Tag Archive for Blockchain

Cryptocurrencies

CryptocurrenciesThe attackers behind last month’s WannaCry ransomware were planning to extort $300 in Monero cryptocurrency to unlock encrypted files. Until this crisis, who had ever heard of Monero? How could you even buy Moneros to unlock your PC, if you wanted to take that chance? More people are probably aware of Bitcoin (BTC). The Visual Capitalist explains that Bitcoin is the original cryptocurrency, and its meteoric rise has made it a mainstay of conversation for investors, media, and technologists alike.

cryptocurrencyDespite its shady history, Bitcoin has spawned over 800 new markets and cryptocurrencies. While Bitcoin is the dominate cryptocurrency, with a market cap of $37.2 billion, the rest of the cryptocurrencies are worth even more, in combination they are worth nearly $40 billion. The leaders of the altcoin movement are:

Ethereum (ETH) launched in 2015, is the second largest by market capitalization. It is also quite different from Bitcoin. The Visual Capitalist explains that while Bitcoin is designed to be a payments protocol first, Ethereum is designed to work as a blockchain-based computing platform for developers to build and deploy decentralized applications, while also enabling smart contracts. The tokens used to power the network are called Ether, but they can also be traded online. At time of writing, Ethereum’s market capitalization is $15.4 billion.

Ripple logoRipple (XRP) is the native currency of the Ripple Protocol – a broader catch-all for an open-source, global exchange according to the Visual Capitalist. Ripple is aiming to be a settlement protocol for major banks, It’s already being used by banks such as Santander, Bank of America Merrill Lynch, UBS, and RBC. Ripple has a market cap of $10.9 billion.

Ethereum Classic (ETC) The Ethereum network actually split into two in 2016.The Visual Capitalist says it’s a complicated situation. You can read about the hack v. hack battle here. Ethereum Classic is based on the original Ethereum blockchain, and has a market capitalization of $1.4 billion.

Litecoin logoLitecoin (LTC) is one of the first altcoins, and it is nearly identical to Bitcoin after being “forked” in 2011. Litecoin aims to process blocks 4x faster than Bitcoin to speed up transaction confirmation time, though this creates several other challenges as well according to the Visual Capitalist. At time of writing, Litecoin’s market capitalization is worth $1.3 billion.

Monero (XMR) is an open-source, privacy-oriented cryptocurrency launched in April 2014. It is the result of a fork of the Bytecoin cryptocurrency According to CoinDesk, Monero is private by default, and it has achieved the widespread adoption of those interested in using cryptocurrencies to remain anonymous. Monero has a market capitalization of $6.2 million.

Coin Market Cap Monero chartThe price of Monero’s XMR has experienced significant volatility at times, climbing more than 1,300% since it began trading on CoinMarketCap. Since its start, the cryptocurrency has fluctuated between roughly $0.25 (in January 2015) and close to $60 (in May 2017).

Monero leverages ring signatures and stealth addresses to obscure the senders and recipients identity. Ring signatures combine or ‘mix’ a user’s account keys with public keys obtained from Monero’s blockchain to create a ‘ring’ of possible signers, meaning outside observers cannot link a signature to a specific user.

Monero logoOriginally, ring signatures obscured the senders and recipients involved in a Monero transaction without hiding the amount transferred. However, an update called RingCT implemented a new ring signature that concealed both the value of each transaction and the senders and recipients identities to make transaction tracking harder.

In addition to leveraging ring signatures, Monero also enhances anonymity through stealth addresses, which are randomly generated, one-time addresses created for each transaction on behalf of the recipient. With this feature, recipients publish a single address and transactions they receive go to separate, unique addresses. As a result, Monero transactions cannot be linked to the published address of the sender or recipient.

By providing a high level of anonymity, Monero offers fungibility, meaning that each individual unit of a currency can be substituted for another. Another way of putting this is that every coin has equal value.

Due to Monero’s untraceable nature, no two coins are distinguishable from one another, and they are both equal in the eyes of merchants. Without this level of fungibility, a vendor that accepts cryptocurrency might refuse a unit of one of these assets because of its past possibly illegal transaction history.

CoinDesk points out that Monero has enjoyed a steady increase in adoption since its release. This adaption seems to be led by Dark web marketplaces like AlphaBay and Oasis which have embraced it, reportedly due to popular demand.

For those who want to purchase Monero’s, to pay a ransom or for other reasons, can purchase them at an exchange. The Monero market operates like that of many other cryptocurrencies. Those interested in buying the cryptocurrency can get it through exchanges including Poloniex, Bitfinex and Kraken.

Bitfinex, offers XMR/USD and XMR/BTC exchanges along with deposits and withdrawals of Monero. Kraken offers the same options as Bitfinex as well as XMR/EUR.

Other cryptocurrencies in the altcoin universe include NEM, Dash, ByteCoin and Golem.

rb-

If the fraudsters who set off the WannaCry crisis were expecting to make a fortune in cryptocurrenncy, it didn’t work. Apparently there have only made approx. BTC 50.91735344 or just under $150,000 on 320 payments world-wide according to a twitter bot actual_ransom from @collinskeith which is watching the bitcoin wallets tied to the ransomware attack.

I dunno know – Until somehow cryptocurrencies break their implied link to illegal activities online, they will be relegated to the black market. 

The value of cryptocurrencies are really hard to pin down because no one really knows how much they should be worth. Unlike a company there are no assets or revenues that can be used to assess a predictable valuation. So they are subject to wide swings in valuations because they operate without any tangible value behind it.

The underlying technology of blockchain seems to have a brighter future

 

Related articles

Ralph Bach has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

 

Visual Capitalist The Coin Universe Keeps Expanding

Whose Time Is It?

Whose Time Is It?What time is it? If you looked at the lower right corner of your Windows PC screen, you know what time it is. That is good enough for most people, but followers of the Bach Seat want to know more. How does Microsoft know that time it is? Microsoft and everybody else uses Internet Engineering Task Force (IETF) RFC 7822 standard protocol called Network Time Protocol (NTP).

Network Time ProtocolNTP is one of the oldest Internet protocols still in use. NTP was designed by UMich alum David Mills at the University of Delaware. NTP can maintain time to within tens of milliseconds over the public Internet, and better than one millisecond accuracy on a LAN. Like many other things in the network world, NTP is set up as a hierarchy. At the top of the tree are “Atomic Clocks” (Stratum 0). Corporations, governments and the military run atomic clocks.

USNO NTP Servers

Atomic clocks are high-precision timekeeping devices which use the element cesium, which has a frequency of 9,192,631,770 Hertz. That means it “oscillates” a little over nine billion times a second. Knowing the oscillation frequency and then measuring it in a device creates an incredibly accurate timekeeping mechanism. Atomic clocks generate a very accurate interrupt and timestamp on a connected Stratum 1 computer. Stratum 0 devices are also known as reference clocks.

Stratum 1 – These are computers attached to stratum 0 devices. Stratum 1 servers are also called “primary time servers”.

Stratum 2 – These are computers that synchronize over a network with stratum 1 servers. Stratum 2 computers may also peer with other stratum 2 computers to offer more stable and robust time for all devices in the peer group.

Stratum 3 computers synchronize with stratum 2 servers. They use the same rules as stratum 2, and can themselves act as servers for stratum 4 computers, and so on.

NIST's first atomic beam clockOnce synchronized, with a stratum 1, 2 or 3 server, the client updates the clock about once every 10 minutes, usually requiring only a single message exchange. The NTP process uses User Datagram Protocol port 123. The NTP timestamp message is 64-bits and consist of a 32-bit part for seconds and a 32-bit part for fractional second. 64-bits gives NTP a time scale of 232 seconds (136 years) and a theoretical resolution of 2?32 seconds (233 picoseconds). NTP uses an epoch of January 1, 1900 so the first roll over will be on February 7, 2036.

Microsoft (MSFT) has a mixed history of complying with NTP. All Microsoft Windows versions since Windows 2000 include the Windows Time service (“W32Time”) which was originally implemented to support the Kerberos version 5 authentication protocol. It required time to be within 5 minutes of the correct value to prevent replay attacks. The NTP version in Windows 2000 and XP violates several aspects of the NTP standard. Beginning with Windows Server 2003 and Vista, MSFT’s NTP which was reliable to 2 seconds. Windows Server 2016 can now support 1ms time accuracy.

Atomic clockIn 2014 a new NTP client, ntimed, was started. As of May 2017, no official release was done yet, but ntimed can synchronize clocks reliably under Debian and FreeBSD, but has not been ported to Windows or Apple (AAPL) macOS.

Accurate time across a network is important for many reasons; discrepancies of even fractions of a second can cause problems. For example:

  • Distributed procedures depend on coordinated times to make sure proper sequences are followed.
  • Authentication protocols and other security mechanisms depend on consistent timekeeping across the network.
  • File-system updates carried out by a number of computers depend on synchronized clock times.
  • Network acceleration and network management systems also rely on the accuracy of timestamps to measure performance and troubleshoot problems.
  • Each individual blockchain includes a timestamp representing the approximate time the block was created.

NTP has known vulnerabilities. The protocol can be exploited and used in distributed denial of service (DDoS) attacks for two reasons: First, it will reply to a packet with a spoofed source IP address; second, at least one of its built-in commands will send a long reply to a short request.

More vulnerabilities were recently discovered in NTP. SearchSecurity.com reports that security researcher Magnus Stubman discovered the vulnerability and, instead of going public, took the mature route and privately informed the community of his findings. Mr. Stubman wrote that the vulnerability he discovered could allow unauthenticated users to crash NTPF with a single malformed UDP packet, which will cause a null point dereference. The article explains this means that an attacker could be able to craft a special UDP packet which targets NTP, resulting in an exception bypass that can crash the process. A patch to remediate specific vulnerability — named NTP 4.2.8p9  — was released by the Network Time Foundation Project .

This is a Windows only vulnerability at this time. The author urges anyone running the NTP daemon on a Windows systems to patch it as soon as possible. This particular DoS attack against NTP could incapacitate a time-server and cause havoc in the network. The easiest fix is to apply the NTP patch the article states.

rb-
NTP is important to your network and patching and protecting it should be a priority. The threat to your environment is real. If NTP is not patched, an attacker could take advantage of the chaos created by this vulnerability to hide their tracks since timestamps on files and in logs won’t match.

Way back in the day, when I was a network administrator, I inherited a network where a directory services container was frozen. Seems that time had never been properly set up on the server holding the replica and as time passed, the server time drifted away from network time and at some point we could not make changes or force a replica update. That meant a late night call to professional services to kill the locked objects and then apply DSRepair –xkz (I think) and then re-install an R/O replica.

 

Ralph Bach has been in IT for a while and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

Blockchain Basics

Blockchain BasicsThis is the season for predictions. Many tech prognosticators say that 2017 will be the year for Blockchain. As an emerging technology, Blockchain is approaching what Gartner (IT) calls the Peak of Inflated Expectations – a period the analyst refers to as “when early publicity produces a number of success stories — often accompanied by scores of failures. Some companies take action; many do not.”

BlockchainJust to prove the point, Business Insider claims blockchain has the capability to transform the world of digital banking and finance — and beyond. The author suggests that the complex technical nature of blockchain makes it difficult for people to fully grasp how the technology works. BI helps blockchain novices understand exactly what blockchain is and how it works.

Blockchain is a distributed database or ledger that allows companies to initiate trade digitally without the need for approval from a central authority. Because blockchains are distributed, an industry or a marketplace can use them without the risk of a single point of failure.

Blockchain ledgerThe ledger is the central part of a blockchain. The ledger is publicly available and shared among all parties within the network. It can’t be changed or tampered with, making it secure. The ledger keeps track of all the details of a transaction, including time, date, parties involved and the transaction amount.

The article examines how the most common blockchain application, a bitcoin transaction, works.

  1. Alice decides to buy bobbles from Bob’s Bead Boutique online.
  2. Bob’s Bead Boutique accepts bitcoin.
  3. Alice has a 3rd party bitcoin wallet set up to hold her digital funds.
  4. Bob at Bob’s Bead Boutique shares his unique numerical bitcoin address with Alice.
  5. Alice makes her payment to Bob’s Bead Boutique by signing it with her private key of her own address. The transaction is called a block.
  6. The block is broadcast to everyone within the peer-to-peer network.
  7. Users who verify the buyers block via a process called “mining” will be rewarded with bitcoins.
  8. To verify and validate the block, miners take information from the block and run it though an algorithm.
    The approved block is attached to the previous transaction in the network.
  9. Collectively all the transactions form a blockchain which cannot be altered making it permanent and transparent
  10. The transaction is verified and completed.

disruptive technologyBI claims that the most important aspect of blockchain is its versatility. The author claims that the disruptive technology has implications far beyond bitcoin. The article points out there are more than 100 blockchain projects spread across many different industries. Here are some industries blockchain could disrupt.

Banking and Financial Services – Blockchains is more secure and efficient so financial processes powered by blockchain could save banks up to $20 billion dollars annually by 2022.

Healtcare – Blockchains could allow patients to securely share their health records across a vast network of healthcare providers more securely. Preventing many of the recent healthcare data breaches.

Music –  Blockchain could potentially be used to help prevent piracy in music while also increasing sales.

Insurance – Blockchain could allow wholesale insurers to overcome complex transactions that involve a large number of participants and increase efficiency in areas like documentation and claims management.

rb-

The Brookings Institute correctly argues that Blockchain is a foundational technology, like TCP/IP, which enables the Internet. And much like the Internet in the late 1990s, we don’t know exactly how the Blockchain will evolve, but evolve it will.

Blockchain is a foundational technologySimilar to the Internet, the Blockchain must also be allowed to grow unencumbered. This will need careful handling that recognizes the difference between the platform and the applications that run on it. TCP/IP empowers many financial applications that are regulated, but TCP/IP is not regulated as a financial instrument.

Disruptive technologies rarely fit neatly into existing regulatory considerations, but rigid regulatory frameworks have repeatedly stifled innovation.

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

What is Bitcoin?

What is bitcoin?Bitcoin is the name of probably the best-known cryptocurrency or digital currency or digital gold or virtual money. A cryptocurrency is a medium of exchange, such as the US dollar, but is digital and uses encryption techniques to control the creation of monetary units and to verify the transfer of funds. Blockchain is the technology that enables the existence of cryptocurrency.

Occupy Wall StreetThe cryptocurrency has populist roots. It made its debut in relative obscurity at the start of 2009, when the great recession  financial crisis was still raging. A person or group of people known as Satoshi Nakamoto purportedly created the bitcoin protocol and reference software. The populist ideology behind Bitcoin is to take power out of the hands of the central bankers and governments who usually control the flow of currency.

Bitcoin is both a digital currency and a payment system. The basic idea behind Bitcoin is that you can use it to pay for things without a third-party broker, like a bank or government. The value of a bitcoin depends on the bitcoin market at the time. One bitcoin = 100,000,000 Satoshi like 1 dollar = 100 cents. There are no transaction fees and no need to give your real name. Merchants have to pay a transaction fees on each credit card sale of 2.5% to 3.5% to the likes of Visa, MasterCard or Discover.

Accounting ledgerThink of Bitcoin like one big ledger shared by all the users: When you pay for something with bitcoin, or get paid, then your transaction is recorded on the ledger to ensure there is no double spending of the currency.

Members of the network collectively contribute processing power from their computers to maintain Bitcoin’s integrity. And every time a transaction is made, a record of it is sent out to be recorded in a public ledger where the transactions are effectively set in stone. Anyone can download and install the Bitcoin software for free so these records are distributed permanently across the entire network. This publicly distributed ledger is called the blockchain.

Peer to peerIn order to get more Bitcoins, computers running bitcoin software compete to confirm the transaction by solving complex cryptographic equation, and the winner is rewarded with more bitcoins. Currently, a winner is rewarded with 25 bitcoins roughly every 10 minutes. The process is known as “mining”. Don’t get too wrapped up in Bitcoin mining because only the computer powerhouses get their bitcoins this way.

The Consumerist explains that Bitcoin mining math is complicated and hard to forge, so the block chain stays accurate. Because anyone can download and install the Bitcoin software for free, the payment processing and record keeping for Bitcoin is done in a widely distributed way, rather than on one particular server.

Bitcoin miningWhen block chains are created, so are new bitcoins — but there’s a hard limit to how many will ever exist. The system was designed to create more bitcoins at first, then to dwindle exponentially over time. The first set of block chains each created 50 bitcoins. The next set each created 25 bitcoins, and so on. New block chains are created roughly every 10 minutes no matter what; when more computers are actively mining, the program they’re running gets harder (and therefore slower) to compensate. The Bitcoin FAQ estimates that the final bitcoin will be mined in the year 2140, bringing the permanent circulation to just under 21 million. (Currently, there are roughly 15.8 million bitcoins in the world.)

In order to use Bitcoin You’ll have to install a “bitcoin wallet” app on your phone or computer, and then buy them from a bitcoin exchange. A bitcoin digital wallet is a kind of virtual bank account that allows users to send or receive bitcoins, pay for goods or save their money via an exchange of public and private security keys. Bitcoin wallets can exist either in the cloud or on a user’s computer. The wallets have all of the risks of any other app on your device or in the cloud. Unlike bank accounts, the FDIC does not insure bitcoin wallets. CNN Money points out some of the risks in using bitcoin.

Bitcoin miningIn order to buy bitcoins you have to use a marketplace called a “bitcoin exchanges” allow people to buy or sell bitcoins using different currencies. These exchanges have dubious history.

Bitcoin exchanges are vulnerable to hacking, collapse or a ”run on the bank.” A run on a bank occurs where customers are scared and demand to withdraw their deposits so fast that the bank makes payments and shutdowns. If something like that happens, good luck getting your money back: This isn’t like an FDIC-insured bank account.

Bitcoin can be used in a few places; Marketwatch says there doesn’t seem to be much rhyme or reason to where you can use Bitcoin:

rb-

Bitcoin in DetroitThe use of bitcoins in Michigan has not really taken off. Last summer, according to the FreeP, there were only a handful of businesses in metro Detroit that took bitcoin included:

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.