Blockchain as a whole and it's correlation to security

in #security8 years ago

Image and video hosting by TinyPic

Maintaining secrets is practically impossible for the vast majority of the population. The only solution that has been reliable is to use multiple signatures from keys stored on different devices.mNormal people are not capable of, or do not want to be responsible for, securing secrets. It is too much stress. One wrong move and you are either locked out forever or your funds are compromised.

My mission has been to find free market solutions for securing life, liberty and property. In this case, we need more robust solutions for securing cryptographic property.

Property is an abstract concept. It is the idea that something belongs to an individual, a social convention that facilitates trade and trust.

Private keys are an identity verification system. They provide strong evidence that a particular individual made a particular statement. But this evidence depends upon a secret being maintained. Not just any secret, a secret so long and complex that people cannot easily remember it. A secret so long that it impacts usability.

A system that replaces real identity with imperfect evidence is fundamentally broken. It will not get people justice. People will not feel secure. A better solution is needed.

Blockchains create a public record that tracks who owns what. Private keys are used to sign transactions so that everyone can validate all property transfers and eliminate any disputes over who owns what.

The problem is that private keys are not an identity. They are mere evidence. Disputes can still arise when two people both have access to the same private key.

It is tempting to say that Keys areidentity, but this would be mistaking the map for the reality. This stance does not map to peoples intuitive sense of justice. It is an engineering cop-out designed to evade the hard problem of governance and dispute resolution.

We have seen with The DAO, Bitcoin, and Steem hard forks that in the event of a bug, exploit, or theft that the community can and will take action to get justice.

I have long been an advocate that ignoring a problem doesn’t make it go away. If you don’t provide a governance structure then an informal one will be created. If you are unable to achieve a workable governance model then progress will stall and people will leave.

On a social network we have a new kind of proof, social proof. We know who people are and generally know when someone was hacked.

Unlike money, posts and votes made by an attacker are often clearly out-of-character for someone. This makes it very obvious to everyone in the social network that an injustice has occurred.

When an account posting key is compromised everyone loses. All of a sudden someone’s feed can get filled with ads, their hard earned steem power (aka reputation) can be abused. They can vote up garbage, vote down good stuff, or simply flood the network causing congestion for other users.

The rules of Bitcoin and other crypto-currencies do not apply the same way to a social networking blockchain. It is a different market with different requirements. Here are some of the things that the network should be able to reach consensus on without requiring a hard fork.

account theft and return to original ownerposting authority theft and temporary censoringAccount Owner Theft

An account can only be stolen when the owner key changes. In many cases it is easy for the public to identify the real owner and in 99.9% of cases, accounts are not bought and sold.

#steem #steemit #password #login #unsecured #hack #unauthorized
8 years ago in #security by
$0.00
    6 votes
    Reply 0