Take Your Computer Security Seriously! YOU Are At Risk!

[Vitom]

runescape and flash games

Nice.
Runescape taught me how to buy and sell for profit at a young age.

 

[GuestUser450]

You on a MAC or PC?

I use both. PC desktop, Mac laptop that will probably be replaced with a surface something, if not a chromebook.

Big Apple user, love the hardware but their bugs and mistakes don't build confidence. Weird to say but windows seems more secure right now, they're doing a lot of things right.

 

Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

[The-J]

That's quite unfortunate.

But I can already tell you did not treat your computer well. You had tons of random software, most of which, you probably got tricked into downloading, and then you never took the effort to clean your computer. I can slightly empathize, as most decent malware will resist being deleted. But every instance in my life where I was sure I had some illicit software installed on my computer, I went to the ends of the Earth to remove it. Regardless of the initial difficulties designed to prevent such actions. I must have been 12 when I learned about booting into Safe Mode in order to Add/Remove Programs. On Mac, you need to identify which applications are malicious and then

Of course, hindsight is 20/20, and I'm sure you beat yourself up more than anyone else would. 1200, all in all, is a pretty inexpensive lesson. Treat your computer like a third arm. There should be no blotches. You should recognize a malign tumour instantly.

I've fixed countless computers. I've removed tons of viruses. I did this shit for money back in high school, and I still got caught unaware.

Many zero-day threats remain undetected for some time. You are not immune. No one is.

I actually did not have tons of random software. I don't install much software. I don't do a lot of Internet piracy (not like I used to). I don't have a single cracked program on my computer, not a single keygen, nothing of the sort.

I don't play very many online games. The only programs I use on a regular basis are Skype, Office programs, Chrome, and Slack.

There's not a single Task Manager process currently running that I do not recognize.

I'll likely end up doing a clean install on this computer.

I really don't know what you're trying to prove with your post?

 

[The-J]

The second (I won't tell all the steps and all the details due to harm it can cause) one involved quite a decent personal research, social engineering a 3d person, hacking his *won't mention software name* account and just completely clearing me out.

Sounds like you were targeted.

Social engineering is how several famous Youtubers (who earn 5-6 figures monthly) got hacked.

Nothing will stop a particularly motivated hacker unless you have the protection of a sovereign government. And even then, it's not enough!

Several people here, some of which have a LOT to lose... have given out enough personal information in order for someone to carry out successful social engineering.

And once your business gets to a size where a hack could effect others... you need to get insurance.

I know that I'm sounding like a paranoid Penny here, but the truth is that many, MANY people have lost many times more than I have. You NEED to protect yourself.

Prevention is the best medicine: those are your habits. If you are careful enough, you are extremely unlikely to be a victim. How do you browse? What do you download? What websites do you use? Is your phone number available for all to know? Are your passwords strong and unique for every single service you use? Do you often use unsecured networks to log on while travelling, without using a VPN?

Protection is your next best thing. Anti-virus, firewalls, VPNs, 2-factor authentication, encrypted traffic, key scramblers, security notifications, and more.

All in all, keep a low profile. Treat the Internet like the ghetto. Don't look rich, don't incite fights, and don't do illegal shit. If no one knows who you are, you won't be specifically targeted. In my case, I got had because I had trusted a file that I should not have.

Try not to worry about it too much, though.

 

Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

[jmusic]

So really it all comes down to trust.

A common moniker for security-minded folk is "trust no one."

If that statement is taken to its logical conclusion, I'd wind up in a cabin in the woods, growing all of my own food inside a hermetically sealed greenhouse. So really that means to me that we need to make informed decisions with the realization that nothing is perfect.

I remember watching "The Amazing Spider Man," and when Peter Parker first sneaks into the lab he watches the doctor login to a crazy security panel, then duplicates the same code. This is a clear example of why 2FA is effective.

2FA = something you HAVE + something you KNOW.

Where it breaks down is in the enforcement side. What does the bank or service do when someone (possibly even YOU) calls claiming they lost they? This is where the social engineering vulnerabilities come in to play.

 

Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

[-Brian-]

Nice thread, lots of good advice.

Assume that you will be hacked, or are probably hacked and don't know about it yet. If you are targeted, its only a matter of time. What high profile company/govt hasn't been hacked yet?

• Have good backups (I like crashplan.com)
• Keep things updated (can't stress this enough)
• Use 2FA (I prefer to use a non-text/sms based system, such as Authenticator Plus as it supports backups (phone hardware dies)
  • Make sure for each 2FA account, you print out the recovery codes and put them in a safe/somewhere safe, if your phone break or lose 2FA, you can still login to disable 2FA until you get another phone, etc.
• Freeze your 3 credit bureau if in the US, with so many hacked companies now, the higher risk is someone losing your private information, then you having your identity stolen. World’s Biggest Data Breaches & Hacks — Information is Beautiful
• Use encrypted devices (Apple is the leader here, iOS is designed to be crypto hardened at the chip/manufacturing level).

 

Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

[ApparentHorizon]

Few more:
- Your password length is more important than its complexity
- Your antivirus only fights off what it recognizes in its database. If a new virus comes along it can take months to years before it's recognized
- Win10 can collect personally identifiable information (Ultimate Windows Tweaker 4 helps restrict these shenanigans)

 

[G-Man]

Sort of, although a brute forcer can narrow a password down to words in the dictionary.

Length = strength, but there's more to strength than length. A password should make the job of a brute forcer as hard as possible. So if you, for some reason, need to memorize a password (maybe it's a master password), you could use a phrase of 4 or more words that are rarely used together and segment each with some additional characters, while also including some capital letters. This increases the character set that a brute forcer needs to use.

So correcthorsebatterystaple becomes Correct2!horse2#battery8%staple (2/28 being the birthday, month and day of someone you know, the other characters being random), bringing the total character count to 36 and more than doubling the amount of characters a brute forcer needs to try.

Even so, there's more to security than a password as passwords can be acquired through other means. Ideally, people shouldn't be able to access your accounts even if they know your password.

I'm basically technologically illiterate, so here's how I come up with strong passwords: Memorize a poem, or a chapter from a favorite book, or a long-a$$ quote from an admired historical figure, then use the first letter of each word in the password. To remember password, simply recite from memory, typing in first letter of each word. Bonus points for using numbers, punctuation, and upper case, or any quote not in the english language. (clue, remember the date the person said it)

Plus, there's something satisfying about using a quote from Ronald Reagan or Teddy Roosevelt to keep people out of your shit.

 

[bence03.02]

Cyber Security Professional here, my list for hardening your machine that I came up with on the spot:

1. Use a password manager. LastPass is fine, guard the file with your life Opensource cloud solutions like bitwarden are fine as well. Fully generated, different passwords everywhere, 19-25 characters long, it will auto-type, so you don't have to worry about it.
2. Use MFA (Multi Factor Authentication) where you have sensitive data and you can. Time based One Time Password (TOTP) is the best, it is usually under the "Google authenticator" option. SMS is not really secure TBH, but it's more than nothing.
3. Encrypt your hard drive. If your machine/laptop gets stolen at least nobody can access your data!
   1. Windows users: use Bitlocker, it is only available for Pro and better unfortunately...
   2. Linux: Encrypted LVM when installing
   3. Mac users: Check encryption when installing
4. Regular updateson software that often accesses risky environments, some to keep in mind:
   1. Browser. A browser exploit is no fun, basically you open a website and they are in your machine. UPDATE
   2. Operating system
   3. PDF/Image/Document viewer/editor software
   4. Media players
5. This is a hard one: only run trusted software. By trusted I mean it was downloaded from the official site and the site is "trusted", like Microsoft or other big company. I would never run an executable downloaded from freeportableprograms.com or something like that Torrents apply here.
6. Run an Anti Virus softwarefor Windows/Mac maybe on the phone.
   1. But do not trust a file just because it did not find it dangerous. AV evasion is not that hard if the attacker is not a script kiddie.
7. A good firewall that I can recommend is "Little snitch", it notifies for outgoing connections as well and you can deny/allow them. It is annoying at first though.
8. Keep backups of the files that you need.
   1. If you get a ransomware, you don't need to pay them to decrypt your files, yay
9. If you are suspecting of being infected, revoke all network access ASAP (phisically unplug the ethernet cable and turn off the WiFi), try to save your data without infecting the new machine and reinstall your operating system.
   1. You do not have to microwave the RAM though like in Mr. Robot
10. Cover your cameras, unplug external microphones.
11. Change your passwords every once in a while.
12. Also, reinstall your machine every once in a while (once a year is not that much).
13. If you are concerned about your USB drive's data, encrypt it:
    1. For linux users: LVM encrypted partition
    2. For windows Pro and above users: Bitlocker
    3. For anybody: Veracrypt (a free software)
    4. There are other solutions on the market with PIN locked encrypted devices.
14. Be aware of scammers and social engineers, scam mails are getting more and more sophisticated. (eg. phishing link in the attached PDF which is hosted under windows.net to steal your MS account, it's crazy)
15. Learn the difference between HTTP and HTTPS. If you use HTTP everything (passwords provided in the side included) can be seen by peers between you and the website. If you use WiFi, then everybody in the WiFi network can sniff your traffic and read it. If the WiFi is not password protected, they don't even need to be connedted and they can just sniff your traffic undetected.
16. Treat WiFi with WEP protection as WiFi with no password. WPA2 is fine.
17. Keep in mind, that a VPN does not mean that it's encrypted. Most of the time it is. But it is only encrypted between you and the VPN server, it is for sure not any more encrypted between the VPN server and the web server than default.
18. Try to use the same third party payment system when using your card for payment (e.g. PayPal), Try not providing your card details to any random website, use the third party option when possible.
19. If the site is really sketchy, use a virtual disposable card. Revolut has a free solution called "disposable card" which can be used only once, then it gets destroyed and another one will be generated for you.
20. Your card should be disabled by default and be enabled when used (balance this to be convenient, I do not disable my phisical card, but I do disable the virtual cards that I use on the internet)
21. Turn off contact-less payment on your card by default. If your bank do not allow it, store it in an RFID blocker, you get 10 of them for like $1 on Aliexpress. They look like this:
    1. 
    2. There are more expensive wallets with the same function, they are fine as well.
22. Don't do stupid sh!t
    1. Do not store your passwords in weird places like in self sent emails (I used to do that in high school)

I am starting to run out things to say I can rant about privacy as well, I am not an enthusiast about it, but I keep that in mind. Hit me up if you are interested!

 

[GuestUser450]

I have been thinking about using Lastpass.
My doubt - Is it safe to save password in lastpass? Whats your experience with them?

I am a little worried that Lastpass authorities can one day use all passwords they have and become trillionaires lol

I like lastpass (logmein is parent co.)

Nothing is completely safe but I feel better with a paid service over a free one. Incentives.

 

[MJ DeMarco]

You on a MAC or PC?

 

Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

[Vitom]

Jay, one small advice that helped me personally:
Get yourself a brand new phone and brand new laptop for all activities where money involved.
Trust me, it's worth it.

I know people who got their accounts, with 2-step-authentification (!!!), hacked with help of GSM operators, so take care.

and sell the old ones to some unfortunate soul.

 

[Ninjakid]

Don't open attachments or click on links from emails you don't know. If your device gets loaded with a rootkit, you're F*cked.

Jay, one small advice that helped me personally:
Get yourself a brand new phone and brand new laptop exclusively for all activities where money is involved.
Trust me, it's worth it.

I know people who got their accounts, with 2-step-authentification (!!!), hacked with help of GSM operators, so take care.

This is actually solid advice.

 

[Tiger TT]

I would like to add this:

* Use your phone's internet connection instead
of a public wifi whenever you can.

As far was I know, this is safer than using a
VPN + public wifi combination.

 

[SweetTooth]

Sounds like you were targeted.

Social engineering is how several famous Youtubers (who earn 5-6 figures monthly) got hacked.

Nothing will stop a particularly motivated hacker unless you have the protection of a sovereign government. And even then, it's not enough!

Several people here, some of which have a LOT to lose... have given out enough personal information in order for someone to carry out successful social engineering.

And once your business gets to a size where a hack could effect others... you need to get insurance.

I know that I'm sounding like a paranoid Penny here, but the truth is that many, MANY people have lost many times more than I have. You NEED to protect yourself.

Prevention is the best medicine: those are your habits. If you are careful enough, you are extremely unlikely to be a victim. How do you browse? What do you download? What websites do you use? Is your phone number available for all to know? Are your passwords strong and unique for every single service you use? Do you often use unsecured networks to log on while travelling, without using a VPN?

Protection is your next best thing. Anti-virus, firewalls, VPNs, 2-factor authentication, encrypted traffic, key scramblers, security notifications, and more.

All in all, keep a low profile. Treat the Internet like the ghetto. Don't look rich, don't incite fights, and don't do illegal shit. If no one knows who you are, you won't be specifically targeted. In my case, I got had because I had trusted a file that I should not have.

Try not to worry about it too much, though.

If you feel very strongly about your online security to the point that you could lose a lot of your money and possibly other peoples money, then you might want to consider hiring an ex or current hacker to attack you. If you have a vulnerability, they'll find it and tell you how to fix it.

 

[devine]

Do you guys think its dumb to have ONE solo email connected to all finance accounts? Or should I have individual emails for each separate account?
-My thought was, as long as I don't use it for anything else it should be fine....

Get two accounts here: https://protonmail.com
Provide first email address only when it's absolutely necessary. No cloudflare/moz/etc paid accounts here.
Second one is for paid cloudflare/moz/etc services.

 

[FastNAwesome]

Jay, one small advice that helped me personally:
Get yourself a brand new phone and brand new laptop exclusively for all activities where money is involved.
Trust me, it's worth it.

This is superb advice.

Bolded the very important part.

 

Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

[ddzc]

Solid thread. No one takes security serious until they're the victim of a crime such as this. Great advice in here bud.

 

Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

[MJ DeMarco]

Did Paypal get 2 step authentication?

After reading about it here, I looked for it and couldn't find it either.

ut this tech safety shiz is the real deal.

Yup, and a huge market with tons of opportunity.

 

[SquatchMan]

Bumping this thread.

Lots of value in here.

I'll add my tidbit. I have a very unique last name, so I use a variation of my middle name on any social media or online presence. I hate having it so that if you Google my first+last name you can find everything out about me.

Some things I obviously can't escape though. Like voter registration or business registration. I try to use a PO Box for as much stuff as I can though.

 

[loop101]

For the ultra-paranoid, likes reporters who can be put to death in certain countries, there is Linux-based "Qubes OS". It is what Edward Snowden uses. I'm not sure how realistic it is to use it as a daily driver.

Qubes OS

Similar to Qubes, you can use Virtual Machine's to containerize your activities. If you are a gamer who downloads a lot of risky "mods", you could do your banking/shopping inside a VM. Your games would still run fast, but your private data would be somewhat safe. If you just browse high-risk sites (*cough* pornhub *cough*), you could do that inside a VM. Qubes uses Linux Containers for everything.

 

[Christopher777]

Weird to say but windows seems more secure right now, they're doing a lot of things right.

Haha, well, I can't help but laugh man. Windows is the least secure of OS's. It might be that they're constantly catching up but it's just too darn lucrative for hackers to exploit.

Don't believe me? Just download Adwcleaner right now. It's free and downloadable with a google search. It will detect a lot of stuff that your AV often disregard.

Sounds like you were targeted.

It's possible. They were probably tipping their toes first. But it's also possible that his PC was just a little node of a larger network of infected machines and the small withdraw was part of the plan to keep it low.

There are software programs that can take over your PC and they are called FUD (fully undetectable). They trade this stuff expensively in the underground.

I played around this stuff as a hobby. You will not believe the kind of things that are possible.

Points to remember :

1. Change passwords often and have complex ones.
2. Update your stuff. All that needs updating.
3. Strong and reliable antivirus. ESET, Bitdefender, etc choose the smart ones that have HUGE signature databases that gets updated often, like cutting edge. Choose those that have firewalls, heuristics and automated action.
4. Train your staff with security practices. (USB procedures, clicking links, email links, phone call procedures etc)
5. Backup software, licenses and data regularly.
6. Consult a security specialist if it's that important. You can never be too sure.
7. If your business has a database of credit cards, email addresses, software, office documents, private photos and videos, you are a possible target.
8. If you are running windows, have the basic security stuff in place. Windows is like the guard of the castle that always got outsmarted.
9. Screen staff.
10. Have a cloud service as a failsafe if possible.

It's hard to stop a hacker. It's like almost impossible because they have massive leverage, knows how to use it and they have the attitude of a juggernaut.

The best you can do is to protect yourself from the shotgun attacks. If you are being targeted or suspecting the same, get help before it's too late.

Anyways, if you have any questions or help on anything security related, just PM.

 

[loop101]

After reading about it here, I looked for it and couldn't find it either.



Yup, and a huge market with tons of opportunity.

I've been interested in cybersecurity/infosec for quite a while, but have not thought of a good way to make it a Fastlane business. As a single worker, it seems time-bound, like being a dentist. You can charge a lot of money, but only for the hours you work. There are also legal risks if something goes wrong. For example, if a customer is hacked, or if they think you did something wrong.

To get a high-paying infosec job, you need to work for the US military, or banks. For that, you really need a security clearance (for military), college degree, infosec certs, and (ideally) networking experience.

For a single person, it seems impossible. The only people I have seen in Infosec who do really well, are those who manage large groups of Infosec workers. I guess this would be "Intentional Iteration" across lots of worker bee employees. This guy started an infosec solutions provider, and is now worth $200M: Robert Herjavec - Wikipedia

It's probably not too hard to be self-employed, but it doesn't seem scaleable without having employees.

Any suggestions?

 

Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

[eliquid]

@eliquid why 3 passwords?

I love the concept. I'll give it a go. Maybe I can use it for some of my clients.

You know what's funny now that you mention it? My clients have such shit security. Their passwords are almost always the same for everything, and they're so bad. I don't wanna school them on security but I feel like I should.

I need to point out you might need to edit the .bat file a bit more. I left the path to my install hard coded in there in more than 1 spot. But then again, this is just a concept right now.

So for the 3 passwords, there are multiple reasons:

• A lot of people want to say only 1 password is needed if it's strong and secure. You know, those 84+ char. type passwords. If I zipped up a file and it had a 84+ char password and then I sent that file to my mom/client/journalist/lay tech person in TXT on cell phone or on a sheet of paper, you know how hard that is going to be to type manually on their desktop to unlock the file? It's gonna be a pain. My eyes cross at like the 10th char and I second guess myself what the last char was. I couldn't imagine doing that with 84+
  
  So I decided instead of 1 strong password of long length, 3 shorter passwords would do. Even at 16 char, you're talking a lot of computer power taking many years to crack. 3 shorter passwords would help with ease and simplicity.. a goal of this project.
  
  
• When other people encrypt the files to send off, it may be a lay tech person who creates them. They put in a 8-16 char password and it's "abcdef123456789". That's not gonna fly well for security, right? Easily cracked. However, now there are 2 more the hacker has to deal with that could be slightly better or stronger that could take a lot of computing power to crack and years. They might crack one, but possibly not the other 2. This is why I put in 3.. a bit better security in case the lay tech user has 1 or 2 weak passwords.. there will still be some security hopefully left.
  
  Think about it, if your customers use the same password for everything, the hacker might already know that password and that could be the first password the customers used for one of the archives. Now the hacker would need to figure out the other 2 still. Unless your customer just uses the same password 3 times, well there is not much that can be done other than for one of the archives to have an automatic password generated which I might add in to a later version.
  
  
• I thought about just 2 passwords. Since I couldn't do a 2FA after the 1st password ( like websites ), I thought I'd do 2 passwords back to back. When I accepted that would be good, I thought 3 would be even better for no real specific reason other than it might piss off a hacker if they actually did crack the first 2. Past 3 ( going into 4+ ), I thought it would just be a damn pain for the end user. 3 was just a good number it seemed to stay simple, but also secure.

The best way I use it, is to store files on Dropbox or S3. I deal with a lot of my customers data and I don't want it exposed when transferring or having it available.

Sometimes I also need to keep my very personal data on Dropbox ( like my bank info, credit cards, or drivers lic when I am traveling ) and I like knowing I can access it easily on Dropbox while it is still secure if needed in an emergency.

 

[sinj]

Everything that has been mentioned here is very good, but I want to share something else that I have not seen here mentioned that is really very important, which is: be really careful about what emails you open and the attachments. Email can be said to be of someone when is really not.

Second thing, VPNs are good, but you not all providers are good. They might be logging everything, force you to give a lot of data about yourself.

I would say that right now, but this could change in a blink of the eye, one of the good providers and not very expensive is Mullvad.

Now a little story about opening unknown emails:

I worked on information security, and when we had a penetration test that in the rules of engagement allowed social engineering. We sent invoices that looked like it was from corporate execs going to gentleman's clubs. My friends had a lot of experience going to this kind of places, so they got the invoices' templates perfect. They were Microsoft Office documents with macros. They would open it, and we had total access to their computer systems and networks. We took photos from their webcams as proof.

 

[urianasi]

Did I mention PIA because its what I use: Anonymous VPN Service From The Leaders | Private Internet Access

Microsoft Defender is prob the best Antivirus if your using Win 10.

I also use Keepass (its encrypted) password database.



This has been shown to be ineffective.

If you want to use Linux, I recommend Kali Linux (its pretty secure)

Kali Linux | Penetration Testing and Ethical Hacking Linux Distribution
Penetration testers (aka ethical hackers) keep their versions very secure. Its also updated all the time. But any version of Linux will do. Preferably non-Ubuntu (if you dont trust Corporations).

Kali Linux is a distribution created for Penetration Testers, but it doesn't necessarily means you're completely secure. Professionals usually install this distribution in virtual machines, and it's definitely not suited for people who wants to start using Linux. A normal user will not use or need more than half of the programs installed and for sure won't know what those are there for.

The problem with recommending tools is that we are simply trusting that in case of a malicious actor or threat wants to steal or capture our information, they will save us. This isn't necessarily the case.

Security is a process, not a tool. Nobody should expect to be secure after using a simple tool, although many of them market it that way.

There are some things you can do, of course, with some tools to make surveillance more difficult, or to prevent threats, but most of them depend not only on tools, but also behaviors and processes that the person follows. That's the very big problem with digital security.

 

[MrChill]

Cisco offers OpenDNS for free to help block out malware and other crap that you can filter from your home network at the hardware/router level. I highly recommend this, as it is even more proactive than anti-virus software alone, as that's a client installed on your OS. The best malware is the one that never makes it to the OS, but is blocked by your router.

Highly advise looking into this: Home Free by OpenDNS

 

[eliquid]

Went through this thread so many times. Instead of taking any preventive measures, I bashed it off:

"Nah. It won't be me".
"BS. I'm a power user."
"Screw all this victims."

Now, I have to start my 2k Likes Facebook Page from scratch.

I too thought this years ago.

Luckily I have never "lost" anything like a site or page or something else. But over the years as I got more and more emails from great services that blocked attempts from someone else logging into my account from odd geo locations, wrong passwords, etc and blocked my account, I became concerned.

A couple times a year, I might write that off as "expected".

A couple times a month, is something totally different.

Data is being stolen and shared much more now than 3-4 years ago. It's just going to get worse.

Just a couple days ago, I got an email where someone tried to log into a crypto account I never used. They used the wrong password enough times to block the account. Again, I got lucky. But what about the weaker sites that don't block attempts, or don't warn you about it?

What about the sites they do get into and you never know about it?

I finally had to cave and just accept that being a Power User, "it wont happen to me", etc just isn't good enough. The weak chain in the link isn't you or me, it's sadly the banks and 3rd parties we work with.

And once that data is grabbed, it's shared on the web with millions having the potential to look at it. Then it's re-shared hundreds of times more. There is no defense for that other than trying to make it harder on criminals by changing passwords ( front end attacks ) and freezing credits ( back end attacks ), etc.

A lock on a bike just keeps an honest person, honest. If someone really wants your data, nothing will stop them. All we can do is try to keep the lower level criminals at bay with our methods.

.

 

Dislike ads? Remove them and support the forum: Subscribe to Fastlane Insiders.

[ApparentHorizon]

Take other people's security with your information seriously, as well.

I just found out about Privacy.com, where you can get virtual credit cards. If one of them gets compromised, just shut it down and create a new one. Instead of waiting for one from your bank, then having to change all of your automatic payments on 20 different sites.

Downside is the rewards suck/non-existent.

But if you're buying a couple of things here and there, that are only on non-verified sites, this is great. Ex. Website plugins.

 

[BlakeIC]

@TeveTorbes ubuntu + vpn? what kind of unethical business you conducting?