Cybersecurity meets blockchains – Banking Exchange

By Jason Leinwand      January 22, 2018

As the worlds of online banking and trading, cybercrime, and blockchain intersect, the banking sector needs to heed the warnings about blockchain in its current state.

An open distributed ledger will not be valuable to a bank without security. Most current distributed ledger technologies provide limited security. That is the reason there are multiple levels of verification to trade cryptocurrencies and why large holders of cryptocurrencies hold them on an external hard drive/vault or wallet.

How do we secure ourselves?

Blockchain is still in its infancy from an advanced technology perspective. However, we all know the tech world moves fast, so it won’t be long before we see blockchain-developed solutions across retail, investment banking, and even farming. The ability to share data across a distributed ledger, without the requirement of going through a central repository (a bank) will move all these industries to a whole new level of efficiency.

First, however, we need those ledgers to be secure. There are currently companies out there working on such solutions, from small startups to large tech firms. Before the end of this year we will see them go live with viable market solutions. It is too early to know who will emerge as the leader in the space, but demand is there to drive a solution.

More at: Cybersecurity meets blockchains – Banking Exchange

Cryptocurrency mining malware will be a real problem this year – KnowTechie

By Chris Smith    January 16, 2018

Cryptocurrency mining malware is expected to stay within the cryptocurrency world. They are indeed a real problem that will continuously bring a headache to cryptocurrency enthusiasts.

Cryptocurrency started to gain extreme popularity last year. If you’re a newbie in cryptocurrency, the LetsGoBitcoin will be so helpful to you. It’s one of the hottest websites today that lets anyone learn the best way to use the progressive cryptocurrency on the market. However, the world of bitcoins is threatened by cryptocurrency mining malware. It uses your smartphone’s or PC’s computing power to carry out somebody else’s task in completing cryptocurrency transactions.

You’re in trouble if Google Chrome is your favorite web browser, and if you’ve been using the browser extension we call Archive Poster. With this browser extension, your computer will be secretly attacked by hijackers and they will use your device in mining cryptocurrencies. Archive Poster uses a mining program known as Coinhive to start mining the virtual money called Monero. So, it’s best to stop using this web browser extension and remove it.

More at: Cryptocurrency mining malware will be a real problem this year – KnowTechie

Coinbase Merchant Error Causes Major Exploit on Overstock – The Merkle

By Zane Huffman    January 11, 2018

Recently, it was made public that retail giant Overstock.com had fallen victim to a huge exploit involving Coinbase’s merchant API. This is another issue on top of many others that customers and businesses have made apparent affecting the leading Bitcoin exchange.

On January 5, independent researchers discovered a massive exploit in Overstock’s cryptocurrency payment gateway, which is offered through Coinbase’s merchant functionality. This exploit allowed Overstock customers to purchase items with Bitcoin Cash (BCH) instead of Bitcoin, which effectively resulted in an almost 85% discount.

The even greater issue that emerged was the ability to return purchases made with the discounted BCH and receive Bitcoin in return. Malicious users could pay for an order in Bitcoin Cash and be refunded an equal amount of Bitcoin. This exploit emerged when Coinbase first implemented Bitcoin Cash support on December 19, and existed for almost three weeks.

More at Coinbase Merchant Error Causes Major Exploit on Overstock – The Merkle

Cybersecurity company claims that it has found a software which sends mined cryptocurrency to a North Korean university – Firstpost

India – Reuters    January 9, 2018

A cybersecurity company said it has found software that appears to install code for mining cryptocurrency and sends any mined coins to a server at a North Korean university, the latest sign that North Korea may be searching for new ways to infuse its economy with cash.

The application, which was created on 24 December, uses host computers to mine a cryptocurrency called Monero. It then sends any coins to Kim Il Sung University in Pyongyang, said cybersecurity firm AlienVault, which examined the program.

“Crypto-currencies may provide a financial lifeline to a country hit hard by sanctions, and as a result universities in Pyongyang have shown a clear interest in cryptocurrencies,” the California-based security firm said in a release, adding that the software “may be the most recent product of their endeavors.”

More at: Cybersecurity company claims that it has found a software which sends mined cryptocurrency to a North Korean university – Firstpost

Cambridge academic: cryptocurrency users’ anonymity may not last – Business Insider

By Camilla Hodgson    January 6, 2018

• The details of supposedly anonymous cryptocurrency transactions may be revealed in the future, according to an expert in the field. 
• Those taking steps to conceal their identities for dubious reasons may be identified by law enforcement as detection tools improve.
• Blockchain transactions leave traces, which could be analysed if algorithms are cracked in the future.

---

LONDON — The identity of the individuals behind supposedly anonymous cryptocurrency transactions may be revealed as technology develops in the future, according to a cryptocurrency expert.

Although many users of cryptocurrencies value anonymity, particularly when using them in transactions on the dark web, advances in technology and law enforcement tools mean this secrecy is not guaranteed forever, Garrick Hileman, an economic historian at the University of Cambridge, told Business Insider.

“It’s like taking a blood sample from Lance Armstrong from 2005 — at that time, there was no way to test for the particular drug he may have been using, but through preservation you can, retroactively,” said Hileman.

More at: Cambridge academic: cryptocurrency users’ anonymity may not last – Business Insider

Hacks, Scams and Attacks: Blockchain’s Biggest 2017 Disasters – CoinDesk

By Nikhilesh De    December 29, 2017

Hard forks? Soft forks? ICOs?

Bombarded by no shortage of unfamiliar technical terms in 2017, consumers in the blockchain sector once again proved a ripe target for hackers and criminals. But, not all hacks and scams were created equal. Some rose above the froth – either due to their size or impact – as well as what they said about the state of blockchain technology and the industry itself.

Still, the impacts of these incidents were far from academic. Whether it was a simple wallet hack, fraudulent ICO or a bug in a piece of software code, investors lost millions, with nearly $490 million taken in the incidents below.

So far, none of the perpetrators of these crimes has been caught or even identified, and it’s questionable whether most of these funds can be found or returned.

More at: Hacks, Scams and Attacks: Blockchain’s Biggest 2017 Disasters – CoinDesk

MIT Criticizes IOTA: “Gaping Hole in its Software” and Deceptive Marketing – BTCMANAGER

By Joseph Young    December 28, 2017

On December 20, MIT Media and the MIT Digital Currency Initiative (DCI) issued a public statement written by DCI Director Joi Ito, refuting an article published by the institution’s own MIT Technology Review about IOTA’s potential to outperform bitcoin.

MIT DCI Criticizes IOTA

On December 14, MIT Technology Review’s Mike Orcutt published an article entitled “A Cryptocurrency Without a Blockchain Has Been Built to Outperform Bitcoin.” In it, Orcutt introduced various works and partnerships IOTA has led throughout 2017 and the technical intricacies of the network.

Specifically, Orcutt’s article delved into the non-blockchain platform of IOTA and how the elimination of the blockchain technology in a cryptocurrency can maximize scaling.

However, within a week of the article’s publication, MIT Media, DCI, and Joi Ito released a column to refute the reporting of MIT Technology Review’s Michael Orcutt. Ito and the rest of the MIT DCI team wrote that the initial article of Orcutt contained a flurry of inaccuracies and misrepresentation of IOTA’s works.

More at: MIT Criticizes IOTA: “Gaping Hole in its Software” and Deceptive Marketing – BTCMANAGER

Blockchains Could Save Millions in Data Security Costs – AIER

By Max Gulker, PhD    December 26, 2017

This year has seen the proliferation of proposed applications and startups using blockchain technology. Predicting which will succeed and fail with 100 percent accuracy is, of course, impossible. But the likeliest candidates for success are the cases where the benefits of not relying on a central intermediary most exceed the extra costs of using a blockchain to process transactions. Will our health records and deeds to our homes end up on blockchains? The answer will depend greatly on these costs and benefits.

The benefits of not relying on a central intermediary are often larger than we first assume. Let’s look at the most well-known blockchain application, payment processing (Bitcoin is both a currency and a payment processing system, we’ll focus on the latter here), and one of the most important functions of today’s intermediaries, keeping our data secure.

We use central payment processing systems like credit cards, PayPal or bank transfers all the time, almost without thinking about it. As we do so, we implicitly trust these intermediaries to protect our personal and financial data from being stolen or internally misused. Data hacks of epic proportions do happen, but let’s assume for now that the probability of something bad happening each of the many times we use one of these intermediaries is very low. Does that mean that the cost of relying on these intermediaries to secure our data is low?

We place our trust in these intermediaries because they have made costly investments over time to engender that trust. Processing payments on a blockchain essentially avoids these costs. Firms that centrally process payments spend millions per year on hardware, software, employees and research and development to communicate to customers that their data is safe in each transaction. And all the major credit cards require their e-commerce merchants to meet the Payment Card Industry Data Security Standard, first rolled out in 2004. Merchant compliance, which includes network security, monitoring, and several other standards, is expensive. For the smallest e-commerce merchants (defined as under 20,000 transactions per year) accepting Visa, MasterCard or Discover, becoming compliant costs an estimated $75,000 to $90,000, and maintaining compliance costs an additional estimated $35,000 annually. For the largest merchants (processing over 6 million transactions per year), the costs are estimated to be ten times as large.

More at: Blockchains Could Save Millions in Data Security Costs – AIER

Quantum Computers Pose Threat To Bitcoin And Blockchain, Study Claims – EconoTimes

November 22, 2017

D-Wave Quantum Computer Chip.D-Wave Systems, Inc./Wikimedia

With so many developments and advances in the tech industry over the years, a lot of them can seem interconnected. In the case of quantum computers and the cryptocurrency market, this is apparently the case, but not all in the ways that are good. In fact, computers that could be thousands of times more powerful than current ones could pose a significant danger to bitcoin and the Blockchain network.

This development is courtesy of a paper published by researchers from the National University of Singapore. According to the study, a sufficiently powerful quantum computer could make minced meat of the cryptographic protocols employed by bitcoin and all financial institutions built in the Blockchain network.

“The key cryptographic protocols used to secure the internet and financial transactions of today are all susceptible to attack by the development of a sufficiently large quantum computer. One particular area at risk are cryptocurrencies, a market currently worth over 150 billion USD. We investigate the risk of Bitcoin, and other cryptocurrencies, to attacks by quantum computers. We find that the proof-of-work used by Bitcoin is relatively resistant to substantial speedup by quantum computers in the next 10 years, mainly because specialized ASIC miners are extremely fast compared to the estimated clock speed of near-term quantum computers,” the paper reads.

More at: Quantum Computers Pose Threat To Bitcoin And Blockchain, Study Claims – EconoTimes

Quantum Computers Pose Imminent Threat to Bitcoin Security – MIT Technology Review

By Emerging Technology from the arXiv    November 8, 2017

Bitcoin is taking the world by storm. The decentralized digital currency is a secure payment platform that anybody can use. It is free from government interference and operated by an open, peer-to-peer network.

This independence is one reason Bitcoin has become so popular, causing its value to rise steeply. At the beginning of 2017, a single bitcoin was worth around $1,000. By November 2017, this had risen to around $7,000. Indeed, the total value of the cryptocurrency market is some $150 billion.

A crucial feature of Bitcoin is its security. Bitcoins have two important security features that prevent them from being stolen or copied. Both are based on cryptographic protocols that are hard to crack. In other words, they exploit mathematical functions, like factorization, that are easy in one direction but hard in the other—at least for an ordinary classical computer.

But there is a problem on the horizon. Quantum computers can solve these problems easily. And the first quantum computers are currently under development.

More at: Quantum Computers Pose Imminent Threat to Bitcoin Security – MIT Technology Review