Category Archives: Review

Tutanota

Tutanota is another secure email service, that makes end to end encryption easy.  One thing that stood out before I even made an account was that they published all their code on Github.  What is nice about this is that anyone with the right skill can check the code and make sure it is secure and safe to use.  Using Tuanota is quite straight forward, you register like any other email service.  Then log in and your good to go and communicate securely.  The majority of your information is encrypted, the only information that is not is the sender, recipient and date (which they are working on encrypting).  Your emails are encrypted  before they are sent to Tutanota‘s servers with AES 128 bit and RSA 2048.  Another added bonus is that they strip your IP address from the email so that your location will remain hidden (they do not log IP addresses unless there is abuse to the system).  Have more questions?  Check out Tutanota‘s FAQ page here.


Tutanota ‘s approach to secure email is great!  They have made all the code open source and public, allowing for anyone to review and check it.  The team behind Tutanota has awesome ethics, “My aim is to fight mass surveillance. I write code to fight for our human right to privacy…”  – Matthias (one of the developers).  The ideas that Tutanota support is what really caused me to like them.  There multiple services that offer secure and private email, Tutanota’s team adds a more personal element that draws me in.  Special thanks to a reader who told me about Tutanota.

 

What do Bitcoin exchanges have to do to stop getting hacked?

One of the easiest things that an exchange could do is use a hardware wallet combined with a multi-signiture wallet.  Hardware wallets are quite cheap when compared to the amount of money that Bitcoin exchanges deal with and very secure.  Using it with a multi-signiture based wallet would add another layer of security to the wallet, as multiple signatures would be needed.  This solution could put an end to many of the hacks against Bitcoin exchanges and make the Bitcoin ecosystem a bit safer and friendlier.

Whiteout.io

Whiteout.io is a German email that provides software to securely communicate with anyone.  Whiteout comes in the form of a Chrome plugin, web client, and mobile apps (IOS & Android).  There is also a private beta email service that they offer.  Whiteout lets you use any email address with their service, all you have to do is login like any other client.  It took me less than a minute to login and shoot off a test email.  Whiteout’s goal is to provide a secure and easy to use service that can run on multiple devices.  I found that Whiteout did a great job of doing so, I know that my messages are secure because of end to end encryption.  But at the same time I do not have to deal with the hassle of installing plugins, or anything of the like.  It’s just login and go, no problems to deal with.  Take into note, that this is still the beta test, so not everything is perfect.  The private beta email service is quite nice, it is very similar to the regular client and seems to offer the same features.  I know that PGP is one of the most secure methods of communication today, but it is also well-known for being a pain to use.  But with Whiteout, all the pain of using PGP is gone, and so easy to use that it’s just as easy to use as Gmail or other email services.  Whiteout could easily be used by everyone, as it removes the hassle of PGP without the loss of security.  The developers behind were kind enough to give me some Beta keys to the private beta email service.If you would like one just enter your email in the subscribe box and comment on this post, and I’l send you a key.

iWF Hosting

iWF Hosting is a web hosting company that offers shared,vps, dedicated and shoutcast servers.  I ended up finding iWF when I asked on Reddit what was a good shared host.  I found it surprising in a way that people warned me to  stay away from some of the largest hosting companies.  On the web hosting subreddit there are a few hosting companies on the sidebar, one in particular stood out.  This was iWF hosting, there pricing was just right, and they offered a huge amount of features.  I stated this in the subreddit and a little while later I had a reply from someone who worked for iWF “Feel free to let us know if you have any questions!”.  Having someone from the company was quiet nice, when it comes to hosting or other digital services.  I find that having an above and beyond customer support team can make the biggest difference between winning a customer over or having him pick another company.  I decided to purchase a month of hosting and duplicate my site.  They had a $4 discount, which let me try it for $0.16 which was awesome.  What was even better, you can pay in Bitcoin, and luckily for me I had a few changetips in my wallet.  The next step was to install WordPress, I talked to the same customer support guy that I talked to earlier.  He told me he could do it for me, so I short while later, I had my WordPress site duplicated and running like nothing ever happened.  For a few dollars more than my previous host, I have an improvement in speed and a hosting plan with far more features.  iWF Hosting is a Cloudflare partner, the greatest benefit of this if for 1$ more you can get access to Cloudflares railgun feature.  Railgun alone normally costs $200 a month, and it improves the caching of your website.  So I decided to add that in as well, and now my website is faster then I thought it would ever be without spending a large amount of money.  I’m supper happy that I found iWF, as for what you pay you are definitely getting your moneys worth and their customer support has to be the best I ever used.  Winhost used to be first, but iWF beat them by helping me do all sorts of things that I didn’t know how to do.  I have no regrets having my website hosted by iWF, I’m glad I went with a smaller host instead of a giant company where your just another customer.  If you want to ask iWF anything you can chat online, send them an email or call; their response times are super-fast.

Trezor

I recently decided to get myself a Trezor,Trezor is a hardware wallet that is created by SatoshiLabs.  So far I’ve had my Trezor for about a week,although I havent used it too much.  Using it has been great, it’s very easy to use and does its job well.  All you have to do to begin using it is download the plugin from mytrezor.com and the setup process will begin.  At the time of this post mytrezor.com is the only supported wallets, but there are more on the way.  Greenaddress has an update for one of their wallets that let you use Trezor on your mobile device (I haven’t tried it yet because something seems to be going wrong, but will most likely be fixed soon).  Electrum and Multibit are two wallets that will work with Trezor.  Currently you can use Electrum and Multibit with Trezor if you install the beta/development versions.

The Device

I really like the form factor of the Trezor, its small but not too small.  It feels good to hold, and doesn’t have a cheap feel to it,as you expect for a $119 single purpose device.  It definitely feels durable, and I have never worried about breaking it (I’m more worried about leaving it somewhere or hiding it somewhere that I can’t remember).  The overall design of Trezor is awesome, its hard to go wrong with a design so simple;(A plastic case,a screen and two buttons).  If I really want to be picky about it the lanyard was very hard to get into place, I ended up using a thumb tack to help push it through.  This has to be one of my favorite tech gadgets that I have ever got my hands on, even though it is so simple.  If you notice in the pictures below, the box is designed to show if anyone has tampered with it.  Just to open it I had to rip the box because there was so much glue holding it together.  The tough box is to make sure no one can easily send you a modified Trezor.  Another interesting security feature is that once you unplug Trezor, it shuts off…there is no battery in it.  Satoshilabs has designed Trezor to limit the areas that could be potential vulnerabilities, that’s why they don’t plan on adding any other communication channels such as bluetooth, NFC or wi-fi.

The Software End

The first thing to do is to download the plugin that lets Trezor work with your computer and more specially mytrezor.com.  I really like mytrezor.com, and the only problem I have with it is it’s the only wallet that works 100% with the Trezor, as others are quickly coming.  The initialization process is quite simple, the hardest part of the process is figuring out how the pin system works.  To prevent keyloggers from stealing your pin, an alternative keypad is displayed on the Trezor’s screen.  The positions of the numbers change each time you enter your pin, so you have to check your Trezor every time you want to enter your pin.  I really don’t have anything I dislike about the wallet except that sometimes I cannot reach the website.  The overall security is very impressive, before buying I tried to think if there were any ways to circumvent the security measures.  I came up with one, only to find that it was virtually impossible.  Trezor uses a 24 word seed that can be used to recover your wallet in case something bad happens (DON’T LOSE THE SEED).  The keys never leave the Trezor, it only signs transactions that you have allowed.  In a sense Trezor is practically a cold storage wallet because but with more practicality.

 

The Verdict

This is one of my favorite tech gadgets that I own, I think that it is worth the money; if you plan on buying a lot of bitcoins or your just a crypto enthusiast.  It is a little pricey but when you think about it makes sense, you buying security to your money as you are your own bank.  If you always worrying about  securing your bitcoin’s then get yourself a hardware wallet, then you can worry about losing the hardware wallet and not your bitcoins which are probably worth a lot more.  The biggest problem I had was shipping, there was only two options, DHL express or standard shipping.  Standard shipping was 2 days to 6 weeks, which all depends on your location and being in the U.S; I haven’t heard great things about shipping standard.  But now you can purchase Trezor through Amazon, which should solve any shipping problems that once existed.  This hardware wallet is great for an ultimate security solution, and its easy of use.  The price is a little high when you glance at it, but when you realize what it does; its worth it.  With Trezor you really are your own bank, a bank with the best vault in the world.  If you have further questions check out the Trezor FAQ page here.  I’ll also be making a post showing the setup process and the wallet, so be sure to visit soon if you want to see.

 

Private Internet Access

Private Internet Access is a VPN; a VPN stands for virtual private network.  VPNS can be used for many purposes, in Private Internet Access’s case they use VPNs  Private Internet Access encrypts your traffic to prevent eavesdropping , allows you to have uncensored access to the internet while browsing anonymous.  My I really enjoy using Private Internet Access because you barely notice a difference in your internet speed, I’ve tried other vpns and my speed dropped a lot.  They also have a huge amount of ips that you can connect to you can pretend to be in Europe or Asia, they gateways on almost every continent.  It is really easy to use their VPN, you download their client and login and you immediately can browse securely.  They have a huge feature list and support Windows, Mac, Android and IOS.  My favorite feature has to be the VPN kill switch, if your connection gets cut off, the app blocks all traffic to and from your computer so your “real” identity is kept safe, I use the app and the kill switch on my android tablet and I don’t even notice the different when it is on or all.  I really like Private Internet Access, they are very cheap while offering a surprising amount of features.  And if you are super paranoid, you can pay in Bitcoin and become super anonymous.  The only thing I dislike is that they are in the U.S which makes it easier for the secret government organizations to steal data from it, but they claim that they don’t log anything other than the email address and payment data so they have nothing to give if they were forced to hand over data.  Currently they are my favorite VPN to use thanks to great features and great security.

USB armory

USB armory is an open source usb device created by Inversepath.  It is a small but powerful and has  a huge amount of features.  It is planned to delivered by the end of 2014, for a price near 100 Euros.  I would love to see where this project goes, especially as it has so many tools.  It’s like a security experts dream tool.

  • Mass storage with encryption,virus scanning, host authentication and self destruct data
  • OpenSSH client
  • Router for end to end tunneling, Tor
  • A password manager
  • Bitcoin wallet
  • Portable penetration tools
  • USB security testing.
Size Comparison

 

HW-1 by BTChip

I recently received a HW-1 Bitcoin hardware wallet, HW-1 is a smart card hardware wallet created by BTChip.  So far using it has been a blast and I can sleep in peace knowing that my Bitcoins are a lot safer.  The HW-1 chip setup is friendly to use just follow the instructions provided by BTChip.  Currently the HW-1 is compatible with GreenAddress  and the soon to be released Electrum 2.0.  The HW-1 chip works really well with GreenAddress , all I had to do was plug in the HW-1 and Greenaddress recognized it.

The Design

The HW-1 chip came in small envelope, inside were the two HW-1 chips and instructions on how to set it up (now there is a promotional sale – 2 for the price of 1).  I love the design of the HW-1 chip and you can tell that someone has put a lot of work into it.  The chip comes inside of a larger card that is the size of a credit card, which you pop the chip out of.  I can picture the card being sold at stores or given out at conferences to help make the Bitcoin world more secure (which would be awesome).


Setup

Once you have prepared the HW-1 chip, download the drivers (I didn’t need to but every computer is different), next install GreenAddress from the Chrome Store  and finally create an account.  Once you plugin the  HW-1 chip GreenAddress will recognize it, here is a video tutorial of how to set it up.  On a side note there are two ways to set up your HW-1, one is to write the mnemonic phrase to the HW-1 (the simple method) and the other method offers more security (while being a little harder to set up).  In the pictures below I used the simple method, the more complex version only requires you to plug the HW-1 into another computer and record the seed.

Inserting the BTChip
Inserting the BTChip
Success
Success
Mnemonic Phrase
The Mnemonic Phrase
Success
Success
The Login page with BTChip
The Login page with BTChip

 The Verdict

I really enjoy using the HW-1 chip, its easy and quick to use without sacrificing a lot of security.  At the time of this post you can get two HW-1 chip for 25.25$, 20 € and of course 0.0698 Bitcoins, which is a great deal.   I find that the budget friendly pricing is key to the HW-1 chip as it allows anyone to easily keep their Bitcoins secure without burning a whole in their wallet.  And if you don’t need the extra chip you can always give the extra chip to a friend and help him securely use Bitcoin.  If you need a budget friendly secure way to keep your Bitcoins safe then take a look at the HW-1 chip.  If you have any questions that were not answered by this post feel free to contact me, you can also contact the BTChip Team here.

Greenaddress

Greenaddress.it is a web-based Bitcoin wallet.  I usually dislike web wallets because most of them have poor security or you don’t have true control over your Bitcoins.  But some web-wallets have features that allow you to recover your Bitcoins if they shut down.  Greenaddress has a lot of features that make using their wallet a lot safer to use.  As always when it comes to passwords, make sure you don’t pick something easy to crack as usually passwords are the weakest link.  Of all the web-based wallets, Greenaddress stands out the most because of its many secure features integrated with a friendly and easy to use interface.

  • Always available as you can login from the client or web browser
  • Two factor authentication to prevent unauthorized transactions
  • Transaction limits/restriction
  • Mnemonic seed – all you have to do is write down a lot of words and you can recover you wallet easily
  • Secure private keys – your private keys are never uploaded to their servers
  • No delay time which means its easy and quick to use
  • A quick access pin that makes login easy to use, and its also secure – 3 wrong attempts and the pin is wiped and you need the Mnemonic seed to login
  • By far my favorite feature is that you can use a USB smartcard called HW.1 with Greenaddress to make your wallet even more secure
  • And their nLockTime prevents you from losing your Bitcoins if they shutdown

The Verdict

I enjoy using Greenaddress to store my Bitcoins, Greenaddress is a great way to securely store your Bitcoins while having them easily accessible.  I use Greenadress with the HW-1 smart card to add an extra layer of security, I recently wrote a review about the HW-1 smart card.  If you’re new to Bitcoin or an expert Greenaddress can make your life a lot easier.

The Send Money Page
Where you Send Money 
The Receive Money Page
Where you Receive Money 
Transactions page
The Transactions page
The Login screen
The Login screen