- “Overnight bitcoin, which had traded in a stable range with little of its characteristic volatility in recent months, made its latest breakout, surging nearly 5% from a $440-level, to a fresh 2016 high of $480”
Via the economist.com
[Editors Note – If someone asks you why the Banks are going to push back against Bitcoin, send them this article. If Bitcoin and other Cryptos go mainstream, it’s going to eat into the astonishing annual $1.7 Trillion of payment processing bank revenue.
A Fundamental & Technical analysis of Bitcoin, Litecoin & Ethereum,
Plus a review of all the biggest Bitcoin developments in the last month, which are adding value and utility to the Bitcoin currency and network.
Guest Post By Vitor Jesus, (Cyber Security Expert) – 04-09-2016.
Originally posted @ vitorjesusicsnetwcybersec.blogspot.co.uk,
Shapeshift.io is a startup evolving around Bitcoin (one of my lateral interests and a movement I follow quite closely). Last week they reported a coins having been stolen. More than that, Eric Voorhees writes a fascinating report of how it happened. It is a story I will be using in many talks
My first reaction, shared in a reddit post, is that they actually didn’t do anything fundamentally wrong. They’re a startup so getting the business up and running is the goal. This means they have no cybersecurity office and, worst of all, they are all tech people which unfortunately gives a stronger sense of “we don’t need a cybersecurity programme because we have firewalls”.
I have been working with tech startups with an immensely skilled army of developers and managers; but that show quite an alarming unawareness of many basic concepts of cybersecurity.
As I often say, cybersecurity is 20% about firewalls and 80% about organisational processes. In this case, what failed was the human element:
But who has never left a laptop open and logged in? I keep doing it even on public places. And how thorough and reassuring can background checks be?
There are, of course, many tactical improvements possible: secured critical operations, segregation and air gaps of critical assets, much clearer/crisper separation of duties, much much better auditing, much much much better accounting, etc. Beyond making the system harder to exploit, above all they would make it easier to understand what happened and much faster.
Sharing the story, with care not to reveal too much, was a good thing to do in my opinion. I do have a few unanswered questions but I also feel it was an honest report. It assured customers: everyone will be hacked at some point and cybersecurity is mostly about minimising damage to the least (reasonable) extent when it happens and not preventing it.
The fact that their source code is on the lose is alarming though. They should subject it to a thorough analysis (by a 3rd party!) and setup a bug bounty programme. They are a business that relies on exposure to the public internet and I can only imagine how many people are trying to exploit it.
Finally, in the words of Eric Vorhees, there is also this valuable lesson so well formulated:
“Though it sounds cliché, (…), do yourself a favor and bring in 3rd party professional help very early. We hadn’t needed it at first, because we were small. But growth creeps up on you, and before you know it you are securing significant assets with sub-standard methods”
By Renegade Investor – Renegadeinvestor.co.uk
The similarities between the 2008 Global financial crisis, the birth of Bitcoin and the (2000) horror film ‘Final Destination’ are so stark; it borderlines on outright eerie.
[Editors note: Entrepreneur Vinny Lingham has had some of the most accurate Bitcoin price predictions over the last few years, and his new predictions are eye opening to say the least!]