All posts by Thomas Prendergast

Major Crypto Brokerage Coinmama Reports 450000 Users Affected by Data Breach

Major Crypto Brokerage Coinmama Reports 450,000 Users Affected by Data Breach

             

Israel-based crypto brokerage Coinmama

— which allows users to purchase Bitcoin (BTC) and Ethereum (ETH) using a credit card — has suffered a major data breach affecting 450,000 of its users. The incident was disclosed in an official company announcement on Feb. 15. The breach is reportedly part of a mammoth, multi-platform hack that affected 24 companies and a total of 747 million records — among them gaming, travel booking and streaming sites. Coinmama says a list of around “450,000 email addresses and hashed passwords” of users who registered on its platform before Aug. 5, 2017 have been posted on

a dark web registry:

“As of February 15, 2019, there has been no evidence of this data being used by perpetrators. Given the dated nature of the published data, we have no reason to suspect that any other Coinmama systems are compromised. Coinmama does not store credit card information.”

Aside from immediately notifying users, Coinmama says its response team is requiring all potentially affected users to reset their passwords upon login, as well as monitoring its array of systems for suspicious activity or unauthorized access. The platform says it is working to enhance its safeguards and track any external signals that the compromised data is being used.

Aside from new password requirements for potential victims of the hack, the site requests all users to ensure their passwords are robust and unique, and to avoid opening emails or attachments from unknown senders, or providing any personal data to any third party sites. Although the data breach impacted not only Coinmama, but a gamut of companies outside the crypto sector, the hack represents the second high-profile system compromise in the industry this year.

On Jan. 15, tens of thousands of Ethereum (ETH) wallets hosted by New Zealand crypto exchange Cryptopia were hacked, leading to losses estimated to be worth up to $23 million — with the breach continuing for a couple of weeks after the incident’s detection. A recent report from New York-based blockchain intelligence firm Chainalysis estimated that two — likely still active — organized hacker groups have reportedly stolen $1 billion in cryptocurrency, accounting for the majority of funds lost in crypto-related scams.

Article Produced By
Marie Huillet

Marie Huillet is an independent filmmaker, with a background in journalism and publishing. Nomadic by nature, she’s lived in five different countries this decade. She’s fascinated by Blockchain technologies’ potential to reshape all aspects of our lives.

https://cointelegraph.com/news/major-crypto-brokerage-coinmama-reports-450-000-users-affected-by-data-breach

 

TP

Detected Cryptojacking Prompts Microsoft to Remove Eight Free Apps from Microsoft Store

Detected Cryptojacking Prompts Microsoft to Remove Eight Free Apps from Microsoft Store

            

United States-based software corporation Microsoft

has removed eight Windows 10 applications from its official app store after cybersecurity firm Symantec identified the presence of surreptitious Monero (XMR) coin mining code. The news was reported by Symantec on Feb. 15.

Stealth crypto mining — also know as cryptojacking – works by installing malware that uses a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. According to Symantec, the firm first detected malicious XMR mining code within eight apps — issued by three developers — on Jan. 17. After Symantec alerted Microsoft, the corporation is reported to have removed all eight products — although an exact date for their delisting is not provided.

The applications — which were marketed as part of the top free app listings on the Microsoft Store — reportedly included “a computer and battery optimization tutorial, internet search, web browsers, and video viewing and download,” and were issued by developers “DigiDream, 1clean and Findoo.” Upon closer investigation, Symantec has proposed that all eight apps have in fact likely been developed by the same person or group, rather than by three distinct entities.  

All the detected samples reportedly run on Windows 10, including Windows 10 S Mode, and were variously published between April and December 2018. They reportedly work by triggering Google Tag Manager in their domain servers to fetch a coin-mining JavaScript library. Once the mining script is activated, the target’s computer CPU cycle is hijacked to mine XMR for the app developers.

Symantec representatives told technology news website ZDNet that this is the first time cryptojacking cases have been found on the Microsoft store. The apps’ stealth success reportedly stems from the fact they run independently from the browser in a standalone (WWAHost.exe process) window. Moreover, they have “no throttling which means [they can use] up 100% of user's CPU time.”

As Synmantec notes, while the suspect apps all provided privacy policies, they unanimously omitted any mention of cryptocurrency mining. The firm’s analysis identified the strain of mining malware enclosed in the apps as being the web browser-based Coinhive XMR mining code. Symantec says it has not been able to determine precise download or installation statistics, but observes that the apps received almost 1,900 ratings — whether or not these accurately reflect real users, or fraudulent bots, is difficult to ascertain.

Aside from Microsoft’s action to delist the apps, the mining JavaScript has also reportedly been removed from Google Tag Manager, following Symantec’s alert. As reported, recent research from cyber security research firm Kaspersky Lab has revealed that cryptojacking overtook ransomware as the biggest cybersecurity threat —  particularly in the Middle East, Turkey and Africa.

Article Produced By
Marie Huillet

Marie Huillet is an independent filmmaker, with a background in journalism and publishing. Nomadic by nature, she’s lived in five different countries this decade. She’s fascinated by Blockchain technologies’ potential to reshape all aspects of our lives.

https://cointelegraph.com/news/detected-cryptojacking-prompts-microsoft-to-remove-eight-free-apps-from-microsoft-store

TP

Hyundai Commercial Partners With IBM to Accelerate Blockchain Development

Hyundai Commercial Partners With IBM to Accelerate Blockchain Development

            

Hyundai Commercial — a financial services subsidiary

of leading South Korean automobile manufacturer Hyundai — has announced a partnership with American tech giant IBM to modernize its business model using blockchain. The news was announced on Feb. 13 at IBM’s annual tech and business conference “IBM Think 2019” in San Francisco, California. Hyundai Commercial is reportedly “a corporate finance company that provides leasing and financial services for commercial vehicles and construction equipment.” The partnership with IBM will focus on using open source Hyperledger Fabric blockchain technology to create a new supply chain financing ecosystem for the Hyundai Commercial network.

Network participants — which include automobile dealers, distributors and manufacturers —  will have access to a real-time, shared view of all transactions on the blockchain, allowing for this data to be securely managed and efficiently distributed. The technology will also offer efficiency gains by automating hitherto manual processes. The announcement also reveals that a separate Hyundai financial services subsidiary, Hyundai Card, will be partnering with IBM to implement its machine learning technology to create an artificial intelligence-based chatbot for customer services.

As previously reported, IBM is fast developing its blockchain-based offerings — across financial services, supply chain, government, retail, digital rights management, healthcare and insurance. Recent projects include the use of blockchain and Internet of Things (IoT) to combat drought in the state of California, as well as a $700 million deal with one of Europe’s largest banks, Banco Santander, to accelerate the Spanish bank’s use of blockchain technology.

As reported, Chung Dae-sun — the nephew of the CEOs of Hyundai Group and Hyundai Motors — founded HDAC, a Korean blockchain-based IoT platform and issuer of the Hyundai-DAC token (DAC), alongside a fintech and blockchain subsidiary HyundaiPay. Earlier this week, HyundaiPay signed a Memorandum of Understanding (MoU) to promote the growth of fintech startups in Busan, South Korea’s second most populous city.

Article Produced By
Marie Huillet

Marie Huillet is an independent filmmaker, with a background in journalism and publishing. Nomadic by nature, she’s lived in five different countries this decade. She’s fascinated by Blockchain technologies’ potential to reshape all aspects of our lives.

https://cointelegraph.com/news/hyundai-commercial-partners-with-ibm-to-accelerate-blockchain-development

 

TP

Listing With IDEX Signals Step Forward for Ride-Hailing Company

Listing With IDEX Signals Step Forward for Ride-Hailing Company

         

IDEX, the only Ethereum-based, fully decentralized crypto exchange

with real-time trading and high transaction throughput has announced the listing of RedCab LLC’s REDC token. RedCab, a decentralized peer-to-peer transportation solution entirely powered by blockchain technology, announced the listing this week with the Panama-based exchange.

IDEX is recognized as the most advanced Ethereum DEX in the industry, supporting limit and market orders, gas-free cancels and also the ability to fill many trades at once. Consisting of a smart contract, trading engine and a transaction processing arbiter, the smart contract is charged with trustlessly storing all assets and also with executing trade settlement, while all trades must be authorized by the users private key. RedCab has ambitious plans to expand beyond its native Egypt into Bahrain, the KSA, as well as Asian and European markets.

At this stage, almost everyone has heard of, and possibly even tried out, some of the larger ride-hailing companies on the market, such as Uber, Lyft and Grab, but few know the way those companies go about running their business. A 25 percent profit is made through each driver, which makes it difficult for those working for those companies to earn a respectable living. With a 15 percent profit cut, RedCab provides drivers with a higher percentage of take-home pay, and have a distinct focus on community, providing users with an entirely different experience than those who use Uber.

One question on many readers minds is likely to be “Why RedCab?” According to the company itself, “Many start-ups have been rising in the market recently to solve the transportation issue. Most of them are successful as a business, but none of them have succeeded without social collateral damage.

“Despite the fact that technology has bridged the gap for transportation needs and has successfully solved some problems in the past ten years, this left us with multiple copycat business models without any iteration or innovation.” One pet peeve that many have with Uber is the spike in fares when certain conditions occur, such as rain and heavy traffic. “Customers are not only searching for a trendy service, but looking for a true reliable service with sustainable quality and safety, that offers all transportation options and services with a low competitive price, and because customers hate to be abused; so on a rainy day, or a day with heavy traffic; “high rates” fare is not a good move.”

RedCab seem able and willing to provide drivers with more tangible benefits than we’ve yet seen in this industry; “Based on a recent survey conducted on drivers working as part-time for one of the major car-hailing services app, 91% of the population have joined the hailing service apps to increase their income and 87% to work flexible shifts.  Our business model guarantees a 20% increase in the income of drivers with a clear strategy to capitalize on the network dominance where the time of the people who chose to partner with us and drive is managed more efficiently.” The listing with IDEX is yet another step forward for this company that is looking to take the industry in a new, more community-based direction.

Article Produced By
Bob Keith

Chronic crypto nut and freelance writer/editor for longer than I care to remember. Have finally found a home here at Crypto Disrupt.

https://cryptodisrupt.com/listing-with-idex-signals-step-forward-for-ride-hailing-company/

TP

4 Lessons After 11 Years in Silicon Valley

4 Lessons After 11 Years in Silicon Valley

On the realities of opportunity, success, reputation, and relationships in tech

                

Silicon Valley is a magical place with some strange norms

—perhaps because companies, careers, and fortunes rise and fall with such astounding speed. Here are a few of the quirky, brutal, and hopefully useful lessons I learned during my 11 years living and working in the technology industry’s epicenter.

1. There’s opportunity in what others undervalue

There’s a rigid hierarchy of functions in Silicon Valley. At the top of the pyramid sit the entrepreneurs, the engineers, the venture capitalists. The closer you are to building or funding, the more respect you get—which probably makes sense. But when I began my career in tech, I wasn’t prepared for how little respect other functions get: recruiting, HR, marketing, communications, etc. There’s an assumption that truly great products market themselves or that truly great companies are magnets for top talent. To work in these superfluous fields is either a sign that your company must compensate for its lack of greatness or that you’re but an intermediary for the inevitable.

Of course, not everyone thinks like this. And that’s where the upside to this warped view comes in. At the company level, it’s quite clear you’ll need to out-innovate your competitors by building a better product. But what about the less obvious vectors for competition? With the benefit of hindsight, it’s easy to see where investments in culture have paid off exceptionally well (and where the lack thereof has halted otherwise unstoppable companies). In nascent industries—especially highly regulated ones—educating customers and stakeholders about your product and market may be as core to survival as the product itself.

This opportunity for differentiation also exists at the individual level. It used to bother me that people made certain assumptions about me based on my profession. I craved validation from my peers and resented the stereotypes that came along with PR. But the longer I’ve been in this field, the more respect I have for how nuanced, impactful, and essential our work is, and consequently, I’m bothered less by other people’s projections. An unfortunate consequence of the hierarchy of functions is that it’s harder to attract top talent to the layers we undervalue, which hurts the industry as a whole. But, as an individual, it means that it’s probably more feasible to distinguish yourself as one of the top recruiters or marketers than it is to become a top engineer in a world where that is the ultimate prize.

2. There’s nothing more dangerous early in your career than success

One of our industry’s oft-repeated (and oft-abused) sayings is, “If you’re offered a seat on a rocket ship, you don’t ask what seat. You just get on.” It’s what Google’s then-CEO Eric Schmidt told Sheryl Sandberg to convince her to come onboard in 2001, and I’ve always appreciated the humility embedded in this perspective (for the seat-taker, that is). But we often fail to dwell on the inevitable follow-up question: If you took a seat on that rocket ship, and it was indeed a rocket ship, how do you know if you made any meaningful impact on its speed or trajectory?

Success is one of the most dangerous things that can happen to you early in your career. When you’re on a so-called rocket ship, you’re likely drinking from the fire hose daily, making things up as you go along. If you’re given responsibilities that exceed your experience, you’re probably plagued by self-doubt. Then, at some point, if you’re lucky, the company you’ve helped build is declared a success. And those many bumps along the way are ironed out into a perfect narrative. Perhaps you’re even tempted

to believe it.

Some reputations are built on much less than you would assume.

In Silicon Valley, myths about people and companies tend to beat out carefully considered case studies. Maybe it’s because so much creation happens when companies are still private and therefore less observable. Maybe it’s because there are so many new and invisible forces at work (emerging technology trends, cultural and behavioral shifts) in a company’s meteoric rise that mythology is the only way we can make sense of it. Maybe it’s because we love a good story—and a good creation story most of all.

It’s a balancing act to allow yourself pride in what you’ve helped accomplish without getting caught up in your own personal mythology. Be grateful for the tough times: They will keep you anchored during headier cycles. If you battle insecurity and anxiety on the regular (raises hand), find solace in the fact that you’re probably working harder than you would if you were capable of believing that it was your seat that made all the difference.

3. Some reputations are built on surprisingly little

This is going to seem random, but bear with me: In the 1999 rom-com Never Been Kissed, Drew Barrymore’s character, Josie, is a reporter who goes undercover as a high school student to write about the “cool” high school crowd. But there’s just one problem: She’s super uncool, so she can’t get anywhere near them. Then her naturally cool younger brother decides to relive his high school glory days and salvages her assignment by convincing the cool kids that Josie is, in fact, quite cool. “All you need is for one person to think you’re cool,” he tells her. “And you’re in.”

Silicon Valley can feel a little like high school—in many ways, but especially when it comes to people’s reputations. I’m regularly shocked by how much just one person declaring someone a “rockstar” can open doors and even change the trajectory of a career. And if the person doing the declaring is particularly influential, other people will repeat their pronouncement as a given. The speed and opacity of startup trajectories make it impossible to really know how impactful someone was (how to separate the seat from the rocket ship), so personal endorsements carry a tremendous amount of weight. Which means that some reputations are built on much less than you would assume.

This is troubling, especially because influential people tend to skew white and male, as do their networks, which only reinforces existing power structures. But it’s also an incredible opportunity to elevate deserving but underappreciated and underrepresented people—especially if you yourself are influential. I doubt many people know how much weight their words carry. Of course, if you’re not accustomed to wielding this power—or asking for it to be wielded on your behalf—it can feel pretty uncomfortable. Women in particular have a harder time transitioning from the personal and emotional to the transactional in their relationships. My female friends and I have discussed this extensively and have even experimented with a “favor swap” event where the whole point is to get transactional. Maybe this is what Lean In Circles should have been all along—lead with the favors, not the feelings.

4. Your former co-workers are your rocks, so keep them close

This one is simple, but important. We all know how critical it is to build strong relationships inside a company, but it wasn’t until I moved on from my first startup job that I realized how incredibly valuable co-worker relationships become after you leave. After years together in the trenches, former co-workers know your strengths and can call you on your bullshit. And once you’re no longer co-workers, all those pesky work-related complications and politics disappear.

Your non-co-worker friends will of course cheer you on, but if you’re in a rut professionally or trying to figure out if you’re the one being difficult in a dysfunctional work relationship, no one can help you troubleshoot like your former colleagues. Same if you need a substantive ego boost. And because your relationship started in a work context, it’s also much easier to be transactional, whether that means asking for intros, references, funding, or feedback.

I first jotted down these lessons in a fit of preemptive nostalgia in November before moving to NYC. Now I’m nearly three months into my new life here, still working in the fast-paced world of startups, but on a different coast and in a different category: beauty. It’ll be fun to see which of these lessons translate, which don’t, and what new lessons emerge. Maybe I’ll even write about how my new home compares to Silicon Valley… just give me another 11 years.

Article Produced By
Ashley Mayer

All things communications. Beauty by way of venture capital and enterprise software. Newly in New York.

https://medium.com/s/story/four-lessons-after-eleven-years-in-silicon-valley-d87507b7a4f6

TP

Morgan Creek’s Venture Fund Raised 40 Million to Invest in Blockchain and Cryptocurrency

Morgan Creek’s Venture Fund Raised $40 Million to Invest in Blockchain and Cryptocurrency

             

Morgan Creek Digital Assets announced today

that it has successfully closed a $40 million venture fund that will invest in blockchain and cryptocurrency. Morgan Creek Digital Assets (MCDA) is an alternative asset management firm founded by Anthony Pompliano, Mark Yusko, and Jason Williams. The fund is an affiliate of multi-billion dollar asset manager Morgan Creek Capital Management.

According to a Tuesday press release, MCDA closed a $40 million fund targetting blockchain and cryptocurrency. The fund originally had a target of $25 million but was oversubscribed, raising a total of $40 million. Previously, MCDA has made equity investments in companies such as Coinbase, Bakkt, BlockFi, and RealBlocks. The firm is also likely to invest in cryptocurrency and other digital assets, as seen previously in its Digital Asset Index Fund. The index is comprised of Bitcoin, Ethereum, Litecoin, EOS, and Bitcoin Cash with smaller positions in five other coins.

Morgan Creek Digital’s recent raise was supported by two public pensions, a university endowment, a hospital system, and an insurance company, according to the press release from the company. Pompliano told CryptoSlate that “I believe this is the first public pension money in crypto,” suggesting that more conservative pensions are starting to take notice of blockchain and cryptocurrency as an investment vehicle.

Meanwhile, Mark Yusko, partner and co-founder of the fund said:

“We are proud to partner with these investment professionals who have shown an ability to be forward-thinking and innovative.”

Jason Williams, the other co-founder stated:

“The blockchain industry is seeing an incredible influx of highly-talented individuals and entrepreneurs. We believe many of the largest, most valuable companies of tomorrow will be built using this technology.”

In another statement from Pompliano on Twitter, he said “the institutions aren’t coming. They’re already here,” suggesting that institutions are already looking to get involved in the sector.

Article Produced By
Mitchell Moos

Editorial Manager at CryptoSlate

Mitchell is a software enthusiast and entrepreneur. In addition to writing, he runs a non-profit that teaches people about the blockchain. In his spare time he loves playing chess or hiking.

https://cryptoslate.com/morgan-creeks-venture-fund-raised-40-million-invest-blockchain-cryptocurrency/

TP

Decred Founder Proposes Building DEX as Alternative to Binance Interview

Decred Founder Proposes Building DEX as Alternative to Binance [Interview]

               

Decred founder Jacob Yocom-Piatt recently proposed

a decentralized exchange (DEX) to the Politeia community. The initiative hopes to cut high-listing fees, front-running high-frequency traders, and third-party rent-seeking. A product that could overcome these barriers would be an ideal alternative to centralized exchanges, but Yocom-Piatt admits the community could still reject the proposal.

Politeia in Action

Decred was launched by Jacob Yocom-Piatt, Dave Collins, David Hill, John Vernaleo, Josh Rickmar, and Alex Yocom-Piatt in Feb. 2016. It uses a hybrid Proof-of-Stake and Proof-of-Work mining system to ensure that miners avoid becoming overly centralized. One of the founding principles of the project has also been its focus on community and open governance.

This founding principle has manifested itself in the project’s launch of Politeia in Oct. 2018. Politeia allows token holders of the Decred community to vote on the direction of the project by staking their tokens. By using native DCR tokens as a governance tool, holders effectively take decide how Decred funds are spent. At its launch last year, Decred’s coffers held roughly $23 million in DCR tokens.

It is an ambitious version of governance, one in which Yocom-Piatt pointed could end badly for the group. In the initial post announcing Politeia’s launch, Yocom-Piatt wrote, “Politeia allows Decred users and stakeholders to propose, discuss, collaborate on, and fund new projects, initiatives, and consensus changes. If stakeholders exercise bad judgment, it can have serious negative consequences.” Proposals can take two forms: ones that stir voter support for a change of policy or those that will fund projects from the Decred treasury. The upcoming DEX proposal will fall into the latter category and is estimated to cost between $100,000 to $1,000,000 to build.

Features of a Decentralized Alternative

In a phone interview with CryptoSlate, Yocom-Piatt outlined the reasons behind the proposal. One of the major issues for the Decred founder was the number of problems he has seen

regarding centralized exchanges.

“When [Decred developers] were meeting with exchanges, we were facing enormous listing fees,” he said. “Often times the costs of getting listed on one of the big exchanges was more than the cost of integrating the coin itself.”

In 2018, Binance, the number one cryptocurrency exchange by trade volume, had allegedly been asking projects upwards of $1 million to get their token listed on the exchange. The CEO of Celsius Network, a crypto-lending platform which raised $50 million in an ICO in 2017, placed this figure closer to $6 million.

Although Binance has been tight-lipped about the exact figures, Yocom-Piatt wants to avoid this business model altogether. “I want to get away from centralized exchanges. They have become gatekeepers for a project’s success,” he told CryptoSlate. “It’s not just for Decred either. It applies across the board.” Omitting costly listing fees is only one part of the multi-faceted proposal. The plan would also give retail investors a better chance of successfully trading against high-frequency traders and

bot accounts.

“You just can’t compete with firms who have already built out robust financial infrastructure, unless you build something equivalent. Then you have only a slightly better chance,” said Yocom-Piatt.

Typically, order books on exchanges are managed following FIFO accounting, or ‘first in, first out.’ This mechanism means that the first orders to arrive are the first ones to be fulfilled. To game this, whole businesses have been built which offer an automated service 24 hours a day, seven days a week. To combat such front-running, the Decred DEX proposal would implement pseudorandomly matched orders in which interested market makers would be shuffled upon order arrival. This would give everyone, even bots, an equal shot at maximizing their profits.

Other features of the DEX include the use of atomic swaps, crypto-only trading (no fiat), and trading transparency in which all trade data is cryptographically signed and publicly demonstrable. For the uninitiated, atomic swaps allow trades to be made between two distinct blockchains without the use of an intermediary. Decred and Litecoin are reportedly the first projects to successfully implement such a trade in Sept. 2017.

Community Response

In the commentary following the proposal, as well as within Decred’s Telegram channel, members have reported mixed feelings. Some have commented that all funds from the treasury should only be used for Decred development, while others have explained that the DEX proposal is overkill. A Decred member, nottrunner,

wrote:

“[It] seems to me we are taking a gun to a knife fight if the primary purpose of the DEX is [ultimately] to increase DCR liquidity.”

Similar responses regarding liquidity were iterated in the Telegram channel, as some were unconvinced that building out a costly exchange would get more DCR tokens into more users’ hands. In Diar’s Feb. 5, 2019 report, they also explained that “less than [one percent] of cryptocurrency trades are facilitated on decentralized exchanges,” despite the risk of theft on centralized versions.

But this is not a point of concern for Yocom-Piatt as he underlined how easy it is to fake trading volume, “especially in a crypto winter.” In a Dec. 2018 analysis from the Blockchain Transparency Institute (BTI), the institute stated that “80 [percent] of the [CoinMarketCap] top 25 BTC pairs volume is wash traded.” Wash trading is the activity of buying and selling an asset to provide misleading information about the asset’s trading volume. The practice was banned in the United States following the Commodity Exchange Act of 1936 but has reemerged since the advent of unregulated cryptocurrency markets.

Adding to that, the Decred founder said the primary focus for the exchange will be to protect traders from price slippage. If someone is interested in purchasing one million DCR tokens, for instance, the price of DCR will not be affected in the proposed DEX framework. Yocom-Piatt confirmed that a number of large DCR stakeholders have expressed interest in a product that prevents such slippage. Regardless of Yocom-Piatt’s motivations behind the proposal, it is ultimately the Decred community who will decide. He explained that the DEX proposal is one of the largest proposals

attempted thus far.

“We want to make a case for this decision-making system,” he said. “The governance decision will be written in stone with time stamps, no matter if it passes or fails.”

Article Produced By
Liam Kelly

Blockchain Writer at CryptoSlate

Liam is an enthusiastic writer whose primary focus is to deliver skillfully written analysis of emerging technologies, digital weirdness, and the decentralized web. He is also skilled at seeking out Internet-based subcultures, communicating between niche communities, and unearthing incoming trends in technology, culture, and politics. He is based in Berlin, Germany and enjoys playing soccer, making reading lists, and playing solitaire in his local Kneipe.

https://cryptoslate.com/decred-founder-proposes-dex-binance-interview/

TP

First Case of Crypto-Jacking Clipper’ Malware Found on Google Play Store

First Case of Crypto-Jacking ‘Clipper’ Malware Found on Google Play Store

            

A new form of cryptocurrency-stealing malware

has been identified in the Google Play store. Dubbed ‘clipper’ malware, it was discovered inside an app impersonating MetaMask—a full browser extension which allows Ethereum-based apps to run on a browser without running a full Ethereum node. Clipper malware works by taking advantage of the copy-paste feature. Crypto apps are especially vulnerable because they require that users input long and complicated cryptocurrency addresses. The malware then monitors the clipboard of the infected system and identifies values that look like a wallet address. Once identified, the malware swaps the victim’s address for the hacker’s address. If the victim completes the transaction without noticing the change, the crypto gets deposited in the attacker’s account instead.

This malicious app was discovered by cybersecurity company Eset and is the first known app of its kind to pass Google’s vetting procedures. Malware and other software targeted at cryptocurrency users has become increasingly prevalent because of the ease of monetary gain via stealing crypto, especially when compared to other methods such as data ransom and identity fraud which tend to be more labor intensive

There has been much discussion about what has now been dubbed as ‘crypto-jacking’ which is coin mining that is done using the computing power of other people’s machines. This form of hacking hit mainstream media when it was discovered on popular torrent site The Pirate Bay, which was using a web browser miner called CoinHive.

Another crypto-jacking attack is performed via email, where a user is phished and malicious mining software is installed on the victim’s computer. However, this brings up a question of ethics, as there are some who have expressed that they would permit cryptocurrency mining in this manner, in exchange for web services such as The Pirate Bay, if they were notified about it. A study conducted in late 2017 showed just how quickly crypto-jacking

rose to prominence:

“Coin miners made up 24 percent of all web attacks blocked in December 2017, and 16 percent of web attacks blocked in the last three months of 2017, demonstrating the big impact of these browser-based coin miners,” the report from Symantec read.

Article Produced By
Darryn Pollock
Author

Darryn is an award-winning journalist that began his career covering sports for a major national newspaper group in South Africa. Since then, he has married his interest in blockchain and cryptocurrency and looks to cover the emerging ecosystem as thoroughly as possible. He is particularly interested in the technical and economic impact of cryptocurrency.

https://cryptoslate.com/crypto-jacking-clipper-malware-google-play-store/

TP

Beyond the ICO: Evolution Versus Revolution

Beyond the ICO: Evolution Versus Revolution

               

The ICO model will soon be rendered redundant

by a series of new token offering models focusing on security, transparency, and regulatory compliance. An explosion of token offering innovation is underway, with several new models emerging as prime contenders for the title of the “ICO of the future.” In this three-part series, we’ll assess the current state of the ICO ecosystem, analyze the regulatory shift making the “traditional” ICO model untenable, and take a look beyond the ICO at the future of decentralized capital generation.

In our previous Beyond the ICO article, we examined the ICO market and regulatory response to the ongoing issue of ICO fraud. Regulators are playing a critical role in the creation of a new token offering model that allows innovative startups to access capital in a decentralized manner, but what shape will the future ICO take?

The Future of the ICO

The immunological regulatory response to the threat presented by the traditional ICO model will inevitably result in change, but regulation isn’t the only environmental factor shaping the evolution of ICOs. Community self-regulation will heavily influence the morphology of future ICOs as the crypto market adapts to fraud within the ICO market and eliminates less efficient models in a Darwinian manner. The ICO model will fracture into separate models that fill different niches within the blockchain ecosystem; security token offerings and DAICOs.

Security token offerings address the core issue presented by bringing capital markets onto the blockchain. Instead of working against existing securities laws, a security token offering, or STO, works with them — the most obvious solution to the looming threat of regulatory action. Instead of attempting to camouflage what is arguably a securities offering as a utility token, STOs deliver regulatory certainty as well as investor confidence

While STOs aim to adapt to the impending fallout of an extinction-level threat, the DAICO model — proposed by Vitalik Buterin — is less concerned with regulation, and more focused on minimizing the inherent risk and complexity of ICOs. By fusing the concept of a decentralized autonomous organization and an ICO, the DAICO model allows development teams to publish a smart contract that launches in “contribution mode.” A DAICO establishes the funding process as a smart contract that governs the contribution of ether to a project and the specifics of a sale, as well as allowing token holders to vote on the rate of funding delivered to the development team, or even put a contract into “withdraw mode” as

outlined by Buterin:

“Voters start off by giving the development team a reasonable and not-too-high monthly budget, and raise it over time as the team demonstrates its ability to competently execute with its existing budget. If the voters are very unhappy with the development team’s progress, they can always vote to shut the DAICO down entirely and get their money back.”

The ICO Model is Here to Stay — But Not as We Know it

Both the DAICO and STO models address the major obstacles that ICOs face in the near future, but the evolving crypto industry may eliminate the ICO as a launchpad for new blockchain-based platforms altogether. UK-based technology advisory and investment firm GP Bullhound predicts the end of the ICO model as the go-to capital generation method for blockchain entrepreneurs, stating that 2018 will see airdrops become new normal for token distribution. With venture capital stepping in at a pre-ICO stage, airdrops will function as a preferable option to traditional ICO models in order to maximize network effects.

While the ICO as it exists today may be gone tomorrow, the blockchain brings evolution, not revolution. Regardless of regulatory posturing, decentralized growth capital generation will exist as long as decentralized currencies exist and are used to exchange value. Ultimately, the ICO is identical to the underlying technology that drives it — regardless of the shape it takes in future, it’s here to stay.

Article Produced By
Sam Town

Blockchain Writer at CryptoSlate

Samuel is a freelance journalist, digital nomad, and crypto enthusiast based out of Bangkok, Thailand. As an avid observer of the rapidly evolving blockchain ecosystem he specializes in the FinTech sector, and when not writing explores the technological landscape of Southeast Asia.

https://cryptoslate.com/beyond-the-ico-part-3-evolution-versus-revolution/

 

TP

Is Europe closing in on an antitrust fix for surveillance technologists?

Is Europe closing in on an antitrust fix for surveillance technologists?

               11303034873_8c5ee2b8c5_o

The German Federal Cartel Office’s decision to order Facebook

to change how it processes users’ personal data this week is a sign the antitrust tide could at last be turning against platform power. One European Commission source we spoke to, who was commenting in a personal capacity, described it as “clearly pioneering” and “a big deal”, even without Facebook being fined a dime.

The FCO’s decision instead bans the social network from linking user data across different platforms it owns, unless it gains people’s consent (nor can it make use of its services contingent on such consent). Facebook is also prohibited from gathering and linking data on users from third party websites, such as via its tracking pixels and social plugins. The order is not yet in force, and Facebook is appealing, but should it come into force the social network faces being de facto shrunk by having its platforms siloed at the data level.

To comply with the order Facebook would have to ask users to freely consent to being data-mined — which the company does not do at present. Yes, Facebook could still manipulate the outcome it wants from users but doing so would open it to further challenge under EU data protection law, as its current approach to consent is already being challenged. The EU’s updated privacy framework, GDPR, requires consent to be specific, informed and freely given. That standard supports challenges to Facebook’s (still fixed) entry ‘price’ to its social services. To play you still have to agree to hand over your personal data so it can sell your attention to advertisers. But legal experts contend that’s neither privacy by design nor default.

The only ‘alternative’ Facebook offers is to tell users they can delete their account. Not that doing so would stop the company from tracking you around the rest of the mainstream web anyway. Facebook’s tracking infrastructure is also embedded across the wider Internet so it profiles non-users too. EU data protection regulators are still investigating a very large number of consent-related GDPR complaints.

But the German FCO, which said it liaised with privacy authorities during its investigation of Facebook’s data-gathering, has dubbed this type of behavior “exploitative abuse”, having also deemed the social service to hold a monopoly position in the German market. So there are now two lines of legal attack — antitrust and privacy law — threatening Facebook (and indeed other adtech companies’) surveillance-based business model across Europe. A year ago the German antitrust authority also announced a probe of the online advertising sector, responding to concerns about a lack of transparency in the market. Its work here is by no means done.

Data limits

The lack of a big flashy fine attached to the German FCO’s order against Facebook makes this week’s story less of a major headline than recent European Commission antitrust fines handed to Google — such as the record-breaking $5BN penalty issued last summer for anticompetitive behaviour linked to the Android mobile platform. But the decision is arguably just as, if not more, significant, because of the structural remedies being ordered upon Facebook. These remedies have been likened to an internal break-up of the company — with enforced internal separation of its multiple platform products at the data level.

This of course runs counter to (ad) platform giants’ preferred trajectory, which has long been to tear modesty walls down; pool user data from multiple internal (and indeed external sources), in defiance of the notion of informed consent; and mine all that personal (and sensitive) stuff to build identity-linked profiles to train algorithms that predict (and, some contend, manipulate) individual behavior. Because if you can predict what a person is going to do you can choose which advert to serve to increase the chance they’ll click. (Or as Mark Zuckerberg puts it: ‘Senator, we run ads.’)

This means that a regulatory intervention that interferes with an ad tech giant’s ability to pool and process personal data starts to look really interesting. Because a Facebook that can’t join data dots across its sprawling social empire — or indeed across the mainstream web — wouldn’t be such a massive giant in terms of data insights. And nor, therefore, surveillance oversight. Each of its platforms would be forced to be a more discrete (and, well, discreet) kind of business. Competing against data-siloed platforms with a common owner — instead of a single interlinked mega-surveillance-network — also starts to sound almost possible. It suggests a playing field that’s reset, if not entirely levelled.

(Whereas, in the case of Android, the European Commission did not order any specific remedies — allowing Google to come up with ‘fixes’ itself; and so to shape the most self-serving ‘fix’ it can think of.) Meanwhile, just look at where Facebook is now aiming to get to: A technical unification of the backend of its different social products. Such a merger would collapse even more walls and fully enmesh platforms that started life as entirely separate products before were folded into Facebook’s empire (also, let’s not forget, via surveillance-informed acquisitions).

Facebook’s plan to unify its products on a single backend platform looks very much like an attempt to throw up technical barriers to antitrust hammers. It’s at least harder to imagine breaking up a company if its multiple, separate products are merged onto one unified backend which functions to cross and combine data streams. Set against Facebook’s sudden desire to technically unify its full-flush of dominant social networks (Facebook Messenger; Instagram; WhatsApp) is a rising drum-beat of calls for competition-based scrutiny of tech giants. This has been building for years, as the market power — and even democracy-denting potential — of surveillance capitalism’s data giants has telescoped into view.

Calls to break up tech giants no longer carry a suggestive punch. Regulators are routinely asked whether it’s time. As the European Commission’s competition chief, Margrethe Vestager, was when she handed down Google’s latest massive antitrust fine last summer. Her response then was that she wasn’t sure breaking Google up is the right answer — preferring to try remedies that might allow competitors to have a go, while also emphasizing the importance of legislating to ensure “transparency and fairness in the business to platform relationship”.

But it’s interesting that the idea of breaking up tech giants now plays so well as political theatre, suggesting that wildly successful consumer technology companies — which have long dined out on shiny convenience-based marketing claims, made ever so saccharine sweet via the lure of ‘free’ services — have lost a big chunk of their populist pull, dogged as they have been by so many scandals.

From terrorist content and hate speech, to election interference, child exploitation, bullying, abuse. There’s also the matter of how they arrange their tax affairs. The public perception of tech giants has matured as the ‘costs’ of their ‘free’ services have scaled into view. The upstarts have also become the establishment. People see not a new generation of ‘cuddly capitalists’ but another bunch of multinationals; highly polished but remote money-making machines that take rather more than they give back to the societies they feed off.

Google’s trick of naming each Android iteration after a different sweet treat makes for an interesting parallel to the (also now shifting) public perceptions around sugar, following closer attention to health concerns. What does its sickly sweetness mask? And after the sugar tax, we now have politicians calling for a social media levy.

Just this week the deputy leader of the main opposition party in the UK called for setting up a standalone Internet regulatory with the power to break up tech monopolies. Talking about breaking up well-oiled, wealth-concentration machines is being seen as a populist vote winner. And companies that political leaders used to flatter and seek out for PR opportunities find themselves treated as political punchbags; Called to attend awkward grilling by hard-grafting committees, or taken to vicious task verbally at the highest profile public podia. (Though some non-democratic heads of state are still keen to press tech giant flesh.)

In Europe, Facebook’s repeat snubs of the UK parliament’s requests last year for Zuckerberg to face policymakers’ questions certainly did not go unnoticed. Zuckerberg’s empty chair at the DCMS committee has become both a symbol of the company’s failure to accept wider societal responsibility for its products, and an indication of market failure; the CEO so powerful he doesn’t feel answerable to anyone; neither his most vulnerable users nor their elected representatives. Hence UK politicians on both sides of the aisle making political capital by talking about cutting tech giants down to size. The political fallout from the Cambridge Analytica scandal looks far from done.

Quite how a UK regulator could successfully swing a regulatory hammer to break up a global Internet giant such as Facebook which is headquartered in the U.S. is another matter. But policymakers have already crossed the rubicon of public opinion and are relishing talking up having a go. That represents a sea-change vs the neoliberal consensus that allowed competition regulators to sit on their hands for more than a decade as technology upstarts quietly hoovered up people’s data and bagged rivals, and basically went about transforming themselves from highly scalable startups into market-distorting giants with Internet-scale data-nets to snag users and buy or block competing ideas.

The political spirit looks willing to go there, and now the mechanism for breaking platforms’ distorting hold on markets may also be shaping up. The traditional antitrust remedy of breaking a company along its business lines still looks unwieldy when faced with the blistering pace of digital technology. The problem is delivering such a fix fast enough that the business hasn’t already reconfigured to route around the reset. Commission antitrust decisions on the tech beat have stepped up impressively in pace on Vestager’s watch. Yet it still feels like watching paper pushers wading through treacle to try and catch a sprinter. (And Europe hasn’t gone so far as trying to impose a platform break up.)  But the German FCO decision against Facebook hints at an alternative way forward for regulating the dominance of digital monopolies: Structural remedies that focus on controlling access to data which can be relatively swiftly configured and applied.

Vestager, whose term as EC competition chief may be coming to its end this year (even if other Commission roles remain in potential and tantalizing contention), has championed this idea herself. In an interview on BBC Radio 4’s Today program in December she poured cold water on the stock question about breaking tech giants up — saying instead the Commission could look at how larger firms got access to data and resources as a means of limiting their power. Which is exactly what the German FCO has done in its order to Facebook. 

At the same time, Europe’s updated data protection framework has gained the most attention for the size of the financial penalties that can be issued for major compliance breaches. But the regulation also gives data watchdogs the power to limit or ban processing. And that power could similarly be used to reshape a rights-eroding business model or snuff out such business entirely. The merging of privacy and antitrust concerns is really just a reflection of the complexity of the challenge regulators now face trying to rein in digital monopolies. But they’re tooling up to meet that challenge.

Speaking in an interview with TechCrunch last fall, Europe’s data protection supervisor, Giovanni Buttarelli, told us the bloc’s privacy regulators are moving towards more joint working with antitrust agencies to respond to platform power. “Europe would like to speak with one voice, not only within data protection but by approaching this issue of digital dividend, monopolies in a better way — not per sectors,” he said. “But first joint enforcement and better co-operation is key.” The German FCO’s decision represents tangible evidence of the kind of regulatory co-operation that could — finally — crack down on tech giants.

Blogging in support of the decision this week, Buttarelli asserted: “It is not necessary for competition authorities to enforce other areas of law; rather they need simply to identity where the most powerful undertakings are setting a bad example and damaging the interests of consumers.  Data protection authorities are able to assist in this assessment.” He also had a prediction of his own for surveillance technologists, warning: “This case is the tip of the iceberg — all companies in the digital information ecosystem that rely on tracking, profiling and targeting should be on notice.” So perhaps, at long last, the regulators have figured out how to move fast and break things.

Article Produced By
Natasha Lomas


Writer

Natasha is a senior reporter for TechCrunch, joining September 2012, based in Europe. She joined TC after a stint reviewing smartphones for CNET UK and, prior to that, more than five years covering business technology for silicon.com (now folded into TechRepublic), where she focused on mobile and wireless, telecoms & networking, and IT skills issues. She has also freelanced for organisations including The Guardian and the BBC. Natasha holds a First Class degree in English from Cambridge University, and an MA in journalism from Goldsmiths College, University of London.

https://techcrunch.com/2019/02/09/is-europe-closing-in-on-an-antitrust-fix-for-surveillance-technologists/

 

TP