Privacy of Cryptocurrencies – Pros and Cons

The privacy factor in case of blockchain platforms is a little tricky as most of the public blockchains have been designed to support transactions that are transparent and there is the requirement of public (user) verification. So when privacy is considered the developed mechanism has to see that both the elements are retained without any conflict. The decentralized concept of blockchain technology highlights transparency and visibility and ensures security through encryption. If privacy or anonymity is introduced, then it would contradict with the open-source nature of the blockchain.

Tumblers and CoinJoin

The developers had first tried to achieve privacy in the blockchain space through the cryptocurrency tumblers. The process involved a group of people accumulating coins by contributing the same amount and then withdrawing a particular amount that is equal for everyone. As it would be a little difficult to show who contributed which coin exactly, a sense of privacy would be created. But, the main drawback is that you cannot expect the tumbler to not steal the coins or respect anonymity. CoinJoin was used in the Dash platform and is a step ahead of the implementation of the tumblers. The Dash blockchain incorporates CoinJoin mixing, which involves only 3 participants but, here the user’s wallet can be identified if they are not careful with browser cookies when performing transactions. This is mainly because the mixing process only hides the transaction links between the addresses instead of breaking them completely.

CryptoNote and Ring Signatures

Monero and AEON are other cryptocurrencies that focus on privacy and anonymity of the users. Here, the mixing is done automatically and the process can also hide the transaction amounts. It is also said that the anonymity feature increases with time when the outputs are seen as new inputs of new mixes. Scalability issues developed as the transactions volume increased with time as well as the risk of the blockchain becoming losing anonymity feature. Moreover, you will have to run a full node or make a connection to one of them.

CryptoNote currencies like Monero also incorporate ring signatures where outputs of similar transactions are used to form a ring structure such as to hide the real transaction. In this case, you do not need to trust any mixer. Monero had also used RingCT (Ring Confidential Transactions) system that hides the transaction amounts.

Noir and Zerocoin Protocol

The Zerocoin Protocol firstly eliminates the need of a mixer and offers very high anonymity. Other than Noir, Zcoin also incorporates the Zerocoin Protocol. This mechanism is becoming popular as it completely breaks the transaction links by using the zero-knowledge proofs. The previous methodologies simply obscured the real transactions with other transactions. It is quite an ineffective way as one can break through the coverage and see the real transaction data. But, when using a zero-knowledge proof this risk decreases significantly. Implementing a zero-knowledge proof will prevent leakage of any information other than what you want to reveal.

The Zerocoin Protocol functions by allowing you to burn crypto coins that you can later redeem. You will receive brand new coins (Zerocoin spend) when you redeem. No one can access transaction history as there is no transaction history and these coins are similar to the newly mined ones.

Cryptocurrency Noir and its developers

The cryptocurrency, Noir is also focused on making your transactions secure and private without compromising on the core nature of the blockchain. Noir is also focused on the failure of Bitcoin; lack of privacy. The objective is to develop a platform that will allow transaction of cryptocurrencies for your business or to a relative or friend without letting any competitor or enemy knowing about it. The team members of the project include the original Zerocoin project members, and cryptographers at The Technion, MIT and Tel Aviv University. With such an efficient collaboration Noir aims to be the medium for daily transactions. This decentralized digital cryptocurrency is governed by the community and anyone who wants to be in a project of the future can take part.

Noir – a community project

Noir is a community-governed project as it was taken up by the community only once the original developers had left. Now, the team mostly consists of volunteers and developers with an interest in its platform. So, in one sense Noir has been able to do what Bitcoin could not– owned by the community only and privacy. There are also talks of developing a wallet that will enable people to make a purchase in a secure and untraceable way.

Privacy as fear

The issue of privacy in blockchain-based platforms is not just about the difficulty in the process of development. Several cases have been reported where the privacy and anonymity features in the cryptocurrencies have been used for unsavory works like dealing in drugs. It also creates extra work for the regulators and such issues are also not helping them. It can even be said that anonymity introduces fear in the regulators.


Source
Author: Cryptoshib
Image Credit

Crypto Security 101: How to AirGap Your Devices?

There’s a well-known saying which goes, “a fool and his money are soon parted,” which sounds most apt for the cryptocurrency world. There are quite some bad actors who are ready to swindle money from naive people. In the past few months, there are several exchanges that have made headlines for being hacked.

Even though blockchain technology is immutable and tamper-proof, which hacked into or changed, the same cannot be said for highly-centralized crypto exchanges. Centralization means that there is one primary node that holds the lion share, especially in the cryptocurrency universe, which in turn means, there is always an imminent threat of being breached or hacked.

Air-Gap Comes Into Play

Fortunately, for every problem, there lies a solution. You can prevent any potential breach (irrespective of whether you are individual or an exchange) by Air-Gapping your systems. Air Gapping is a process of keeping your machine disconnected from the Internet (also known as cold storage).

For instance, if you are a person or an exchange, you will have two sets of keys for the wallet used to store cryptocurrencies: a public key and a private key. A public key is one part of the address which is available to all and sundry to send cryptocurrencies to the designated holder. On the other hand, the private key is an alphanumeric code which is only available with the account holder. The private key is used as a form of digital signature to authorize a transaction

Despite this, it is possible for an experienced hacker to breach security measures and make off with large sums of cryptocurrencies. This is where Air Gap comes into play. If a cryptocurrency wallet has more than $1 million worth in assets, it is recommended to disconnect the machine from the Internet.

Few Steps to Effectively Air-Gap your Machine

  1. Online machine (Maybe a laptop or PC): Authorize the transaction and receive crypto assets in the wallet.
  2.  

    USB stick: There are several USB sticks available online to shift cryptocurrency assets from online to offline locations.

  3.  

    Offline machine: Sign the received transaction received from the USB stick.

  4.  

    Online machine: Notify the relevant blockchain of the successful transaction

Air-Gapping Your Devices

There are several other ways to completely air-gap your devices. Some of them are listed below:

  •  A user can purchase a device which is purely dedicated to online use. To ensure maximum security, a user can invest in MacBook Air as those machines have readily available common drivers and also, they are very easy to use.
  • A user would also have to buy a new system for offline use. To make it entirely offline, they should ideally remove the WiFi card that comes along with the system.
  • Next, the user should buy a USB stick which is purely used for transferring data or programs into the online system.
  • Plug the USB port into the offline system, and then open the terminal and create four files with the command that says: mkfile –n 1g fake.txt.
  • Move the newly-created files on the USB stick. If there is any problem or glitch that a user sees while transferring the files on the stick, then certainly that the stick has a malicious entity.
  • Transfer all the required data or cryptocurrencies on to the offline machine on a day to day basis to start the machine.

Are Air-Gapped Devices Foolproof?

That being said, Air-Gapped machines are not entirely foolproof. There are different ways to hack a machine that has been Air-Gapped too. There are two known ways- The easy method and the hard method. We’ll elaborate on both the methods below:

1)      The easy way:

To hack into an air-gapped machine, a potential hacker would need a human to serve as an intermediary. For example, the hacker could gain the trust of an employee of an organization and get them to fix a USB stick into a computer. More than anything, this method would need a subject who’s willing to carry out the request of the seeker of the information.

To avoid this eventuality, only certain staff members of an organization should be divulged of the secret and be allowed access to the machine. The machine containing the digital wealth aka cryptocurrencies should be in a secure data center or a room on the premises. Since the members of a company are human, there lies the problem of accountability and trust. If a company wants to take no risks, they can invest in some USB Port blockers that essentially block access to USB ports of the air-gapped machines.

2)      Next, comes the tough way to breaching into the air-gapped machine.

a)      A very determined hacker can use built-in microphones and speakers, to violate the covert acoustical mesh networks (generally inaudible to a human ear) and can transmit data to roughly 65 feet away.
b)      Apart from that, a hacker can also tune into an FM signal emitted from the graphics card, using an FM receiver and access the information on the particular machine.
It is important to note that, you may be a user living on a hilltop, miles, and miles away from civilization and still be a victim to a hack. The question is not why you are at risk; the right question is how you can be at risk. Hackers can strike anyone at any time – irrespective of whether you are a multi-billionaire company or an isolated individual.

Although the methods listed above may come across as paranoid, it should be noted that the best thing in such circumstances is to be preemptively ready, in case a malicious hacker is waiting to steal your cryptocurrencies. Those assets are your hard-earned gains, and nobody should have the right to steal them. As the common saying goes, “It is better to be safe than sorry.”


Source
Author: Pratik Makadiya
Image Credit

Crypto Exchange Zaif Hacked In $60 Million, 6,000 Bitcoin Theft

Yet another Japan-based cryptocurrency exchange has been hacked, losing a 6.7 billion yen (about $60 million worth of cryptocurrency), including 5,966 bitcoins.

The licensed exchange, called Zaif, is operated by the Tech Bureau. It said on Thursday that the exchange first noticed an unusual outflow of funds on the platform around 17:00 Japan time on September 14, after which the company suspended asset deposit and withdrawal services.

Tech Bureau explained that after further investigation, it discovered that hackers with unauthorized access to the exchange’s hot wallets had stolen roughly $60 million in bitcoin, bitcoin cash, and MonaCoin. That being said, the exact amount of bitcoin cash stolen remains unknown.

The exchange added that since its own asset reserve is currently around 2.2 billion yen (or $20 million), it has reached an agreement with a Japan-listed firm called Fisco to receive a $44.5 million investment in exchange for a major share of ownership.

Tech Bureau said given the nature of the unauthorized fund access, it has filed the incident as a criminal case to local authorities for further investigation.

The incident marks the second hack in Japan this year, after Coincheck also reported that a whopping $520 million in NEM tokens were stolen by hackers in January.

Following Coincheck’s hack, the Financial Services Agency (FSA) – Japan’s financial watchdog – has launched a series of inspections on cryptocurrency exchanges in the country regarding their security measures.

The FSA had already notably issued a business improvement order to Tech Bureau in March specifically on its security and anti-money laundering enhancement.

Source
Author: Wolfie Zhao
Image Credit 

Cryptojacking Malware: What It Is and How to Fix It

Cryptojacking is a cyberattack like no other. Attackers don’t steal your data or ransom off access to your network. Instead, they commandeer your hardware when you’re not looking and redline the processors to mine cryptocurrency.

LIONBIT

Since 2017, cryptojacking’s popularity has skyrocketed. Palo Alto Networks’ WildFire platform has identified roughly 470,000 unique types of cryptomining malware, not including those delivered through web-based JavaScript activities. Together, these viruses have affected 40 percent of corporations across the globe.

This rise in malware corresponded to the astronomical rise in cryptocurrency’s value. By December 2017, Bitcoin was worth nearly $20,000 — or 20 times the average ransomware payment at the time. Today, that price has settled to an average of just over $6,000 — but that doesn’t mean cryptocurrency’s dominance is waning.

Some startups may falter or fail, but cryptomining isn’t going anywhere, and neither is the malware that exploits it. Decentralized currency has been revolutionary, and it’s easy for hackers to exploit that by simply “borrowing” your computer when you’re not using it. No matter how much or how little they use it, they get a 100 percent return for every processor they infect.

Cryptojacking Is Here to Stay

The blockchain technology that powers Bitcoin and similar companies is what makes cryptocurrency much more than just a trend. Besides decentralizing currency, it’s being used for legal, agricultural, real estate, and other industry applications. However, the ability to create wealth digitally is what makes it a prime target for hackers.

Mining cryptocurrency isn’t illegal, but it does take a substantial investment in hardware to create any amount of substantive wealth. For instance, you could invest several thousand dollars in the most powerful laptop with multiple high-end drives and eventually recoup your investment.

For a hacker, though, it isn’t about investing money in new hardware. It’s about pouring time into writing malicious code that will give them access to thousands of processors around the world. That is ultimately much more cost-effective than investing in their own hardware.

Cryptojacking malware is written specifically to hide once it’s in your system and activates only when your computer becomes idle. It doesn’t compromise your data or access to your network. In fact, the most effective codes leave almost no footprint because their goal is to remain as long as possible.

Warning Signs to Watch For

The fact that you might never know it’s there makes cryptojacking the phantom of malware. But maxing out your hardware’s operating capacities every night will eventually lead to odd tech behaviors, and that can act as a warning sign. Plus, hackers still have to retrieve their prize, which often leaves a handy trail of breadcrumbs to follow if you know what you’re looking for.

For example, even during peak business hours, employees don’t usually do enough at one time to push their computers to the max (except for IT personnel, graphic designers, and other tech-heavy roles). On average, the equipment they use should last for several years before slowing down and showing its age.

But if those same PCs and laptops are being switched on and maxed out after everyone leaves each night, they won’t last nearly as long. It may not be immediately obvious, but the processors will burn out sooner than expected. This can lead to employees having trouble maintaining their productivity and you upgrading your infrastructure years earlier than you originally planned.

Fortunately, you don’t have to wait until your hardware starts to crumble before recognizing these signs. Performance monitoring tools can detect when certain devices are running at 3 a.m. and how much juice they’re using. Analytic software can track down and identify outbound communications to places where your hardware shouldn’t be communicating.

Even more fortunate is that cryptojacking tools have the same weaknesses as all other forms of malware. For instance, they work only if you let them in. Proper preventive and security measures can usually protect your network from them, and even if your system is infected, the virus can be routed out before it causes significant damage.

How to Protect a System Through IT Security

The first step to protecting any system from malware is to invest in decent antivirus software, including anti-spam and anti-phishing filters for your email platforms. Along with ransomware and other malicious code, cryptojacking happens through email phishing techniques. It’s also useful to invest in a high-quality backup system, preferably on-premise and cloud-based, to protect your data in worst-case scenarios.

Such solutions are as cost-effective as they are essential, but they work only if you train employees to stay diligent against any attacks that might make it through. Tricks like display-name spoofing can fool some anti-phishing tools, and overconfident employees might still invite in cryptojacking malware without realizing it.

If your system is infected, then performance monitoring and analytics tools can reveal the malware’s incriminating symptoms. Depending on the extent of the virus, restoring your system may require routing it out or resetting it and starting fresh with your backed-up data.

If you’ve partnered with a managed IT service provider, it can run a comprehensive systems analysis to scan software registries and measure each device’s performance. After stripping the code from your system, your provider will run a thorough retest before giving it a clean bill of health. Then it’ll help you ensure proper security measures are in place to prevent it from happening again.

Printing money is a thief’s dream, and with cryptojacking being so lucrative, it isn’t likely to disappear or fade. Sooner or later, it could hit any company, so implementing sound protective methods is crucial. Put in place strong antivirus software, know how to recognize the symptoms, and if worse comes to worst, know how to recover as effectively as possible. Even if you can’t avoid cryptojacking malware, you can minimize its damage by staying a few steps ahead.


Here at Dollar Destruction, we endeavour to bring to you the latest, most important news from around the globe. We scan the web looking for the most valuable content and dish it right up for you! The content of this article was provided by the source referenced. Dollar Destruction does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products or other materials on this page. As always, we encourage you to perform your own research!

Source
Author: Jon Schram 
Image Credit

More Than 3m Bitcoin Holders in China Despite Ban

There are still more than 3 million people holding bitcoin in China, despite the government’s ban on trading, a researcher at theInternational Monetary Institute at Renmin University in China has estimated.



The researcher named Li Honghan made the statement during a summit held in Beijing on June 29 known as the New Financial Trends and Fin-Tech Summit 2018, according to Chinese news portal Chinatimes.net.cn.

While Li did not reveal his data source, it is well-known that Chinese investors are still active in the cryptocurrency space, making use of advanced censorship-resistant technologies like decentralized exchanges and peer-to-peer marketplaces to bypass government regulation.

As Cryptonews.com has reported on previously, bitcoin mining has also proved difficult for regulators to crack down on in China. It is estimated that more than 50% of global bitcoin mining capacity is located in China, with the remote provinces of Qinghai and Sichuan having a particularly high concentration of bitcoin miners.

The large number of miners in China has previously led Ripple’s CEO Brad Garlinghouse to attack bitcoin by claiming that it is “controlled by China.”

Bitcoin has seen a surge in price and trading volume over the past few days, adding nearly 14% since June 29, according to data from Coinbase.


Here at Dollar Destruction, we endeavour to bring to you the latest, most important news from around the globe. We scan the web looking for the most valuable content and dish it right up for you! The content of this article was provided by the source referenced. Dollar Destruction does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products or other materials on this page. As always, we encourage you to perform your own research!

Source
Author: Fredrik Vold
Image Credit: iStock/twinsterphoto

Don’t forget to join our Telegram channel for Crypto, Business & Technology news delivered to you daily.