In September, a study https://arxiv.org/pdf/1909.06890.pdf about Bitcoin's Lightning Network began to emerge on the networks. Its authors - Saar Tochner, Aviv Zohar and Stefan Schmid - are convinced that Bitcoin's Lightning Network is a very fragile tool. Why? Why? Because it would be enough to connect intelligently to it to succeed in parasitizing it to the point where the majority of payments on the network could simply no longer succeed.
Theoretical foundations So let's quickly review together the main differences between the Bitcoin network and the Lightning Network, a network built in a second layer above it.
Bitcoin and its bases In the Bitcoin blockchain, the possession of bitcoins takes the form of so-called public and private key sets. A private key is produced by randomly selecting any number from 1 to 2256. This number is then subjected to a particular mathematical operation, called an elliptical curve multipl...
To understand why blockchain is important, look beyond wild speculation on what is built below.
The Internet bubble of the 1990s is generally considered a period of mad excess that ended with the destruction of hundreds of billions of dollars of wealth. What is less often discussed is how all the cheap capital of the boom years financed the infrastructure on which the most important Internet innovations would be built after the bubble burst. It financed the deployment of fibre optic cable, R&D on 3G networks and the construction of giant server arrays. All this would make possible the technologies that are now the foundation of the world's most powerful societies: algorithmic research, social media, mobile computing, cloud services, large data analysis, artificial intelligence, etc.
We believe that something similar is happening behind the wild volatility and media hype of the stratosphere of the crypto-currency and blockchain boom. The blockchain sceptics growled with joy...
"Creativity is the greatest rebellion there is. If you want to create, you have to get rid of all conditioning; otherwise your creativity will only be reproduction, copying. You can only be creative if you are an individual; as an element of mass psychology, you cannot create. Mass psychology is not creative; it lives life like a ball and chain, it knows neither dance, song nor joy; it is mechanical. »
To protect against phishing attacks, online platform providers implement a two-factor authentication process on their websites. But now, hackers can bypass this protection more easily. Two tools have been developed to automate the process and launch hundreds of attacks at a time.
Traditional phishing attacks consist in creating fake hosted login pages on web servers against them by the attacker and whose domain names are similar to those of the target websites.
Traditional phishing attacks consist of creating fake login pages hosted on web servers controlled by the attacker and whose domain names are similar to those of targeted websites. (Credit: Christiaan Colen / Flickr)
Intrusion testers and hackers have been able to add to their arsenal a method that automates phishing attacks, thwarts two-factor authentication (2FA) and is, in addition, not easy to detect and block. This toolkit was presented last month at the Hack in the Box conference in Amsterdam and was released on GitH...
Solutions : The HTTP X-XSS-Protection response header is a feature of Internet Explorer, Chrome and Safari that stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. Although these protections are largely unnecessary in modern browsers when sites implement a strong Content-Security-Policy that disables the use of inline JavaScript ('unsafe-inline'), they can still provide protections for users of older web browsers that don't yet support CSP.
Header type Response header Forbidden header name no SyntaxSection X-XSS-Protection: 0 X-XSS-Protection: 1 X-XSS-Protection: 1; mode=block X-XSS-Protection: 1; report=<reporting-uri> 0 Disables XSS filtering. 1 Enables XSS filtering (usually default in browsers). If a cross-site scripting attack is detected, the browser will sanitize the page (remove the unsafe parts). 1; mode=block Enables XSS filtering. Rather than sanitizing the page, the browser will prevent rendering of the page if an at...
To protect against phishing attacks, online platform providers implement a two-factor authentication process on their websites. But now, hackers can bypass this protection more easily. Two tools have been developed to automate the process and launch hundreds of attacks at a time.
Traditional phishing attacks consist in creating fake hosted login pages on web servers against them by the attacker and whose domain names are similar to those of the target websites.
Traditional phishing attacks consist of creating fake login pages hosted on web servers controlled by the attacker and whose domain names are similar to those of targeted websites. (Credit: Christiaan Colen / Flickr) Intrusion testers and hackers have been able to add to their arsenal a method that automates phishing attacks, thwarts two-factor authentication (2FA) and is, in addition, not easy to detect and block. This toolkit was presented last month at the Hack in the Box conference in Amsterdam and was released on GitH...