Two Plus Two Publishing LLC Two Plus Two Publishing LLC
 

Go Back   Two Plus Two Poker Forums > >

Notices

Computer Technical Help Post your questions about computer hardware and software and configuring same here.

Reply
 
Thread Tools Display Modes
Old 08-12-2010, 08:23 PM   #176
girlviernes
stranger
 
Join Date: Aug 2010
Posts: 10
Re: Computer Security for Poker Players (videos)

Yesterday I was in a big hand with the nuts and suddenly my interest connection died. Am I being paranoid to wonder if it is possible I was hacked/or some sort of DDOS attack? This was in rush poker at Full Tilt Poker.
girlviernes is offline   Reply With Quote
Old 08-13-2010, 11:37 PM   #177
kerowo
lolcat
 
kerowo's Avatar
 
Join Date: Nov 2005
Posts: 32,992
Re: Computer Security for Poker Players (videos)

Yes, you're being paranoid.
kerowo is offline   Reply With Quote
Old 08-21-2010, 02:36 PM   #178
pasita
adept
 
Join Date: Mar 2007
Posts: 1,100
Re: Computer Security for Poker Players (videos)

Quote:
Originally Posted by funkyworms View Post
3) Storing passwords in clients doesn't protect you from keyloggers. I store passwords in my poker clients and Firefox.
Had to revisit this. Why is storing passwords in poker clients OK, but storing them in a browser without a master password (such as IE) is not?
pasita is offline   Reply With Quote
Old 08-24-2010, 01:30 PM   #179
rckyu
veteran
 
rckyu's Avatar
 
Join Date: Apr 2008
Posts: 2,688
Re: Computer Security for Poker Players (videos)

Is it safe to use the following Chrome add-ons:

I store most of my passwords in Chrome and in order to use Google related add-ons I need to be logged into my Google account.

Can people hack me / get my passwords via those add-ons? I'm losing it surfing websites w/o adbl0ck after using it for the last 2 years.

Last edited by rckyu; 08-24-2010 at 01:36 PM. Reason: lol, adbl0ck got censored?
rckyu is offline   Reply With Quote
Old 08-24-2010, 03:04 PM   #180
funkyworms
Pooh-Bah
 
funkyworms's Avatar
 
Join Date: Jun 2004
Posts: 4,250
Re: Computer Security for Poker Players (videos)

Quote:
Originally Posted by pasita View Post
Had to revisit this. Why is storing passwords in poker clients OK, but storing them in a browser without a master password (such as IE) is not?
In a browser there is a very clear and well documented way to access stored passwords. If you save passwords in a browser without a master password, then someone with physical access to your machine could open your browser, click a few buttons, copy all of your passwords, and access your accounts on another computer.

Grabbing a password stored in a poker client is not so easy. Also, most clients require a second form of authentication such as a PIN or RSA code. The main risk comes from saving passwords in clients that do not use a PIN/RSA.

You can mitigate all of these risks by encrypting your system drive and turning off your computer when you will be away from it for extended periods.
funkyworms is offline   Reply With Quote
Old 08-26-2010, 04:12 AM   #181
pasita
adept
 
Join Date: Mar 2007
Posts: 1,100
Re: Computer Security for Poker Players (videos)

Quote:
Originally Posted by funkyworms View Post
Grabbing a password stored in a poker client is not so easy.
This sounds like security by obscurity, and I find it genuinely surprising after all the open source stuff.

Once I have given the master key in Firefox, will my stored passwords be accessible to an intruder? Not via FF itself as it asks for the pw again if I want to view the stored pw's but some other way? Or does FF decrypt the passwords only as needed so they stay protected at all times, except when they're traveling from the store to the login query of a site?

I haven't come across any client that requires PIN/RSA for login (some do, or at least did require a pin at cashout), although that is an option at the biggest sites. Will using RSA make the stored password more secure or do you mean that the password is basically useless without RSA?

About crypting the hdd, let's see if I got this right: it only helps in case of physical access to my PC, which was shut down at the time?
pasita is offline   Reply With Quote
Old 08-26-2010, 05:36 AM   #182
funkyworms
Pooh-Bah
 
funkyworms's Avatar
 
Join Date: Jun 2004
Posts: 4,250
Re: Computer Security for Poker Players (videos)

Quote:
Originally Posted by pasita View Post
About crypting the hdd, let's see if I got this right: it only helps in case of physical access to my PC, which was shut down at the time?
Perhaps I wasn't clear. My last post was only concerned with possible threats arriving from physical access. Using a Firefox master password is not meant protect you if your computer has been infected by malware. If someone has gained remote access to your computer by means of malware or some other remote exploit your passwords should be considered 100% compromised. In such a scenario nothing you do can protect your passwords.

The only way to protect your passwords from malware is to not get malware.

The only way to protect your computer from threats arriving from physical access is to encrypt your hard drive and turn it off while you're away. A Firefox master password will prevent a nosy roommate/spouse/rogue friend-of-a-friend from quickly jotting down your passwords, but it's not going to prevent someone who is intent on stealing your info if they have physical access to a live operating system.

Quote:
This sounds like security by obscurity, and I find it genuinely surprising after all the open source stuff.
It's not. I mentioned it simply because I don't think you gain any security by typing in the password each time, but you do lose convenience. When people are inconvenienced they do silly things such as...

1. Leave the password in the clipboard after copying it.
2. Store the password in a plain-text file for easy copying.
3. Use a weak password to make it easy to type.

This will open possible security holes.


Quote:
Once I have given the master key in Firefox, will my stored passwords be accessible to an intruder? Not via FF itself as it asks for the pw again if I want to view the stored pw's but some other way? Or does FF decrypt the passwords only as needed so they stay protected at all times, except when they're traveling from the store to the login query of a site?
Yes this exploit is possible.

Quote:
I haven't come across any client that requires PIN/RSA for login (some do, or at least did require a pin at cashout), although that is an option at the biggest sites. Will using RSA make the stored password more secure or do you mean that the password is basically useless without RSA?
Sorry I typed that in a hurry. It should've read, "Many sites give you the option of using two-factor authentication." It doesn't make the password more secure. The password also isn't useless it's simply one part of the key that has two parts.

With all of that being said...if you're the type of person who is going to leave you're laptop powered on in some sort of public place for extended periods of time; or you live with super sketchy people; and you use clients that aren't configured to use a PIN or RSA token, you probably shouldn't store your passwords in your poker client.

My whole point is that for a poker player with a modicum of security consciousness, storing a password in a poker client is going to be no less secure than typing or copying it each time.
funkyworms is offline   Reply With Quote
Old 09-06-2010, 05:06 AM   #183
cantpokeher
banned
 
Join Date: Sep 2010
Posts: 81
Re: Computer Security for Poker Players (videos)

+1 nice job on the videos
cantpokeher is offline   Reply With Quote
Old 09-06-2010, 09:52 AM   #184
Pilequinha
enthusiast
 
Join Date: May 2009
Posts: 90
Re: Computer Security for Poker Players (videos)

Hy,

What software do you recommend for backup?

Also what add-ins to firefox do you recommend?

TY
Pilequinha is offline   Reply With Quote
Old 09-08-2010, 09:22 AM   #185
iranwell
banned
 
Join Date: Jun 2008
Location: MUAH
Posts: 540
Re: Computer Security for Poker Players (videos)

I was wonder what your thoughts were on keyscrambler does it really work?

http://download.cnet.com/KeyScramble...html?tag=mncol
iranwell is offline   Reply With Quote
Old 09-14-2010, 08:39 PM   #186
blake16th
newbie
 
Join Date: Sep 2010
Posts: 38
Re: Computer Security for Poker Players (videos)

Make life easy for yourself and just get a Mac.
blake16th is offline   Reply With Quote
Old 09-19-2010, 02:54 PM   #187
poker.nsk.work
stranger
 
Join Date: Sep 2010
Posts: 5
Re: Computer Security for Poker Players (videos)

Below is the simplest secure setup. Anyone can afford it.
Big companies like Microsoft have similar internal rules.

1. Get a computer dedicated solely for poker. Format harddrive. Install you OS of choice.
2. Get an internet connection dedicated for poker only: ADSL, Optical, or Ethernet. Not wireless!
3. Get an appropriate router without(!) WiFi.
4. Setup the router, change its default password. Connect the poker machine to the router. You will be behind the router's firewall.

Follow these simple rules. Treat them seriously. They can't be ignored.
0. Ensure that only you will ever use your poker machine. Setup BIOS password if somebody else lives in your house. Windows password is not enough!
1. Don't connect any other computer to the 'poker' router.
2. Install only major well-known poker programs and scripts. Download them directly from vendor sites!
3. Don't use a flash drive (security token is exception). You never know who have used it. You, your mom, wife, or son can infect it somehow.
4. Use online-drive services to save/upload/download your hh archives, PT/HEM databases, configs, certificates.
5. Again. Remember #2. Install only trusted poker-related programs from well-known vendors.
6. Use the machine for poker & money transfer only. Play, analyze, cashout, and online bank. Use ANOTHER computer for forums/books/videos/whatever.

Personally, I have been using such setup for years.
I have never used antivirus software.
I have never found any piece of **** on my poker machine.


Another time, I will tell you how to protect the largest hole we have not discussed yet - your email.
poker.nsk.work is offline   Reply With Quote
Old 10-06-2010, 09:08 AM   #188
Dizzy Fuzz
adept
 
Dizzy Fuzz's Avatar
 
Join Date: Jan 2008
Posts: 1,022
Re: Computer Security for Poker Players (videos)

Quote:
Originally Posted by funkyworms View Post
In a browser there is a very clear and well documented way to access stored passwords. If you save passwords in a browser without a master password, then someone with physical access to your machine could open your browser, click a few buttons, copy all of your passwords, and access your accounts on another computer.

Grabbing a password stored in a poker client is not so easy. Also, most clients require a second form of authentication such as a PIN or RSA code. The main risk comes from saving passwords in clients that do not use a PIN/RSA.

You can mitigate all of these risks by encrypting your system drive and turning off your computer when you will be away from it for extended periods.
Just wanted to ask, how safe is a poker account that has its password stored and a secondary PIN to log into it?

The password is changed every month.
Dizzy Fuzz is offline   Reply With Quote
Old 10-10-2010, 01:45 AM   #189
Komet
stranger
 
Join Date: Aug 2008
Posts: 1
Re: Computer Security for Poker Players (videos)

Hello, have you got any advices for a good and secure e-mail box?even if they are not free.
I have heard about Hushmail and would like to know your point of view about it...
Komet is offline   Reply With Quote
Old 10-10-2010, 04:13 PM   #190
funkyworms
Pooh-Bah
 
funkyworms's Avatar
 
Join Date: Jun 2004
Posts: 4,250
Re: Computer Security for Poker Players (videos)

Quote:
Originally Posted by Dizzy Fuzz View Post
Just wanted to ask, how safe is a poker account that has its password stored and a secondary PIN to log into it?

The password is changed every month.
Unfortunately you've asked a question that has no answer. I can't tell you how safe your poker account is. With the information you've given, all I can say is that your account is probably safer with a PIN than it is without one.
funkyworms is offline   Reply With Quote
Old 10-10-2010, 04:32 PM   #191
funkyworms
Pooh-Bah
 
funkyworms's Avatar
 
Join Date: Jun 2004
Posts: 4,250
Re: Computer Security for Poker Players (videos)

Quote:
Originally Posted by Komet View Post
Hello, have you got any advices for a good and secure e-mail box?even if they are not free.
I have heard about Hushmail and would like to know your point of view about it...
This depends on what you mean by secure. For almost all users Hushmail offers no practical advantage over Gmail.

If you'd like to step up from Gmail, I recommend setting up a Google Apps account with your own domain. This prevents someone from using the Gmail password recovery tool. Google Apps Standard is free but you'll need to pay $10/year for your own domain name.
funkyworms is offline   Reply With Quote
Old 10-11-2010, 12:54 AM   #192
Ron Burgundy
banned
 
Ron Burgundy's Avatar
 
Join Date: Aug 2005
Location: sitter/unbuttoner = civilized
Posts: 15,286
Re: Computer Security for Poker Players (videos)

about the gmail password recovery thing: how easy is it to hack a gmail account that way? I see on the form that it asks for the date the account was created and the "last password you can remember."

How lenient are they in terms of acceptable answers? Like does the date have to be exact, or within a week/month?

I never submit a secondary email when I create a new email account, does that make any difference in terms of security?
Ron Burgundy is offline   Reply With Quote
Old 10-14-2010, 03:00 PM   #193
funkyworms
Pooh-Bah
 
funkyworms's Avatar
 
Join Date: Jun 2004
Posts: 4,250
Re: Computer Security for Poker Players (videos)

Quote:
Originally Posted by Ron Burgundy View Post
about the gmail password recovery thing: how easy is it to hack a gmail account that way? I see on the form that it asks for the date the account was created and the "last password you can remember."

How lenient are they in terms of acceptable answers? Like does the date have to be exact, or within a week/month?
I'm not sure. I haven't tested this extensively. All I can say is there is likely a non-zero chance that your account could be compromised through this.

Quote:
I never submit a secondary email when I create a new email account, does that make any difference in terms of security?
Never submitting a secondary email address is fine. If you do have a secondary email account then you need to keep that account as secure as your primary.

Last edited by funkyworms; 10-14-2010 at 03:07 PM.
funkyworms is offline   Reply With Quote
Old 10-15-2010, 06:30 PM   #194
nytimcar
stranger
 
Join Date: Sep 2005
Posts: 4
Re: Computer Security for Poker Players (videos)

I already have a gmail account. Should I set up another email address? If so what would you recommend? TKS nytim
nytimcar is offline   Reply With Quote
Old 10-15-2010, 07:23 PM   #195
funkyworms
Pooh-Bah
 
funkyworms's Avatar
 
Join Date: Jun 2004
Posts: 4,250
Re: Computer Security for Poker Players (videos)

Quote:
Originally Posted by nytimcar View Post
I already have a gmail account. Should I set up another email address? If so what would you recommend? TKS nytim
I recommend setting up a poker-only email account. Gmail is the best of the free providers.
funkyworms is offline   Reply With Quote
Old 10-23-2010, 04:13 PM   #196
System
banned
 
System's Avatar
 
Join Date: Oct 2010
Location: Thinking how to think.
Posts: 609
Heart How to be secure?

Basics

There is no single action you can take to achieve absolute security (the only safe computer is one that is turned off, disconnected from the Internet, and in a locked vault) and security concerns and "ease of use" are sometimes competing concerns.


~Enforce strong passwords
~In general, do not write your passwords down, and if you must, keep them in a secure place (Do not put them on a sticky note attached to your monitor for example).
~Keep your system up to date. Updates, particularly security updates, bring you the newest and latest fixes.

# Deny all cookies and add trusted sites, allowing only for session.
# Install NoScript. Again block all and add trusted sites to a white list.
# Install Safe History
# Block Ads

Programs that I suggest:

Internet browser
- Firefox
Media player
-VLC Player
Office
-OpenOffice
Crap cleaner, registry fixer, program uninstaller,...
-CCleaner
Instant messaging
-Pidgin
Zip-Rar
7-Zip
Password generator
KeePass
Mail
-Thunderbird

Make sure you have strong E-Mail password. Because if they can get access to your E-Mail then they can get into your poker account too.

Also make sure that you use Windows 7, because if you're still using XP (10 years old OS) that's a NO GO if you want maxximum security.

DNS

How to change your DNS adress?
Go to Control Panel>Network Connections and select your local network.
Click Properties, then select Internet Protocol (TCP/IP).
Click Properties.
Select "Use the following DNS server addresses" and enter:
208.67.222.222
208.67.220.220
(this is the OpenDNS adress with tons of options, also usually faster).

Use trusted sources. When downloading software, get it from a trusted source (softpedia, download, snapfiles, tucows, fileplanet, betanews, sourceforge).

DO NOT install firewall, because in the most cases is just there to eat your resources, money and your nerves. Windows built in firewall is enough.

Antivirus program is not the most important thing, but you should use it when finances are in the game Microsoft Security Essentials.

Don't download and or install cracked software, because it usually contains bad-code!

~ Even if you're not using Internet Explorer, you have to keep it up to date, because of security holes.

Cryptography

-TrueCrypt is a software application used for on-the-fly encryption (OTFE). It is distributed without cost and the source code is available. It can create a virtual encrypted disk within a file or encrypt a partition or (under MS Windows) the entire storage device (pre-boot authentication).

Enable PIN code on your poker account, also order yourself a Security Key.

Safe web browsing habits are huge can protect you from most of the potential threats.
System is offline   Reply With Quote
Old 10-24-2010, 10:48 AM   #197
wellju
BSOD and racetrack Ninja
 
wellju's Avatar
 
Join Date: Feb 2010
Location: ALL OF THEM
Posts: 5,247
Re: How to be secure?

Awesome post, vote for sticky or sticky merge or something. Really sums everything up.

There's just one additional thing which is worth the hassle imo, creating an windows user account without admin rights.
That basically prevents you from 99% of all malware and is basically the one reason why many people believe other OS than windows are so secure.

We had a discussion about that and UAC in this thread and some very simple instructions how to do it as non pc savvy user:

Quote:
Create another admin account, then switch the level on the current account to standard user. All settings seem to stay then.
It's 2 minutes of work and improves your computer security tremendously.
wellju is offline   Reply With Quote
Old 11-10-2010, 11:16 PM   #198
Syndr0m
Carpal \'Tunnel
 
Syndr0m's Avatar
 
Join Date: Aug 2008
Location: China
Posts: 6,708
I just did everything from the vids apart from the Untangle thing.

How does the fact that my desktop has another user (my brother, NOT admin acc) affect my poker account security? Is it dangerous if he is not as cautious as myself?

Btw thanks funkyworms. This topic is pure gold. It scares me that I've been around this long without realizing how vulnerable I was!

Edit: and is there a way to thoroughly check your system for malware? I'm thinking antivir scan, adware scan (are people still using this? Havent used it in years) and/or hijackthis

Last edited by Syndr0m; 11-10-2010 at 11:37 PM.
Syndr0m is offline   Reply With Quote
Old 11-10-2010, 11:43 PM   #199
Syndr0m
Carpal \'Tunnel
 
Syndr0m's Avatar
 
Join Date: Aug 2008
Location: China
Posts: 6,708
Quote:
Originally Posted by funkyworms View Post
Using a Firefox master password is not meant protect you if your computer has been infected by malware. If someone has gained remote access to your computer by means of malware or some other remote exploit your passwords should be considered 100% compromised. In such a scenario nothing you do can protect your passwords.
Do you mean "your passwords stored in FireFox", or really ALL of your passwords? Are, for example, the ones in KeePass in danger too then?
Syndr0m is offline   Reply With Quote
Old 11-11-2010, 08:52 AM   #200
Syndr0m
Carpal \'Tunnel
 
Syndr0m's Avatar
 
Join Date: Aug 2008
Location: China
Posts: 6,708
Re: Computer Security for Poker Players (videos)

Quote:
Originally Posted by Syndr0m View Post
Do you mean "your passwords stored in FireFox", or really ALL of your passwords? Are, for example, the ones in KeePass in danger too then?
Just read the whole topic and I understand now that there is nothing you can do to protect your passwords, even from KeePass, once a keylogger gets on to your PC, so nevermind this last question

What are your thoughts on Sandboxie?
Any idea what the best way to set it up is?
It seems like it's only securing my internet browser (FF) by standard...

And is downloading from paid newsgroups (giganews) as dangerous as downloading from torrents?
Syndr0m is offline   Reply With Quote

Reply
      

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Forum Jump


All times are GMT -4. The time now is 02:55 AM.


Powered by vBulletin®
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
Copyright © 2008-2010, Two Plus Two Interactive
 
 
Poker Players - Streaming Live Online