In the past year blockchain technology and digital currency, such as Bitcoin and Ethereum, have gained some incredible traction. Normal people are buying it, developers are building it, and companies are using it. Too often, however, the technology is being portrayed as a silver bullet. Is it going to end poverty and create world peace? Probably not. But is it going to have a big impact? Absolutely yes. Continue reading “Changing the world, one block at the time”
I’ve been writing about blockchain technology and Ethereum for a while on my blog. But as these technologies are becoming wider spread I’ve found it challenging to explain these concepts to people not familiar with them. There’s a few layers of technology that are important to understand. Continue reading “Simple yet comprehensive explanation of blockchains”
Up until a few weeks ago I never used tools like password managers or digital keychains to keep track of my passwords, recovery codes etc. I’ve had a system in my head for each service and password where I consistently could (kind of) encrypt each password into a 16 character long string. All passwords were unique for private as well as work. However, it’s become harder and harder to maintain this system and keep track of everything. It’s also been a bit inconsistent because I’ve had to keep things such as two-factor authentication recovery codes on an encrypted external hard drive which isn’t easy to access when I need it. I needed a better system. Continue reading “Padlock – my new password manager”
Any amount of security research, auditing, formal verification or bug bounty programs will never get around the fact that humans make mistakes. Security is not only defined by the software we write, equally important is how we react to vulnerabilities when they are found. In this post, I propose a decentralized autonomous organization called Ethereum Security Consortium (ESC) along with the Ethereum Vulnerabilities Reporting Framework (EVRF) that both exist to standardize disclosure, identification, naming and communication of security vulnerabilities related to Ethereum — our new decentralized web.
A common usability problem with cryptographic systems like blockchains is that accounts, smart contracts and content on the blockchain are addressed with hashes like
0x7eF963588706a8d39D481634eB46f5c54A04c584. These addresses are easy for machines to securely verify but hard for humans to type and remember. And anything that’s difficult for humans creates vulnerability vectors, like phishing attacks by using an address that looks similar but is owned by a malicious person. Continue reading “Building dapps on Ethereum – part 5: Ethereum Name Service and Swarm”