Beginner’s Guide #12: Bitcoin Privacy & OpSec with Jameson Lopp - WBD195

Peter McCormack

Welcome to the what Bitcoin Did Podcast.

Jameson Lopp

Hi there from Lubbock in Texas.

How are you all? Welcome to the what Bitcoin did podcast which is brought to you by the mighty Kraken. The best place to buy, sell and trade Bitcoin. I'm your host Peter McCormack and today I get back to my Beginner's Guide to Bitcoin where I have an interview with Jameson Lopp looking at Bitcoin Privacy and opsec.

But before that I have a message.

From my show sponsors. So first up, a massive shout out to Travel by Bit who who have sponsored my recent travel through South America. They are a travel website which allows you to book flights and hotels using crypto. They also offer sats back on purchases.

With up to 10% return to you in bitcoin.

Also, I always use different sites to compare flights when I'm traveling. Expedia and Momondo are up there for me, but I'm adding Travel by Bit into the mix because their pricing is very competitive and on a number of.

Routes they were the cheapest.

If you want to find out more, head over to travelbybit.com which is t R A V E L B y b I t.com Next up, let's talk about Cointracker and a big thanks to John Chandon and EJ for supporting the show. Over the next three months I'm going to be catching up with the team in San Francisco. I'm going to find out a bit more about what they do and how they approach the complexities around calculating your crypto taxes. And with tax season upon us, it is time to get your shit together. And this year I've used Cointracker to calculate my taxes and it couldn't have been easier to link my wallets and exchanges and they calculated my tax in about a minute. Findings work in the US, UK, Canada and Australia so you can join the other 100,000 users who use Cointracker and file your crypto taxes in seconds. It is integrated with TurboTax, Coinbase, Binance and Kraken, as well as over 300 other exchanges and wallets more than anyone else. And it's free for users who have 200 or fewer transactions in a tax year. And for the listeners of the show, you can also get 10% off just use the link cointracker IO a forward slash wbd. It is available for the web, but they do have apps available in the Apple and Android app stores. But if you want to find out more, head over to Cointracker IO which is C o I n T R a C k e r dot com. Also especially relevant to this show is cipher safe. We're talking today about bitcoin opsec and security and one of the elements of that is protecting your private keys, protecting your seed. So if you want a very cool way to back up your private keys, then their newly released cipher wheel is something you want to take a look at. It is a unique way to store your private keys. And it's machined from stainless steel, and not just any stainless steel, but 303 stainless because that came out of one of their tests by Jameson Lopp. Jameson has these known tests where he so all these different devices with acid and tries to crush them and burn them and they change to 303 stainless because of one of those tests. It's one of the coolest bitcoin seed backup devices I've seen and it's designed to be physically locked with a padlock and comes with a tamper evident seal so you can be aware if anyone has made an attempt to steal your seed words. So come on, you bought a hardware wallet, right? I know you're taking your bitcoin security seriously. Now go that extra step, secure it from physical disaster with a cipher wheel seed storage device. To find out more, head over to CipherSafe IO, which is C Y P H E R S A F E I O. Okay, so onto the show and we're back to my bitcoin beginners guide. Just got a few shows left on this now. Had a brief pause while I did some of my shows in South America. And if you haven't already checked out the previous 11 episodes, make sure you go back and give them a listen. We have covered everything from bitcoin's history to the economics and the technicals, but today I've got my bitcoin buddy Jameson Lot back on the show. A renowned bitcoin privacy expert and someone I just have to get onto the bitcoin beginner's guide. I think he's been on the podcast like five times now. And you should go back and check out those other shows, even show number three, which I recorded with Jameson over two years ago now. So Jameson's put out his own set of bitcoin guides and resources on his website, lop.net make sure you go and check that out. They're incredibly helpful and he covers everything you could possibly need. I'll leave a link for that in the show notes. But in this episode, Jemison and I get in how you can Remain as private as possible in your private day to day life, your bitcoin privacy best practices and how to improve your sec. Just a couple of notes. I've just finished traveling around South America. We're now putting together the footage from Venezuela, Colombia and Chile into a few little mini documentaries. This is going to be my first attempts at making video, so you're gonna have to bear with me but hopefully they'll be out soon. And then today I'm heading off to San Francisco for a couple of days and then I'm going to be out to Vegas for tone phase unconfiscatable and then back to the uk. Another crazy busy trip. So much has happened. But if you've got any questions, feel free to hit me up. My email address is hello@whatbitcoindid.com.

Good evening Jameson.

How are you doing?

Well, it's been a little bit of time since you've been on the podcast. You were leading the way previously but we haven't done one in a while so it's good to get you back. Are you good? You ready for this?

Peter McCormack

Yeah, I've got to keep my count up as you know, most recurring appearances.

Jameson Lopp

Yeah, I think two of the mestas has been chasing you down, but I think this will put you back down in front. So listen, I've been doing this bitcoin beginner's guide, super sincere, simple series, keeping everything as basic as possible. I've covered why you need to care about bitcoin, I've covered some of the tech, how it works, how you buy it, etc, but now I want to get into the area of privacy and opsec and I think we're safe in saying that's, that's the Jameson lot bag, right?

Peter McCormack

I believe so. I've broken new ground in that area.

Jameson Lopp

All right, so I've put it down as there are five levels of OPSEC and privacy to care about. The first one is that you just don't care. The second one is that you have basic care for your online privacy and opsec. The next one is you have your basic bitcoin privacy and opsec. I've got advanced privacy on opsec and then I've got Jamison Lop levels of privacy and opsec because I don't know anyone who cares about it quite as much as you. I don't think we're going to get into Jameson lop levels. This is for beginners today, so we're going to try and keep it super basic. The things that people really need to care about and then what I'll do in the show notes, I'll include links to your various articles, things you've done, and also the previous show we made so they've got access to further information should they need it. Does that work for you?

Peter McCormack

Sounds good.

Jameson Lopp

Right, so I think a very good starting point is that we're going to have various different people listening to this show. There's going to be some people who are new to bitcoin, but we've also got people who've been using this as a refresher course. But for those who are new, for.

Those who have just gone down the.

Rabbit hole, they're working their way through this series. Firstly, can you separate out what is privacy and what is opsec?

Peter McCormack

Sure. I mean, I think most people are familiar with the idea of keeping things private, keeping secrets. Really the best way that I think it was described in Cypherpunk Manifesto is that privacy is the ability to selectively reveal yourself to the world. Which means that, you know, we don't necessarily need to keep everything secret from everyone else, but we should have the ability to decide when information gets disclosed. And of course, in today's age, the communication age, information is flowing so freely that this has become a very big challenge. And the default is that state that you talked about as not caring, because it is very hard for people to care. It takes a conscious effort and in most cases people don't realize what they've lost until it's too late. And of course I have my own story around that and that has resulted in me going down a path that few have tread so far.

Jameson Lopp

Well, so we'll cover that. I think it's good to do a little revisit to that story because it is a very interesting story. And you know what, prior to getting to Bitcoin, I didn't care too much. I didn't really. I didn't really give a damn. But I have changed. I still don't have great privacy, but I have pretty good privacy and OPSEC with regards to my bitcoin. But I still make mistakes. I still do careless things. And also sometimes for convenience, I have a trade off. But I think most people are aware of privacy because they have options when they're signing up to Facebook, they have a section on privacy and safety. They have that on a lot of social media. So I think they're aware of the idea of privacy.

Peter McCormack

Opsec is, it's a very general thing, right? I mean, everyone has windows and they have curtains and you have the choice at any point in time to keep the curtains open or closed.

Jameson Lopp

But OPSEC is a step up. OPSEC is a bit more. It's a bit more. You go into a bit more detail about protecting yourself, right?

Peter McCormack

Yes. So you know, this is originally a military term. I believe it really started In World War II era, this idea of operations security. And the idea around that is that there were military secrets that if they fell into the wrong hands, could be disastrous for one side of the war effort. And so this is kind of like taking the idea of privacy and then applying it from the perspective of knowing that different information has different potential consequences if it gets into the wrong hands. So I think a good example of this would be that if you are publicly posting things that are trivial, you know, it's like, oh, I had this for dinner tonight. Then you know that was originally private information and you then decided to disclose it with the world. But it's pretty unlikely that that information would somehow be used against you, at least at this point in time. It's all about who your adversaries are and what you think people are trying to do to you. So from the operations security perspective, you kind of have to come up with a threat model of who might try to use private information against me. And as a result, what is the information that is most important for me to keep secure? And so we'll probably go into that later. It really comes down to what are the most common types of attacks and what is the information that the most number of adversaries out there are trying to get from you and use against you?

Jameson Lopp

Okay, great. Well, listen, we'll keep it ultra basic to begin with. Let's just forget about Bitcoin for now. It doesn't matter who you are. You should really care about your privacy. It is something that is important. But why is it and why now more than ever should people take an interest in this?

Peter McCormack

Well, the main reason that I tried to get across in some of my posts is that you don't know what's going to happen in the future. You don't know where some data that you currently consider to be unimportant might suddenly become much more important. And so, for example, in my case, I went from being basically a nobody to, over the course of just a couple of years, having a ton of attention directed at me, and as a result, a much higher number of adversaries and people trying to attack me, generally digitally. And when it got to the point that someone wanted to find my actual physical address and use that against me, this was a form of attack that I had never really thought about before that I didn't think was a problem. I mean, not many people consider that to be a highly sensitive piece of information because you give your address out probably several times a day to almost any entity that you deal with. And so my case is probably rare, the sort of becoming famous type of case, but there are plenty of examples of that happening, really, due to social media. And in one example that I give out fairly often is Justine Sacco, who posted a bad tweet, basically, as she was getting on a plane. It was a very bad joke, and it went viral. And basically tens of millions of people got really pissed off at her. And, you know, by the time she landed, she had all types of, you know, digital attacks basically happening against her. It affected her employment, her family, and just really had a cascading effect across her entire life, all as the result of one tweet. And, you know, she only had about 200 Twitter followers. But this is the sort of asymmetry that we have to deal with today, these unpredictable, unintended consequences.

Jameson Lopp

It's funny, I have a little Jameson Lop who sits on my shoulder now, and when I'm traveling or going to different places, he sits there and just reminds me of certain things. And it's the basics, Jamieson. Like, whenever I sign up to free WI fi at a hotel or at an airport, I never use my correct email address. I mean, we're talking about the basics here, but they always work. If you put in a fake email address every single time I do, and then every time when I've left the airport or hotel, I disconnect the history of that connection to using that WI fi from my computer. And that's just a single example. I could give a few, but the point being is that by having my own awareness, I carry that around with me wherever I go and just start to consider things. One of the things that might be difficult for people, like, they might have listened to a bunch of these shows, and it might be a lot to take in all the stuff we go through now. But I think the real lesson is you have to develop a practice that suits you. And just having the awareness, you know, whether you're signing up for WI fi, when you're in a store buying something, all the things you're doing, you can leave a trail of information everywhere, and you just need to be aware of that and whether you do want to leave that information.

Peter McCormack

And ultimately, I think most people can deal with and understand some of the more common issues because they are making the news and that is basically the data leaks. It's, you know, almost every week it seems like we hear about a new hack where hundreds of millions or billions of accounts and all of their personal information on those accounts got leaked through any number of exploits or just careless configurations on the part of, you know, E commerce people or data warehousing providers, et cetera, et cetera. And this is once again just the result of the information age and how quickly and easily information flows. It's very hard to keep information secure. Once you give information to a third party, you're trusting them, you're, you're assuming that they are putting all of the best practices into place, but really, at the end of the day, it's a numbers game. If you're giving your information out to hundreds or thousands of third parties, you're basically guaranteeing that at some point your personal information is going to get leaked and then distributed around.

Jameson Lopp

And undoing that is going to be a very, very difficult thing to do. Okay, so if we move on to the next step because, you know, the people listen to this, they have an interest in Bitcoin. You know, they might have been in Bitcoin for a couple of years and using this as a refresher, or they might be brand new to Bitcoin. They might have just bought their first amount or thinking about buying their first amount. When we get into the world of bitcoin, privacy and OPSEC isn't really a choice. You really have to start taking this very seriously.

Peter McCormack

Yeah. So once again, you have to really decide what is your threat model. The extreme that some people go to in the Bitcoin space is making sure that their identity never gets connected to any of the coins that they have acquired. Unfortunately, this is actually an incredibly challenging thing to deal with due to the transparency of Bitcoin and the auditability of the blockchain. And you can avoid buying Bitcoin without having your identity tied to it, though that generally requires doing things like over the counter trades or face to face trades. But even if you get to that point, then you have to ask yourself, every time you make a transaction, are you essentially giving away which coins belong to you? Because the person you're sending money to could potentially look up and see where the money is coming from. So if you want to be 100% private in that fashion, then you basically have to make every spend that, that you're sending to someone go through a mixer or some other obfuscation method. But you know, for most people, I think that the easy thing, the most important thing to do is just not post your addresses in public places. This is actually something that I've run into a lot as I've been doing various research of historical events in Bitcoin, is that I've gone back, you know, eight, nine, 10 years ago and back then people were just publishing their bitcoin addresses and forum posts and leaving trails all over the place. And so that was terrible for them though. Very helpful for me when I wanted to basically de anonymize some of the early adopters and what they were doing many years ago.

Jameson Lopp

So I'm going to make an assumption that most of the people listening to this, their first purchases are going to probably be on a Kraken, a coinbase, a cash app. It's going to be somewhere, one of these very public exchanges. And I think it's going to be very difficult for these people for day one to operate perfect privacy practices. But at the same time, when they start, one of the things they need to be aware of, and the thing you've talked to me about before in the past is that even if it's a small amount of money, that can become a life changing amount of money later on. So are there any things that people can do early on? Can they create multiple addresses and distribute their Bitcoin amongst multiple addresses so it doesn't look like they have too much? Are there any early basic practices they can do?

Peter McCormack

There are and you know it. Once again, it comes down to who you're trying to protect yourself against. I think if we don't worry about, you know, nation state level attackers, then really the most important thing is not to, you know, broadcast your addresses all over the place publicly. Also not to reuse addresses. You know, at the very least when you are receiving coins, it costs you nothing to generate a new address. And that means that whoever is sending you the coins can't look up on the blockchain and say, oh, you've received all of these other coins at the same address. As I mentioned earlier. The flip side unfortunately is then when you are sending money to other people, they could potentially look back in your history. But it, you may not necessarily care about that. It just depends on the sensitivity of what you're doing and whether or not you're worried about your counterparty learning more information about you. But at least by having those funds split up amongst more addresses, it would be difficult for someone you're sending money to to see your entire wallet. But there are many different types of adversaries on the Network that are doing many different types of listening for data, whether it's on the blockchain or the network, or harvesting data from various providers like Exchanges. And so it's hard to stay completely off the radar of everything. But I think by keeping a low profile, you know, not associating your real identity with any coins, at least on social media, you know, in the public, that is going to get you a lot further than what I think a lot of people do by default.

Jameson Lopp

Yeah. So that's something that's difficult for you and I because, you know, we both work in the industry. You work for one of the best companies in the Bitcoin space. I have a podcast. So we're known, we're known people. But some people coming in might see that there's a lot of very well known names in the industry, but their names are funny accounts with funny pictures. You don't actually know who these people are. And one of the reasons is they're trying to protect themselves from such situations. And I think it's also worth mentioning that we're not just talking about people trying to hack you here. I mean, you run a GitHub page which logs a history of physical attacks on people, right?

Peter McCormack

Yes. And thankfully, I would say the relative number of physical attacks has remained pretty low. But what I was more interested in was just seeing if there is a correlation between general awareness of Bitcoin and the physical attacks. And there really does seem to be a strong correlation there. And it makes sense because as Bitcoin goes more mainstream, then more people, including people who are willing to commit violent crimes or essentially threaten others in order to get their money, are starting to look at Bitcoin and weigh the risk and reward and try to figure out if there's easy money to be made in this ecosystem.

Jameson Lopp

Well, I've broken down the privacy things that people should care about into three categories. I've got your general privacy, which is your general personal privacy. I've got the specific items relating to Bitcoin and then I separated your Internet privacy. So let's start with the absolute basics of privacy. One of the things I did do after reading your article on Medium was I switched off a number of location services on my phone and I also deleted a number of the Google apps and stopped using most of the Google apps. Why is it that you recommend people switch off those location based services? And also, what is your view related to Google services?

Peter McCormack

Yeah, I mean, the main problem I have with a lot of apps asking for far more information from your phone than they probably need is that you don't know what's going to happen with that information. And we've actually seen several cases where that information is getting collected and then resold to third parties. And so it once again comes down to, would an attacker be able to use this information against you if they can figure out your patterns? And I think a really easy thing to look at as well. Most people, they leave their house during certain periods of time to go to work or go to the gym, or they have basically a pattern. And so even from that perspective, if someone could view your location over a long period of time, they figure out what your life patterns are and can use that against you to perhaps break into your house when they know that you're not going to be there, or otherwise set up some sort of trap because they know where you're going to be at a certain time. And that of course, is getting more on the physical security side of things. But there are also just a lot of unintended consequences from all of this information coming out. Usually things that you wouldn't really think about. Basically being able to determine private parts of people's lives. Say, for example, you're going to a certain store or establishment that might be considered embarrassing, that would show up in your history as well. It's hard to even come up with all of the things that could go wrong. But suffice to say, most people would not appreciate being followed around by a private investigator that's tailing them all day long. That would creep most people out. But essentially that's what we're doing is we're carrying around the device in our pocket and then allowing the data to flow out and basically be investigated by any number of entities.

Jameson Lopp

Some of us have got very used to services that rely on location, Uber, Google Maps, various things like that. Is there an alternative? Is there a way of being able to carry on using these apps without giving away too much information?

Peter McCormack

It really comes down to an app by app basis. And I've had to do a lot of trial and error with them in many cases. A lot of these apps actually have browser based versions, and the browser based version usually also works on the mobile phone, so it's hard to make a blanket statement about them. But even with things like Uber and Lyft, I found at least using Uber without any location services, it looks really janky, but it still works. You just don't get quite the same level of like real time updates and everything. But you know, I think the engineers at these companies want their apps to work in as many situations as possible.

Jameson Lopp

What about in terms of your home and your mail? Are the things related to how you consider your house and, you know, where you live or where you work and things like that that you should be especially considerate about?

Peter McCormack

Yes, though almost nobody is going to go to the level of, I think, trying to protect their mailing address. It is actually pretty easy to do. You can set up remailing services for probably around $50 a month, but the basic idea there being that you are giving away your mailing address every time you buy something online, and in many is every time you even buy something digital online. Like if you're not getting something shipped to your house, people are often giving their address away as a part of the credit card and billing process. If you don't want to go to the trouble of actually setting up a P.O. box or a remailer, you can at least protect your address on the billing side of things by using a service like Privacy.com for example, which basically allows you to create these throwaway digital credit cards. And the nice thing about it, other than just the security side of being able to lock down each one of these cards so that each card has a limit and gets locked to a specific merchant, is that the card will validate with absolutely any mailing address that you give to it. So you can put in a completely junk mailing address and the charge will still be processed on it.

Jameson Lopp

Okay, and what about social media? Because this is probably the place where I think most people are careless. The way they use Instagram, Facebook and Twitter. I don't think we're going to change a lot of people. I don't think we're going to stop people using these services. I know a few have dumped Facebook, but my expectation is most people are going to continue using them. So is there a way of using them in a more privacy focused way?

Peter McCormack

For a while before I completely dumped Facebook, I was using, I think it was called Tinfoil Hat, but there was basically a stripped down version of Facebook app. I think it was basically running the Facebook mobile site through the app and stripping out a lot of the tracking bugs and whatnot. But on Instagram, I'm not as sure I've also ended up dumping that. But really it's not just about using that single app, but actually about your entire web browsing experience. The problem, at least with Facebook and Google and some of the other large tracking sites out there, is that the genius thing that they've done is that they've managed to get their Buttons and their tracking code distributed across who knows how many, possibly millions of websites out there. And so as you're going around the Internet just minding your own business, these tracking bugs are getting fired. And Facebook and Google and the other trackers can basically aggregate all that information and see a very large portion of your web browsing, your history. And so that's why it's actually, I would say more important that you just set up some decent ad blockers on any browser that you're using so that you're making it harder for these services to piece together all of your browsing history.

Jameson Lopp

Can you recommend some specific ad blockers that you think are the best that are usable? I mean, I use Brave and I think Brave is a great browser, but are there any other specific services you would recommend?

Peter McCormack

Yeah, Brave has some decent ad blocking. In terms of browser extensions, I like UBlock origin. Also I'm a fan of Privacy Badger, which is a tool from the Electronic Frontier foundation and really I would install all of the browser extensions from the Electronic Frontier Foundation. They also have one called I think HTT Everywhere, which tries to force all of your browsing connections to be encrypted for your own good.

Jameson Lopp

Yeah, I've got that one. I've got that. Based on our previous session.

Next up, I talked to Jameson, more about Bitcoin privacy and opsec. But before that I've got a message from my amazing sponsors. So first up we have BlockFi, the future of bitcoin and financial services, my longest serving sponsor and they're going to be renewing again. I caught up with Zach. We talked about everything that's happened since we started working together and he's like, pete, we're sticking with you. So that's very, very cool.

Big up to you Zach.

Big up to Florrie and congratulations on the new round. They've just raised another $30 million. They are absolutely smashing it as a company and so many cool things are coming this year. Most of all, I cannot wait for the sats back credit card that's coming. Yes, you will be able to earn Bitcoin back just by spending money on their credit card. Get me that as soon as possible, Zach. I want to play with that. I want to tell people about it. Also they've got a mobile app coming which is very cool. Much needed. This is on top of their already market leaning products. They have their crypto backed loans where you can take our loan out against your crypto and they also have the interest accounts of which I'm a customer where you can earn interest on your bitcoin, ether or gUSD. It's going to be a massive year for BlockFi. Love working with them. Can't wait to see what they do this year. If you're interested in finding out more, please do your own research then head over to blockfi.com which is b l o c k f I.com and lastly this week. But never least because you know, I love them. It's the mighty Kraken. The best place to buy, sell and trade Bitcoin. But why, why do I always say this? Why is Kraken the company I trust more than anyone else? Well, they are consistently rated the best and most secure cryptocurrency exchange, whatever your level experience. Kraken has designed and built a streamlined Bitcoin exchange for newcomers and experts alike. Their platform provides world class financial stability by maintaining full reserves, healthy banking relationships and the highest standards of legal compliance. They pair their global 24 7, 365 live chat with an extensive support center to help ensure that your questions are answered and your needs are met around the clock, no matter who you are or where you are. They offer an exclusive additional layer of near real time hyper personalized support through Kraken account management program. And with Kraken Pro, their beautiful mobile first app, you can trade Bitcoin wherever you want. There is no better place to trade Bitcoin. So what the fuck are you doing with your Life? Get on kraken.com or download the app. It's available for the iPhone or Android. Just search for Kraken Pro, which is K R A K E N P R O.

Okay, so let's, let's get into the Bitcoin stuff now because this is the stuff that's really important. This is the stuff whether or not they listen to what you said about, you know, protecting their phone against surveillance and things like that, you know, that's really down to their privacy. But we do want people getting into Bitcoin to really make sure that they protect their Bitcoin, that they don't get hacked. So what are the scenarios and what are the attack vectors that people are protecting against when they're considering their Bitcoin privacy?

Peter McCormack

Most of the time I think people are just worried about hackers, you know, someone getting access to their machine, whether it's a desktop, laptop, mobile phone, whatever is running their Bitcoin wallet and just stealing the private keys and, you know, taking all the money because it can be gone in a matter of milliseconds and then you can't get it back. And so the really safest and simplest thing I think for most people to do is to buy a dedicated hardware device, whether that's a Trezor or ledger or a cold card that gets you to the next level of security where your private keys are no longer on an Internet connected device. It protects you from the vast majority of of hacking attempts. There are still ways then that hackers will try to fool you to get you to send your money to them instead of to whoever you're trying to send it to. But the next level of issues that I've kind of run into after getting to a hardware device level of security is usually just phishing, social engineering, or in some cases malware inside of the browser itself. So I'm not a fan of using browser based wallets, even if they're tied to a hardware device, because there's so many things that can go wrong with the browser, whether it's from malware or just like a bad browser extension. And it's really hard to keep the entire software stack completely free of any bad software. There's so many layers of software now, no one can really know all of the code that they're running at any given time.

Jameson Lopp

Right. I have both a ledger, a Trezor, actually. I also have a cold card, but I find the ledger has the desktop app, which I can use, whereas Trezor tends to go via the browser. That's the thing you're talking about there.

Peter McCormack

Exactly. It's not difficult for a bad browser extension to start screwing with whatever's going on in the browser and cause the user to basically be tricked into sending a transaction to an address that gets swapped out at the last second. If you're not being extremely diligent, there are a lot of things that can go wrong. But the nice thing about these hardware devices is that if you are diligent, you can verify the amounts and the addresses of where your transactions are going on the actual screen of the hardware device. And the likelihood that the software or the firmware on the hardware device has been compromised is extremely low.

Jameson Lopp

And that's one of the things that I've been encouraging through this series, that if you get into Bitcoin, you really should consider getting a hardware device. You don't want to keep your Bitcoin on an exchange because that comes with a number of risks. So if they do go down that route, if they do venture into getting themselves a hardware wallet, there are a few things they need to do to protect themselves there. So the basics is you know, protecting your private keys, we know that, but in terms of protecting their private keys, there's a number of different ways they can do it. And you've got some famous tests. One of my sponsors right now, Cypher, will have been through your tests, but you've got these famous tests for testing these devices. So can you explain what these key management tools are and what you should be considering when purchasing one?

Peter McCormack

Also, the downside to the hardware devices is that most people are using them in a single signature setup, which basically means all of your keys are on that one device. And so this of course, is a single point of failure. If the device screws up for any reason or gets destroyed, then you've got a problem. So you have to make a backup of basically the seed phrase data that is used to generate all of your private keys. And then this turns into a huge question of, well, how do I keep that safe, how do I make sure that it doesn't get destroyed? And I've done a number of tests on various metal devices that are meant to withstand natural disasters. And it's not necessarily intuitive, you know, which ones are actually the best. In my experience, it's not necessarily the most expensive ones that are the best. And so I've got a whole website that's dedicated to me testing both heat and acid and crushing and how well these devices hold up to those different forms of stress.

Jameson Lopp

So I'll share that out in the show notes. So people have access to that, but if they're not totally aware. What we're talking about here is when you set up your wallet, you are given a number of seed words, a number of words that you need to store in order to restore the wallet, should you lose it, should it be damaged. Now, these devices tend to come with a piece of paper inside where you could write that down, but if you write that down and, you know, you hide it away in your house somewhere or at a friend's house, you know, a piece of paper is easy to lose, easy to become damaged. But what these devices do, they allow you to actually, usually with little kind of metal letters, is actually recreate all the seed words in the device itself. Now, are there any best practices about how many of these devices you should have where you should store them? Any advice on that?

Peter McCormack

Yeah. So this is where things start to get complicated and you once again have to decide what you're trying to protect yourself against. But even with a standard seed phrase, if you put it on a metal device, then a physical attacker that gets a hold of that would be able to sweep all of the funds from your wallet. You can of course, create multiple copies. You can create as many copies as you want, but then you have the security aspect. You now have to start thinking about physical security again, which is a fairly well known problem. But if you are trying to make it so that a physical attacker can't sweep the funds off the device, then you have to do one of a few things. An easy option that a lot of people go with is they just add a passphrase to their seed, which is generally supported by these hardware devices. But that basically means that the seed phrase requires all the words you wrote down, plus some other password passphrase in order to actually derive the keys. Now the problem then is, well, where do you put the passphrase? How do you back that up? It kind of turns into this never ending Sisyphus cycle of things that you have to keep securing. And what I like more than that is just splitting up your keys. Then there's a couple of different ways to split up the keys. There's one thing called Shamir secret sharing, which never really had a good standard until recently. Actually, Trezor has created a standard around that, though I'm not aware of a ton of people that are using it. Yet another option is to use something called multisignature, which is where you basically you create a wallet that is comprised of multiple different seed phrases and multiple different devices, and that allows you to securely have multiple different sets of keys in different locations, so that even if one set of keys gets compromised for any reason, that attacker will not have enough data to actually sweep the funds out of your wallet. But you start going down a whole rabbit hole here and ultimately you get to the level of what we've done at CASA, which has resulted in basically a 40 page long document around all of the threat vectors that we've thought through and how we mitigate them all.

Jameson Lopp

Yeah. What I would say right now is that people listening might be thinking, God, this sounds so complicated, there's so much to do. But really, I think what we should say is that your privacy processes and your key management will develop as you go down the Bitcoin rabbit hole. So you might buy your first few dollars, $50, $100, and actually keep that on an exchange, which, you know, isn't best practice, but isn't the worst scenario in the world. But maybe you buy some more and it grows to a few hundred dollars or $1,000, and at that point you maybe get your hardware wallet and you transfer it to that and then you just start investigating ways to manage your private keys. But I would want to say that people shouldn't be too scared off by this. It's something, it's like a learning process, right?

Peter McCormack

Well, yeah, I mean it's, it's really no different than securing anything else of value where the level of value that you're trying to secure will dictate how much resources and time you put into trying to secure it. So people don't put a ton of resources into securing their wallet that they carry, you know, $100 around in, you know, if you, if you lose that wallet, then it's not a big deal. It's not, you know, the end of your life. And that, that's the same way that I tend to operate with, you know, my, my spending wallet of Bitcoin, my hot, hot wallet on my mobile phone. You know, it's only a few hundred dollars, it doesn't need to have an amazingly high level of security. But you know, ultimately if, if you have been in the space long enough, if you're a really long term holder, then you may have a significant fraction of your net worth in Bitcoin. And that's the point at which you start to think about all of these really crazy attack vectors that are highly unlikely, but because they would be catastrophic to you from a financial standpoint, you start to entertain even the slight likelihood of a crazy scenario happening and how you might be able to mitigate that without too much trouble.

Jameson Lopp

One thing we should talk about here, that is something that's happened quite a bit, it's happened to quite a few people, is sim swapping. Can you explain what sim swapping is and what people can do to help prevent against that happening?

Peter McCormack

Essentially it seems to be an American problem, but the problem is that the cell phone companies, at least in America, have made it incredibly easy for someone to take control of your phone number and basically swap the ownership of your phone number over to a different device. Now, you know, maybe this is happening because people are social engineering the companies themselves, but I think in many cases it's happening because employees at the companies are getting bribed to do this. And so if we assume that the company and employees at the phone company are compromised, then we should not use a phone number as a security mechanism for anything. And that basically means on any of your online accounts, don't have SMS based two factor authentication, don't allow for account recovery based upon sms, if that's an option at all. And really preferably like don't put Your phone number in any online accounts is probably the safest way to go about that.

Jameson Lopp

I mean, yeah, every time I access my Gmail it keeps popping up with a little pop up saying, would you like to add a backup phone number? And no, I don't. I used to have it on there, but again, after our previous session I went through every service I had and removed my phone number from it. And also this comes back to your other point whereby if you're talking about Bitcoin and you're being public and you're leaving bits of information everywhere, you know, it might be quite easy for someone to find out who you, what your phone number is and which service provider you're using.

Peter McCormack

Exactly. And so really like the only way that I've been able to really solve this problem is to not even know my own phone number. So, you know, my phone that I'm using regularly has a SIM card that I purchased anonymously with one of those throwaway online credit cards, throwaway name, etc. Etc. And so they don't know the identity of me, the SIM card holder. I don't know the actual phone number that is tied to the SIM card. Then when I have to give out a phone number, I use this other proxy service that essentially forwards to the real phone number and that allows me to actually create many different phone numbers. So I don't even have to give out the same virtual phone number to all the different providers and different classes of people that I'm interacting with. But this is once again kind of going down a deeper rabbit hole for most people. If you don't want to go to all of that trouble and you're in the United States, I would say the most secure mobile phone provider that I'm aware of is Google Fi. And to date I'm not aware of anyone on Google Fi ever being SIM swapped. And that's what I was using for a number of years before I went down this alternative, more complicated path.

Jameson Lopp

Well, that's a pretty good recommendation. I think we should also say, though we're not saying to people that you shouldn't use Two Factor Authentication, we're actually saying the opposite. You really should be using it, but you should be using a tool like Google Authenticator and always in every scenario, avoid using sms. Two Factor Authentication. But some people might not even know what Two Factor Authentication is. So should we explain what that is?

Peter McCormack

Yeah, I mean, it is exactly what it sounds like in that it is a second factor. So your first factor of authentication is generally going to be your username and password. So that's something that you know you can then use a number of different tools for a second factor. You know, in on, on many phones there, there may be some sort of biometric two factor authentication to get into various apps or unlock things in the operating system. For web based services for a long time SMS was the default. We seem to be moving away from that. But you can do something called a totp which is time based one time passwords. Usually people use Google Authenticator as a mobile app to manage those. It's basically the 30 second rolling six digit codes. What's even better though is actually using dedicated hardware once again. So just like we recommend dedicated hardware devices for your Bitcoin wallets, I also recommend dedicated hardware devices for your two factor authentication. A really good one is the Yubikey which supports both the U2F standard and even can also support the rolling code passwords via the Yubico authenticator app. And that way you're actually not storing those keys on your mobile phone anymore. You actually store them on the Yubikey itself.

Jameson Lopp

Another thing people can consider when going down the Bitcoin rabbit hole is running a node. It's something they're going to learn about early on. It might be a bit intimidating, but what are the benefits of running a node and how does that help support privacy?

Peter McCormack

So I kind of see it as two different tiers of operating on the Bitcoin network. The first one being holding your own keys. That gives you the first real level of sovereignty. If you hold the keys, no one can take your money, only you really control your money. But then the question becomes what is your money? What is the state of the Bitcoin network? And that's where you get to this second level of sovereignty which is validating everything that's happened on the Bitcoin network yourself to make sure that nobody's breaking the rules. If you aren't validating the history of all the transactions on the Bitcoin network, then essentially you're trusting someone else to validate them for you. And in many cases that may be okay. A lot of people use SPV wallets which kind of have a miner based trust trust model that the majority of miners are being honest and so on and so forth, and there's trade offs to all of these things. But running the node not only gives you that level of security that the rules of the network are being followed, it also allows you to query your node directly for the transactions and balances that are related to your wallet. And this is Something that I think very few people are doing. And as a result they're going out and their wallet software is querying some other servers, some other nodes, and basically saying, give me any transactions and any balances related to all of these addresses. And, and this is a potential network eavesdropper style privacy leak, because you don't necessarily know what servers out there that you're connecting to, what nodes you're connecting to, and who's operating them. I mean, it's practically guaranteed that a decent number of nodes on the network are probably being operated by companies like Chainalysis that are trying to identify wallets and users who own those wallets. So, you know, if you are doing that, then at the very least you probably want to be doing that through a VPN or through Tor to, you know, try to mask your real IP address and, you know, not correlate your IP address with the addresses in your wallet.

Jameson Lopp

Okay, that's a good segue into Internet privacy because there's a number of things you can do. A number of things I've changed personally since we did our show. I've talked about this. Now, with regards to your PC and your setup, what are the basics that everyone you think should be using? Would you say a VPN's basic? Would you say Tor's basic? Do you think they are things that people should be considering?

Peter McCormack

I wouldn't normally say that Tor is basic, though I believe Brave has actually done a great job of making Tor a basically point and click type of solution. Now you can basically open a Tor browser tab very easily in Brave, but a VPN is something that I think most people should be using simply because it is protecting you from, from exposing your real home IP address, which it gives away your rough geographic location. It also is a fairly unique fingerprintable item that can be used to correlate other things that you're doing online. So if you're using a vpn, then you're most likely going to end up using a shared IP address that has a lot of other traffic going through it. So that should also help you kind of hide in a crowd from that standpoint.

Jameson Lopp

And the vpn, would you recommend that something that's on the whole time when they're using their computer or just for specific activity.

Peter McCormack

I would definitely say all of the time is preferable. But this becomes another issue because people have many different devices. What I have ended up doing myself is not having the VPNs configured on every single device, but rather configuring them at the router level. And that way my home router ensures that all the traffic that is going out of my home network is going through a vpn. Unfortunately, this is way beyond a basic level type of thing to configure. I'm not aware of, of any off the shelf retail consumer network routers that make it easy for you to set up a VPN at the router level.

Jameson Lopp

Yeah, and one of the things I've found is I have a VPN on my computer, but with certain services won't work. For example Netflix. Netflix won't work if you're using a vpn. So I tend to find I switch in and out for when I use it, but I also actually have a VPN on my phone now. Now I've actually started using that. I'm guessing you would recommend the same.

Peter McCormack

Definitely. The one downside that I have noticed is that it's going to drain your phone battery a lot faster because essentially what a VPN is doing is it's encrypting and decrypting all of your traffic at an additional layer on top of the web browser level encryptions that are already occurring. So it basically has additional computational load that it creates and whether that's on your phone or your laptop or your router that also can potentially slow down your traffic. If you need really, really high throughput downloads, then you would probably notice a difference if you're doing it through a vpn.

Jameson Lopp

Okay. One of the most important tools that I've brought into my setup is to use a password manager. One of the big problems is a lot of people reuse passwords. They might have one they use for everything or one they use for general websites and another one they use for maybe their bank. But one of the main issues is that if a service is hacked, the hackers tend to brute force use those logins and passwords on multiple websites to try and access them and try and access your information. So I've introduced a password manager. Do you recommend the same? Do you recommend people introduce a password manager and is there specific ones that you particularly like like?

Peter McCormack

Yeah, I mean the way that I put it is that you should not know any of your passwords other than a master password to open up your password manager. Additionally, your password manager should be once again secured by two factor authentication and preferably, you know, hardware two factor authentication. A number of people don't like it because it's not open source, but I've had pretty good experience with LastPass because it has a ton of these features. It also makes it really easy to use across different devices, you know, both desktops and mobile phones. And it supports the Yubikeys. It actually supports I think half a dozen different types of two factor authentication. I believe some other good ones are like One Pass and Keepass. I'm not as familiar with how good they are at the cross device automatic syncing though. That's one of the main, I think detriments to a lot of the open source password management software is keeping them working across all of your devices and in sync without having a lot of overhead.

Jameson Lopp

The one I'm a particular fan of is is Dashlane that also supports multiple devices, you know, laptops, mobile apps very well. Have you much experience with that yourself?

Peter McCormack

No, I can't say I've tried that one.

Jameson Lopp

Yeah, pretty good, pretty good. All right, so listen, that we've covered a lot here, Jameson. There's a lot for people to take in here. I think almost in some ways people are going to be a little bit overwhelmed here. But if we sink it down to the absolute basics and somebody was getting into Bitcoin, now, what are the absolute things that you would say that you should definitely do straight away?

Peter McCormack

The most important things that you can do are the free ones really is, you know, the things that don't require anything other than time and effort to set up. So you know, setting up your ad blockers, setting up password managers, which in many cases are free, though you know, you might want, want to pay a small like 10 or $20 a year subscription to get additional features and syncing and whatnot. And then, you know, depending on how much value you're putting in it, if we're talking more than a few multiples of the cost of a dedicated hardware device, then it starts to make sense to looking into one of those. And the really tricky thing I think about Bitcoin is that there are so many different pitfalls. We can't possibly cover all of the things that could go wrong. Like I said, we have a 40 page paper with a lot of the things that can go wrong on the CASA website, but most of this is really just a matter of time and research and how much you put into like thinking about how to protect yourself. And the, you know, the unfortunate thing is that nobody is going to beat you over the head and make you protect yourself. And so in many cases I think what happens is people are lazy and they, they do that the absolute minimum just to get things working and they don't think, think adversarially about all the things that could go wrong and then things go wrong and they learn the hard way. And hopefully it isn't so catastrophic that it completely puts them off to, you know, the entire space in general. But I think you would be hard pressed to find someone who has been in the bitcoin space for many years who hasn't had a few stories of things going horribly wrong. You know, we all learn the hard way, one way or another. I think the most important thing is to try to ensure that when those unforeseen events happen that they aren't completely catastrophic.

Jameson Lopp

Yeah, one of the things you can do is you can create that personal plan especially they can dig up your article on medium that I'll put in the show notes and you can just sit there with a piece of paper and a pen and work your way through it and say, these are the important first steps I'm going to take. I usually say to people, look, get rid of the Google Apps, download Brave, have a VPN and have a password manager. I always think that's a very good first few steps. And then in terms of your bitcoin, move to a hardware wallet and have a very good key management solution. And also just be very careful about how and when you start spending your bitcoin. I always feel that's like a very good basic start. But then I always say to myself, like I said, I have a Jameson Lopp who sits on my shoulder and everything I do, I always just have a double think, is, is this a bit of information I need to give? You know, what information should I provide in, Am I doing anything stupid? But I think, I don't think people should be overly concerned to begin with. They should just develop like you say that personal plan for you and then probably what, review it once a year?

Peter McCormack

I would say it's something that you need to review whenever circumstances change. And so, you know, from the, from the bitcoin standpoint it's usually, you know, has awareness gone up significantly? Has the price gone up significantly? The, the way that I try to give people perspective on like what is the appropriate level of privacy and security is that, you know, if you look at the, the volatility of the space, not just from the price standpoint, but general awareness, is that we can very easily do an order of magnitude change in just a few months time. And if you only set up an appropriate level of security and privacy for what the current level of bitcoin mainstream awareness is, then you're going to get caught flat footed when there's some major events and all Of a sudden there's a lot more attention on the space. And so I kind of try to frame it in terms of bubbles, essentially of like, you want to be prepared for the next bubble happening. You don't want to have to scramble and make a bunch of changes as the bubble is occurring and as everything is going crazy. You want to be prepared in general. And I think that that's why we actually have a number of people in this space who are kind of a prepper mindset, not just for bitcoin, but for life in general, is that I think a lot of us have that adversarial perspective where we're thinking about the edge cases and the things that probably won't go wrong, but could go wrong. And once again, we're just trying to create our own insurance, if you will, you know, mitigate some of these things so that if, if, if the outside event that we don't think is going to happen actually does happen, that it won't be as terrible for us as it would have been if we were completely unprepared.

Jameson Lopp

All right, well, you've talked about Kharsa a few times in this interview. It's the company you work at, company you work for. Do you want to just explain who they are? So if people are listening, they want to find out a bit more information about them if they think it might be useful for them?

Peter McCormack

Yeah. So I've worked in bitcoin and specifically private key management for over five years now and have seen a lot of things go wrong. I've seen people shoot themselves in the foot quite a few times and I basically had issues with my own personal cold storage setup. It was just so complicated. And really what we have been focused on at CASA is helping people improve their own sovereignty. This is kind of a tricky position to be in because. And the only way to have the ultimate level of sovereignty and privacy is to do absolutely everything yourself. But that comes with an extremely high learning curve and you basically have to be willing to turn that into your full time job. And what we're trying to do at CASA is to help guide people down the path of basically helping themselves. You know, we don't, we don't want to be the custodian and fully responsible for other people's coins, but we do want to be able to facilitate them getting into a secure position of self custody. So this is how we ended up creating this multisig key management application that I believe combines both really, really good user experience in a mobile app, along with the security that you get from both these hardware devices that we've talked about and from just redundancy and splitting your keys up across multiple different geographic locations. But you know, I've basically tried to architect a self custody solution that is as easy to follow as basically tapping through a mobile phone app and following the instructions in the app. So people who have a decent amount of wealth in this system and don't feel like they have the time or the technical sophistication to think through the ultimate level of security and robustness, I highly recommend that they check out some of our materials on our website and give us a shot.

Jameson Lopp

I agree. I recommend everyone checks it out. Well, listen Jameson, it's always a pleasure. Love having you on every single time. I'm going to put all the previous shows we've done in the show notes and I'm going to put a few links to some of the materials that you've provided online. Specifically your Medium article. What was it titled again? Something.

Peter McCormack

A Modest Privacy protection proposal.

Jameson Lopp

That was it. A Modest Privacy protection proposal. So I'll put that up there. I mean it's pretty detailed but there are some really useful things in there. So yep, appreciate your time, hope everything's well and hopefully I'll get to see you soon at some point.

Peter McCormack

Great, we'll see you soon.

Jameson Lopp

Okay.

How good was that Jameson? He's such a beast, man when it comes to privacy, I'm not set with bitcoin. There is nobody out there you can trust more. There's nobody more knowledgeable. He really knows his shit with this. And while I'm sure not everyone takes this as far as Jameson does, knowing these privacy trade offs and best practices are crucial. So I hope you enjoyed this one. And as I said in the intro, Jameson has a whole set of amazing resources on his website. Lop.net make sure you check it out and if you did feel a bit overwhelmed, don't worry. Just take it step by step. Start with some basic practices, create a plan that works for you, and then as you go down the rabbit hole, this will evolve. If you've got any questions or feedback, feel free to hit me up. My email address is hello@whatbitcoindid.com and listen, if you want to support the show, if you want to do anything to help me, it's all up on my website. Head over to whatbitcoindid.com click on the support section. Everything is explained there. As I said, this trip is coming to a close. I had an amazing couple of weeks in South America filming down in Chile, Colombia, Venezuela and El Salvador. Those are going to be turned into mini documentaries soon, so can't wait to get that out. But yeah, I'm going to be heading back to London in a few days. Cannot wait. I'm missing my kids. But yeah, another amazing trip. Anyway, have a great week.

Peter McCormack

Sa.