Bitcoin, Etherium, Monero, and Alt Coins for Beginners, Part 2

This is a follow-up to a post I made on November 29th, Bitcoin and Cryptocurrency Investing for Beginners. I’m still learning as I go, and I want to share what I’m learning. Before we get started, I want to point out the Disclaimers section below. Please read that. Also, please note that much of what I reference (and more) is in a links section at the bottom of this post.

How to Buy Bitcoin (and others)
In my previous post (linked above), I went over the basics and won’t be repeating it here, so if you need a refresher, please check out that post. Here, I want to supplement that with some of what I’ve been realizing over the last month or so.

Most notable is that an exchange like CoinBase is really expensive to send small amounts of coin from. Last night, I wanted to send $45 of Bitcoin to another exchange in order to purchase a small amount of alt coin and the fee was going to be $17. If you’re going to buy Bitcoin to hold, try to move it all in one transaction or at least larger transactions. For example, if I’m moving $1,700 of BTC to cold storage, $17 is only 1% for the fee and I can deal with that. On the other hand, $17 out of $45 is over 33% and unacceptable. I decided to pass on that transaction. For smaller transactions, it makes more sense to move some investment amount of BTC to an exchange with smaller fees or use a different coin with lower fees for investments. If you’re already working with cheaper options, please comment below.

Mining for Crypto
As above, my previous post (linked above) covered the basics of mining and I remain firm on most of that, but have a little to add.

A couple people have recently told me that they’re stopping mining the small alt coin they had been mining at home due to the electricity costs. In some cases, I agree with the thinking. Other times, I think about how I was mining Bitcoin when it was less than a dollar per coin and quit for the same reason. To that end, I would advise you to not waste time mining anything you don’t believe in. It may be tempting to mine something that easily yields 100 coin a day from your home computer, but if you never recuperate the money spent on electricity and the value of your time, it’s a loss. Mining something more established like Monero is good, but you may end up in the same boat. I would look at new coins and what they offer in the same way you should when buying alt coins (see below) and get in early on one of those if you’re going to home-mine at all.

As for cloud mining, I’m still very much on board with this, but with one additional warning. In addition to the usual diligence you should to about any site you give your money (or Bitcoin) to, with cloud mining you need to also consider profitability. You need to consider this when you first start and whenever any ROI-related factors change. While mining at Hashflare, I regularly compare the price I’m paying (which increased a LOT since my last post on the topic), the Bitcoin difficulty (which changes every couple weeks or so), and the BitCoin price. Using a mining calculator, you can see if you should expect a return based on known factors and how quickly you might get your initial investment back. Don’t forget to also calculate in the operations fees. Hashflare charges $0.0035 per every 10 GH/s of SHA-256 mining

And speaking of cloud mining… I have been using Hashflare since November 29th, so about 5 weeks. I started with 2.5 TH/s (Terahash per second) and have since bought more with my own money, but I’m also rolling any BTC I get from mining back into more contracts, compounding my returns. Of course, this means that I don’t have any ROI at all until I stop rolling in profits, but when I do, the returns will be exponentially greater. Below are screen grabs showing my current mining on this account and my last handful of contracts to give you an idea of how much you can roll back in at this level. If I started cashing out now, I’d have an estimated $17,000 after a year (at today’s Bitcoin price). If I compound for a year or two first, the return is in the 6-7 figure range. In the first image below, the little mountain around Dec 31st is me holding the Bitcoin in my account for a couple days instead of re-investing it because it was in a big dip.


(click the image above to enlarge it)


(click the image above to enlarge it)

Please bear in mind that I have a little over $2,200 of my own money (alt coin profits, really) into this account. Rolling profits back in is definitely helping it grow, but it wouldn’t be this big just from my initial 2.5 TH/s buy. 18.9 TH/s was purchased between November 29 and December 5th. Since then, the rest of the growth has just been compounding returns. To give you an idea of a more realistic beginner scenario, I created an experimental account on December 20th with 2 rules. First, I will only invest $150 or less of my own money to get it started. Second, I will roll in all profits automatically to grow the account until I feel it’s worth cashing out. The initial purchase was 0.66 TH/s for $145.20. Today, it has rolled in nine additional contracts of 0.01 TH/s each for a total of 0.75 TH and I expect it to reach the point of being able to buy a new contract every day within the next 2-3 weeks. Obviously, it will take a long time for that to roll into a substantial amount, but it’s a small amount to test the waters. I preferred to dive in and grow it faster on my primary account. I’ve also had a friend tell me she started with a simple 0.01 TH purchase for a couple bucks.

Hashflare is established, but there’s no absolute guarantee that they’ll be around forever or that the Bitcoin difficulty or price won’t turn against your ROI. I obviously have a high amount of confidence in it. That said, there are other cloud mining operations you can consider, but that I have not personally used, including Genesis, Sun, Nuvoo, etc. It’s also worth noting that you pay for mining power in contracts and not all companies are the same. For example, at the time of this writing, Hashflare’s contracts are for one year while Sun and Genesis contracts are for three years.

What is an ICO? What’s an “alt coin”
The coins that got us all started were Bitcoin, Etherium, and Litecoin. You’ll hear a lot about all three because they’ve been around for a long time. Everything other than Bitcoin – arguably, Etherium and Litecoin call into this list – is considered by most to be an “alt coin” or “alternative coin”. There are many in the space that consider most alt coins to be trash, and I largely subscribe to this thinking, but with two caveats. First, there are some alt coins worthy of looking at and investing in based solely on their usefulness, especially if you come across them early. Second, there are some coins that may have no real value, but can still generate profit for you (more on that in a bit). Everything else, yeah… pretty worthless, which brings me to ICOs. ICO stands for Initial Coin Offering. Much like the stock market’s IPOs, an ICO raises money for it’s company and instead of stock shares, you get coins. The problem with ICOs is that most of them dive in value after you’ve spent your money and you either panic sell at a huge loss or you’re left holding a bunch of mostly worthless coins, waiting for a comeback. There may be ICOs worth investing in, but I’ve yet to participate in any.

As for alt coin buying outside of ICOs, I have bought and sold enough to recommend it. It’s just as risky as everything else, but maybe a little more exciting. In many cases I would trade $20-$100 of Bitcoin for a bunch of alt coins and then sell them a week later for 100% profit. There are a few that dropped and I got rid of them when they leveled back out, but I haven’t lost any money there (lucky, perhaps). Of course, there are cases like Stellar Lumens where I bought 10,000 at 2 cents, sold at 3 cents and then watch a month or two later in horror as it went to 86 cents. But you can’t buy on emotion or hold on fear of missing the big payoff. Just learn about the coin, carefully distinguish rumors from news, and act accordingly. I’m holding a substantial amount of alt coins and will probably just keep the rest until the value makes impossible to resist selling. Check out the CoinMarketCap site linked below for some lists and resources.

Securing Your Crypto
This should go without saying because it applies to anything you need to log into online, but don’t get lazy with your security. Use secure passwords and use a different password for each site. Although I’ve seen some in the cryptocurrency space say not to, I think a password manager is a great way to help keep it all organized. The argument against it is that if someone gets into your password manager, they have access to all your accounts. First, that’s only true of accounts that don’t have 2FA set up (more on that below) and second, if you choose one very good pass phrase for your password manager, you can mitigate some of the risk of someone getting into your account. Personally, I think this approach is less risky than using the same password everywhere, using weak passwords that are easy to remember (and easy to crack) or writing all your passwords down on paper.

Now, let’s talk about 2FA which means Two Factor Authentication. When you enable 2FA on a site, you have to provide the login and password and also provide another form of authentication which is generated and sent to you at the time of logging in. Duo and Google Authenticator are two apps that are widely used for this secondary verification. For either of those, you would log into the website and then it would generate a six digit code and send it to you through the Duo or Google Authenticator app. Then you have 60 seconds to enter the code. Less secure methods of 2FA include sending codes to you via email or text message. These are less secure because email is often hacked and cell phone providers can be tricked into porting your phone number to a hacker’s device. There’s ways to protect against those things, but that’s for another post. If you sign up for an account somewhere and the compromise of that account could be devastating, turn on 2FA.

Of course, a common suggestion among those in this industry is to never leave your currencies in an exchange and if you’re holding long term, put them in cold storage. If you’re planning on buying Bitcoin and using it to actually pay for things (mining services, goods, alt coins, etc), it’s a good idea to move it away from the exchange and into a software wallet. Blockchain.info seems to be a decent online wallet I’m just getting familiar with. Admittedly, I had been leaving everything in the exchange, but recently moved away from that strategy. Coinbase does have a “vault” option that makes it a little more secure, but exchanges get hacked and when they lose your currency, it’s gone. BuyBitcoinsWorldWide (linked under Resources below) has a decent guide to cryptocurrency wallets and how they work. This includes cold storage, which is a means of keeping your cryptocurrency completely offline. In this way, you take away the ability for a thief to hack in and steal what you’re holding. This is something I’ve also just invested in and it strongly advised if you have a notable amount of crypto you plan to hold for a while. Below, you’ll find links to Trezor, KeepKey, and Ledger Nano S hardware cold storage wallets. If you’re looking for something free, you can try the link to create a paper offline wallet.

Links
This is by no means an exhaustive or all-inclusive list, but should be treated as a starting point and, in some cases, just examples of the options available.

Mining:
Hashflare (affiliate)
The Bit Gold Mine (affiliate)
NiceHash
MoneroHash
Genesis Mining (affiliate – use code MTQemq)
Sun Mining (affiliate)
Hashing 24
Nuvoo

Research and Information
CoinMarketCap
GDAX
Bitcoinity difficulty charts
BitcoinWisdom Bitcoin Difficulty graphs (may be outdated)
CoinWarz mining calculator
BTC.com profitability calculator
CryptoCompare profitability calculator
BuyBitcoinsWorldWide intro to wallets

Exchanges:
CoinBase (affiliate)
A nice list of a bunch of exchanges

Wallets and Cold Storage:
Blockchain.info online wallet
KeepKey
Trezor
Ledger Nano S
Create a paper Bitcoin wallet

Disclaimers
I’m not an accountant, financial advisor, crypto expert, finance guru, or college graduate. The stuff I talk about above is from my own limited experience and research. You’re urged to always do your research and educate yourself. If a site I use has an affiliate link, I use it. Not doing so is just throwing away money, but I do only link out to sites I would even if they didn’t have an affiliate program and I give my honest opinions about them either way. This links will be noted with (affiliate) after them for transparency. Finally, while you can make a lot of money in the cryptocurrency space, you can also lose a lot. Approach this new world with an open mind, but also with an ounce of caution and skepticism.

Bitcoin and Cryptocurrency Investing for Beginners

If you haven’t heard of Bitcoin (BTC) by now, you’re one of the rare few. In 2017, its rise in value from just under $1,000 to over $11,000 so far has everybody talking about it. It also has a lot of people asking me questions about how to invest and where, so here’s what I’m doing with Bitcoin and cryptocurrency investing in general. Before I get started, though, this post isn’t about what Bitcoin is, its history, what it means to mine a cryptocurrency, or any of the technical details. This is more for people who see the investment potential and want to dive in.

Bitcoin

My Rules For Investing
The first thing I tell people who ask me about buying Bitcoin is that it’s an extremely volatile, high risk/high reward gamble. In fact, the level of volatility is what makes it so enticing and exciting to me, but it’s also what limits how much I’ve invested so far. Do not put anything in that you can’t afford to lose. This is my number one rule for crypto, Reg A funding, and anything else with this level of risk.

Next, keep emotions in check. Many people I know, myself included, feel a lot of regret about ignoring Bitcoin or spending all our coins when they were $1 each. Leave the past in the past and look forward. It’s also too easy to see people currently making money hand over fist and feel the need to throw your 401k at this shiny new thing with the hopes of retiring as a millionaire in a few years. The fact is that you can get incredible returns, but nothing is a guarantee. Be thoughtful in your choices and know and respect the risks.

How To Buy Bitcoin and Other Cryptocurrencies
One of the most frequent questions I’m asked when I talk about Bitcoin is how to buy it. My exchange of choice so far is Coinbase because it’s stable, sticks to the basics, and has a good grip on security. (Disclaimer: My link to Coinbase earns us both $10 if you sign up and buy $100 or more). Many other popular exchanges are listed here. Not every exchange will have every coin listed. For this reason, I have assets in several exchanges. If you plan to diversify into several alt-coins as well as your Bitcoin, you’ll want to buy Bitcoin and then send some of it from your main exchange wallet to an alternate exchange where you can trade it for the alt-coin of your choosing.

I’m no expert, but I have a loose strategy for my buying. I’m holding Bitcoin, Etherium, and about 15 different alt-coins. I won’t go into how much I have invested, but for the alt-coins, I try to buy 100 or more of each. Some I have 100 of that cost me around $100 and it goes all the way up to one I have 1,000,000 of. Most of them will price out of my radar, turning $100 into just pennies or will vanish entirely. Others have already returned 200% to 500%. I plan to hold most of what I buy for years. Whatever you buy, CoinMarketCap is a great place to get a glimpse of just about every coin and do a little research.

How To Mine Bitcoin
When Bitcoin was the only kid on the block several years ago, you could download a program known as a miner and put it to work, earning several hundred Bitcoin a day. These days, the mining complexity for Bitcoin makes mining on a home computer a fruitless effort, but there are still many ways to mine for digital gold.

The easiest (and cheapest) way to get your feet wet with mining is by mining on your existing computer. While you can’t (effectively) mine Bitcoin directly with your home machine, you can mine one of the many alt-coins or just grab the NiceHash Miner. Nice hash will mine something else (like Monero) and convert the mined asset to BTC for you. I run it on my home desktop and it trickles in tiny fractions of BTC daily. It can be hard to watch it earn so slowly, but if you leave your computer on like I do, you might as well let it work for you. If you want to mine an alt-coin directly, that will require a little work and is more involved than I’m prepared to go into in this post.

With some capital investment, you could opt for your own mining rig. Depending on how fast you want to mine, you can spend as little as a couple hundred dollars or upwards of thousands. The more you spend, the faster you can mine. As an example, you could spend around $3,500 on an AntMiner S9 which gives you about 14TH/s (TeraHash per second) and at today’s calculations you should be able to mine around 0.00261 BTC ($27.08 USD) per day. Of course, mining at home consumes electricity that you’ll need to factor in and if you want to maximize your profits, you’ll need to be aware of all the settings and tweak them as you go. Eventually, too, the hardware may be outweighed by the growing mining difficulty and become obsolete. It still can be quite profitable and is generally passive income as a little machine just makes money for you all day.

Although I trickle-mine on my home PC and I like the idea of having an AntMiner humming away in my basement, I recently started cloud mining with HashFlare at 2.5TH/s. This way, I can still get the benefits of computing power that is designed for mining Bitcoin while starting out a little slower. I’ve seen a lot of people earning this way, so I suspect I’ll end up re-investing until I’m bringing in a lot of profit from this one source. If I end up not liking my results, I just won’t buy more hashing power. In short, you pay a set amount of BTC once for a pre-defined amount of hashing power for a 1 year contract. Throughout the contract, you get paid back whatever was mined which you can then reinvest or cash out if you’d like. Another well-established cloud mining site is Genesis (get 3% bonus hash power if us use my code: MTQemq).

No More Waiting
No matter which of the options above seems to make the most sense, stop waiting around to get into cryptocurrencies. I believe Bitcoin has another 1,000% plus yet to climb and it’s bringing a lot of alt-coins up with it. Many of us look back today at 2010 and wish we’d paid more attention. I won’t be looking back at 2018 the same way and neither should you.

That legal disclaimer thing
I’m not an accountant, financial advisor, crypto expert, finance guru, or college graduate. The stuff I talk about above is from my own limited experience and research. You’re urged to always do your research and educate yourself.

I Have Your Deleted Files and Photos and Passwords – Memory Card Edition

“You’re going to delete that, right?”

If you’ve ever said that after someone who took a video or photo of you that you’d prefer didn’t leave that camera, you probably felt comfort in watching them delete it in front of you. But what if it wasn’t really gone?

I’ve often felt a little paranoid when I’ve decided to keep a broken phone or buy a used hard drive ro replace one in a laptop I’m selling. I have long held a strict policy of not letting anything that stores files leave my possession when I’m done with it for fear that someone could recover files that could lead to anything from mild embarrassment to identity theft. I may be paranoid, but with good reason.

I bought some SD cards

This week, I bought two auctioned lots of formatted memory cards, but what I found may surprise you. Keep in mind that these were specifically listed as “formatted”, meaning that someone went trough the effort of trying to wipe all the data to protect the privacy of the previous owners, but failed to do it in a secure way. More on that in a minute. First, here’s a breakdown of what I bought:

  • 3 Sony Memory Sticks (about 4.5 GB)
  • 8 SD cards (about 17 GB)
  • 7 MicroSD cards (about 50 GB)

In total, I went through about 70 GB of recovered files in a day.

Thousands of private files uncovered

The goal of this experiment was to figure out what types of files I could uncover from all of these cards, but more specifically, I wanted to know if it was possible to get enough off a card to compromise someone’s online account or steal their identity. After all, hackers don’t care much about that photo of you in your underwear. They want something that can generate a profit. In all, I recovered over 15,000 files. Most of the files were photos with video and audio files making up a large portion of the remainder. In the minority were PDFs, XML, DOC, and system files. Of all these, here’s essentially what was uncovered.

  • thousands of photos
  • hundreds of videos
  • medical documents
  • personal information
  • plenty of selfies
  • strange screenshots
  • lots of pet photos!
  • photos of documents, lists, and notes

I started with the PDFs and XML, but came up empty-handed with a couple menus, some instructions, and a couple software configuration files. Next, I skimmed the photos for anything that included a computer screen in the background, hand-written notes, or printed materials. Mostly, I found myself sifting through tons of blurry photos and pictures of pets, family events, and what looks like items people were photographing to sell, but I did land on a few interesting items.

On one SD card, I found photos of medical records for a guy I’ll call “Phil” (I changed the name). Those photos included personal medical details and his home address. On the same card were plenty of photos of him and a girl who I imagined must be his girlfriend alongside screenshots from dating applications like Zoosk. There was enough on the card for me to find him on Facebook in under a minute and confirm that they’re still together. It’s creepy how much you can learn about a person with only an old formatted SD card as a starting point.

On another card, a younger gentleman captured a snapshot of the email on his computer that contained his username, password, and the URL to log into a specific site.

Login Details

A third card included hundreds of photos that mostly just showed a college girl and her friends, her dog and the usual cellphone photo subjects. Looking closely at computer screens and other details in the photos, however, it wasn’t hard to determine her full name, dorm room number classes studied, place of employment, and more.

Less interesting were reminders, shopping lists, a school paper, and one recipe that looked worth trying.

How I recovered deleted files with an undelete program

To understand how files are recovered, it helps to first know a little bit about how they’re stored and deleted. When a file is stored, it’s data is stored in one area of your drive and a file pointer points to the first block of that data. When you click a file to open it, your computer simply references that first block and loads that file. When a file is “deleted”, your computer is really just removing the pointer to that file’s data and marking that space as free, but the data remains in tact. A standard “format” operation on a drive or card just removes all the file pointers, making all the space available for writing.

So-called “undelete” programs take advantage of this by scanning the storage space for any blocks of data that do not have file pointers. Such a program will then collect that data to it’s final block, give it a new file name, and store it in your recovery location, which should always be another storage device. Any parts of the data that were overwritten will be lost, so if you have something to recover, the best idea is to disconnect that drive and use recovery software on another computer to save your lost data.

The program I’ve had for years and which I used for this project is called LSoft Active@ Undelete Professional which currently costs about $45, but the standard version is only 20 bucks. There are other programs out there, but I can’t speak to their usefulness.

How to protect your files

If you’re like me, you’ll just never let that storage media out of your possession, but most people would prefer to sell or donate old hardware or drives that still work. So how to you keep your data safe from prying eyes? The key is to overwrite the data. When you overwrite the data, it makes it much harder for someone to recover it if at all. Your success at eliminating data may depend on the method you use. For example, simply deleting files or formatting the drive will leave your data wide open to anyone who knows how to get it back, but overwriting your data with something less private will make it much harder and using the Department of Defense 5220.22-M method (described more plainly here) will make data recovery virtually impossible.

I learned some things along the way

When I decided to conduct this experiment, I had a fairly narrow goal to see if I could find what a hacker would consider a successful haul of personalized information. Admittedly, I chose memory cards to keep the project cheap, allowing me to get storage media from many people affordably. I had not considered the types of information different devices might yield.

In my case, I procured a mix of SD, MicroSD, and Sony Memory Stick cards. Sony’s cards were popular for gaming and photography. SD Cards are often found in cameras and MicroSD cards have a variety of uses, including cell phone storage, small cameras, web/security cameras, etc. With this in mind, it’s not too surprising that the bulk of recovered files were photos.

This lends itself to the idea that a hacker could narrow his or her search by carefully selecting the storage device to sift through. If high-resolution photos were the goal then purchasing used cards that are specifically designed for high-speed storage would be ideal. In fact, the faster the write time, the more likely that card was purchased by its previous owner for video applications. If, on the other hand, a hacker wanted to get his or her hands on financial documents, spreadsheets or browser cookies and cache, desktop and laptop drives would be ideal. A hacker could even go so far as to target drives known to have been used widely in consumer computers to increase the probability of loosely-secured personal data, or server hard drives in search of corporate bounty.

What’s next

Currently, I’m shopping hard drive auctions and will be looking at other items that store information in internal memory for my next experiment. I’ll post on that soon, but in the meantime, be sure to truly wipe any storage media before sending it back out into the world.