Connect with us

Technology

Meltdown and Spectre Gave Us Another Reminder of Crypto Vulnerabilities

Published

on

Meltdown and spectre

The Meltdown and Spectre news in the beginning of 2018 looms over the cryptocurrency world like a big dark cloud. It has been reported that there is a flaw in the design of Intel’s processor chips that makes the system susceptible to hackers. In an article about the bug, The Register reports that this vulnerability lets the unauthorized programs distinguish the “layout or contents of protected kernel memory areas.” This has busied the programmers of companies like Microsoft and Google to create patches for the two exploits – Meltdown and Spectre.

Breaking down “Meltdown” and “Spectre”

Often computer bugs and viruses make the headlines but this time the flaw is in the design of the Intel processor. Immediate steps were taken to correct the flaws such that the users’ data remain protected within the system (Windows, Linux). The exploits Meltdown and Spectre can be used to access the area where the device stores and protects the passwords. The exploits were brought to light by Google.

The revelation of the bug shook the world as any device that has an Intel chip and connects to the internet can be the target of the hackers.

According to Google, the hackers can “read sensitive information in [a] system’s memory, such as passwords, encryption keys, or sensitive information open in applications”.

Meltdown breaks the isolation between a user application and the operating system while Spectre breaks the isolation between two user applications. The Meltdown attack enables a program to access the device memory (secrets of other programs and the operating system). The Spectre attack, on the other hand, tricks an error-free program to leak its secrets.

The Impact of Meltdown and Spectre on Security                

Devices that were manufactured and have Intel chips from 1995 (except Intel Itanium and Intel Atom before 2013) to approximately 2011 have high chances of being affected by the two exploits. Whenever a running program works (open a network connection or write to a file), the program hands over the control of the processor temporarily to the kernel. In order to fasten the transition of control from user to kernel and back to the user, the kernel is present in all the virtual memory address spaces of the processor. The kernel’s memory space is not visible to the user processes and programs. The kernel memory houses all the login keys, passwords, files cached and so on. If the system is hacked into due to this flaw, the hacker at the worst scenario will be able to read all the passwords and login keys. This means that they will be able to access all the accounts of the user and collect critical data and account details. The hacker will thus be able to transact money from a person’s bank account by simply giving the login details. Several businesses and institutions using devices manufactured within this period (stated previously) are at risk. Vital project details and company secrets may be leaked out.

The Cure of Meltdown and Spectre

One of the solutions is to randomize the position of the kernel’s code in the memory of the device such that the exploits cannot find the internal gadgets. The hackers would then need to fully compromise the system. The security programmers have already released the first wave of patches to Windows 10, MacOS, Android and Linux. These fixes were speculated to slow down the system. As near about 90% of the devices have Intel chips, one can understand that it will be a large scale backlog. Intel, however, has released a statement the solution will not slow down the computers as much as speculated.

“Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.”

Intel recommends the users to regularly check for device updates and immediately install and execute them such that the hackers do not find any opportunity to breach the security.

How Meltdown and Spectre Affect the Cryptocurrency Market

The Meltdown and Spectre news came forward on 3rd January 2018 and on the next day itself the cryptocurrency exchange had to take numerous wallets offline. It is a reminder and warning that how much the cries are that cryptocurrency and blockchain technology is safe; the safety may be simply superficial. The cryptocurrency account holders, therefore, are right to fear the consequences of such an attack. Most of the cryptocurrency exchanges completely rely on the cloud storage system. The cloud computing providers usually save data from different clients on the same server. Theoretically speaking, the attacker can access all the accounts if the server is hacked. After the news, many exchanges like CEX.io, Kucoin and Einstein Exchange had to take the wallets offline. While some of the crypto exchanges are on the way to implement the patch others simply refer to maintenance. The plus side is that the cryptocurrency miners are most likely to remain unaffected.

“An attacker who has knowledge of a sufficiently powerful vulnerability can theoretically force your CPU to reveal secret data such as private keys used to control your Bitcoin.” said Bryan Bishop, Bitcoin Core developer.

The cryptocurrencies and blockchain technology are always portrayed as secure protocols. But they need to save the private keys properly, preferably in a device that does not have access to the internet. Bryan Bishop further says that to become a victim of this attack, all the user has to do is to click on a link by mistake. The link opens up to a website that displays bad ads with a malware code that is more likely going to steal your data.

Other than a miner or a cryptocurrency trader, the threat is also serious for the cryptocurrency exchanges. If a hacker targets a crypto-based business or exchange then, they will get access to millions of account holders at one go. The exchanges are dependent on cloud hosting services and these, in turn, are susceptible to these attacks. Hopefully, the solution of patches will tide over until a better solution is reached that will completely eliminate the risk.

Featured image courtesy of Shutterstock. 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
5 votes, average: 5.00 out of 55 votes, average: 5.00 out of 55 votes, average: 5.00 out of 55 votes, average: 5.00 out of 55 votes, average: 5.00 out of 5 (5 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 9 rated postsHira Saeed is a tech geek girl with a passion to write on latest technology trends. She is the Founder of Tech Geeks community in Pakistan and also runs her copywriting and social media agency, Digital Doers. Follow her on @heerasaeed.




Feedback or Requests?

Click to comment

You must be logged in to post a comment Login

Leave a Reply

Altcoins

Monero Price Analysis: XMR/USD is Stable and Gunning for Potential Gains on “Bulletproofs” Technology Update Day

Published

on

  • Monero developers have released an updated version to their protocol, implementing “Bulletproofs”.
  • XRM/USD is within a range block, with price behavior suggesting of a potential imminent breakout higher.

Monero Becoming First Crypto Over Billion-Dollar Market Cap Implementing “Bulletproofs”

Developers at the Monero foundation, have released an updated version to the protocol. This will be live from 18th and 19th October. They are becoming the first network to try out “bulletproofs”. The goal of this technology is to significantly decrease the weight of confidential transactions. From today, 18th October, the privacy-focused cryptocurrency will be testing this.

The move from Monero will make them the first crypto with over a billion-dollar market cap, to try out the “bulletproofs” technology. Over the past year, the foundation has been working on cutting the size of its confidential transactions, by at least 80 percent.  A full overview of the upgrade was posted in a blog post by Monero.

The purpose of bulletproofs are to facilitate confidential transactions. Senders and recipients addresses will remain visible, but the amounts being sent is concealed. The technology also aims to reduce transaction times and fees.

Sarang Noether, a spokesperson for Monero and a key part of the bulletproof integration, was recently speaking on the upgrade. He noted that “Bulletproofs will be replacing the “zero-knowledge range proofs”, of which their confidential transactions are reliant on. The cryptocurrency will activate the technology during its next system-wide upgrade, or hard fork. An upgrade that will require nodes to adopt a new software. Furthermore, Sarang added, “hard forks are sometimes colored as a risky process. However, this upgrade is part of Monero’s bi-annual cycle to introduce new features.”

Technical Review – 4-hour Chart

XMR/USD 4-hour chart

XRM/USD for the past going on three sessions now has been trading within a tight range-block. This trading behavior coming after the aggressive movements seen just some days before. On 11th October the price had spiked over 10% lower. To then enter a tight range, which saw a huge breakout, jumping around 20% high. Over half of this spike to the upside was reversed, moving into the three-session range as mentioned above.

Looking to the upside, eyes will be on another range-breakout. Bulls will be wanting to retest the breached supporting trend line. An attempt was made during the rally seen on 15th October, however strong resistance was observed. In terms of support, this can be eyed at the lower part of the current range, around $107.50. If the bears pile enough pressure, it vcould see a fast move back to $100, then further south below demand area from $86-76.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
1 vote, average: 4.00 out of 51 vote, average: 4.00 out of 51 vote, average: 4.00 out of 51 vote, average: 4.00 out of 51 vote, average: 4.00 out of 5 (1 votes, average: 4.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 33 rated postsKen has over 8 years exposure to the financial markets. During a large part of his career, he worked as an analyst, covering a variety of asset classes; forex, fixed income, commodities, equities and cryptocurrencies. Ken has gone on to become a regular contributor across several large news and analysis outlets.




Feedback or Requests?

Continue Reading

Altcoins

IOTA Price Analysis: Current Behavior Raises Concerns of Another Drop in the Price

Published

on

  • Current technical indications still point to downside risks for IOTA’s MOITA price.
  • Near-term chart view sees a rising wedge pattern. The daily chart observes a bearish pennant formation.

The IOTA price remains at risk for now of a breakout to the downside. It appears more likely that downside pressure will be seen, in comparison to any upside surprises. Despite this, IOTA’s native token has made solid recovery in just over a week of trading. Since 25th September, it has gained 8%. Trending higher has been observed from a low of around $0.5200, up to current levels around $0.5600.

IOTA Developments

Most recently, Bitpanda announced they now offer deposit and withdrawal services for IOTA. Bitpanda is fintech company based in Vienna, Austria. They specialize in selling and buying Bitcoin and other cryptocurrencies. Becoming Europe’s leading retail broker for Bitcoin, Ethereum, Litecoin and more, boasting a user base of over 900,000 users. “We are very pleased to announce not only withdrawal and deposit functionalities for IOTA on Bitpanda, but also that Bitpanda now officially supports the latest IOTA tech — IOTA Hub,” as stated in their most recent blog post.

This move goes to show the growing presence IOTA is having across the market. The market acknowledgement of the foundation’s technology. IOTA’s MOITA is currently the 11th largest cryptocurrency by market cap, which is seen at $1.5 billion.

Elsewhere, as covered previously, the foundation is very close to revolutionizing the car insurance industry. They presented a new project in which they have been working on at bIOTAsphere. This was a proof of concept technology, known as Tangle. Full details mentioned in the previous article.

Near-term Technical Review 

IOT/USD 60-minute chart

Looking via the 60-minute chart, current price action has formed a rising wedge pattern. This price behavior makes it susceptible to a breakout to the downside. Should the bears manage to breach the lower support, sellers could pile in. To the downside, support in this view can be seen tracking around $0.5650. Further to the downside, 60-minute support should come into play around $0.5420.

Daily Chart Technical Review

IOT/USD daily chart

For over a month now, price action, as clearly seen on the daily chart view, has been firmly within consolidation mode. The range is getting tighter, building up the likelihood of an imminent breakout. Resistance is sitting just ahead around $0.5850, very close to current levels. Support eyed at $0.5430, a breakout could see the price tumbling. A potential downside target would likely be around the $0.4000 territory, testing 14th August low.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
3 votes, average: 3.67 out of 53 votes, average: 3.67 out of 53 votes, average: 3.67 out of 53 votes, average: 3.67 out of 53 votes, average: 3.67 out of 5 (3 votes, average: 3.67 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 33 rated postsKen has over 8 years exposure to the financial markets. During a large part of his career, he worked as an analyst, covering a variety of asset classes; forex, fixed income, commodities, equities and cryptocurrencies. Ken has gone on to become a regular contributor across several large news and analysis outlets.




Feedback or Requests?

Continue Reading

Entertainment

From Credits to Cryptocurrency: Block-Gaming Here to Stay

Published

on

The relationship between cryptocurrency and video-games is getting stronger with reports this week detailing the launch of a self-proclaimed ‘Blockchain Game Alliance’, a collaborative initiative founded and comprised of a handful of organisations.

These range from the blockchain-focused (such as ConsenSys) to those specialising in video-games (like centralized crowdfunding platform Fig).

The Blockchain Game Alliance is one of the first of its kind to be seen, bearing a simple website which bears a subscription form and self-referential claims of being a

“coalition of gaming and Blockchain companies committed to advocate for the democratization of Blockchain within the gaming industry”.

French games publisher Ubisoft is notably the name that has featured in the greatest number of headlines around describing this event: and there are many reasons for this.

What’s So Special About Ubisoft

Ubisoft is one of the biggest names in the video-game business and is also part of a small, yet growing list of prominent video-game companies which have chosen to dip their toes in the sector (including Nvidia and AMD).

The company has enjoyed a 400% growth in stock value over the past three years, and releases a multitude of blockbuster franchise entries on an annual basis.

Additionally, this week’s news is only the latest in a series of recent stories indicating Ubisoft’s blockchain aspirations such as: a partnership with Google, and the release of a blockchain game entitled ‘HashCraft’.

From Credits to Cryptocurrency

Whilst a far cry from the integer based ‘credits’ system of arcade video-games, fiat-purchased digital currency is (and has remained) an integral part of the games industry ever since.

Original home-console implementations of digital currencies began with the distribution of points and in-game ‘money’ that can be used to buy items within that specific game they are involved in – like power ups and extra lives. This is in parallel to digital implementations of gambling games in casinos and online.

Companies like Ubisoft have implemented and helped to pioneer movements such as micro-transactions (for downloadable content and in-game items). This is alongside ‘games-as-a-service’ models, which often requires subscriptions from players to gain access to content which is creatively updated and added to on a continuous basis.

These examples are centralized, with non-fungible ‘currencies’, and would make prime candidates for ‘tokenization’.

Digital Distribution + Blockchain

Quite arguably the most ubiquitous utilisation of virtual in cryptocurrency in video-games is the digital distribution model.

This is a method of purchasing video-game titles in whole through a virtual marketplace from which they are also downloaded and have been integrated into home-consoles for the most recent two ‘generations.

Beyond Sony and Microsoft’s stores: industry leaders at present include Steam (Valve), Uplay (Ubisoft), and Good Old Games (GOG).

Big Contributions. Small Companies

As proven by the roster behind the Blockchain Gaming Alliance, there is value to be gained from all positive contributions – whether the company specialises in cryptocurrency or video-games.

There is also value to be gained from the contributions of newer organisations which have been formed specifically to catalyse the marriage of blockchain and gaming.

Equiti Games is one such company, hailing itself as a revolutionary approach which will decentralize and tokenise video-games digital distribution. By removing centralized middle-men and platforms taking up to 30% in fees, Equiti Games plans to reduce costs for gamers.

This will be accomplished, according to the company’s website and whitepaper, by using the Ethereum blockchain to connect creators to their customers directly. A maximal proportion of profits will therefore be delivered to the creator whilst a second-hand market is opened up for consumers – making digital products retain their previously transient value.

Terra Virtua is another company which I have mentioned many times due to the pedigree of the executive team as well as their innovative VR-centric approach. They seek to combine two nascent technologies along with video-games, and they have key partnerships with companies like Epic Games (Unreal, Gears of War, Fortnite).

Final Words

So the biggest question which remains to be answered is: what exactly will this ‘Blockchain Game Alliance’ do to blockchain and gaming: both collectively and as separate entities?

Such big actions (and from such large ‘movers’) signals a turning of the tide with ideas that, if implemented, would open up cryptocurrency to a large consumer market and encourage mainstream adoption within and outside of the gaming-sphere.

Other giants in the gaming industry who could benefit the crypto-video game movement significantly include: Activision Blizzard (World of Warcraft, Call of Duty, Overwatch), and console makers such as Sony, Nintendo, and Microsoft.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 12 rated posts




Feedback or Requests?

Continue Reading

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending