create account

EOS Attacked By Semi-Fake News. by baronvonbitcoin

View this thread on: hive.blogpeakd.comecency.com
eos · @baronvonbitcoin · (edited)
$11.73
EOS Attacked By Semi-Fake News.
![Skjermbilde 2018-05-29 kl. 09.47.14.png](https://cdn.steemitimages.com/DQmWPNMoK8EY7JTs8xZ63pDSNQ2xHMaNsGBLfM6YeJMcK3j/Skjermbilde%202018-05-29%20kl.%2009.47.14.png)


Update:  https://steemit.com/eos/@ash/the-epic-eos-vulnerability-is-most-likely-fixed-already

So basically, EOS team had a bounty out for bugs. The 360 vulcan team found bugs last night. This was all ready fixed before someone decided to spread FUD about it being a big deal, Long live EOS! :)



Can anyone verify this or does anyone have any more info on this?

A Reddit thread posted one hour ago claims that the 360 Vulcan Security Team posted this on their profile:

[The actual post by 360 Vulcan Security](https://weibo.com/ttarticle/p/show?id=2309404244993110866922)
[Reddit post](https://www.reddit.com/r/CryptoCurrency/comments/8mwo4c/eos_bugs_discovered_before_mainnet_launch/dzr1eb4/)

## Direct google translation of the full official article:

360 Discovery of blockchain epic vulnerabilities Full control over virtual currency transactions 360 Security Guardian Published on 2018-05-29 12:38:08 Reports Readings: 330,000+ EOS blockchain vulnerability is enough to decipher the digital system

Recently, the 360 ​​Vulcan team discovered a series of high-risk security vulnerabilities in blockchain platform EOS. It has been verified that some of these vulnerabilities can remotely execute arbitrary code on the EOS node. That is, remote attacks can directly control and take over all nodes running on EOS.

The person in charge of the EOS network said that the EOS network will not be officially launched until these issues are fixed.

Defective digital blockchain vulnerability

Vulnerabilities in the traditional software domain may be exploited to initiate cyber attacks, causing data, privacy leaks, and even the impact of real life. The digital currency itself is a set of financial systems. The security loopholes in digital currency and blockchain networks tend to have more serious and direct impacts.

Due to the decentralized computing characteristics of blockchain networks. A security vulnerability in the implementation of a blockchain node may cause thousands of nodes to be attacked. Even a denial-of-service vulnerability that is considered to be relatively harmless in the area of ​​traditional software vulnerabilities may trigger storm attacks on the entire network in a blockchain network, causing a huge impact on the entire digital currency system.

EOS SuperNode Attack: Fully Controlled Virtual Currency Trading

In an attack, an attacker constructs and publishes a smart contract containing malicious code. The EOS super node will execute this malicious contract and trigger a security hole. The attacker then re-uses the super node to package the malicious contract into a new block, which in turn causes all full nodes in the network (alternate super node, exchange reload point, digital currency wallet server node, etc.) to be controlled remotely.

Since the system of the node is completely controlled, the attacker can "do whatever it wants", such as stealing the key of the EOS super node, controlling the virtual currency transaction of the EOS network; acquiring other financial and privacy data in the EOS network participating node system, such as an exchange Digital currency, the user's key stored in the wallet, key user profiles, privacy data, and more.

What's more, the attacker can turn a node in the EOS network into a member of a botnet, launch a cyber attack or become a free "miner" and dig up other digital currencies.

Blockchain network security concerns need to be paid attention

EOS is a new blockchain platform known as "blockchain 3.0". Currently, its market value of tokens is as high as 69 billion yuan, ranking fifth in global market capitalization.

In blockchain networks and digital currency systems, there are many attack surfaces for nodes, wallets, mining pools, exchanges, and smart contracts. The 360 ​​security team has previously discovered and disclosed multiple digital currency nodes, wallets, and mines. Serious security holes in pools and smart contracts.

The series of new security vulnerabilities discovered by the 360 ​​security team in the smart contract virtual machine on the EOS platform is a series of unprecedented security risks. Security researchers have not found such problems before. This type of security issue affects not only EOS but also other types of blockchain platforms and virtual currency applications.

360 expressed that it is hoped that the discovery and disclosure of this loophole will cause the blockchain industry and security peers to pay more attention and attention to the security of such issues and jointly enhance the security of the blockchain network.
👍  , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
properties (23)
authorbaronvonbitcoin
permlinkhuge-eos-vulnerabilities-discovered-before-main-net-launch-breaking-1-hour-ago
categoryeos
json_metadata{"tags":["eos","crypto-news","cryptocurrency","crypto","ethereum"],"links":["https://steemit.com/eos/@ash/the-epic-eos-vulnerability-is-most-likely-fixed-already","https://weibo.com/ttarticle/p/show?id=2309404244993110866922","https://www.reddit.com/r/CryptoCurrency/comments/8mwo4c/eos_bugs_discovered_before_mainnet_launch/dzr1eb4/"],"app":"steemit/0.1","format":"markdown","image":["https://cdn.steemitimages.com/DQmWPNMoK8EY7JTs8xZ63pDSNQ2xHMaNsGBLfM6YeJMcK3j/Skjermbilde%202018-05-29%20kl.%2009.47.14.png"]}
created2018-05-29 07:46:24
last_update2018-05-29 08:15:03
depth0
children9
last_payout2018-06-05 07:46:24
cashout_time1969-12-31 23:59:59
total_payout_value9.554 HBD
curator_payout_value2.174 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length4,749
author_reputation1,641,962,372,034
root_title"EOS Attacked By Semi-Fake News."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id58,237,307
net_rshares2,892,299,195,940
author_curate_reward""
vote details (43)
@blaqboyikott · 
Voting: The herald of EOS's success

For unconsolidated applications on the blockchain, EOS looks promising as it provides a fast and lessfee platform but a large number of token holders have to be involved in order for it to be successful. As a more centralized project in which twenty-one voted-in supernodes assure transactions, voting is key to keeping block producers accountable and successful in supporting the large volume expected to roll out on EOS.

“As we move toward an open-source society, what will distinguish ourselves from one another will be our politics and our systems of governance. In EOS, there are three factions of governance: the Block Producer, Arbitration, and the Token Holder. The Block Producer must abide by the other two or else be removed from their position. Incentives are aligned between all groups to always be increasing the value of the network,” were the words of Kevin Rose of EOS New York which runs as a block production candidate.

The step to delegate proof of stake with twenty-one block producers is a radical departure compared to how other blockchains like ethereum function. Voting for the supernodes will begin on June 2. The EOS token holders can cast vote on who will prove transactions but at the moment, it's causing an agitated debate.

Voters need to make educated judgement on block producers for the EOS to launch successful. But before this, they have to register their tokens, research block producers, then stake their token for a three day period in order to vote. The requirements seem alot to ask for from fortuitous investors but it is necessary for the long-term vitality of the platform.

POWER DYNAMICS
Is it possible for too much power to end up in the hands of a few block producers? For example bitfinex and huobi global which are two major exchanges and also happens to be the leading contenders in the upcoming election. The two might be voted in but it doesn't mean they will have a higher volume of transaction because all the top twenty-one producers take care of the same amount of blocks per round. Some have argued that trust can only exist on the blockchain if power is adequately spreaded out allowing the nodes to keep each other in check.

With only twenty-one supernodes, the risk of one or more supernodes having excessive influence over the other is high but this small group is what gives EOS it's advantage in throughput. EOS governance model helps to keep the weight of block producers power equal. Block producers must obey arbitration rulings and the token holder referendum or risk being voted out.
200 standby nodes have been projected as economically viable while only 21 block producers are selected for each block. When a top producer is unable to perform their functions, standby nodes are ready to step in. A standby node must posses votes that can accumulate at least a100 eos per day pay out.

WHALES
Another concern is that the people with more eos will continue to have more votes than those without. This might lead to voting nodes for self interest . If the election is swayed in favor of a particular block producers, it will hinder the Democratic election process and as well compromise the integrity of the EOS blockchain.
The EOS has a constitution which exist as a ricardian contract. This helps with creating limits. It must be included on ever transaction for the transaction to be considered valid. Also 10% is the highest percentage of issued tokens an individual or group of individuals can own. Bringing this to effect would be difficult but at least it's a policy.

INDIVIDUAL MATTERS

Some are concerned that the turn out for the election might be low and this can lead to a few people having too much influence. So to help ensure a minimum turn out, 15% of all tokens must vote at launch if not, the chain will be considered invalid. An impressive turn out of voters from the start will show that EOS is supported by many decision makers who seek their delegate in form of block producers .

EOS NEW YORK, EOS TRIBE AND EOS SWEDEN and many other respected block producers and developers are building an EOS portal which will serve as an open source voting portal. This portal will help anyone with little or no technical expertise to vote with ease using scatter (the metamask of EOS).

After the project was posted on steemit, it raised more than $25,000 in support of block producers and community members within 7 days. A fair and easy to use portal can increase the number of turnout among average holders.

STAKING SHOWS COMMITMENT

Most investors won't want to stake their EOS investment for the lock-in period necessary to vote .staking shows commitment but some investors don't want to do it even though the time frame was reduced from 6months to 3days. This assurance is needed for for responsible voting.

A STRONG SHOWING TO LAUNCH EOS

A thorough and well-informed voting is key to maintaining the integrity of the EOS ledger because it uses proof of stake and not proof of work to run the blockchain. It's aim to to allow more power to average users because proof of work block chains are disproportionately controlled by large minning operations. Proof of stake has its own problems as any voting system would and can only be loved by educated and well intended voters .

By June 2, EOS voters need to do their research and votes for the supernodes which has the best interest of the community at heart. There are a 100 candidates so it might be difficult to do this. EOS success is tied to many token holders voting for the best candidates. This is a highly anticipated vote session as it is the communities first marker of success. The community will be watching for the results.

With all the above said, a platform is only as valuable as what it is built upon and what it is built with. It will take many successful elections to prove that EOS can be a successful and and working DAPP platform .
Thanks for reading
👍  
👎  
properties (23)
authorblaqboyikott
permlinkre-baronvonbitcoin-2018529t141543133z
categoryeos
json_metadata{"tags":["eos","crypto-news","cryptocurrency","crypto","ethereum"],"app":"esteem/1.6.0","format":"markdown+html","community":"esteem"}
created2018-05-29 13:16:03
last_update2018-05-29 13:16:03
depth1
children0
last_payout2018-06-05 13:16:03
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length5,953
author_reputation244,416,856,563
root_title"EOS Attacked By Semi-Fake News."
beneficiaries
0.
accountesteemapp
weight1,000
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id58,274,582
net_rshares-42,680,590,549
author_curate_reward""
vote details (2)
@scandinavianlife · (edited)
$0.22
The problem was fixed on the 29th. No need to worry. (translated from this article) "According to the information we have obtained, the vulnerability pointed out by 360 has now been repaired"

https://www.reddit.com/r/eos/comments/8mx7im/the_problem_was_fixed_on_the_29th_no_need_to/
👍  ,
properties (23)
authorscandinavianlife
permlinkre-baronvonbitcoin-huge-eos-vulnerabilities-discovered-before-main-net-launch-breaking-1-hour-ago-20180529t074835016z
categoryeos
json_metadata{"tags":["eos"],"app":"steemit/0.1","links":["https://www.reddit.com/r/eos/comments/8mx7im/the_problem_was_fixed_on_the_29th_no_need_to/"]}
created2018-05-29 07:48:33
last_update2018-05-29 08:16:06
depth1
children7
last_payout2018-06-05 07:48:33
cashout_time1969-12-31 23:59:59
total_payout_value0.168 HBD
curator_payout_value0.049 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length283
author_reputation59,925,771,741,748
root_title"EOS Attacked By Semi-Fake News."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id58,237,535
net_rshares54,281,108,896
author_curate_reward""
vote details (2)
@gweezy · (edited)
https://www.newsbtc.com/2018/05/29/security-researchers-discover-multiple-epic-vulnerabilities-in-eos-blockchain/- hoping its FUD  :/
properties (22)
authorgweezy
permlinkre-scandinavianlife-re-baronvonbitcoin-huge-eos-vulnerabilities-discovered-before-main-net-launch-breaking-1-hour-ago-20180529t075000068z
categoryeos
json_metadata{"tags":["eos"],"links":["https://www.newsbtc.com/2018/05/29/security-researchers-discover-multiple-epic-vulnerabilities-in-eos-blockchain/-"],"app":"steemit/0.1"}
created2018-05-29 07:50:00
last_update2018-05-29 07:50:09
depth2
children6
last_payout2018-06-05 07:50:00
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length133
author_reputation8,795,129,799
root_title"EOS Attacked By Semi-Fake News."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id58,237,695
net_rshares0
@baronvonbitcoin · 
## This guy certainly think its FUD..

acquiring other financial and privacy data in the EOS network participating node system, such as an exchange Digital currency, the user's key stored in the wallet, key user profiles, privacy data, and more.

Everything is on a public ledger so the last part of this with things like user profiles and "privacy data" doesnt exist. In other words this was copy pasted text from something else. EOS, much like steem, DOES NOT HAVE PRIVACY DATA. Everything is public except for your keys.

So this calls into the question pretty much everything that is said. Also this part here

which in turn causes all full nodes in the network (alternate super node, exchange reload point, digital currency wallet server node, etc.) to be controlled remotely.

To be controlled remotely. ... LOL

All of this is controlled remotely you dumb asses. Nobody sits locally at the blockchain and controls all other nodes what the fuck LOL This can never happen. AND WHATS A WALLET SERVER?? A WALLET SERVER?

So does EOS have wallet servers now? LOL

Admit it you copy pasted this shit. Swapped EOS out for something else. This actually makes me angry. You pile of human garbage claiming EOS has a wallet server node.
👍  
properties (23)
authorbaronvonbitcoin
permlinkre-gweezy-re-scandinavianlife-re-baronvonbitcoin-huge-eos-vulnerabilities-discovered-before-main-net-launch-breaking-1-hour-ago-20180529t075131219z
categoryeos
json_metadata{"tags":["eos"],"app":"steemit/0.1"}
created2018-05-29 07:51:30
last_update2018-05-29 07:51:30
depth3
children5
last_payout2018-06-05 07:51:30
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length1,232
author_reputation1,641,962,372,034
root_title"EOS Attacked By Semi-Fake News."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id58,237,877
net_rshares253,194,460
author_curate_reward""
vote details (1)
Help/Feedback