Crypto Security Primer: Using Canaries

This article is taken from Issue #5 of 21 Cryptos Magazine

This article is the first in a series of at least five articles that address different risks that crypto traders and HODLERs are typically exposed to in different forms. Most security articles focus on what you absolutely SHOULDN’T do and are often accompanied with complex procedures to implement and keep up.

Being a security guy for more than a decade, I’d like to break up the mindset that good security must be complex. After reading these, you will hopefully be inspired and motivated to implement some measures to raise the bar for your overall personal security. Don’t be afraid, I will be your friendly guide throughout this journey.

About Canaries

In software development, a Canary is referred to as an early test version of software, alluding to the method used in coal mines to detect the presence of carbon monoxide. The bird’s rapid breathing made it an ideal early warning system to warn the miners if they were in danger of being intoxicated. Don’t be afraid, no single Canary is going to be harmed with this measure to enhance your security! Computer security persons are utilizing that concept in different forms. Canary Tokens are one of them and I will show you how to use them to your advantage with no expensive hardware or complex scripts involved.

Why an Early Warning System?

If you are a little like me, you assume perfect security is not possible and—at some point—a compromise is inevitable. New and severe vulnerabilities in Firewalls and Operating Systems are discovered all the time, so it’s a matter of being prepared for WHEN and not IF you are hacked. It’s bad if your last line of defense is falling; it’s worse if you don’t realize it only after all your crypto has been transferred out. Canary-Tokens are a free, quick and painless way to help you discover that you have been breached—by having attackers announce themselves.

Deploy Your First Virtual Canary

As usual, there are multiple ways to do it. Some are more complex and involve rolling your own Linux or Windows system. For this article, we’ll focus on things you can do now and without spending an evening on the installation. All you need is a web browser and about 10 minutes of time. For our first test, let’s assume you have a backup folder on some of your PCs where you store encrypted backup copies for crypto wallets. This is a good place for a Canary; you definitely want to get notified when someone has accessed these files. In case you don’t have backups of your wallets, drop this article and do that NOW! First things first: head over to Canary Tokens now. The site looks like a simple web form with some basic instructions how to use it. A Dropdown Menu allows you to select from various predefined Canary formats.

Please select the option “Microsoft Word Document”. Next, insert an email address to get notified and a helpful message to remind you what Canary is responsible when it has been triggered. In my example I used the text, “Tezos Keyfile Canary compromised!” Verify your email address and message, then press the “Create my Canary Token” button to generate it. Now click the “Download your MS Word file” to download it. Since we are testing right now, head over to the location of your downloaded Canary document and open it. You will see an empty and boring document: nothing more and nothing less. But wait, let’s head over to our configured email account and see if our Canary Token has triggered properly! You should see an email popping up within one minute after opening the document. The message you will find in your inbox should roughly look like what is pictured here. This would already be pretty great, but there’s even more information logged and accessible when you click the “More info on this token here” link.

You have just established the baseline for a very efficient early warning system and spent only about 10 minutes to do it.

Distribute Canary-Tokens Over Sensitive Places

Of course, generating a Canary-Token is only the first step. So, what’s next? You should distribute those tokens all over the sensitive places in your network. Here are a couple of ideas to get you started:

  • Drop the file on a Windows network share (PDF, Word, FolderCanary)
  • Attach a Canary to an email with a tempting Subject line (PDF, Word Canary)
  • Unzip the file on a juicily named Windows network share (PDF, Word, Folder Canary)
  • Left in a secure location with your paper wallet backups (QR Code Canary)
  • Underneath your phone battery when crossing international borders (QR Code Canary)

These are only some possible options. I am sure you can find a lot more that will fit your environment perfectly. The only limit is your imagination and the result will be that some sad hackers go to sleep instead of draining your crypto wallets! I hope you had as much fun reading this article as I had writing it. Stay tuned for the next part in this series. Cheers, @marsmensch.

To read more articles on crypto security subscribe to 21 Cryptos Magazine below. You can also see our other articles here.