Connect with us

Breaches

The Lessons Of Meltdown And Spectre

Published

on

The discovery of the twin flaws Meltdown and Spectre and the events related to the information leak that followed carry a huge message: we all need to do something to regain control of our digital identity. Blockchain technology is the most compelling option.

// -- Discuss and ask questions in our community on Workplace.

A few days back we wrote about the computer chip flaws named Meltdown and Spectre found largely in Intel and AMD products. The discovery of these flaws leaked into public hands leading to a possible public relations mess if not disaster for the worlds largest chip fabricators as well as Microsoft.

The PR Template

The history of public relations has formulated a strategy that calls for the affected company CEO to issue an apology and offer the promise of a quick and reliable solution.

On Monday January 7 Intel CEO Brian Krzanich announced an update all of Intel’s products within a week covering 90% or more with the balance available by month end. This sounds reassuring until you get a closer look. After that everything quickly breaks down.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

Limited Coverage

The updates only cover products introduced in the past five years. What about the rest of the user base? There are uncountable data centers in existence with equipment dating back to 2013 and before. My still totally awesome iMac was build in 2011.Five years is not all that long.

The Meltdown and Sprectre flaws affect every computer, server and mobile devices since the dawn of the digital age. Since there is no known fix for Spectre, we must assume the update only covers Meltdown.

Opening The Door

Krzanich stuck to the company line that the updates would not drastically affect computer performance for the average user. The operative word here is “average user”. But even this claim contradicts Microsoft CEO Satya Nadella who warned their Meltdown fix would result in processing speeds 20%-30% slower than normal.

Before updates and security fixes are in place, bad actors have some valuable time to do their deeds. The Intel release insures that every hacker will have his or her very own guide to both Meltdown and Spectre.

Intel even attached the security researchers released documentation of critical vulnerabilities of Meltdown and Spectre. Only GPS could have been better.

Protecting Your Digital Identity

Just for fun, I opened the Apple Store and into the search window I typed “Passwords”. Immediately I was presented with 10 different categories so I picked “Password Manager”. There were no fewer than 75 apps to hide your passwords.

In addition there is Apples own Keychain and Google Passwords so we are getting closer to 80 in total. Conclusion: if anyone was all that good there would hardly be a need for this many.

Can All 80 Apps Be Wrong?

It didn’t take long to realize the “raison d’ etre” for so many password managers offered nothing to do with superior performance. They just created another layer of usernames and passwords. These days when we forget a password it sets in motion a whole chain reaction that includes changing and manually resetting everything in the password manager.

We have all been through this massively frustrating process that never seems to change. Is our personal data safer with almost 80 password managers to choose from? Obviously not just look at the data breech at Equifax or Target Corp.

The answer as to why nothing has basically changed since the days of the dialup Internet is that the possession and control has shifted from over 315 million Americans and billions more elsewhere to a handful of corporate controllers.

Frequent and well-publicized breeches prove that the controllers of our identity never really protected our privacy. They simply did a good job convincing us they had our backs.

Guarded By The Phantom

This phantom layer of security was breaking down long ago when data storage companies began popping up across the country. But in many cases they kept data spread over several different locations.

This is until the birth of cloud storage when two things changed. The entirety of corporate data could be centralized making it rich bounty for hackers. Then for server efficiency multiple corporate client data was loaded onto a single server. Yum, this is like a Thanksgiving feast.

Weaknesses from centralization of data go beyond cloud storage. Look no further than the security vulnerabilities in Meltdown and Spectre.

Regaining Control

If ever there was a good reason for government to protect its citizens, this is one of them. Unfortunately the problem is too big for a mere regulation or two to do the full job.

Using blockchain technology for digital identity holds the power to regain ownership of our data. It has the power to create a new model of online data management. The fact that it frees companies from the liability of data ownership should make for a receptive audience. And of course the cost savings is an added bonus.

The Benefits of Ownership

When the ownership of our digital identity returns to the hands of individuals, you will have the power to decide who has access, under what conditions and for how long. Proponents of this idea believe it creates an incorruptible digital record and can be used for virtually any peer-to-peer transfer of any asset.

Pronouncing anything incorruptible or totally secure is foolish especially given overwhelming evidence to the contrary. Security has always and will always be a comparative state. There are no absolutes. It is true however that the decentralized architecture of blockchains make for much less interesting prey for hackers compared to those big cloud storage facilities.

Featured image courtesy of Shutterstock. 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is concidered a failure either way.
6 votes, average: 4.00 out of 56 votes, average: 4.00 out of 56 votes, average: 4.00 out of 56 votes, average: 4.00 out of 56 votes, average: 4.00 out of 5 (6 votes, average: 4.00 out of 5)
You need to be a registered member to rate this.
Loading...



Feedback or Requests?

Breaches

Crypto Exchange EtherDelta Suspends Trading After Alleged DNS Attack

Published

on

Cryptocurrency exchange EtherDelta has suspended its service following an alleged denial-of-service (DNS) attack designed to empty users’ digital wallets.

// -- Discuss and ask questions in our community on Workplace.

EtherDelta Down

EtherDelta, a crypto exchange known for its large selection of altcoins, is recovering from an alleged cyber breach that occurred sometime Wednesday.

has reportedly suffered a major cyber security breach that has compromised client accounts. According to various reports, cyber criminals replaced the exchange’s website with a fake one designed to steal funds from users’ wallets.

The exchange took to Twitter on Wednesday to warn users it had “reason to believe” a malicious attack had occurred:

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

1/2 *IMPORTANT* we have reason to believe that there had been malicious attacks that temporarily gained access to @etherdelta DNS server. We are investigating this issue right now – in the meantime please *DONOT* use the current site.

2/2 *BE AWARE* The imposer’s app has no CHAT button on the navigation bar nor the offical Twitter Feed on the bottom right. It is also populated with a fake order book.”

The company has since issued a series of updates via Twitter. As of three hours ago, EtherDelta indicated it was “in the last step” to bring the service back online. At press time, the EtherDelta.com website was still down.

EtherDelta has grown in popularity in recent months, but remains one of the smaller exchanges by overall volume. The company turns over roughly $11 million per day in transactions, according to CoinMarketCap. That figure has since fallen to around $6 million following the attack. By volume alone, EtherDelta ranks among the top 90 exchanges worldwide. By comparison, popular exchanges Bitfinex, Bittrex and Bitthumb each process more than $3.5 billion in trades daily.

Cryptocurrency exchanges have been the target of several high profile breaches in recent years. Recently, South Korean exchange Youbit announced it was filing for bankruptcy following two cyber attacks in the span of a year. Meanwhile, startup company Tether said it lost $31 million to hackers last month.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock. 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is concidered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...



Feedback or Requests?

Continue Reading

Breaches

Uber Is Paying Hackers to Keep Quiet

Published

on

Uber Technologies Inc. has reportedly paid hackers to delete scores of private data stolen from the company in a security breach that was concealed for over a year. The revelation provides further confirmation that, when it comes to cyber security, crime does pay.

// -- Discuss and ask questions in our community on Workplace.

Massive Data Breach

According to Bloomberg Technology, hackers retrieved the personal data of 57 million Uber customers and drivers at some point last year. Nobody heard about it because the rideshare company paid the hackers $100,000 to keep quiet. A purge at the front office of Uber also ensured that the massive cyber breach was kept under wraps.

The compromised data was from October 2016 and included the names, phone numbers and addressed of 50 million Uber riders globally. About seven million drivers had their personal information accessed as well.

At the time of the cyber attack, Uber was inundated with a slew of legal issues stemming from alleged privacy violations. Rather than shine even more negative spotlight on the company, Uber executives decided to pay hackers to stay quiet.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

“None of this should have happened, and I will not make excuses for it,” Dara Khosrowshahi, who took over as CEO in September, said in a statement that was published by Bloomberg. “We are changing the way we do business.”

Hackers have done a masterful job infiltrating companies and governments in recent years. As a reminder, recent cyber attacks levied against Yahoo!, Target Corp and Equifax Inc. dwarf Uber’s 57 million compromised accounts.

Various reports indicate that cyber attacks are bleeding the global economy dry. One report, issued by the World Economic Forum, suggests that cyber crime cost the world economy $445 billion in 2016. If cyber crime were its own market cap, it would exceed Microsoft Inc., Facebook Inc. and ExxonMobil Corp

The Fall of Uber?

Uber revolutionized the ride-hailing business over the span of seven years by giving more power to the consumer. Several missteps later, the company finds itself in legal hot water, with its future appearing less certain than it did just one year ago.

The rideshare company faces at least five U.S. probes ranging from bribes to illicit software and right up to unethical pricing schemes. According to another Bloomberg report, Uber is under investigation for violating price transparency regulations, not to mention the alleged theft of documents for Google’s autonomous cars.

Some governments are sensing weakness in the ride-hailing service, and are moving toward banning the Uber app entirely. London is the most prominent example of a city that has taken definitive steps to outlaw the service over a “lack of corporate responsibility.”

Even with its legal troubles, Uber is a revolutionary technology that has influenced a bevy of other innovations aimed at improving the human experience.

Featured image courtesy of Shutterstock. 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is concidered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...



Feedback or Requests?

Continue Reading

Breaches

Ethereum Notches Two-Month High as Bitcoin Offspring Triggers Volatility

Published

on

Digital currency Ethereum climbed to a two-month high on Monday, taking some of the heat off Bitcoin and Bitcoin Cash, which have slumped since the weekend.

// -- Discuss and ask questions in our community on Workplace.

Ethereum Forges Higher Path

Concerns over Bitcoin created a favourable tailwind for Ethereum (ETH/USD), which is the world’s No. 2 digital currency by total assets. Ether’s price topped $340.00 on Monday and later settled at $323.54. That was the highest since June 20.

At its peak, ether was up 10% on the day and 70% for the month of August.

The ETH/USD was last down 2.2% at $315.02, according to Bitfinex. Prices are due for a brisk recovery, based on the daily momentum indicators.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

Fractured Bitcoin Community

Bitcoin and its offshoot, Bitcoin Cash, retreated on Monday following a volatile weekend. The BTC/USD slumped at the start of the week and was down more than 3% on Tuesday, with prices falling below $3,900.00. Just last week, Bitcoin was trading at new records near $4,500.00.

Bitcoin Cash, which emerged after the Aug. 1 hard fork, climbed to new records on Saturday, but has been in free-fall ever since. The BTH was down another 20% on Tuesday to $594.49, according to CoinMarketCap. Its total market value has dropped by several billion over the past two days.

Analysts say that a “fractured” Bitcoin community has made Ethereum a more attractive bet this week. The ether token has shown remarkable poise over the past seven days, despite trading well shy of a new record.

Other drivers behind Ethereum’s advance are steady demand from South Korean investors and growing confidence in a smooth upgrade for the the ETH network. The upgrade, which has been dubbed “Metropolis,” is expected in the next several weeks. Its key benefits include tighter transaction privacy and greater efficiency.

Ethereum Prices Unaffected by ICO Heist

Fin-tech developer Enigma was on the receiving end of a cyber-heist on Monday after hackers took over the company’s website, mailing list and instant messaging platforms. The hack occurred three weeks before Enigma’s planned Initial Coin Offering (ICO) for September 11.

In addition to defacing the company’s website, the hackers pushed a special “pre-sale” ahead of the ICO. While many users realized it was a scam, 1,492 ether tokens – valued at $495,000 – were directed into the hackers’ cryptocurrency wallet by unsuspecting backers.

The irony in all this is that Engima is a cryptography company that prides itself on top-notch security protocols. The company issued a statement that its servers had not been compromised.

ETH/USD (Bitfinex)

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is concidered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...



Feedback or Requests?

Continue Reading

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending