Second Thoughts on "Security"
Recently I posted HiveSigner Insecure?, and my conclusion was that it was not all that secure, even though my intention when writing it was to identify that the biggest insecurities (in my opinion) were based on the instructions the app itself was giving.
I was definitely motivated to do so by "other people", so to speak; I mean its not like I don't have other posts to write :/ - Call me a few names and you can get me to write 1000 words about how wrong you are, I guess. And since its a "posting chain", I'll never be convinced that this is not the right thing to do when faced with such disagreements. Document them.
Anyway, we have been working on onboarding workflows, new user "inboarding" (shout out to @gr33nm4ster for picking up on that term) and all around "best flows" for HIVE with regards to users. And of course this seed of "security" has been planted in my head, going around, and around.......and around.
I would never use HiveSigner with anything other than the posting key, and even then - reluctantly. That's not misinformation, and it never has been. But "If its not secure enough for me - its not secure enough for anyone" ... I have come around to the idea that this is probably not true at all. I mean, I don't even put my keys on my (any) mobile phone... for security.
How much security?
How much security is needed for a new account? The one with zero dollars in it, might make their first post with CheckInWith.XYZ and be awaiting their first post payout. How about with 10 dollars in their wallet?
Whatever the "correct level" of security is, it would be based on some analysis of the actual risk involved, crossed with some amount of personal preference. Security improves over time, for the most part - as well as our culture and general education level. But no matter which way you look at it - no new account would ever be so intense about security as ME - or any other user with 8 years of experience, transactions and baggage on this blockchain.
And they really shouldn't be, either.
@pharesim helped me by defining terms, his terms at least, and for him, an insecure app is one that actually does LEAK the keys. HiveSigner does not do that. Whatever you think about recommending pasting owner keys after 7 years, its not an app designed to leak the keys - the "insecurity" from my perspective when I wrote the blog was about how easy it would be to hack, and how that hack would be worse by (still) recommending the worst practices of key usage to users after all these years.
We have HiveAuth now - why are we even talking about HiveSigner?
I wonder this a bit too - is it just because our legacy auto-voter Hive.Vote only accepts legacy login HiveSigner? Probably. Most other apps have multiple ways, and with multiple ways, I would NEVER RECOMMEND HiveSigner. But that doesn't mean there is no way to use it "more securely". You just have to know what you are doing (which can be a steep ask, if you ask me).
Adding and removing authorities - which require active key - is something you don't actually have to do in HiveSigner, even if you want to use Hive.Vote. This is one of the reasons that @thecrazygm and I built our Authority Management HiveTool. It makes it quick, easy and secure to manage authorities on multiple accounts. Yes there are some other tools to do the secure auth - peakd interface often comes to mind, they have most features - where our app really shines is managing multiple accounts. We didn't even build it for "the community", although it is open for all to freely use, we built it for OURSELVES - because we are so obsessed with security.
As long as you know "what you are doing"
If using an app "securely" requires you to know what you are doing, and ignoring the majority of the things the app actually says on its site - I hope we can agree that this is less than ideal. The whole point of onboarding and inboarding is that these new users rarely know what they are doing - they are learning! And a lot of what they learn is what they read on the sites, the trusted sites. HiveSigner is thus, in my eyes, NOT a trusted site. It says the wrong things. That's dangerous for new users.
But again - who cares? This is all about an auto-voter?
Not just any auto-voter - the last auto-voter in our ecosystem. And it makes me think a thought, many have expressed, and many more probably think - I wish we had another, more secure, less legacy auto-voter in our ecosystem. It's even on our list of things to build. Not for you, not for "the community", for ME. I need it. If we build it, should I share it?
I guess you might think that our site full of free, secure tools would mean we should make it available. Its actually part of our "Auto-Badger" series, listed in our defunct Open.Mithril Proposal. Its on "my radar", it has been because I need it and I hate using HiveSigner to get to Hive.Vote. And generally I do believe in the principle that tools should be available to all users.
Back to new users
So it might be obvious, but none of the new users I have ever onboarded have asked about autovoters. This might be a measuring stick, it is probably a tool that indicates that a user is slightly more advanced, maybe even beyond the inboarding phase and into the "colleague" phase. Not to say "just another user", but if you are wondering about how to keep your Hive Power curating, or not missing your friend's post - you are now beyond "new user" status, I think we can all agree.
And to my deep chagrin, I often find myself thinking or recommending mediocre security practices to new users - "Why don't you email yourself your keys?" - simply because there is little risk to a new account; in fact the risk of losing that key document is much greater than getting your email hacked and losing the 3 dollars you earned at the Beers and Bitcoin event.
I was a new user once
As I recall, I did it all. I kept my masterpassword in google drive, I logged into every new app that appeared and (at that time) gave them the authorities they asked for - I tested and tried many things. I know many of us did: I've seen them removing tasteem posting permissions when I show them our authority management tool.
I have, since then, changed my keys, updated my security practices, and use plenty of alt accounts to do all the things I am no longer comfortable doing with my "main", and that includes anything on mobile beyond the posting key.
Security is a series of trade-offs
So, in conclusion - "it depends". What's the risk? And the corollary - what is your risk tolerance? How much "skin in the game" are we talking about? How much time do you have on your hands? How much do you care?
Our ecosystem isn't perfect, several commenters reminded me of this on the last post, including this great and elucidating comment from @techcoderx:
There is no one right answer to the question of "security". Just a bunch of trade-offs, and users who continue to learn, and grow - growth which naturally changes their analysis of the risks involved with each click on the internet.
My account has also been created since 2018 and I will also try to change my password now, just like you are talking about security.
Be careful, pay intention to the instructions - and save the new keys!!!
Hola, feliz tarde.
Antes que nada gracias por este tipo de post, ya que dan bastante conocimiento sobre el uso y la seguridad de Hive.
Lo de la seguridad es importante, y la recomendación que haces en el post pasado y la alerta en este, de no colocar las claves en las contraseñas del navegador, ni guardarlas en Google Drive, realmente son importantes y más cuando hablas desde la experiencia y la seguridad.
De hecho, ayer un amigo me comentó, que le hackearon la cuenta en Hive y que lo peor, es que la persona que lo hackeo, estaba sacando solo parte de las criptomonedas que tenía, y solo se dio cuenta cuando vio una variación en el token de Helios, que lo usa a diario.
Al enterarme le hice varias recomendaciones, que comentaste en el post anterior, y le pasé el enlace de varias de las herramientas seguras que recomiendas, entre ellas la del cambio de claves.
Por cierto, el enlace que tienes en este post para la herramienta:checkinwith.xyz, está herrado. Le pusiste el enlace del mismo post.
En cuanto a la herramienta hive.singer, creo en el post pasado, demostraste el problema de seguridad de la herramienta, y creo que lo mejor sería actualizarla y mejorarla, o crear una nueva, que sea más amigable, con mayor información y con mayor seguridad.
Finalmente, gracias por estos post, ya que he aprendido bastante y me ha permitido, también apoyar a compañeros de la comunidad que, después del hackeo, de la cuenta del compañero, se preocuparon por la seguridad de sus cuentas.
Mis mejores deseos.
Hello, happy afternoon.
First of all thanks for this kind of post, as they give quite a lot of knowledge about the use and security of Hive.
The security thing is important, and the recommendation you make in the last post and the alert in this one, not to put the keys in the browser passwords, or save them in Google Drive, are really important and more when you talk from experience and security.
In fact, yesterday a friend told me that his Hive account was hacked and that the worst thing is that the person who hacked him was taking out only part of the cryptocurrencies he had, and he only realized it when he saw a variation in the Helios token, which he uses daily.
When I found out, I made several recommendations to him, which you mentioned in the previous post, and I passed him the link of several of the secure tools that you recommend, including the key change one.
By the way, the link you have in this post for the tool:checkinwith.xyz, it's shod. You posted the link from the same post.
As for the hive tool.singer, I think in the last post, you demonstrated the security problem of the tool, and I think the best thing would be to update and improve it, or create a new one, which is more friendly, with more information and with greater security.
Finally, thank you for these post, as I have learned a lot and it has allowed me to also support colleagues in the community who, after the hacking, of the colleague's account, became concerned about the security of their accounts.
My best wishes.
Este post fue votado desde Ecency.
!HUESO
!PIZZA
Todo es teoretico - hasta que no!
Muchisimas gracias a ud, me da motivación, y su amistad aprecio. Estamos trabajando duros aca en Guatemala (dia y noche 🫣😅), porque nos gusta imaginar un mundo de libertad financiera.
Pero, la libertad lleva sus responsibilidades!! Hay que cuidar sus claves, nadie mas lo puede hacer por uno.
Speaking of security, people should change their recovery accounts if they've been here a long time and it's still "steem" :p
There have been some things, slow hacks, that make me believe even those keys could be compromised. We built a better tool for key changes : https://keys.thecrazygm.com/
But changing just the recovery account is like, the minimum at this point!
I changed mine within weeks of the fork. Not everyone is as uhhh... understanding of the responsibility you.musy take for yourself on a platform such as ours.