{"id":20535,"date":"2022-06-21T09:19:04","date_gmt":"2022-06-21T09:19:04","guid":{"rendered":"http:\/\/egrowonline.com\/?p=20535"},"modified":"2022-06-21T09:19:04","modified_gmt":"2022-06-21T09:19:04","slug":"cryptocurrency-techs-security-weaknesses-could-compromise-how-it-runs-darpa-npr","status":"publish","type":"post","link":"http:\/\/egrowonline.com\/?p=20535","title":{"rendered":"Cryptocurrency tech&#8217;s security weaknesses could compromise how it runs: DARPA : NPR"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div id=\"storytext\">\n<div id=\"res1106221930\" class=\"bucketwrap image large\">\n<div class=\"imagewrap has-source-dimensions\" data-crop-type=\"\">\n<p>            <img decoding=\"async\" src=\"https:\/\/media.npr.org\/assets\/img\/2022\/06\/20\/gettyimages-887657568-2ef5a2819edde09f85941e2e446a02ffa62dd79d-s1100-c50.jpg\" class=\"img\" alt=\"\" loading=\"lazy\" \/><\/p>\n<\/div>\n<div class=\"credit-caption\">\n<div class=\"caption-wrap\">\n<div class=\"caption\" aria-label=\"Image caption\">\n<p>\n                A visual representation of the digital Cryptocurrency, Bitcoin. A new report says the technology&#8217;s security is vulnerable.<\/p>\n<p>                <b class=\"credit\" aria-label=\"Image credit\"><\/p>\n<p>                    Dan Kitwood\/Getty Images<\/p>\n<p>                <\/b><br \/>\n                <b class=\"hide-caption\"><b>hide caption<\/b><\/b>\n            <\/p>\n<\/p><\/div>\n<p>            <b class=\"toggle-caption\"><b>toggle caption<\/b><\/b>\n    <\/div>\n<p>    <span class=\"credit\" aria-label=\"Image credit\"><\/p>\n<p>        Dan Kitwood\/Getty Images<\/p>\n<p>    <\/span>\n<\/div><\/div>\n<p>Whether prices are up or down, for many investors in cryptocurrency, the real appeal is that there&#8217;s nobody in charge.<\/p>\n<p>As the crowd chanted at the recent Bitcoin 2022 conference in Miami, it&#8217;s all about &#8220;<a target=\"_blank\" href=\"https:\/\/youtu.be\/fSFLGn2FWT4?t=9792\" rel=\"noopener\">Freedom!<\/a>&#8221; By design, the system is meant to be from interference by banks, companies and governments.<\/p>\n<p>But a <a target=\"_blank\" href=\"http:\/\/reports.trailofbits.com\" rel=\"noopener\">new report<\/a> finds that the decentralized system might not be working as well as many crypto enthusiasts assume.<\/p>\n<p>The report was commissioned by the Defense Advanced Research Projects Agency, or DARPA, and the work was done by the software security research company <a target=\"_blank\" href=\"https:\/\/www.trailofbits.com\/\" rel=\"noopener\">Trail of Bits<\/a>.<\/p>\n<p><!-- END ID=\"RES1106253350\" CLASS=\"BUCKETWRAP INTERNALLINK INSETTWOCOLUMN INSET2COL \" --><\/p>\n<div id=\"res1106253295\" class=\"bucketwrap internallink insettwocolumn inset2col \">\n<div class=\"bucket img\">\n                  <a target=\"_blank\" id=\"featuredStackSquareImage1105026558\" href=\"https:\/\/www.npr.org\/2022\/06\/14\/1105026558\/coinbase-cryptocurrency-layoffs\" data-metrics=\"{\" data-metrics-ga4=\"{&quot;category&quot;:&quot;recirculation&quot;,&quot;action&quot;:&quot;story_recirculation_click&quot;,&quot;clickType&quot;:&quot;inset box&quot;,&quot;clickUrl&quot;:&quot;https:\/\/www.npr.org\/2022\/06\/14\/1105026558\/coinbase-cryptocurrency-layoffs&quot;}\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/media.npr.org\/assets\/img\/2022\/06\/14\/ap22131679606313_sq-0deda16b3a26a1de03347a9c27b1a16c48484721-s100.jpg\" class=\"img lazyOnLoad\" alt=\"Coinbase lays off 18% of its workforce. The CEO cites an upcoming crypto winter\" loading=\"lazy\" \/><\/a>         <\/p>\n<p><!-- END CLASS=\"BUCKETBLOCK\" -->\n      <\/div>\n<p><!-- END CLASS=\"BUCKET IMG\" -->\n   <\/div>\n<p><!-- END ID=\"RES1106253295\" CLASS=\"BUCKETWRAP INTERNALLINK INSETTWOCOLUMN INSET2COL \" --><\/p>\n<p>Trail of Bits CEO Dan Guido says blockchain \u2014 the public ledgers that keep track of cryptocurrencies, which are replicated on computers around the world \u2014 isn&#8217;t the egalitarian tech its advocates claim.<\/p>\n<p>&#8220;It&#8217;s been taken for granted that the blockchain is immutable and decentralized, because the community says so,&#8221; says Guido.<\/p>\n<p>But in practice, he says, these networks have evolved in ways that concentrate power in the hands of certain people or companies, including the large pools of &#8220;miners&#8221; whose computers earn virtual currency by maintaining the blockchains.<\/p>\n<aside id=\"ad-backstage-wrap\" aria-label=\"advertisement\">\n<\/aside>\n<p>Guido&#8217;s team calls these potential situations &#8220;unintended centralities&#8221; \u2014 situations in which someone gains leverage over the decentralized system, creating opportunities for tampering with the record of who owns what.<\/p>\n<p>Another example in the report of this kind of concentration is the fact that 60% of Bitcoin traffic is handled by just three internet service providers.<\/p>\n<p>&#8220;Let&#8217;s say somebody with great top-down control of the internet in their country starts to interfere with that network,&#8221; Guido says. By slowing down or stopping legitimate blockchain traffic, an attacker could become the &#8220;majority&#8221; voice in the consensus of what&#8217;s written to a blockchain at that moment.<\/p>\n<p>&#8220;They can rewrite history. They can censor transactions. They can make it so that you can&#8217;t spend your Bitcoin,&#8221; says Guido. &#8220;It&#8217;s definitely something people would want to do if they want to &#8216;grief&#8217; the network.&#8221;<\/p>\n<p>The notion of this kind of attack isn&#8217;t new, but what the Trail of Bits report does is compile research into different kinds of &#8220;unintended centralities&#8221; to better understand the technology&#8217;s overall vulnerability.<\/p>\n<p>Some of the findings are &#8220;eyebrow-raising,&#8221; says Josh Baron, project manager of the unit at DARPA that commissioned the report.<\/p>\n<p>&#8220;For example, the idea that 21 percent of Bitcoin nodes are running an old version of the Bitcoin core client that&#8217;s known to be vulnerable,&#8221; Baron says, referring to the basic software running that blockchain. That means all those computer are open to the same kind of hack \u2014 a big first step for an attacker trying to dominate a blockchain network, sometimes called a &#8220;51 percent attack.&#8221;<\/p>\n<aside id=\"ad-secondary-wrap\" aria-label=\"advertisement\">\n<\/aside>\n<p>&#8220;You&#8217;re already worried about 51 percent, and now I&#8217;m telling you that 21 percent are just out there for the taking, as it were. That&#8217;s that&#8217;s not great,&#8221; Baron says.<\/p>\n<div id=\"res1106253902\" class=\"bucketwrap internallink insettwocolumn inset2col \">\n<div class=\"bucket img\">\n                  <a target=\"_blank\" id=\"featuredStackSquareImage1104303982\" href=\"https:\/\/www.npr.org\/2022\/06\/14\/1104303982\/crypto-bitcoin-stablecoin-regulation-senate\" data-metrics=\"{\" data-metrics-ga4=\"{&quot;category&quot;:&quot;recirculation&quot;,&quot;action&quot;:&quot;story_recirculation_click&quot;,&quot;clickType&quot;:&quot;inset box&quot;,&quot;clickUrl&quot;:&quot;https:\/\/www.npr.org\/2022\/06\/14\/1104303982\/crypto-bitcoin-stablecoin-regulation-senate&quot;}\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/media.npr.org\/assets\/img\/2022\/06\/10\/gettyimages-1312850126_sq-83bb5ad5fbdd2545f54125bb8478f8e1510d96ae-s100.jpg\" class=\"img lazyOnLoad\" alt=\"There's a new plan to regulate cryptocurrencies. Here's what you need to know\" loading=\"lazy\" \/><\/a>         <\/p>\n<p><!-- END CLASS=\"BUCKETBLOCK\" -->\n      <\/div>\n<p><!-- END CLASS=\"BUCKET IMG\" -->\n   <\/div>\n<p><!-- END ID=\"RES1106253902\" CLASS=\"BUCKETWRAP INTERNALLINK INSETTWOCOLUMN INSET2COL \" --><\/p>\n<div id=\"res1106253711\" class=\"bucketwrap internallink insettwocolumn inset2col \">\n<div class=\"bucket img\">\n                  <a target=\"_blank\" id=\"featuredStackSquareImage1082647751\" href=\"https:\/\/www.npr.org\/2022\/02\/23\/1082647751\/2021-was-the-year-of-the-cyber-heist\" data-metrics=\"{\" data-metrics-ga4=\"{&quot;category&quot;:&quot;recirculation&quot;,&quot;action&quot;:&quot;story_recirculation_click&quot;,&quot;clickType&quot;:&quot;inset box&quot;,&quot;clickUrl&quot;:&quot;https:\/\/www.npr.org\/2022\/02\/23\/1082647751\/2021-was-the-year-of-the-cyber-heist&quot;}\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/media.npr.org\/assets\/img\/2022\/02\/23\/gettyimages-1238324469_sq-617bee599ad6a9dc2befdef2b5c2d85aceff0fac-s100.jpg\" class=\"img lazyOnLoad\" alt=\"2021 was the year of the cyber heist\" loading=\"lazy\" \/><\/a>         <\/p>\n<p><!-- END CLASS=\"BUCKETBLOCK\" -->\n      <\/div>\n<p><!-- END CLASS=\"BUCKET IMG\" -->\n   <\/div>\n<p><!-- END ID=\"RES1106253711\" CLASS=\"BUCKETWRAP INTERNALLINK INSETTWOCOLUMN INSET2COL \" --><\/p>\n<p>So far, the risks outlined in the report don&#8217;t seem to be a major concern for the cryptocurrency business. NPR approached some of the larger companies, such as <a target=\"_blank\" href=\"https:\/\/www.coinbase.com\/\" rel=\"noopener\">Coinbase<\/a>, for a response, but they declined.<\/p>\n<p>Yan Pritzker, co-founder of a smaller Bitcoin services company called <a target=\"_blank\" href=\"https:\/\/www.swanbitcoin.com\/\" rel=\"noopener\">Swan<\/a>, told NPR he sees the risks as &#8220;theoretical.&#8221;<\/p>\n<p>&#8220;If this kind of attack is possible, why hasn&#8217;t it happened?&#8221; Pritzer asks. &#8220;I think the proof is in the pudding a little bit. In real-world conditions, these things don&#8217;t happen.&#8221;<\/p>\n<p>Pritzker agrees with the report on this point: There is more centralization in some of the newer forms of cryptocurrency, especially those that rely on a system called &#8220;proof of stake,&#8221; which uses less computing power. He&#8217;s more confident in the resilience of Bitcoin, because its energy-intensive &#8220;proof of work&#8221; blockchain would take much more computing energy to corrupt.<\/p>\n<p>Pritzker also points out that this research was commissioned by a government agency.<\/p>\n<p>&#8220;They&#8217;re basically doing endgame research,&#8221; he says of reports like this. &#8220;Their game is, &#8216;how do we get better control of the currency,&#8217; and &#8216;how do we build better systems for our control of the currency&#8217;.&#8221;<\/p>\n<p>Christian Catalini, founder of the <a target=\"_blank\" href=\"https:\/\/mitsloan.mit.edu\/cryptoeconomics-lab\/welcome-mit-cryptoeconomics-lab\" rel=\"noopener\">MIT Cryptoeconomics Lab<\/a>, sees the report as useful, but not too worrying.<\/p>\n<p>&#8220;Some of the concerns I think are valid, but maybe the danger to the broader ecosystem is a little overstated,&#8221; he says, noting that it&#8217;s important to keep in mind that cryptocurrency systems aren&#8217;t completely autonomous. Loose associations of humans \u2014 volunteers and &#8220;core developers&#8221; \u2014 are working constantly to maintain and improve them.<\/p>\n<p>&#8220;You could imagine some of the issues [in the report] being exploited, eventually \u2014 and I think it will happen potentially for some of these,&#8221; Catalini says. &#8220;[But] the community can always coordinate, respond and, I think over time, will get better at developing the right solutions.&#8221;<\/p>\n<p>Because cryptocurrencies are decentralized, with no oversight by governments or central banks, those solutions will require the attention and consensus of the participants in those networks.<\/p>\n<p>At Trail of Bits, Dan Guido says he thinks cryptocurrencies and blockchain have a promise, but anybody investing in them should consider them to be still in the &#8220;prototype&#8221; stage.<\/p>\n<p>&#8220;Everybody needs to know kind of what they&#8217;re buying, what they&#8217;re buying into \u2014 what they&#8217;re going to trust,&#8221; Guido says. &#8220;And there&#8217;s a lot here that you should not trust. At least, not today.&#8221;<\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/www.npr.org\/2022\/06\/21\/1105815143\/cryptocurrency-bitcoin-blockchain-security-tampering-darpa\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A visual representation of the digital Cryptocurrency, Bitcoin. A new report says the technology&#8217;s security is vulnerable. Dan Kitwood\/Getty Images hide caption toggle caption Dan Kitwood\/Getty Images Whether prices are up or down, for many investors in cryptocurrency, the real appeal is that there&#8217;s nobody in charge. As the crowd chanted at the recent Bitcoin [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":20536,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[36],"tags":[1555,52,9176,5047,5105,1349,1207,9175],"class_list":["post-20535","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency","tag-compromise","tag-cryptocurrency","tag-darpa","tag-npr","tag-runs","tag-security","tag-techs","tag-weaknesses"],"jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"http:\/\/egrowonline.com\/wp-content\/uploads\/2022\/06\/gettyimages-887657568_wide-74ee342207087c85d8e59d53ef21cb8543d63611.jpg","_links":{"self":[{"href":"http:\/\/egrowonline.com\/index.php?rest_route=\/wp\/v2\/posts\/20535","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/egrowonline.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/egrowonline.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/egrowonline.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/egrowonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=20535"}],"version-history":[{"count":1,"href":"http:\/\/egrowonline.com\/index.php?rest_route=\/wp\/v2\/posts\/20535\/revisions"}],"predecessor-version":[{"id":20537,"href":"http:\/\/egrowonline.com\/index.php?rest_route=\/wp\/v2\/posts\/20535\/revisions\/20537"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/egrowonline.com\/index.php?rest_route=\/wp\/v2\/media\/20536"}],"wp:attachment":[{"href":"http:\/\/egrowonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=20535"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/egrowonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=20535"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/egrowonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=20535"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}