Home Blog Page 3

Friends Don’t Let Friends Do Bad Crypto

0


Dan Elitzer is the blockchain and digital identity lead at IDEO CoLab, an R&D network that explores the impact of emerging tech through cross-industry collaborations.

In this opinion piece, Elitzer explains why designing for security requires thinking about platforms beyond one’s own.


Recently I met with the founding team of a group building a project in the cryptocurrency space. They walked my IDEO CoLab colleagues and me through their web app, showing how users could buy and store bitcoin or ether in a custodial wallet, and then use those funds in a variety of ways. I noticed that they also had an option to enter a private key directly to make a transaction.

RED ALERT!

First rule of crypto: never, ever, EVER share your private key.

priv keys dont Friends Dont Let Friends Do Bad Crypto
Seriously. Just don’t. (gif by IDEO CoLab)

Corollary: Be extremely skeptical, if not outright suspicious, of any service or communication requesting your private key.

Having met with this team previously and knowing their impressive backgrounds, I asked – relatively calmly – why they were asking for a private key. The chief technology officer explained that they were implementing a MyEtherWallet-style tool for signing transactions in the browser, so the private key would never be sent to their server.

The intent was to allow users to easily use the service without having to let the platform take custody of funds, while also eliminating the friction associated with having to open up a separate wallet application to generate, sign, and broadcast a transaction. It removes a few steps  –  hooray for user experience  –  but does the shortcut really warrant the trade-offs?

I’m very sympathetic to the view that UX in the crypto world is horrible and there’s a need to get creative in exploring opportunities for simplification. And as the team pointed out, from a technical perspective, they would not be exposing users to any more risk than if those users entered their private keys on MyEtherWallet.

That’s true  –  they could implement the exact same open source code as MyEtherWallet. I trust that they would do this properly and I expect that some meaningful amount of their future users would be willing to trust them and feel secure entering private keys on this website.

However, my concern is not primarily whether they could securely implement in-browser transaction signing; as I said, I trust both their competence and their intentions.

What worries me more is that this gives the false impression, especially to those new to cryptocurrencies, that it is OK to enter your private key on a website.

Basic information hygiene

Most people are used to operating in the context where if a password is compromised, even for a bank account, usually the damage is at least somewhat reversible. Crypto is different: if you share your private keys, you lose everything. There is no recourse for getting back your stolen bitcoin, ether, or other tokens.

A secure, trustworthy service requesting private keys normalizes the concept of users sharing private keys with services that they use. This is bad.

Even if the company in question is trustworthy, it is a virtual guarantee that everyone buying, using, or participating in the cryptocurrency ecosystem in any way will at some point encounter a hacker or scammer trying to steal their money. Training users that a request to enter their private keys can be legitimate increases the likelihood that those users will fall victim to a scam in the future.

An analog to this is when a traditional financial services company calls a customer about an issue and requests that the customer provide data like their account number, address, or last 4 digits of their Social Security nunber before proceeding.

NO!

Do not train your customers to share information or attempt to conduct any account-related interactions on a phone call that the customer did not initiate him or herself!

(For anyone to whom this is news: please always, always, ALWAYS end such calls immediately and call back through a support line listed on the website of the company in question.)

A high bar of trust

During a deep conversation that revealed the team had given a lot of consideration to security and usability tradeoffs, the startup CEO asked, “Why is it okay for MyEtherWallet to ask users to enter their private keys or upload their keystore files, but not OK for us to do so?” That’s a fair question.

First, I would assume that the majority of people entering their private keys to use MyEtherWallet originally generated those private keys on MyEtherWallet with the intention of using them on MyEtherWallet in the future. If you already trusted a website or application to generate your keys, you’re not greatly expanding your attack surface by continuing to trust them when you go to use those keys.

Second, there’s a special role that wallet software and services play in this ecosystem. They are the agent that mediates the user’s interaction with the rest of the cryptocurrency ecosystem and it is absolutely imperative that the user trusts that their wallet is presenting accurate information to them and is behaving in accordance with the user’s intent. As such, there is an incredibly high bar of trust that wallet developers must achieve before knowledgeable cryptocurrency users will consider using them to manage their assets.

If the cryptocurrency ecosystem is ever going to develop in such a way that tokens are useful for applications beyond just investment or speculation, we’ll see hundreds, thousands, possibly even millions, of services built that include interactions where users need to generate signatures with their private keys. Expecting people to be able to discern whether they should trust a new service they encounter with their private keys is untenable.

Beware impostors

One suggestion a colleague of mine had was for MyEtherWallet (or another highly trusted service) to create a transaction-signing widget that could be embedded in other sites, so users could be confident entering their private keys. The startup CEO even suggested that the company might even create such a tool itself and publish it for others to use. While I applaud the sentiment of building something useful and sharing it with others, the problem is not one that can be solved in this way.

Let’s say MyEtherWallet did create a branded transaction-signing widget. How would visitors to a site with the widget embedded know that it was a genuine MyEtherWallet widget rather than a lookalike that would steal their private keys? “They can just do a checksum.” Well, to trust that a checksum is valid, the user would need to first know what a checksum is, then run it themselves. Any visual cue as to the validity of the widget or checksum could easily be faked.

Unless and until it becomes reasonable to assume that an overwhelming majority of users have their own agent software automatically verifying signatures and running checksum functions, using easily faked visual cues to signify security will only increase the vulnerability of your users.

We’re all in this together

It turns out that this wonderful, trustless future that so many of us are striving to create isn’t actually so trustless.

In fact, it’s not even trust-minimized.

It’s trust-specified: we need to be very specific about who we are trusting for what tasks. It’s incumbent on all participants in the cryptocurrency ecosystem to help users develop an understanding and intuition for this by only asking users for the bare minimum amount of trust and permissions that we need and pointing them to reputable services who follow best practices in security and disclosure for all other functions.

Our responsibility to our users does not end when they leave our site or close our app. Behaviors they learn from us  –  or that we contribute to normalizing  –  will guide whether and how they interact with the myriad of other services they encounter in the future. In an industry where user mistakes are frequently irreversible, it’s incumbent upon all of us to keep the aperture of user expectations as narrowly focused as possible on the least risky behaviors.

We can build a more secure and more user-friendly future for everyone, but only if we stay vigilant about security for our users across all services they interact with, not just our own.

If you have any good examples of nudging users towards more secure behavior or best practices for secure UX design, please share in a comment below.

Exposed password image via Shutterstock

The leader in blockchain news, CoinDesk strives to offer an open platform for dialogue and discussion on all things blockchain by encouraging contributed articles. As such, the opinions expressed in this article are the author’s own and do not necessarily reflect the view of CoinDesk.

For more details on how you can submit an opinion or analysis article, view our Editorial Collaboration Guide or email [email protected].



Source link

Survey Says Bitcoin Holders Won’t Sell Until Well Over $100K

0


Webp.net resizeimage 2 1068x1068 Survey Says Bitcoin Holders Wont Sell Until Well Over $100K



Featured

Three surveys in as many months of residents in the United States, encompassing more than 2,500 people, reveal growing interest in bitcoin and cryptocurrencies. The latest survey introduces eye-popping specifics regarding general belief in bitcoin’s power and a hodl strategy that’s nearly unimaginable.  

Also read: Survey Respondents Say Bitcoin to Reach $10,000

survey 1 Survey Says Bitcoin Holders Wont Sell Until Well Over $100K
Lendedu.

Lendedu Survey Results Urge Optimism

Lendedu, provider of transparent private student loan programs, commissioned a series of three surveys on the subject of cryptocurrencies and US residents’ attitudes. Each of the first two comprised 1,000 respondents, and covered bitcoin, ether, and ripple. The third in as many months, released 15 November 2017, halved the previous respondent numbers to focus exclusively on bitcoin investors.

The online poll was conducted by Pollfish, a 24/7 online survey platform utilizing mobile applications, over five days: 9 November through 13 November.

Lendedu stresses it “was not compensated by a third-party for running this survey,” and has “no financial relationships with any companies who market Bitcoin or cryptocurrency products.” As of the third survey’s publication, “none of the employees on Lendedu’s editorial team own Bitcoin,” they note.

Out of the gate, its first question was to ask why respondents were invested in bitcoin. Of the available choices, from store of value to its price, and even the bandwagon effect of friends and family, over 40 percent chose, “I believe Bitcoin is a world changing technology.”

23667320 10154790285151621 2140234139 n Survey Says Bitcoin Holders Wont Sell Until Well Over $100K
Lendedu.

Now that is Hodl Philosophy

“On average, respondents reported that the current value of their Bitcoin investment was $2,930.85,” the poll claims. “At the time of the survey completion, the price per Bitcoin was $6,490.”

More than half profess not to worry about security aspects of bitcoin, and two-thirds have yet to sell any of their bitcoin. Only 35 percent refuse to report bitcoin earnings to the IRS.

The one statistic that really jumps out is the final question’s answer. It asks at what price “would you be willing to sell all of your Bitcoin investment?”

survey 2 Survey Says Bitcoin Holders Wont Sell Until Well Over $100K

“On average,” the poll reveals, “respondents reported that they would be willing to sell all of their Bitcoin investment at $196,165.79 per Bitcoin.” Considering the average respondent is apt to have bitcoin for only three years, this might show how utterly bullish investors are.

The survey did find “over 21 percent of Bitcoin investors are planning to hold their investments for over seven years, with 11.70 percent of those planning to hang onto their Bitcoin for over 10 years.”

What do you think of the survey’s results? Tell us in the comments below!


Images courtesy of: Pixabay, Lendedu, Pollfish


At Bitcoin.com there’s a bunch of free helpful services. For instance, check out our Tools page!



Source link

PR: Pura to Be Listed on Kucoin Exchange: Trading Starts on Friday November 17

0


pr PURA option 1 PR: Pura to Be Listed on Kucoin Exchange: Trading Starts on Friday November 17

This is a paid press release, which contains forward looking statements, and should be treated as advertising or promotional material. Bitcoin.com does not endorse nor support this product/service. Bitcoin.com is not responsible for or liable for any content, accuracy or quality within the press release.

KuCoin prides itself in listing a unique variety of high-quality projects, far beyond the offering of other exchanges. PURA will be joining this special list on November 17, 2017. KuCoin traders will have access to PURA/BTC and PURA/ETH upon listing.

Users can start depositing and trading PURA on KuCoin November 17, 2017 at 13:00 (GMT +1).

Special PURA Listing Promotion:

As a special perk, traders will receive a bonus when choosing KuCoin as their exchange. Starting from November 17 until November 19, traders depositing BTC or ETH on KuCoin will receive the following rewards:

10 free PURA when depositing 0.1 BTC or 2 ETH*.
75 free PURA when depositing 0.5 BTC or 10 ETH*.

* Traders must keep their BTC or ETH on KuCoin for at least a week before receiving their PURA rewards. Of course you will be able to trade with these funds but you must keep them in the exchange for at least a week before receiving your reward.

About PURA:

PURA is a private, instant and secure international digital currency that allows individuals to transact instantly without having to depend on middlemen like banks or payment providers. Expenses for using external payment gates are also eliminated, making transactions private and more cost-efficient.

PURA distinguishes itself from other cryptocurrencies through its deep commitment to social responsibility and protecting the planet. As the world’s first socially and environmentally conscious cryptocurrency, PURA will soon be programmed by protocol design to contribute 10% of its mining rewards to the common good.

PURA only funds fully-transparent, blockchain-tracked, sustainable, environmental and social projects around the globe, removing the need to simply trust a nonprofit or prosocial cause based on good faith alone.

Their soon-to-be launched PuraPlanet update is the biggest step towards accomplishing this goal. PuraPlanet is the treasury, and PuraMission is the funding platform that seeks to list, fund and track sustainable, environmental and social projects around the globe.

You can read all updates and details about the project here: https://pura.one/

About KuCoin

KuCoin is a newly-launched cryptocurrency exchange; it started operations in September 2017 and is already making a big impression on traders and users thanks to its innovative listings, partnerships and user rewards.

Users can earn rewards in exchange for using the platform and holding the exchange’s token KucoinShares (KCS). Dividends are dependent on the number of coins each user holds and they are paid daily.

Users can also get a discount on trading rates, or earn 40% commission by referring other traders to the platform. In total, KuCoin gives 90% of its trading fee to users, while keeping 10% for a token buyback fund.

The long-term goal of KuCoin is to become one of the top 10 exchanges in the world, they have quickly gained traction by collaborating with many established communities and listing new tokens based on user’s opinions and requests.

They are often compared to Binance thanks to their simple User interface, fast transactions and good design. At the same time, they have gained notoriety for good customer support which has been well received by traders and users frustrated with larger exchanges’ lack of response to support requests. People have started calling it ‘the people’s exchange’

These are all of KuCoin’s markets at the time of writing: KuCoin Shares, Monetha, Walton, Ether, Hshare, Kyber Network, OmiseGo, Everex, Eos, GAS, NEO, Red Pulse, LiteCoin, QTUM, Bytom, Civic, TenX, Status, Black Hole Coin, Modum, Change, Raiden Network, Confido, Unikoin Gold.

Sign Up to KuCoin here: https://www.kucoin.com/#/signup

You can find all announcements about KuCoins future listings here: https://news.kucoin.com/en/category/announcements/

If you would like to get your token listed on KuCoin you can contact them here: http://kucoinform.mikecrm.com/tAssDWK

For business and other enquires you can email us here:
[email protected]
[email protected]
Supporting Link
kucoin.com

This is a paid press release. Readers should do their own due diligence before taking any actions related to the promoted company or any of its affiliates or services. Bitcoin.com is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in the press release.



Source link

Crypto Goes Hollywood: “Startup” Season 3 Greenlit by Sony Pictures Television

0


Webp.net resizeimage 3 1068x1068 Crypto Goes Hollywood: Startup Season 3 Greenlit by Sony Pictures Television



Reviews

Online streaming service Crackle looks to capitalize on the growing cryptocurrency craze, greenlighting a popular show for a third season. Startup uses nascent fascination with the future of money and builds intersecting storylines around four characters as they struggle between the seemingly clean and clear world of technology and the dirty, murky world of real life. 

Also read: Popular TV Shows are Now Mainstreaming Cryptocurrency

sony Crypto Goes Hollywood: Startup Season 3 Greenlit by Sony Pictures Television

Startup Season 2, Episode 1, Disruption

Bitcoin purists will have to visit optometrists, demanding eyes returned to place from back of their heads due to excessive rolling at the plot structure to Startup. “Oh, cryptocurrency being used for drugs and general criminality!” cynics will shout. “What an original idea!”

That written, I enjoyed Startup. Sony Pictures Television reached out to me for a review, and inexplicably linked to the first episode of its second season (posted binge-style this fall). I honestly was unaware of the show, and nothing about its opening alerted me to my being a full season behind.

Nevertheless, Ben Ketai (writer, director, executive producer) explains: “This past season was exciting with nods to relevant and timely topics like corporatization of the internet, Bitcoin and the darknet that made for some great storytelling.”

sddefault 1 Crypto Goes Hollywood: Startup Season 3 Greenlit by Sony Pictures Television
Martin Freeman

Startup is set in Miami, amid tech moguls, vibrant law enforcement, Cubans and Haitians. They’re all attempting to grapple with the curious subplot of cryptocurrency, a corporate-backed token called Gencoin. Drugs, murder, corruption; old human vices are contrasted with the light of a world-changing innovation.

I last remember visiting Crackle, Sony’s online answer to Netflix, back when it touted Seinfeld episodes and entire seasons of The Larry Sanders Show. After I clicked the link this time, I was pleasantly surprised at its improvements.

The interface is lush and fat, not busy at all, totally unobtrusive. I was able to stream without issue, and save for five commercial breaks, it was a pleasant fee-less viewing experience.

Hobbit and Hellboy

It’s shot film-style, multiple cameras and on location. The sound is aggressive, slamming, filled with uptempo contemporary music. Lighting is dim, giving it that gritty vibe.

It’s pretty great to see Crackle attempt original programming too. Dramas are an expensive and losing art, as more broadcasts tend to focus on absurdism, documentaries, comedies. Cool as well to watch a fight scene, with lightly sped-up sequences, serve a larger narrative.

gencoin 2 Crypto Goes Hollywood: Startup Season 3 Greenlit by Sony Pictures Television
Otmara Marrero

Four main characters are continuing battles from Season 1, evidently. To me, that’s compellingly confusing. I paid much more attention to the nuance of dialog as a result. Acting in such a circumstance can come off stilted and unconvincing. Here, it does not, and that’s a huge compliment to Startup‘s cast and writing. Each character has depth, causing viewers to want to learn more.

And speaking of the cast, bitcoiners will no doubt recognize Martin Freeman from his role as Bilbo Baggins in The Hobbit, and Hellboy’s Ron Perlman; both have prominent roles in the series.

Fear

Pope Gregory XVI ranted against innovations such as railroads, labeling them “chemins d’enfer” – roads to hell. Luddites destroyed production machinery as a form of labor protest, but also out of fear they were being replaced. Even Mary Shelley’s Frankenstein has been taken as a rebuke against innovation and science.

Startup for sure plays into these perennial concerns, but it does so in a manner that proves the general rule of cryptocurrencies: they’re a life-changing way to do money.

What do you think of Startup and shows like it? Tell us in the comments below!


Images courtesy of Crackle. 


At Bitcoin.com there’s a bunch of free helpful services. For instance, check out our Tools page!



Source link

BTC Pushes All-time Highs and Tests Historic Resistance

0


Throughout the life of bitcoin’s two-year bull run, it has been confined within two macro trends: one parabolic and one linear — both on a logarithmic scale:

Figure 1 CIHIR75.original BTC Pushes All time Highs and Tests Historic ResistanceFigure 1: BTC-USD, 1-Day Candles, Macro Trend

The parabolic envelope (black curves) has confined the entire bull run throughout the last two years. Over the weekend, we saw a test of the lower curve that proved to be proper support and propelled the market into a bounce that now has the market testing the upper linear trendline (purple lines) at the time of this article:
Figure 2 CUlKxGS.original BTC Pushes All time Highs and Tests Historic ResistanceFigure 2: BTC-USD, 2-Hour Candles, Test of Upper Trendline

As the bitcoin market approaches the upper trendline, the price action will coincide with a test of the previous all-time high. Expect this to be a point of resistance with possible market turbulence. However, if we manage to break that resistance level and hold support above the trendline, there is no clear resistance until we test the parabolic envelope in the upper $8,000s.

If we look at the macro indicators for this move, we see some signs that have proven to be indications of short-term rallies leading to corrections:

Figure 3 cocht7o.original BTC Pushes All time Highs and Tests Historic ResistanceFigure 3: BTC-USD, 1-Day Candles, Bollinger Band Trend

The last two corrections bitcoin has seen came on the tail of a minor pullback that rebounded to a new all-time high. The one-day candle trend is, so far, showing a repeated pattern that has led into a reversal each time it tested the upper parabolic curve. A rounding of the Bollinger bands during an upward move (shown in purple) is a forecast for decreased upward volatility that will lead to either a consolidation period or a reversal to the lower Bollinger bands.

While a reversal is not required of this move upward, one can speculate that once the price tags the upper parabolic curve, we could see a pullback to the lower Bollinger bands on the one-day charts. A pullback to the lower Bollinger bands would see support quite nicely with the lower parabolic curve.

One of two outcomes can be expected from this move upward: either we will test the upper parabolic trendline and reverse, or we will break above and consolidate before continuing on a very strong bullish move to new highs.

However, these macro moves have become increasingly more demanding on the market as we continue to get squeezed within the parabolic envelope. The forecast of the Bollinger bands indicates we are not likely to see a sustained move higher without a consolidation period or a pullback.

Summary:

  1. Over the weekend, bitcoin saw another test of the lower parabolic curve that proved to be strong support.

  2. After testing the parabolic curve, the market rebounded and has now established a new all-time high.

  3. If this trend continues, bitcoin could see prices in the mid to upper $8,000s before any noticeable resistance stands in the way of the price growth.

Trading and investing in digital assets like bitcoin and ether is highly speculative and comes with many risks. This analysis is for informational purposes and should not be considered investment advice. Statements and financial information on Bitcoin Magazine and BTC Media related sites do not necessarily reflect the opinion of BTC Media and should not be construed as an endorsement or recommendation to buy, sell or hold. Past performance is not necessarily indicative of future results.



Source link