Due to the upcoming ICOs that we are going to launch for ourselves and also for our incubated projects, we are implementing the following measures.
Separated Blog – Blog is setup at https://katalystcoin.org.
It talks about the ideas of KatalystCoin. Upcoming projects would be discussed about. Updates would be posted on this blog.
However, it would never contain a public key for the purpose of receiving ICO funds.
Even the blog requires 2FA for the administrator to login. It is hosted at a reputable provider which also provides vulnerabilities scanning services on the fly.
The blog is also protected with a SSL certificate that ensures that your communication, if any, with the blog is totally protected and secured. Your communication to us would be only read by us and us only.
ICO Website – ICO website is totally separated from the blog. It is hosted at https://katalystcoin.com.
By design, the ICO website would only be read-only. It would be hard to change the content of the ICO website even if you know where the website is.
To be doubly sure, we are going to do a md5 checksum of the website while the ICO is ongoing and would inform us when the website is changed without our approval.
We understand that other ICO projects are mainly compromised because the access to their website is compromised. We are going to learn from their mistakes and not going to repeat it.
The ICO website is also secured with SSL technology to ensure that all communication with our ICO websites is secured.
Even when we do login to edit the website content, it would require a 2FA approval before we can login to change the content.
Secured DNS – We notice one of the ways in which an ICO can be hacked is via changing the entry in the DNS. Redirecting the website IP address to another webhosting server that would mislead the coin buyers.
Again, the DNS is secured with 2FA. For us to change the entry of the IP addresses of our hostnames we would have to confirm the login via SMSes to our handphones.
Encrypted File Systems in our own Notebooks – All our notebooks dealing with the ICOs are reinstalled with Linux. The operating system for the Open Source community. The filesystem is encrypted so even if we ever lose our notebooks we would never lose the content and compromise the safety of KatalystCoin.
PGP Encryption – We use the strongest PGP encryption with 4096 bit length. Supposedly would take the most powerful computer longer than the age of our Universe to crack.
The seeds are encrypted and stored with our PGP key.
The PGP private keys are kept separately to ensure that the encrypted seeds and the PGP to decrypt it are not even stored in the same place.
Wired Connection – The computer network handling the ICO would only accept wired LAN connection and no wireless connection. We are also implementing a separate network demilitarized zone that even wired or wireless connection from another network would not be able to access.
Linux notebooks stripped of all network services – The Linux notebooks are installed with the most barebone Linux operating systems. From the network services point of view, all services are disabled.
Today, we went all the way to even disabling the swap system on our Linux machine. All computers and potentially all handphones have swap systems that store all your keystrokes. If they are physically compromised a skillful person in computer technology may be able to know what you type before. We go above and beyond to even disable swap filesystem in our Linux notebooks.
We would do our best to protect your interest. We would do our best to protect KatalystCoin.