Bitcoin Malware

The most important threat to Bitcoin users, especially in India, is from malware that can infiltrate and steal from your wallet. India is amongst the top six countries suffering from Bitcoin malware according to research by Trend Micro. Basic precautions become more urgent in this context and the use of unknown softwares becomes a greater threat. Even the use of unknown USBs, DVDs and other devices can pose a risk as they are vector points where malware can enter our system.

The latest research shows the extreme rise in Bitcoin based malware resulting in millions of losses.

In the event of suspected attack it’s critical that a complete system wipe we done at the hard disk level and a clean operating system be installed. In addition to which it makes more sense to pay and use as good an antivirus and firewall program as possible but to not blindly give in to their assurances. Personal vigilance is the first step to system and Bitcoin security.

In this case, programs that are no longer used should be uninstalled since malware can harm the system using vulnerabilities in those softwares. Even visiting questionable websites should be looked at and it is advisable that it should be done through virtual machines (VirtualBox).

Bitcoin scam awareness

Where there is money, there is crime and Bitcoin is no different. Given the key features of Bitcoin like anonymity, irreversible transactions and active currency exchanges, criminals are very keen on parting coins from their owners without fear of being caught. Various types of scams and tricks have been used in this venture. The biggest losses in the brief history of this currency number in millions of dollars and demonstrate how fragile the new methods of this system require special care when being handled by newcomers.

The PayPal Buyer Exploit

An early scam in the Bitcoin evolution was the PayPal-Bitcoin scam where payments made over PayPal for purchasing Bitcoins were used to scam Bitcoin sellers. In India, it is possible a similar scam may arise so a brief review is necessary. A Bitcoin seller would be willing to accept payments in fiat currency online in exchange for a Bitcoin transfer using a service like PayPal. The deal would be made between buyer and seller with money escrowed in the PayPal account of the seller. The seller would then digitally send the Bitcoins to the buyers address.

PayPal and similar services can’t protect users against the mechanism of Bitcoin scams. Don’t use them to sell Bitcoins.

But after receiving it, the buyer would file a report with PayPal complaining that it had never received the Bitcoins. As per PayPal policy, since there is not traceable proof of transfer, the buyer will get the fiat currency back and the seller would have lost Bitcoins. Due to the infamy of this scam, the sale of Bitcoins using PayPal and similar services has seen a tremendous decline and virtually put an end to PayPal as a means of paying for Bitcoins.

Mining Hardware Scam

One of the key examples of Bitcoin scams comes from exploiting the desires of many people who want to become Bitcoin miners. Although a certain level of tech familiarity is necessary for anyone to venture into the world of Bitcoin mining, even the most careful people have been known to be scammed.

Although Bitcoin mining can be done even on a regular home computer it is not as profitable when compared to specialised mining rigs. These rigs are specifically designed to direct all processor computing power towards mining and employ high end processor chips and power supplies, which can cost tens of thousands of dollars. Given the promise of mining your own currency that is worth thousands per unit this seems like a viable deal for most miners but it is also the vulnerability exploited by scammers.

Major hardware providers have been accused of not delivering on time or up to standards, taking advantage of the mining boom.

Many fraudulent websites offer hardware for Bitcoin mining claiming themselves to be the next generation of technology. In many cases this may be true but it is also one of the common ways of trying to defraud naive users. In many cases, these websites take advance payments for yet to be released rigs and then delay delivery or default completely without returning their customers money. It’s important to seek reviews of any website or equipment source before making any payments for future deliveries. Even long time active providers such as ButterFlyLabs (that sponsored the Bitcoin Conference) have been accused by the Bitcoin community of irregular behaviour such as delayed delivery and product that’s not as claimed. Do your research.

Another risk to miners or even regular users is from malware and Trojans that can slave your computers processor to work in the mining pool without any indication. Over 12,000 personal computers have already been infected by Bitcoin malware that makes them into virtual assets for criminals. Not only does this result in a severe slowdown of the infected system but also leaves the system vulnerable to other attacks.

Ponzi Scam

Bitcoin has itself been called a Ponzi scam since it’s inception but due to its decentralised nature it has proven to be nothing of the kind. However, the traditional Ponzi scam can still be used on the Bitcoin system without many changes. The Ponzi scam is basically the offer by a third party to reward participants with high return on their investments. In the world of Bitcoin the scam works like so - an online business, an investment firm mostly, declares that if you store your Bitcoins with them they will give you an assured percentage of profit on a weekly or monthly basis. That means if you deposit 100 BTC with them, they will give you a return of 2-7 percent weekly. This is obviously a great deal but it is also a complete work of fiction.

But most users are not aware of how trading and Bitcoins work, and start off with a small investment. To their surprise they are rewarded as promised and decide to deposit even more with the service. But suddenly and unexpectedly the website or service stops returning any profit as well as responding to messages. It disappears with all deposits made and no trace of their existence. This is the basic model of the Ponzi scam and it defrauded countless people of over 26,000 BTC or roughly USD$ 26,000,000 dollars over 2011-12 in the form of the Bitcoin Savings and Trust scam.

Physical Sale Scam

A new scam, in areas where Bitcoin is still emerging, involves the sale of physical Bitcoins. Users are required to send their Bitcoins to the service providers address and in return they receive a freshly minted metal or gold coin that has the Bitcoin value stored on it in the form of an inscribed key number. However, most early users of Bitcoin are not clear on the nature of Bitcoin and fall prey to fake coins that can’t really be used in the real world. In certain cases, even the gold value equivalent coins are fake and the total funds deposited are stolen by the scam artists. Unfortunately, the irreversible nature of the Bitcoin system makes transactions with unknown persons and business’ a risky proposal. And even though an online directory of trusted vendors and merchants is available, countries that are not so well networked online, find themselves unrepresented leading to scams.

Phishing Scam

Phishing scams are a common plague in the virtual world - be it letters from your bank asking you for details or an African prince requiring bank details to transfer large sums of money. In the world of Bitcoin as well, this scam is used to interesting ends. Once people become active on the Bitcoin exchange using an email id and Bitcoin address, it isn’t too hard for criminals to figure out their targets. The Bitcoin version of this scam is based on two methods - make users download malware or fool users into sending Bitcoins to incorrect address.

Criminals send out mass emails to thousands of email ids. Most emails seem innocuous and innocent, seemingly from people you may know. They usually have attachments or links to download files that seem relevant and important. But as is always the case, these files are trojan viruses or similar malware that can exploit and harm the user’s system and Bitcoin assets irreparably. As is always the case, it’s easy to avoid this scam by simply not opening attachments or clicking on links from unknown sources, irrespective of what the mail claims.

An example of old-school phishing scam – a fake website. Always make sure your URLs are secure and correct.

Dangers for Bitcoin users

The world of Bitcoin is just emerging and with no central regulatory authority it falls on the collective network of people to maintain order. Just as many of the Bitcoin protocols are based on community consensus, from the rules of the rewards to the use of Bitcoin clients, it is necessary for users to keep close ties to the community through forums for up to date information regarding risks and dangers.

But because of the very nature of the Bitcoin design, people who are used to the traditional way of dealing with money and online activities need awareness of how Bitcoin needs a different approach. These changes can be dangerous if not understood well enough and cause serious loss of money to the users.

The number one thing to know about the dangers on Bitcoin is its easy allure to criminal activity. Not only in terms of scams and hacks but also how it is used by criminals to engage in trade that is difficult using normal currency. The recently shut down websites like Silk Road and the Sheep Marketplace were the most highly publicized examples of a digital black market. They attracted criminal activity such as the sale of drugs, weapons, assassinations and other illegal services by taking advantage of the untraceable nature of Bitcoin transactions.

Due to these activities most governments take a very cautious and highly scrutinised look at users of Bitcoin. In case of taxes and other legal money related requirements even the Indian government is investigating Bitcoin to discover how it can facilitate crime. It is very likely that innocent users may also be unwillingly caught up in this investigation and need to be prepared to explain themselves in case they are caught up in related issues.

Another key danger is the risk of losing your Bitcoin’s whether by accident or theft. Since there is no central authority and near anonymity in usage there is negligible chance of recovering lost Bitcoins. Unlike traditional banks, when you lose your credit or debit card, it is possible to block them and protect your account, but in case of Bitcoins once it is lost there is no recovery possible. Hundreds of people have lost thousands of Bitcoins, which is millions of dollars worth of losses simply due to accidents. And although insurance provides such as Lloyds of London have recently started providing protection for Bitcoin loss it is still an extra cost which bears down on users who are careless and not adequately prepared.

Many people would like to take advantage of the Bitcoin buzz and buy them as an investment. But as time has gone on since Bitcoin’s creation, it is no longer convenient for newcomers to buy Bitcoins as it was before. Even though there are valid Bitcoin exchanges active in India and abroad, they require credit cards or online bank transfers to be used. Although it is still possible to purchase Bitcoins from individuals, India currently is in a freeze where the only way to purchase Bitcoins is directly through a trusted first hand source. Once the Indian online exchanges are active people with online banking with select banks will be able to buy Bitcoins again if the government allows.

Another danger of Bitcoin users in India is its acceptability and therefore risk to fraud. There are no known business’ operating in India which accept Bitcoin as payment. Only the trading exchanges accept Bitcoin as a transaction fee. So most Indians would be considering Bitcoin as a speculative trading security which in itself poses many risks. In addition to which, the newness of the currency makes it possible for many flaws to emerge that can be its undoing, specially the risk of an ownership majority, which would allow a small group of people undue advantage of manufacturing and trading Bitcoins at high sales prices. This has almost happened with Bitcoin once before.

Speculation Knowledge

One of the features that make people interested in Bitcoin is how it can increased in value tremendously over the past year. This radical increase in value makes it seem like a worthwhile investment which can yield significant financial results. This is true. But it is also a great risk.

Once Bitcoin is given the government’s stamp of approval we will begin to see how it adapts to the Indian style.

Speculation trading has a long history in other analog markets such as gold, shares, bonds, derivatives and commodities. The behaviours witnessed in all these markets over decades of activity point towards certain trends that need to be considered. First and foremost of this is - speculation is identical to gambling in most respects. Although a specialised group of people such as stock traders and market analysts are able to bring an element of rationality to this gambling through research and investigation, the rules don’t apply to Bitcoin. There is no such thing as a trend, primarily due to two factors – the brief existence of Bitcoin and its absolute reliance on supply and demand.

The idea behind speculation trading is simple - to buy at a low price and sell at a higher one. However, there is no guarantee of knowledge regarding when a higher price is going to come or if the value will drop instead of rising. To resolve this there may be offers from specialist business’ that claim to be able to perform this service for users - which is in itself a risk as we have discussed before, trusting others with your Bitcoins is a major danger.

And since Bitcoin isn’t like company shares or commodities there are no market indicators that can be used to rationally decide what is the best time to buy or sell Bitcoins for investments. The only indicator that has seen definite results in altering the market is user trust. Whenever users have felt insecure about the validity of Bitcoin, the prices have radically dropped. This was the case when the government of China and India issued warnings against Bitcoin usage, the result was a shocking 30-50 percent drop in value with a very slow and gradual recovery. If any government was to specially endorse Bitcoins, the results are expected to be opposite but there is no legal way to plan for that outcome.

Other influence that can suddenly alter the value of the Bitcoin is its supply. If suddenly a large number of miners or a single large miner devotes great processing power towards Bitcoin and the rate of Bitcoin generation is boosted, the effects can prove volatile for the value. The system is designed for slower mining as time moves forward, but if technological advancements undo this parameter then the fluctuations in value are assured.

The most important thing to realise about Bitcoin and speculation is that unless there is an assured knowledge of what will influence Bitcoin, all trading activities are simply gambling. It is better instead to think of Bitcoin as what it was designed to be - a currency. If someone is not a professional trader in Indian rupees, US dollars, Japanese Yen and other currencies, then it’s unlikely they will have the ability or the skill to profit when speculating Bitcoins. It is better to adopt it as an efficient means to conduct online payments and save money on transaction costs.