Win a copy of AWS Security this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Junilu Lacar
  • Henry Wong
  • Ron McLeod
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Frits Walraven
  • Tim Holloway
  • Carey Brown
  • Piet Souris
  • salvin francis
  • fred rosenberger

Building Ethereum DApps: The cyber crime is a real thread ?

Ranch Hand
Posts: 140
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Dear Sir,

As a developer interested en the Ethereum technology something that concerns me it is the security of such platforms and the fraud caused by others,
by that I mean the cyber crime that consist in stealing bit currency by gangs of hackers -not sure what to call it-. As a consequence, developers working in
block chain can suffer job loss, reputation damage and even prosecution.

Do you think that today's block chain currency are safe or there is room for improvement ? Today are these kind of frauds real threads  ?

Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ludoviko,

you are right, there have been many cases of hacking, theft and malicious behaviour in the blockchain space by many parties: developers, crypto-exchange owners, etc. As it happens in other industries, the community is formed of a majority of good people and a minority of bad people that cause pain and damage to the rest. Not many people are probably aware of the Bitcoin MT GOX hack that in 2014 ended with the theft of $450M in bitcoin. And not too many people know about the hack to the Ethereum DAO, the first big scale Dapp, which in 2015 cost around $150M in investment losses and required a major blockchain fork to roll back the damage. These hackings happened before the big-boom of December 2017, when cryptocurrencies and blockchain became mainstream. In the last few months you might have heard other episodes, such as the suspicious death of the CEO of a Canadian crypto-exchange that was alledgedly the only person to own the private keys of the exchange accounts, with a loss for his customers of around $200M. These news definitely contribute to damage the reputation of cryptocurrencies and also to the blockchain industry. And I believe, given the hype on the technology and the economic value involved, it is very easy new episodes will happen again.
I believe most of the hackings are due to the general inexperience of the whole industry. You would think that the developers of the crypto-exchanges should be so experienced in cryptography that hacking should be very unlikely. Yet the fact that these hacking episodes have been relatively frequent, proves that the industry is learning "the hard way" because good practice has yet to be defined. For example, the famous Ethereum DAO hacking was launched against a project developed by some of the most experienced Ethereum developers at the time, who obviously did not forsee all the possible "bad scenarios" that could have happened.

In the last couple of years Ethereum and other blockchain technologies have become more robust. For example, Solidity, the main EVM smart-contract language, has phased out some of the most vulnerable features which were being exploited by attackers.

In my book I cover security extensively, especially in chapter 14, which is entirely dedicated to the topic. I explain the most common attack strategies and I recommend how you should defend against them. I also give many pointers for further learning.

Hopefully going forward smart-contract languages and tools will become more robust and hacking cases will become less frequent.
Drove my Chevy to the levee but the levee was dry. A wrung this tiny ad and it was still dry.
Devious Experiments for a Truly Passive Greenhouse!
    Bookmark Topic Watch Topic
  • New Topic