Jump to content

Search the Community

Showing results for tags 'blockchain'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Categories

  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions

Categories

  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 10 results

  1. Disney Patents Blockchain-Based Movie Distribution System to Stop Pirates As a prime content producer, Disney has a vested interest in keeping pirates at bay. The entertainment company is involved in various enforcement initiatives and a few days ago, added a new anti-piracy patent to its arsenal. With a blockchain-based distribution system, Disney hopes to make it harder for pirates to intercept films being distributed to movie theaters. Disney is one of the best known brands in the world and the owner of an impressive collection of movies and TV shows. New and old releases earn the company a healthy stream of revenue, both in movie theaters and through its own movie streaming service Disney+. While there is plenty of competition from other movie studios, Disney’s single biggest threat appears to be piracy. To tackle this issue, Disney’s in-house anti-piracy team works around the clock, and the company takes part in the ACE coalition as well. Disney’s Blockchain Anti-Piracy Patent Through these anti-piracy efforts, Disney has helped to take down dozens of piracy sites and services. However, the media giant is also trying to be more proactive. A newly awarded patent proposes a blockchain-based media distribution system that aims to prevent early piracy leaks. The patent in question, titled “Blockchain configuration for secure content delivery,” focuses on the distribution of content to movie theaters. This is a vulnerable process where pirates with the right connections can make copies during or after delivery. There are already several security mechanisms in place to prevent leaks from happening. Theaters have to adhere to strict rules, for example, and movies are all watermarked. Nevertheless, Disney believes that this isn’t sufficient to stop pirates. “(s)uch security mechanisms are often reactive rather than preventative. For example, watermarking configurations insert a watermark into content to track piracy after the piracy has already occurred. As a result, current configurations do not adequately prevent piracy,” the company explains. Verifying Rights Disney argues that by implementing a secure blockchain-based system, the distribution process can be more tightly controlled. Among other things, it will make it impossible for a movie to be played before it arrives at the intended location. “In contrast with previous configurations, the blockchain configuration verifies that the content is received at the intended destination prior to allowing playback of the content at that destination,” the patent reads. The system can also be configured with other anti-piracy features. For example, it can track the number of times a movie is played to prevent bad actors from showing it more often than they should. “Further, the blockchain configuration has an automated auditing mechanism that tracks playback of the content at the destination to ensure that the quantity of playbacks is accurately recorded. Therefore, piracy by the intended recipient, in the form of a greater quantity of actual playbacks than reported playbacks, is prevented.’ Other Playback Environments While Disney regularly refers to movie theaters and projectors, it specifically states that the patent also applies to other ‘playback environments.’ For example, when Disney content is sent to other streaming providers, which will need the proper credentials to play the content. There are several possible practical implementations but whether Disney has concrete plans to use these in the real world is unknown. That said, it’s certainly intriguing to see that the company is seriously considering the blockchain. It is worth noting that this anti-piracy system is focused on the content distribution and delivery process. This will, in theory, help to prevent pre-release leaks. However, it won’t stop pirates from ripping movies and TV shows directly from Disney+. Disney is not the only media company that has an interest in blockchain technology. Earlier this year, DISH Network secured a patent for a system that online services can use to check if an uploader has the proper rights to share something. — A copy of the “Blockchain configuration for secure content delivery” patent, awarded late last month, is available here (pdf) Disney Patents Blockchain-Based Movie Distribution System to Stop Pirates
  2. Casanova graph. Credit: Pyrofex Corporation. A team of researchers at Pyrofex Corporation recently introduced Casanova, a leaderless optimistic consensus algorithm suited for use in a blockchain. Rather than producing a chain, Casanova produces blocks in a directed acyclic graph (DAG), which is essentially a directed graph with no cycles. Casanova pipelines voting rounds and block production to improve scalability and has a unique 'line item veto' for conflicting transactions such as double spends. "We were looking for a scalable consensus algorithm that we could use to implement a couple of different blockchain projects we have going," the Pyrofex research team told TechXplore, via e-mail. "We initially thought Casper might be right and tried to prove it was safe and live under ideal network conditions. It didn't take long at all to show that wasn't the case and to conclude that we would have to make some significant changes. Our new algorithm addresses all the issues we were facing, but it required a lot of deviation from previous approaches." Most existing blockchain technologies waste considerable time and resources getting the entire network to agree on the global ordering of each single transaction. While this might appear reasonable, the researchers feel that a good blockchain approach should be able to process transactions in any order. "We should only use the energy and resources to come to consensus when it's necessary to do so—i.e., when there are two conflicting transactions and the network must choose exactly one," the researchers said. "Other blockchains have tried something similar, but with Casanova we were able to specify exactly how to accomplish this." A notable characteristic of Casanova is that it does not build a blockchain per se, but rather builds a DAG. The researchers refer to the structure of Casanova as a 'blockdag'. If a blockchain's structure can be compared to a string, a blockdag resembles a piece of fabric with several strings woven together. "Therefore, instead of confirming one block at a time, Casanova confirms one block at a time per member of the network," the researchers said. "So if the network has 1,000 members, we can confirm 1,000 blocks at once instead of just 1. We do all this work in the same time a regular blockchain would spend coming to consensus on a single block." Casanova has validators instead of miners and these produce blocks on a regular basis, once every minute or so. When the validators receive a transaction from a client, they include it in their next block and sign the block to show that they have seen it. Validators also exchange blocks with each other, to ensure that everyone sees all transactions. When a validator is ready to produce a new block, it includes information about blocks that it has seen from everyone else. "The only worry is when two conflicting transactions arrive, like when a user tries to double spend," the researchers explained. "When validators see a conflict, they include information about it in their next block. Using the information from everyone's blocks, the network decides which transaction will be valid and which they'll throw away." While it might feel like this process is not enough to guarantee security, the validators use mathematical structures to track both transactions and the other validators' votes. According to the researchers, this allows them to make important inferences, which ultimately ensure security. "One of Casanova's more beautiful features is this: you can spam the network with double spends, which will slow it down, but the network will only slow down for the spammer's account," the Pyrofex research team said. "Everyone else's transactions get processed at the usual speed, because you can't force them to conflict with your transactions. Casanova has a sort of 'line item veto' on spammy transactions that's unique in the industry, as far as we know." Although there are several blockdag algorithms out there, most of them are proof of work (PoW), while Casanova is proof of stake (PoS). In addition, most existing protocols try to give a total order in instances where a partial order would suffice. "We're the first proof-of-stake blockdag consensus algorithm that we know of, and we keep transactions in a partial order," the researchers wrote. "We've also made some fundamentally new observations about how the members of a blockchain should record and track information." The researchers are set to publish a new paper in which they will explain why their observations are more general, mathematically stronger and have a clearer meaning than those gathered using other blockchains or cryptocurrencies. A great advantage of Casanova is that it is quite general, making it easy for users to tailor the algorithm around their specific needs. "The attestation observation is also important; it's one of the main reasons that we expect our consensus algorithm to be screaming fast," the researchers explained. "We designed a consensus algorithm to be fast, secure, and robust against network failures. Then, we built a transaction model for it that could be used to build a blockchain. This is why we think our technology will be faster and simpler than most technologies available today." To broaden the scope of their study, the researchers are now working on implementing a proof of concept and formally verifying it in the proof assistant Agda. Developing Casanova allowed them to gather valuable insight into the existing pool of consensus literature, which they plan to write up and publish over the next few months. "We have also developed a ledger model suitable for use with Casanova, which we're going to build into a blockchain in the near future," the researchers said. "We are working on a computation model that is suitable and will allow us to build a smart contracting blockchain. There's a lot to be done, including much of the proof-of-stake machinery like rewards, fees, bonding, unbonding, and so forth. It's going to be a busy year." source
  3. Blockchain technology is being piloted as the basis for self-sovereign identities, which can eliminate user names and passwords for logging into corporate sites or verify sensitive information such as income for purposes of a loan without revealing personally identifiable information. Thinkstock MORE LIKE THIS Blockchain 2019: How crypto will convert cash, property into digital assets Blockchain to generate more than $10.6B in revenue by 2023 Coming soon: Public blockchains for private business data VIDEO Tech Talk: Where blockchain's going this year Related Articles Blockchain in 2019 and beyond: 5 predictions How to decide whether to deploy blockchain 10 ways to work better with G Suite See all Insider Imagine a company that can verify the background of a new employee and onboard them with the click of a single virtual button, or a banking customer who can verify their identity for a loan without exposing personally identifiable information – again with a click of a button. That's the potential blockchain holds for decentralized identity management. It's done by creating a digital wallet that serves as a repository for all kinds of personal and financial data, info that can only be shared after a specific request and only with the permission of the owner. [ Further reading: What is blockchain? The most disruptive tech in decades] Blockchain distributed ledger technology (DLT) – in combination with digital identity verification – holds the potential to solve online privacy issues that plague everything from consumer sales and bank know-your-customer regulations to employee credentials that allow access to confidential business systems. "There are multiple vendors in this space that are either in the early R&D stage or testing their products in pilot projects," said Homan Farahmand, a senior research director with Gartner. "It is too early to declare any winner, by any means, because just having a working product is not enough. Decentralized identity requires a vibrant ecosystem, a robust identity trust fabric built on a distributed ledger or blockchain, tools to support user-friendly functionality and good developer experience to support broad adoption." One considerable security attribute of storing digital identities on an encrypted, distributed blockchain ledger is eliminating "honey pots," or central repositories for customer account information, according to Julie Esser, chief engagement officer for CULedger, a Denver-based Credit Union Service Organization (CUSO). Those repositories are prime targets for hackers. Credit Unions are already testing ID management Like other CUSOs, CULedger is a cooperative owned by multiple credit unions for the purpose of providing back-office services; it was created a year ago to build out a blockchain-based identity management platform called My CUID. The platform is expected to launch in the second half of 2019 and will hand the keys to data protection over to customers who sign up for an app. CULedger has 36 investors – 26 credit unions and several CUSOs. In October, CULedger began piloting My CUID with five other credit unions and another CUSO; it eliminated the need for user names and passwords and relieved credit union call centers from the obligation of resetting them when a customer loses them. [ Become a Microsoft Office 365 administrator in record time with this quick start course from PluralSight. ] How it works: a new or current customer of a member credit union contacts a customer service call center, which sends a text message to the customer's mobile device with a link to download the My CUID app. The credit union's rep then issues the customer their credentials – a digital wallet, which holds personally identifiable information obtained during the initial customer contact. That information is encrypted and can only be accessed with the member's authorization, which is requested when they make a transaction. Each time a customer using My CUID contacts the credit union – or vice versa – their smartphone or tablet receives a pop-up dialogue requesting they confirm their membership before any transaction is completed. "You'd click OK or Not OK. It doesn't feel a lot different than what happens with other apps on your phone," Esser said. "It's all based on...the encrypted channels we've created, which is really cool. You're creating a two-way secure communication channel. So, not only does your credit union know it's you they're talking to, but you also you know it's your credit union calling you." CULedger has set a goal of issuing 1 million digital identities to credit union members in 2019. Because credit unions must comply with Know-Your-Customer federal regulations, the blockchain-based digital ID service would also fulfill regulatory compliance, Esser said. Along with giving the customer control over their identity by handing them the blockchain encryption keys, My CUID would eliminate the need for user login names and passwords and dramatically reduce the time it takes for a credit union call center representative to authenticate a member. It can take a rep from 60 to 90 seconds to authenticate a member before a transaction even starts. That can be reduced to 5 seconds or less with My CUID, according to Esser. "It's not a pleasant experience to phone a call center because the customer is welcomed with 20 questions to identify who you are, so it's a wonky process that needs fixing." Traditionally, credit unions and other financial services firms rely on third-party service providers for call center and customer authentication services, many of which are located outside the U.S. CULedger would place control back in the hands of member credit unions, Esser said. In 2019, CULedger plans to begin building out its production customer permission network; it is currently considering several blockchain platforms, including IBM's Hyperledger Fabric service and R3's Corda, the biggest commercial blockchain consortium among banks, insurers and other financial service firms. CULedger is also considering working with the Hedera Foundation, the creator of Swirlds, a software platform for creating distributed applications (dApps). Swirlds is based on the Hashgraph protocol, a DLT well suited to the financial services industry because it can process more than 100,000 transactions per second, unlike bitcoin, which processes three to four transactions per second. "We need the ability to conduct transactions instantaneously – in real time," Esser said. "We'd planned to create our own platform, but with the focus on a decentralized identification piece, this allows us to not recreate the wheel. There may be some applications that require different [blockchain] platforms." How a self-sovereign ID works For consumers who are mindful of their online information – credit card numbers, date of birth, annual income, etc. – blockchain has the potential for "self-sovereign" identities like CULedger is creating, meaning the user controls who can see their data or get purchasing approval without releasing their income details. Self-sovereign identities work like this: the user has a bank confirm a credit limit or an employer confirm annual income; that confirmation information is then encrypted, but available, on a public blockchain ledger to which the consumer holds the private and public cryptographic keys. If a buyer wants a car loan from an auto dealership, for example, the consumer can give them permission through a public key to confirm that he or she has enough credit or annual income without revealing an exact dollar amount. So, for example, if the car dealer wants to ensure a consumer earns more than $50,000 a year, that's all the blockchain ledger will confirm (not that they actually earn $72,587). The confidentiality technique is known as zero knowledge proof (ZKP), a cryptography technology that allows a user to prove that funds, assets or identifying information exist without revealing the information behind it. Ernst & Young has created a public blockchain prototype it plans to launch in 2019 that lets companies use ZKPs to complete business transactions confidentially. Sovereign IDs in the enterprise CULedger is also working with the Sovrin Foundation, a new nonprofit\ that has created the blockchain-based Sovrin Network; it enables anyone to globally exchange pre-verified data with any entity also on the distributed ledger. The online credentials issued via the Sovrin Network are akin to a physical ID you might carry in your wallet, such as a driver's license, a company ID or a bank debit card. The virtual encrypted wallet (or crypto wallet) would link back to the institutions that created them, such as a bank, a government agency or even an employer, which, through the blockchain, would automatically verify the needed information to a requestor. "Our market strategy involves working with enterprise partners to solve their ID problems rather than trying to go direct to end users, so yeah, we're working hard in that area and have a number of partners who are doing things there. Three who come to mind are Government of British Columbia, CULedger and IBM/ATB Financial," said Phil Windley, chair and co-founder of the Sovrin Foundation. The Government of British Columbia and the Government of Ontario have already rolled out a production system using the Sovrin Network for business registration and licensing; together they've issued over 6 million credentials, according to Windley. Sovrin development partners IBM, Workday and ATB Financial (a bank in Alberta) have also started pilot tests of the Sovrin Network. The partners are demonstrating how digital credentials could work for IBM employees. ATB Financial issues a digital credential, which can be used for both logging into the bank and IBM's user network. Along with validating the employees' financial information, the distributed ledger application eliminates the need for employees to have a username or password, Windley said. "Because it's cryptographically based, it has a public key associated with them, and you [the employee] own the private key," Windley said. Gartner's Farahmand said self-sovereign identities based on blockchain distributed ledgers are being eyed for all kinds of enterprises uses, including onboard new hires. Each time a new employee is hired, a new decentralized identifier is generated by the that employee and passed to the enterprise. That identifier can then be propagated within the internal systems for user authentication to the enterprise network and applications, Farahmand said. "This can be a powerful proposition as it speeds up the onboarding process and subsequent identity life cycle management activities, as well as enabling password-less authentication. It also helps with converging multiple personas a person can have relevant to the organization," Farahmand said, explaining that the digital IDs can be used to access multiple systems within a company based on organization-based permissions. A popular design pattern for decentralized identity is comprised of a core identifier and a set of "pairwise" identifiers, each for a relationship the user has with an organization. Pairwise identifiers are cryptographically derived from the core identifier. The pairwise identifier enables an enterprise system to uniquely verify a user identity for each relationship and potentially prevent correlation of user activity across different relationships, enabling privacy-by-design principles at the protocol level, Farahmand said. For example, a bank employee can be a bank customer at the same time while using the same self-sovereign ID. The two personas are typically represented by two digital identities in two siloed systems – one as an employee and one as a customer of the bank. "In case of a decentralized identity model, the same person can have two sets of identifiers ... mapped to the same core digital identity, which can potentially simplify reconciliation of user activities," Farahmand said. Another benefit to a self-sovereign ID is the ability to streamline B2B scenarios where an employee of one organization can have access to systems in another. For example, Farahmand said, if the host organization trusts the decentralized identity that is attested by the guest organization, then a new pair-wise decentralized identifier can be generated to authenticate the user; that simplifies the onboarding and access governance for business customers or other partners. Significant hurdles remain While self-sovereign IDs based on blockchain hold significant promise for increasing privacy and efficiency, there are also significant technology hurdles that have yet to be vaulted. For one, trust in blockchain. A 2018 Gartner CIO survey revealed on average that only 3.3% of companies worldwide had actually deployed blockchain in a production environment. In a blog post, Avivah Litan, a Gartner vice president and distinguished analyst, listed eight hurdles blockchain needs to surmount before it can become a cure-all for virtually any international, transactional network need – from fee-less, cross-border payments to supply chain tracking. One significant challenge is integrating DLT systems with legacy databases, the current repositories for corporate employee identities. A decentralized identity system also requires a vibrant ecosystem, a roust identity trust fabric built on a distributed ledger or blockchain, tools to support user-friendly functionality and good developer experience to support broad adoption. "While we encourage our clients to watch this space and do some limited experimentation or even proof-of-concept projects," Farahmand said, "we also caution them to make sure these products are battle tested, hardened and ready to withstand different types of attacks." source
  4. China’s internet censorship agency has approved a set of regulations for blockchain service providers in the country that will take effect in mid-February. The Cyberspace Administration of China (CAC) published its new “Regulation for Managing Blockchain Information Services” on Thursday, defining blockchain information service providers as “entities or nodes” that offer information services to the public using blockchain technology via desktop sites or mobile apps. The rules become official on February 15, according to the release. Among the 23 articles listed in the document, one requires blockchain service providers to register with the CAC within 10 working days of starting to offer services to the public. The agency also mandates that blockchain startups must register their names, service types, industry fields and server addresses. Further, it bans startups from using blockchain technology to “produce, duplicate, publish, and disseminate” information or content that is prohibited by Chinese laws. If blockchain startups fail to comply with the rules, the CAC said it would first issue a warning, while failure to act within the specified timeline would bring a fine ranging from 5,000 yuan ($737) to 30,000 yuan ($4,422), depending upon the offense. The CAC first published draft rules in October of last year. At that time, one of the articles also recommended that blockchain startups operating in fields such as news reporting, publishing, education and the pharmaceutical industry must also obtain licenses from relevant authorities prior to registration with the CAC. The final rules have dropped this article altogether. Previously, blockchain technology has been utilized to bypass China’s strict internet censorship – often dubbed “The Great Firewall.” For example, as part of the #Metoo movement and a recent pharmaceutical scandal in the country, individuals posted information on the ethereum blockchain to avoid censorship. Source
  5. ICON Becomes Latest Blockchain to Support Security Tokens ICON, a platform that is aimed at providing blockchain interoperability, has announced that it is introducing a new security token standard. The new IRC16 specification will allow token creators to issue security tokens—a special type of blockchain token that represents certain assets and investments. Unlike Bitcoin, security tokens don’t derive their value from blockchain activity. Instead, security tokens represent ownership of assets like real estate, precious metals, or corporate equity. And whereas ICO tokens have faced regulatory issues over the past year, security tokens are seen as very promising due to their capacity to work within regulations. The IRC16 Standard Like other initiatives of its type, ICON’s new standard is meant to facilitate regulatory compliance. IRC16 is intended to simplify security token creation, support smart contracts that manage trading, and, above all, help token issuers comply with rules and regulations. The standard has four important features: Check For Token Transfer, which can verify whether those who buy and sell tokens have passed KYC and AML checks, and can put limits on participation. Token Control By Operator, which allows tokens to be taken control of when keys are lost or fraud occurs, as demanded by some regulations. Document Management, which manages the legal documents that pertain to the rights and obligations of participants. Partition, which allows token issuers to create “partially fungible tokens” and introduce lock-up periods into those tokens. In addition to explaining the technical aspects, ICON has expressed its hope that security tokens will “increase the liquidity of high-value assets” by dividing them into easily tradeable tokens. Eventually, ICON says, this will “expand the size of existing investor pools”—turning securities into a more accessible market. Security Tokens Elsewhere ICON is just one of several platforms that have added support for security tokens. Ontology has recently added a similar standard in a major capacity. Meanwhile, on Ethereum, the ERC-1400 range has accumulated many different security token specifications. NEO has expressed interestin security tokenization as well. Additionally, there are several blockchains that are dedicated exclusively or primarily to security tokens, such as Swarm, Tokeny, and OpenFinance. Regardless of the platform, security tokens are coming out swinging in 2019, and several major salesare scheduled for the coming months or are already underway. But although security tokens are growing quickly, the model is controversial, as only accredited investors are legally allowed to own securities. The fact that blockchain technology is being used to exclude those who are not wealthy investors is often seen as a violation of cryptocurrency’s fundamental promises: financial inclusion and freedom. Source
  6. How Blockchain Can Improve Cyber Security The advent of the internet and related technologies has impacted many people’s ways of life and the way organizations are run. It has led to easy access to information, necessary for running the day to day undertakings and in diverse platforms. However, all these positive impacts of the internet have also come at a cost. It has not been easy to use and depend on the internet and related technologies. With many people and organizations relying on the internet and connected systems these days, it has not been easy to secure data and computerized devices. Cyber threats have been a major issue that has been costly to solve or eradicate for good. Access to effective database backup solutions has also not been a hassle-free journey. Cybersecurity problems have been a major issue affecting millions of people and organizations on a daily basis. Solutions for solving internet threats have been limited and this incapability has affected the lives of many internet users and daunted many organizations. Cybersecurity affects the whole world. It does not just affect governments or businesses, but you can also wake up and find it hard to even use your smartphone or laptop. Anyone using the internet and computerized systems needs to understand the role of cybersecurity and figure out what incredible ways can help improve cyber threats. Cyber threats can be in the form of malware, ransomware, phishing or social engineering. These cyber-attacks have been a major challenge because many people lack knowledge and awareness about why cybersecurity is crucial. Some don’t care or pay any attention to cybersecurity whereas others lack time and money to secure their data and systems. How to Embrace Blockchain and Improve Cyber Security If you embrace cybersecurity, you will find it easy to avert cyber-attacks, identity theft, data breaches as well as be able to handle any management risk. But, is it possible? Many organizations, governments, and individuals have relied on different strategies to improve cybersecurity. They include the use of anti-virus, firewall, anti-spyware, anti-spam, backing up data as well as Windows update. All these strategies have helped in one way or another secure data and computerized systems. But, did you know blockchain is the way to go and good news to internet users? Probably you have not. Blockchain has the potential to improve cyber-attacks in many incredible ways that you should not hesitate to know. If you are among many internet and computerized devices users who don’t know what blockchain is all about, don’t get demoralized at all. It is simply a system of computers whereby information is easily stored and shared between all participants of the network. This simple definition should expose you to the incredible capabilities of blockchain that can effectively aid improve cybersecurity. Have a look; Through decentralization The decentralized nature of blockchain has played great roles in helping internet users secure their information. Through a peer-to-peer network, blockchain users have been able to maintain their activities in their network. It has become easy to ensure the chain does not breakdown or fail. If an intruder is trying to certain unauthorized data, the entire system will verify every detail and locate what diverges from what in the network. It will then exclude the block and recognize it as fraudulent. This means that everyone in the blockchain network has to verify his or her data ensuring the existing data is not easily tampered with and cannot be controlled by a single source. By tracking and tracing Many companies have over the years been facing the challenge of tracking their products as well as keeping their transactions secure. Thanks to the advent of blockchain technology, every transaction an individual or an organization makes to a block is timestamped and signed up digitally. This makes it easy for users to easily track and trace the history of transactions. It is also easy to track account and use the data whenever the need arises. Those who embrace blockchain in their transaction will be able to maintain valid data without any shortcomings. Through its sustainability Thanks to the multiple copies of the blockchain ledger, in case of a DDoS attack or related threat, an individual or organization is able to overcome these challenges and secure its data. Blockchain technology does not allow any failure that can be a threat to any confidential information By ensuring the authenticity of data Through blockchain, it has become easy to authenticate computerized systems and users without the need of providing a password. Human factor or impact of the man in the middle of cyber-attacks has been reduced via blockchain technology. All you need is to publish your public key on the blockchain. The data in your system will then be distributed across millions of nodes and connected to blocks stored on the ledger. Hence, it will be hard for intruders or hackers to publish fake public keys and your data will be secure. By guaranteeing a secure network access In many institutions, employees will need to access to a blockchain from different systems and they may end up losing their passwords or private keys. Fortunately, with REMME’s blockchain, such employees will have unique Secure Socket Layer certification and they will not require any passwords to undertake their duties. Hence, it will be hard for hackers to get unauthorized access to the network. To Sum Up If you are looking for the best and most transparent means to store your vital data, blockchain is the way to go. You will not only have a data backup solution but also an opportunity to form a block of secure data. As cyber attacks surge, you need to make a bold decision and trust blockchain technology. It’s a reliable and decentralized platform you will love. Source
  7. IBM sends Blockchain World Wire for global payments into limited production Big Blue's latest blockchain play sees cross-border payments being sent via digital tokens in near real-time. How IBM Blockchain World Wire works (Image: IBM) IBM has announced that its blockchain-based global payments network has been sent into limited production, with the company touting it as the "new financial rail" that clears and settles cross-border payments in near real-time. IBM Blockchain World Wire, Big Blue claims, is the first blockchain-based network that integrates payment messaging, clearing, and settlement on a single network. "The concept of money is 2,000 years old. The world has been using the same network to process financial transactions for 50 years. And even though globalisation has changed the world, payment fees and other financial barriers remain the same. But now there's a new way to move money," the company pitches. "We've created a new type of payment network designed to accelerate remittances and transform cross-border payments to facilitate the movement of money in countries that need it most," IBM Blockchain general manager Marie Wieck added. "By creating a network where financial institutions support multiple digital assets, we expect to spur innovation and improve financial inclusion worldwide." World Wire uses the Stellar protocol -- an open-source, decentralised protocol for digital currency to fiat currency transfer -- to transmit monetary value in the form of digital currency. The blockchain-based network will support settlement using Stellar Lumens (XLM) and the US dollar stable coin through IBM's existing partnership with Stronghold. IBM said that pending regulatory approvals and other reviews, six international banks, including Banco Bradesco, Bank Busan, and Rizal Commercial Banking Corporation (RCBC), have signed letters of intent to issue their own stable coins on World Wire. If successful, this will see the addition of the euro, Korean won, Brazilian real, Indonesian rupiah, and Philippine peso stable coins to the network. According to IBM, World Wire has enabled payment locations in 72 countries, with 47 currencies and 44 banking endpoints. "Local regulations will continue to guide activation, and IBM is actively growing the network with additional financial institutions globally," the company said. Source
  8. Monash Uni claims reputation-based blockchain capable of defending itself The miner has their 'reputation' lowered to prevent malicious activity, the university says. Researchers at Monash University have claimed the development of a blockchain system that is capable of defending against malicious activity, or at least making it very expensive for the attacker to do so. According to Monash, its RepuCoin system introduces the concept of "reputation" to blockchain. The university believes that its system makes recoding blockchain information very hard. "When RepuCoin has operated for a year, attacking the system with 68 percent of its total mining power would take at least six months and would be at least 5,760 times as expensive as conducting the same attack on bitcoin," Dr Jiangshan Yu from Monash said. The university believes its RepuCoin would make recoding the blockchain's data and using it for malicious purposes, such as reversing government decisions, "thousands of times more expensive to attack than bitcoin". RepuCoin is also claimed to be capable of performing 10,000 transactions per second. The reputation is based on the miner, not the coin or token itself. "RepuCoin is different as it defines a miner's power by its 'reputation', as a function of its work integrated over the time of the entire blockchain, rather than through instantaneous computing power which can be obtained quickly," Monash wrote in a statement on Thursday. Essentially, when a miner goes outside the boundaries of system specification, RepuCoin lowers the miner's reputation to prevent any malicious activity "without significant consequences". "But make no mistake, this is not about subjective reputation in the sense of social networks; it is about physics," Professor Paulo Esteves-Verissimo from the University of Luxembourg, who was also involved in the proof of concept, said. "Voting power takes time to build, accumulating through consistent and honest mining work. It's like charging a battery before being able to use it. "RepuCoin provides an elegant solution to a problem that many thought was insoluble. Existing systems always linked computational power to voting power. We separated them and now someone could join RepuCoin with 99 percent of the total computing power and they still wouldn't be able to attack it." The announcement from the Australian university follows the federal government's Digital Transformation Agency (DTA) recently handing out advice to those getting lost in the buzz of blockchain. "It is the DTA's current position that blockchain is an emerging technology worthy of ongoing observation. However, without standardisation and additional work, for many uses of blockchain, there are currently other mature technologies that may be more suitable for immediate use," is the agency's official position. Addressing Senate Estimates in October, DTA chief digital officer Peter Alexander dunked on its use, adding to the above that "for every use of blockchain you would consider today, there is a better technology -- alternate databases, secure connections, standardised API engagement". "Blockchain: Interesting technology but early on in its development, it's kind of at the top of a hype cycle," he said. The government entity has even published a questionnaire for organisations to self-evaluate before bothering with something that can just be stored in a secure database. Source
  9. Oh, how the mighty have fallen. Well, that's not entirely fair if you are a firm believer in the future of blockchain technology and crypto currencies in the end user space. That was the spotlight feature on the original HTC Exodus 1 and the same is true for the newly announced Exodus 1s. The phone doubles as a hardware ledger and this time around has a few other crypto tricks up its sleeve. But more on that in a bit. First thins first, however, the hardware itself. There really is no way around it, the 1s has pretty terrible hardware for 2019. You are looking at a Snapdragon 435 chipset, along with 4GB of RAM, pushing pixels on a 5.7-inch, 18:9 HD+ display. You also get 64GB of storage and and SD card slot. But the latter might not be meant for your multimedia. The phone still uses a microUSB port. But at least you get a 3.5 mm audio jack. In the camera department the Exodus 1s offers a single 13MP PDAF snapper on the back and one of the same resolution of the front - no autofocus, but complete with an LED flash light. Two SIM card slots with 4G plus 3G dual standby, Wi-Fi ac, Bluetooth 4.1 and last, but not least, a 3,000 mAh battery keeping the lights on. Oh, and Android 8.1. Makes sense, we guess. HTC's product page is rather scare on details, but we think it is fairly safe to just check the HTC Desire 12s specs page for any additional info you might require. All of this can be pre-ordered today for EUR 219. Although HTC's website doesn't exactly make it clear if you can use "outdated" cash to fund that purchase, or they are still going to convert the price over to a Crypto currency during the final steps of checkout, as was initially the scheme with the original Exodus 1. Anyway, now that we're done making fun of the hardware, we should talk about the meat of HTC's product offer. The main added-value, crypto-enthusiast, added value attraction on the Exodus 1s is the ability to run a full Bitcoin node on the phone. Without going into too much detail, that means that the phone has the means of keeping the entire Bitcoin ledger in its memory. Well, on a microSD card, top be more precise with at least 400GB of storage, sold separately. That should be good for some time since the current Bitcoin ledger is about 260GB big and growing at a rate of roughly 60GB a year. The reason you would want the entire ledger in your pocket is that you can verify transactions for yourself and operate with more security, then, say, using the popular Simplified Payment Verification (SPV) wallet scheme, where a third-party website takes part in the validation process. You can also, apparently, query the ledger itself for transaction data, without sharing any info with the world. And last, but not least, you are actively contributing to the Bitcoin network, which definitely holds some allure to enthusiasts who believe in the future and viability of the network. There are some caveats, though, like the fact that currently only a Bitcoin node can run locally. No other currencies. Plus, running it apparently puts quite a strain on the three year old chipset, which is why HTC themselves only recommend running the node while connected to a wall socket or power bank. There is all the data usage involved as well, which can't help the battery situation either. Perhaps real enthusiast might have better luck with the new technology on the original and more powerful Exodus 1. It will also be getting the Bitcoin node feature as an update at some point. Other than that, just like its sibling, the Exodus 1s still has the HTC's hardware Zion crypto wallet with your keys hidden in the Snapdragon's security enclave. There is also the Trusted Execution Environment (TEE), which runs the Zion Vault software in a sandbox environment for extra security and also guards against common attack vectors, like third-party keyboards with key loggers. And if you lose the phone itself Social Key Recovery allows you to pick several trusted people in such a way that if they all come together, they can recreate your private key. This is called Shamir’s Secret Sharing or (as it’s better known in the crypto world) key sharding. No word on decentralized app or dApp support this time around. But we can only imagine that just like the Exodus 1 the 1s can run these as well. Honestly, do tell us in the comments if you think HTC is gambling a bit too fast and loose with the whole Exodus project as a last resort. Or, perhaps we are missing something and failing to see a bigger picture where the Exodus 1s is an important piece of the puzzle. Source: 1. HTC launches another blockchain phone - Exodus 1s (via GSMArena) 2. Introducing Exodus 1S (via HTC)
  10. The bitcoin blockchain is helping keep a botnet from being taken down Wallet transactions camouflage the IP address of the botnet's control server. Enlarge Aurich Lawson / Ars Technica When hackers corral infected computers into a botnet, they take special care to ensure they don’t lose control of the server that sends commands and updates to the compromised devices. The precautions are designed to thwart security defenders who routinely dismantle botnets by taking over the command-and-control server that administers them in a process known as sinkholing. Recently, a botnet that researchers have been following for about two years began using a new way to prevent command-and-control server takedowns: by camouflaging one of its IP addresses in the bitcoin blockchain. Impossible to block, censor, or take down When things are working normally, infected machines will report to the hardwired control server to receive instructions and malware updates. In the event that server gets sinkholed, however, the botnet will find the IP address for the backup server encoded in the bitcoin blockchain, a decentralized ledger that tracks all transactions made using the digital currency. By having a server the botnet can fall back on, the operators prevent the infected systems from being orphaned. Storing the address in the blockchain ensures it can never be changed, deleted, or blocked, as is sometimes the case when hackers use more traditional backup methods. “What’s different here is that typically in those cases there’s some centralized authority that’s sitting on the top,” said Chad Seaman, a researcher at Akamai, the content delivery network that made the discovery. “In this case, they’re utilizing a decentralized system. You can’t take it down. You can’t censor it. It’s there.” Converting Satoshi values An Internet protocol address is a numerical label that maps the network location of devices connected to the Internet. An IP version 4 address is a 32-bit number that’s stored in four octets. The current IP address for arstechnica.com, for instance, is 18.190.81.75, with each octet separated by a dot. (IPv6 addresses are out of the scope of this post.) The botnet observed by Akamai stored the backup server IP address in the two most recent transactions posted to 1Hf2CKoVDyPj7dNn3vgTeFMgDqVvbVNZQq, a bitcoin wallet address selected by the operators. The most recent transaction provided the third and fourth octets, while the second most recent transaction provided the first and second octets. The octets are encoded in the transaction as a “Satoshi value,” which is one hundred millionth of a bitcoin (0.00000001 BTC) and currently the smallest unit of the bitcoin currency that can be recorded on the blockchain. To decode the IP address, the botnet malware converts each Satoshi value into a hexadecimal representation. The representation is then broken up into two bytes, with each one being converted to its corresponding integer. The image below depicts a portion of a bash script that the malware uses in the conversion process. aa shows the bitcoin wallet address chosen by the operators, bb contains the endpoint that looks up the two most recent transactions, and cc shows the commands that convert the Satoshi values to the IP address of the backup server. Enlarge Akamai If the script was converted into Python code, it would look like this: Enlarge Akamai The Satoshi values in the two most recent wallet transactions are 6957 and 36305. When converted, the IP address is: 209.141.45.27 In a blog post being published on Tuesday, Akamai researchers explain it this way: Knowing this, let’s look at the values of these transactions and convert them into IP address octets. The most recent transaction has a value of 6,957 Satoshis, converting this integer value into its hexadecimal representation results in the value 0x1b2d. Taking the first byte (0x1b) and converting it into an integer results in the number 45—this will be the 3rd octet of our final IP address. Taking the second byte (0x2d) and converting it into an integer results in the number 27, which will become the 4th octet in our final IP address. The same process is done with the second transaction to obtain the first and second octets of the C2 IP address. In this case, the value of the second transaction is 36,305 Satoshis. This value converted to its hexadecimal representation results in the hex value of 0x8dd1. The first byte (0x8d), and the second byte (0xd1), are then converted into integers. This results in the decimal numbers 141 and 209 which are the second and first octets of the C2 IP address respectively. Putting the four generated octets together in their respective order results in the final C2 IP address of 209.141.45.27. Here’s a representation of the conversion process: Akamai Not entirely new While Akamai researchers say they have never before seen a botnet in the wild using a decentralized blockchain to store server addresses, they were able to find this research that demonstrates a fully functional command server built on top of the blockchain for the Ethereum cryptocurrency. “By leveraging the blockchain as intermediate, the infrastructure is virtually unstoppable, dealing with most of the shortcoming of regular malicious infrastructures,” wrote Omer Zoha, the researcher who devised the proof-of-concept control server lookup. Criminals already had other covert means for infected bots to locate command servers. For example, VPNFilter, the malware that Russian government-backed hackers used to infect 500,000 home and small office routers in 2018, relied on GPS values stored in images stored on Photobucket.com to locate servers where later-stage payloads were available. In the event the images were removed, VPNFilter used a backup method that was embedded in a server at ToKnowAll.com. Malware from Turla, another hacking group backed by the Russian government, located its control server using comments posted in Britney Spears’ official Instagram account. The botnet Akamai analyzed uses the computing resources and electricity supply of infected machines to mine the Monero cryptocurrency. In 2019, researchers from Trend Micro published this detailed writeup on its capabilities. Akamai estimates that, at current Monero prices, the botnet has mined about $43,000 worth of the digital coin. Cheap to disrupt, costly to restore In theory, blockchain-based obfuscation of control server addresses can make takedowns much harder. In the case here, disruptions are simple, since sending a single Satoshi to the attacker’s wallet will change the IP address that the botnet malware calculates. With a Satoshi valued at .0004 cent (at the time of research, anyway), $1 would allow 2,500 disruption transactions to be placed in the wallet. The attackers, meanwhile, would have to deposit 43,262 Satoshis, or about $16.50, to recover control of their botnet. There’s yet another way to defeat the blockchain-based resilience measure. The fallback measure activates only when the primary control server fails to establish a connection or it returns an HTTP status code other than 200 or 405. “If sinkhole operators successfully sinkhole the primary infrastructure for these infections, they only need to respond with a 200 status code for all incoming requests to prevent the existing infection from failing over to using the BTC backup IP address,” Akamai researcher Evyatar Saias explained in Tuesday’s post. “There are improvements that can be made, which we’ve excluded from this write-up to avoid providing pointers and feedback to the botnet developers,” Saias added. “Adoption of this technique could be very problematic, and it will likely gain popularity in the near future.” Post updated to correct amount of Monero mined and to correct spelling of Saias. The bitcoin blockchain is helping keep a botnet from being taken down
×
×
  • Create New...