By Ian Lee May 10, 2018
On May 8, 2018, the Subcommittee on Oversight and the Subcommittee on Research and Technology invited four witnesses, two from the public sector and two from the private sector to discuss blockchain applications. The hearing, titled “Leveraging Blockchain Technology to Improve Supply Chain Management and Combat Counterfeit Goods” can be viewed in its entirety on YouTube.
Although mostly serving as an educational forum to allow various members to express their views on the applications of blockchain technology, it was a pleasant surprise how positive several politicians and government officials were on blockchain.
Notably, Republican Congressman Barry Loudermilk expressed happiness that this topic was finally being discussed at the government level, describing himself as feeling like “a little voice in the wilderness on blockchain” and also stating that “it could be a solution to a lot of our cybersecurity and data protection issues.”
More at: US Congressman Describes Blockchain As ‘World-Changing’ – [blokt]
By Mike McRae April 26, 2018
Blockchain technology has taken the world by storm in recent years as a way to anonymously record transactions between individuals. As safe is it is currently, it’s only a matter of time before somebody finds a way to tap into those coded messages.
While quantum computing potentially opens the way to some serious safe-cracking power for hackers, the delicate nature of entanglement might also provide the solution to keeping data secure – by reaching into the past and erasing its own history.
A pair of researchers from Victoria University of Wellington in New Zealand have developed their own concept for a quantum blockchain that would theoretically prevent anybody from unknowingly fiddling with your electronic ledgers.
More at: This mind-bending quantum blockchain could be the future of secure transactions – Science Alert
By John Moore March 23, 2018
Blockchain tech could allow tracking of private data in the future.
As the shockwaves from the recent Cambridge Analytica revelations continue to rattle Facebook, RBC Capital Markets analyst Mitch Steven has pointed out how blockchain technology could help to instil peace of mind for users worried about how their data is being used.
Speaking to CNBC, Steves pointed out how the same tech that underpins cryptocurrencies – while not preventing misuse of data such as that seen in the CA case – could allow users to “100 percent track all this stuff”.
“In the future,” Steven said, “someone like yourself no longer has to give their photos to Facebook. Instead, you could just share that photo specifically with people, and then you’d be able to track it and make sure it’s not shared with someone who gets access to your information.”
More at: Analyst sees blockchain as the future of infosec on social media – Crypto News Review
By Mike Orcutt March 1, 2018
Blockchain-powered computer programs promise to revolutionize the digital economy, but new research suggests they’re far from secure.
Computer programs that run on blockchains are shaking up the financial system. But much of the hype around what are called smart contracts is just that. It’s a brand new field. Technologists are just beginning to figure out how to design them so they can be relied on not to lose people’s money, and—as a new survey of Ethereum smart contracts illustrates—security researchers are only now coming to terms with what a smart contract vulnerability even looks like.
More at: Ethereum’s smart contracts are full of holes – MIT Technology Review
By Amy Castor, Bitcoin Magazine March 1, 2018
An eclipse attack is a network-level attack on a blockchain, where an attacker essentially takes control of the peer-to-peer network, obscuring a node’s view of the blockchain.
In a new paper titled ” Low-Resource Eclipse Attacks on Ethereum’s Peer-to-Peer Network ,” Sharon Goldberg, an associate professor at Boston University; Ethan Heilman, a Ph.D. candidate at Boston University; and Yuval Marcus, a researcher at the University of Pittsburgh, describe a way to carry out an eclipse attack on the Ethereum network.
(The researchers disclosed their attacks to Ethereum on January 9, 2018, and Ethereum developers have already issued a patch – Geth v1.8.1 – to fix the network.)
In speaking with Bitcoin Magazine , Goldberg explained the research, how it compares to Bitcoin eclipse attacks and why she thinks the work is important.
First, she emphasized that working with Ethereum developers to fix the vulnerability was a smooth process. “It was a very functional, easy disclosure,” she said.
More at: Researchers Explore Eclipse Attacks on the Ethereum Blockchain – Nasdaq.com
By Wolfie Zhao February 12, 2018
U.K. government websites and more than 4,000 others worldwide have reportedly been exploited by malware that harnesses visitors’ computers to mine cryptocurrency.
According to BBC, the incident was first revealed after British security researcher Scott Helme, who raised the alarm that users browsing the website of the U.K. Information Commissioner’s Office (ICO) are affected by the malware, dubbed Coinhive, which illicitly mines the anonymous cryptocurrency Monero.
The ICO subsequently closed its website when the issue was revealed, the report indicates. At press time, the site was still down, citing “maintenance.”
More at: UK Government Websites Hit By Crypto Mining Malware – CoinDesk
By Madeline Bennett February 6, 2018
Digital connections add new security risks to the supply chain. Companies including IBM and Maersk believe blockchain may provide the answer.
Cyber attacks such as the Target breach and NotPetya malware might be infamous for the resulting financial damage – around $250m and $900m respectively. What should perhaps be more frightening for businesses is that these losses occurred due to errors originating on the supplier side.
The 2013 hack on Target was a result of a spear phishing attack on one of the firm’s contractors. It resulted in the loss of 40 million credit card details, several senior executives – including the CEO – losing their jobs, and financial damages of over $250m. Similarly the NotPetya virus, which last year hit big-name brands including FedEx and shipping giant Maersk, was enabled when a number of Ukrainian businesses had their systems compromised by a malicious update to a popular local accounting software package.
Businesses have always had to be wary of exposure through their supply chain to risks such as fraud, quality failures, disruption and other contingencies. Today’s need to be digitally connected brings a new set of risks in its wake.
More at: Is blockchain the answer to security risk in supply chains? – diginomica