Connect with us

Technology

Meltdown and Spectre Gave Us Another Reminder of Crypto Vulnerabilities

Published

on

Meltdown and spectre

The Meltdown and Spectre news in the beginning of 2018 looms over the cryptocurrency world like a big dark cloud. It has been reported that there is a flaw in the design of Intel’s processor chips that makes the system susceptible to hackers. In an article about the bug, The Register reports that this vulnerability lets the unauthorized programs distinguish the “layout or contents of protected kernel memory areas.” This has busied the programmers of companies like Microsoft and Google to create patches for the two exploits – Meltdown and Spectre.

// -- Discuss and ask questions in our community on Workplace.

Breaking down “Meltdown” and “Spectre”

Often computer bugs and viruses make the headlines but this time the flaw is in the design of the Intel processor. Immediate steps were taken to correct the flaws such that the users’ data remain protected within the system (Windows, Linux). The exploits Meltdown and Spectre can be used to access the area where the device stores and protects the passwords. The exploits were brought to light by Google.

The revelation of the bug shook the world as any device that has an Intel chip and connects to the internet can be the target of the hackers.

According to Google, the hackers can “read sensitive information in [a] system’s memory, such as passwords, encryption keys, or sensitive information open in applications”.

Meltdown breaks the isolation between a user application and the operating system while Spectre breaks the isolation between two user applications. The Meltdown attack enables a program to access the device memory (secrets of other programs and the operating system). The Spectre attack, on the other hand, tricks an error-free program to leak its secrets.

// -- Become a yearly Platinum Member and save 69 USD. Click here to change your current membership -- //

The Impact of Meltdown and Spectre on Security                

Devices that were manufactured and have Intel chips from 1995 (except Intel Itanium and Intel Atom before 2013) to approximately 2011 have high chances of being affected by the two exploits. Whenever a running program works (open a network connection or write to a file), the program hands over the control of the processor temporarily to the kernel. In order to fasten the transition of control from user to kernel and back to the user, the kernel is present in all the virtual memory address spaces of the processor. The kernel’s memory space is not visible to the user processes and programs. The kernel memory houses all the login keys, passwords, files cached and so on. If the system is hacked into due to this flaw, the hacker at the worst scenario will be able to read all the passwords and login keys. This means that they will be able to access all the accounts of the user and collect critical data and account details. The hacker will thus be able to transact money from a person’s bank account by simply giving the login details. Several businesses and institutions using devices manufactured within this period (stated previously) are at risk. Vital project details and company secrets may be leaked out.

The Cure of Meltdown and Spectre

One of the solutions is to randomize the position of the kernel’s code in the memory of the device such that the exploits cannot find the internal gadgets. The hackers would then need to fully compromise the system. The security programmers have already released the first wave of patches to Windows 10, MacOS, Android and Linux. These fixes were speculated to slow down the system. As near about 90% of the devices have Intel chips, one can understand that it will be a large scale backlog. Intel, however, has released a statement the solution will not slow down the computers as much as speculated.

“Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.”

Intel recommends the users to regularly check for device updates and immediately install and execute them such that the hackers do not find any opportunity to breach the security.

How Meltdown and Spectre Affect the Cryptocurrency Market

The Meltdown and Spectre news came forward on 3rd January 2018 and on the next day itself the cryptocurrency exchange had to take numerous wallets offline. It is a reminder and warning that how much the cries are that cryptocurrency and blockchain technology is safe; the safety may be simply superficial. The cryptocurrency account holders, therefore, are right to fear the consequences of such an attack. Most of the cryptocurrency exchanges completely rely on the cloud storage system. The cloud computing providers usually save data from different clients on the same server. Theoretically speaking, the attacker can access all the accounts if the server is hacked. After the news, many exchanges like CEX.io, Kucoin and Einstein Exchange had to take the wallets offline. While some of the crypto exchanges are on the way to implement the patch others simply refer to maintenance. The plus side is that the cryptocurrency miners are most likely to remain unaffected.

“An attacker who has knowledge of a sufficiently powerful vulnerability can theoretically force your CPU to reveal secret data such as private keys used to control your Bitcoin.” said Bryan Bishop, Bitcoin Core developer.

The cryptocurrencies and blockchain technology are always portrayed as secure protocols. But they need to save the private keys properly, preferably in a device that does not have access to the internet. Bryan Bishop further says that to become a victim of this attack, all the user has to do is to click on a link by mistake. The link opens up to a website that displays bad ads with a malware code that is more likely going to steal your data.

Other than a miner or a cryptocurrency trader, the threat is also serious for the cryptocurrency exchanges. If a hacker targets a crypto-based business or exchange then, they will get access to millions of account holders at one go. The exchanges are dependent on cloud hosting services and these, in turn, are susceptible to these attacks. Hopefully, the solution of patches will tide over until a better solution is reached that will completely eliminate the risk.

Featured image courtesy of Shutterstock. 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
5 votes, average: 5.00 out of 55 votes, average: 5.00 out of 55 votes, average: 5.00 out of 55 votes, average: 5.00 out of 55 votes, average: 5.00 out of 5 (5 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 9 rated postsHira Saeed is a tech geek girl with a passion to write on latest technology trends. She is the Founder of Tech Geeks community in Pakistan and also runs her copywriting and social media agency, Digital Doers. Follow her on @heerasaeed.




Feedback or Requests?

Click to comment

You must be logged in to post a comment Login

Leave a Reply

Analysis

Crypto: The Best Reason To Buy Now

Published

on

If you have been looking for a reason to buy a cryptocurrency, look around at what is happening with the threat of trade wars and the inflated price of stocks and bonds.  The investment world hasn’t been this nervous in years.

// -- Discuss and ask questions in our community on Workplace.

I can make this statement after checking in on the VIX. Without going into the mathematical gobbledegook, the VIX index is considered as good a gage of investor anxiety as any. You can get a chart of the VIX from any source that offers stock prices.

When you look over the index, you will see that for most of last year when stocks were soaring ever higher, the VIX was slumbering around the 10-12 level.  For point of reference, the VIX hit around 60 during the 2008 financial crisis.

Since the beginning of 2018, the VIX has spiked as high as 38 in early February and is currently hovering around the 23 level.  In simple terms, traditional stock investors are twice as edgy. There is good reason for this.

// -- Become a yearly Platinum Member and save 69 USD. Click here to change your current membership -- //

The spontaneous eruptions from the White House and a bubbling economy are behind this. In the past few sessions, stock prices have become as volatile as bitcoin. The President’s bellicose over steel and aluminum tariffs is now expanding to other tariffs on Chinese robotics, IT, communication technology and aerospace.

To this the Chinese responded with a list of their own tariffs. The result is a stock market pullback of over 600 Dow points.  By comparison, the crypto markets lately have been placid.

A full blown trade war may never develop.  In these situations lots of sword rattling is common and with the present administration, it is practically guaranteed.  But when the threats extend to the possibilities of China suspending purchase of U.S. debt, things could get serious. Currency markets will feel the force of these fears.

All Good Things Come To An End At Sometime

U.S. stock prices last year rose 27.4% based on the Nasdaq.  By the end of the year GDP was moving up 2.9%, almost double 2016.  Projections for 3% growth this year are common. Good economic news is coming out daily.

The point is we have just had the best year in stocks and the economy is running at full steam. All this good news is not a secret, we all see it everyday. After almost a decade since the financial crisis, things have steadly improved.  This leads to complacency – even the feeling of economic entitlement. Almost universally, this is a danger signal.

Inflation is not a big issue at this moment but pressures are raising.  The Fed is likely to face greater urgency to raise rates as this year progresses.  That would put the kibosh on stock prices.

Crypto: Saving The Best For Last

I received a comment the other day that was very interesting.  The reader believed that people were interested in finding reasons to buy cryptocurrencies.  As easy as it is to understand this logic, given the collapse of prices, recent crypto news hasn’t provided much help. Yes, the general tone has gone from poor to mixed, but there hasn’t been much that is compelling.  As the keynote speaker at last weeks Ethereum conference stated it, “we are in a war”. That is hardly inspirational.

There is no way of sugar coating some of the battles in the war.  Nevertheless, it would not surprise me in the least if suddenly cryptocurrency prices began to perform better.  We start to receive technical analysis about certain coins breaking through resistance. News stories start to find something new and exciting about cryptocurrencies and predictions start coming out of the woodwork once again about lofty prices.

The root cause of this is nothing more than relative value.  In times of uncertainty and fear, investors seek a safe place to store assets.  If stock and bond investors are nervous (remember the VIX) that sets the stage. If the price of these assets are suddenly tumbling, investors look for a hiding place.  It could be gold or something less conventional like bitcoin, Ethereum, Ripple or a thousand plus other names.

There is a deeply held belief among institutional investors. It goes something like this: asset prices reverse direction for no apparent reason whatsoever.  After this happens, we all scramble around looking for reasons. That is often how relative value operates.

As more institutional capital makes its way into the crypto market, as it will this year, relative value will become an important consideration.  That day is coming.

Featured image courtesy of Shutterstock. 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
16 votes, average: 4.75 out of 516 votes, average: 4.75 out of 516 votes, average: 4.75 out of 516 votes, average: 4.75 out of 516 votes, average: 4.75 out of 5 (16 votes, average: 4.75 out of 5)
You need to be a registered member to rate this.
Loading...

4.4 stars on average, based on 76 rated postsJames Waggoner is a veteran Wall Street analyst and hedge fund manager who has spent the past few years researching the fintech possibilities of cryptocurrencies. He has a special passion for writing about the future of crypto.




Feedback or Requests?

Continue Reading

Artificial Intelligence

YEXT: An Invisible Force In Artificial Intelligence

Published

on

YEXT, Inc. (NYSE: YEXT) is one of those behind the scenes companies involved in Intelligence Search that plays an important role in Artificial Intelligence. What does that mean? Remember the Amazon commercial? “Eco, order a 12” Pizza with pepperoni from Stromboli’s and have it delivered”.

// -- Discuss and ask questions in our community on Workplace.

Today the vast majority of online searches go through third-party sources such as data aggregators, governmental agencies and consumers. The net result of this third party sourcing has been to produce “best guess” data that can often miss or misstate the target data field.

YEXT developed a better way to source critical digital knowledge.  For example business clients use YEXT to update public facts about their brands. They are building their based on the rapid and ever changing nature of data.  So far the YEXT Knowledge Network offers over 100 services to more than 110 corporate clients and has over $150 million in annual revenue.  So could YEXT play a key role in AI,  the next big thing?

How YEXT Works

Most of us are familiar with big time search engines like Google, Google Maps, Facebook, Instagram, Bing, Cortana, Apple Maps, Siri and Yelp.  These pioneering companies are the major drivers in information search today.  However, we also know, their accuracy is not exactly ideal.  

// -- Become a yearly Platinum Member and save 69 USD. Click here to change your current membership -- //

This is where YEXT steps in.  Their knowledge engine platform lets business manage their digital knowledge in the cloud and sync it to over 100 services including the kingpins of search noted above.

Intelligent Search is the structured information that a business wants to make publicly accessible. In food service it could be the address, phone number or menu details of a restaurant; in healthcare, the health insurances accepted by a physician or the precise drop-off point of the emergency room at a hospital campus; or in finance, the ATM locations, retail bank holiday hours or insurance agent biographies.

Artificial Intelligence Offers a Potential $10 Billion Market

Improving search results in general is nice but not very sexy.  It doesn’t make you want to beg for more information.  However, when you consider the role of Artificial Intelligence (AI) in our evermore data intense world, the importance of Intelligent Search and the opportunities for YEXT becomes a compelling story.  

The AI trend is already underway as YEXT is increasingly using the structured data on their platform to expand or add new integrations with vertically specialized applications, voice-based search and AI engines.

Just Right For Big Data Applications

YEXT customers use their platform to manage their digital knowledge covering over 17 million attributes and nearly one million locations. These customers include leading businesses in a diverse set of industries, such as healthcare and pharmaceuticals, retail, financial services, manufacturing and technology.

Major customers include: AutoZone, Ben & Jerry’s, Best Buy, Citibank, Denny’s, Farmers Insurance Group, H&R Block, HCA, Infiniti, Marriott, Michael’s, McDonald’s, Rite Aid, Steward Health Care and others. The list is growing.

Management believes the market for digital knowledge management is large and mostly untapped with over 100 million potential business locations and points of interest in the world equaling over $10 billion.  

Shooting For Acquisitions and Broad AI Penetration

Founded in 2006 by serial entrepreneurs Howard Lerman (CEO) and Brian Distelburger, President these two are typical software guys whose vision appears much more broad based the their current focus with YEXT.  Here is where the prospectus from their April 2017 IPO offers some mystery and excitement to the story.

Unlike most rapid growth tech companies YEXT had no urgent need to go public.  They generated almost $60 million in gross profit in 2016 before heavy marketing costs resulted in a loss of $26.5 million.  Even so, they still ended the year with $20 million in cash. That’s a fair distance from being destitute.

The company’s real need for the IPO was to establish a liquid public market for the stock. They raised about $123.5 million, all of which will go into the bank.  The company is debt free and there are no insiders selling stock.  Very interesting.

Strong  Financial Results

For the latest reported nine months ended October 31, 2017 revenues grew 38% reaching $122 million.  The good news is the gross profits reached a record 75% or $90 million.  All of this was spent on sales and marketing to expand the business.  When all the beans were counted, YEXT lost $50 million producing a $30 million negative cash flow.  The balance sheet remains liquid with $120+ million in cash and securities.

FYI: In spite of some top notch bankers underwriting its IPO and analysts from those same five firms covering the company, the stock has done almost nothing for investors.  This $1.1 billion market cap was recently hanging out around $12 about the same as the IPO price.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 4.50 out of 52 votes, average: 4.50 out of 52 votes, average: 4.50 out of 52 votes, average: 4.50 out of 52 votes, average: 4.50 out of 5 (2 votes, average: 4.50 out of 5)
You need to be a registered member to rate this.
Loading...

4.4 stars on average, based on 76 rated postsJames Waggoner is a veteran Wall Street analyst and hedge fund manager who has spent the past few years researching the fintech possibilities of cryptocurrencies. He has a special passion for writing about the future of crypto.




Feedback or Requests?

Continue Reading

ETFs

Should You Use A Robo-Advisor? If So, How Do You Choose?

Published

on

Online financial advice is more available than ever, and more investors are taking advantage of these services. Whether or not a robo-advisor is the right choice depends on the complexity of one’s situation and their comfort level in working with advice that is mainly dispensed online, according to Investopedia.

// -- Discuss and ask questions in our community on Workplace.

If an investor’s situation involves complex financial planning issues that extend beyond allocating investments and related services, they might be better served with a more traditional advisor who provides advice in areas such as estate planning.

For millennials and those with more modest portfolios who only require asset allocation advice and basic financial planning help, online advisers could well meet their needs.

// -- Become a yearly Platinum Member and save 69 USD. Click here to change your current membership -- //

One of the major benefits of online advisors is the convenience and ease of accessing their services. Online advisers are accessible 24/7. With today’s busy schedules, this level of accessibility appeals to many investors.

How To Choose

If an online advisor is the right choice, the next question is how to evaluate and decide which robo-adviser to use.

Just as traditional financial advisers vary in their areas of expertise, how they are compensated and the types of clients they work with, the same differences exist among robo-advisors.

Most robo-advisors offer investment advice and portfolio management, Investopedia noted.

One exception among the major robo-advisors is LearnVest, which gives investment recommendations but not ongoing investment advice. LearnVest’s focus is financial planning and budgeting. The company also offers live help via the telephone.

Asset allocation and portfolio management are most robo-advisors’ dual focuses. They usually provide the service via EFTs and algorithms.

Beyond this basic service, robo-advisors provide tax-loss harvesting services which allow investors to take advantage of any losses in their taxable portfolio.

Robo-Advisors Have Different Strengths

Some robo-advisors focus on specialized areas. Rebalance IRA, for example, focuses on managing retirement accounts. The company also provides human interaction.

Folio Investing provides EFTs or stock portfolios. Motif Investing provides portfolios consisting of 30 stocks for a single price. Personal Capital gives clients the ability to manage their investments on a consolidated basis, focusing on customers with higher net worth.

Fees To Consider

Fees differ among robo-advisors. The fees usually run between 0.15% to 0.5% of the managed assets. Some also charge a one-time set-up fee.

LearnVest charges from $89 to $399 for an initial review and $19 per month thereafter.

Personal Capital charges 0.49% to 0.89% of the invested amount.

In addition to fees, there are also expense ratios of exchange traded funds and mutual funds. There can also be transaction costs for trading investments.

The option of interacting with a human about investments also varies among robo-advisors.

Because robo-advisors are fairly new, they do not have a lot of investment history pre-dating the current stock market rally. It is not known at the present time how well most robo-advisors will perform during the next major stock market downturn.

Established Players Enter The Space

Some traditional financial service players have embraced robo-advisors, which can be a consideration in choosing a robo-advisor. Traditional financial services firms have the funds to invest and the time needed to enable the services to grow. In addition, as a client’s need changes, they will be positioned to transition to the more traditional services these firms offer. Financial advisors working with these platforms could be a way to connect with younger clients and cultivate them as future clients.

Betterment, for instance, has partnered with Fidelity Investments. Fidelity’s institutional platform can provide a version of Betterment’s RIA version to its clients. Fidelity has also signed an agreement with LearnVest.

Vanguard has announced its own robo-advisor and is considering introducing the service to more customers in the near future.

Charles Schwab will introduce a financial advisor version of a robo-advisor that will allow advisors using its platform to white label the service to their clients for free. Charles Schwab will profit on the underlying assets.

Investors need to decide which robo-advisor best meets their needs. They need to consider the specific services the robo-advisors offer, the level of human interaction offered, the minimum investment required and any fees and expenses charged.

The growing interest of major financial service firms in this area is clearly a consideration for both prospective investors and financial advisors.

Featured image courtesy of Shutterstock. 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

3.9 stars on average, based on 8 rated postsLester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.




Feedback or Requests?

Continue Reading

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending