Latest Articles

How Major Websites Are Failing to Keep Our Data Safe

High-profile computer hacks remain top of mind in the public’s perspective of how their data exists online, and it’s no stretch to say that most websites do not do a good enough job of protecting us. Perhaps, with blockchain technology, a better web can be built.

High-Profile and Unknown Attacks

Equifax was one of the biggest such hacks, affecting nearly 150 million people. And late last month, news hit that hackers had attacked Marriott Hotels’ reservation systems and have managed to access the data of around 500 million people in one of the biggest data breaches in history. (To understand the breadth of this hack by comparison, the current population of the U.S. stands at around 329 million.)

The publicity around these kinds of breaches is terrifying enough for those who care about who’s accessing their personal data online. However, it’s even more disconcerting to think that our data could be compromised on major websites and we aren’t even hearing about it.

For instance, Branch.io provides a mobile traffic attribution service used by many big-name websites including Pinterest, Tinder, Yelp and Airbnb, to name a few. A team of security researchers at VPNMentor were researching client-side security when they came across a vulnerability in Tinder’s security.

After some further research, they found that the vulnerable endpoint was not owned by Tinder but by Branch.io. The attribution software had set up a hidden subdomain (go.tinder.com) that had a cross-site scripting flaw. This vulnerability meant that hackers could easily insert malicious links. If users clicked on one of these links while logged into their Tinder account, then hackers could easily get access to the users’ profiles and data.

Although Branch.io quickly released a patch for the vulnerability, Tinder was not the only service affected — potentially all Branch.io clients using that software were affected. This means that the data of up to 685 million users were at risk from the vulnerability.

Although Branch.io has now fixed the issue, there is no way of knowing if hackers exploited this vulnerability or the extent of the damage if they did.

How Decentralization Can Help

Unfortunately, it's impossible to reverse the damage for data that may already have leaked. It’s also up to individual websites’ policies and procedures to fix the issue going forward. However, blockchains could offer some potential solutions, depending on how flexible our favorite sites are in their adoption of the technology.

If websites begin to accept cryptocurrencies more widely, they would have a far greater assurance of privacy over their payment data compared with using credit cards. Blockchain-based payment services would be more secure for customers making payments and could offer lower fees for sellers receiving and withdrawing their revenues.

Ripple could be a viable alternative. Other options include coins with a privacy focus, such as Dash, which would assure customers that nobody on the other end of the transaction can easily access their personal data.

Also, customers and sellers could start making purchases on secure, blockchain-based marketplaces wherever possible. Although there isn’t currently a blockchain retailing behemoth matching Amazon’s scale, there are alternatives. OpenBazaar, for example, is a peer-to-peer marketplace that uses smart contracts to hold payments in escrow in case of any nondelivery or other dispute. The platform supports a range of cryptocurrencies for both buyers and sellers.

Ultimately, major websites must take it upon themselves to act responsibly in securing customer data, even where they use third-party software. Blockchains provide multiple methods for companies to fulfill their user-privacy responsibilities better. As blockchain solutions become more prominent, if online companies continue ignoring this kind of issue, they may find themselves in hot water once customers realize what’s going on. In which case, the current online giants may find that their neglect hits them where it hurts most — share price.

ETH Price Analysis: Why Gains Are Being Lost

Distributed Summary:

  • ETH-USD failed to break overhead resistance in the $160 range. This coincided with a failed retest of the supply and demand channel as the market saw a strongly overbought condition.
  • We are currently stuck between support and resistance, but it seems very likely that we will see a retest of the low $90s before any potential bullish pressure hits the markets. If, for whatever reason, we begin to rally, we need to see a decisive, strong close above the $160 level before any macro-trend-changing behavior is seen.

Bitfury Launches Music Project on Exonum and Bitcoin

Bitfury, a developer of blockchain-based hardware and software products, has announced a new initiative: Bitfury Surround. The project aims to build an open-source platform that streamlines operations in the music entertainment industry.

ING Partners With R3 to Adopt Corda Enterprise Blockchain

Distributed Summary:

  • Over five-year partnership, ING plans to leverage applications built on R3’s enterprise blockchain platform
  • Bank receives “unlimited number” of licenses for Corda Enterprise
  • Could mark a significant financial use case for distributed ledger technology

Bitcoin Now Available Through Coinstar Kiosks Nationwide

Distributed Summary:

  • Coinstar and Coinme team up to offer bitcoin-for-cash transactions at grocery stores around the country
  • Twitter users have shared photos of the on-screen process