American retail behemoth Target has come out to clarify that a tweet it posted, containing a link to a Bitcoin giveaway scam, came from a third-party software provider – not Twitter.
In an email to Hard Fork, a company spokesperson said – contrary to what it suggested previously – Target’s Twitter account was never inappropriately accessed. Rather, it appears the attackers leveraged an account owned by one of its marketing vendors to send the tweet to its audience of almost two million..
“After a thorough investigation with Twitter and our cyber security team, we’ve confirmed that an attacker accessed one of our marketing vendor’s Twitter handles yesterday,” Target told Hard Fork. “This gave the attacker the ability to post an ad on Target’s behalf, and the vendor has since implemented a number of security measures to re-secure their account.”
“We can also update what we shared yesterday and clarify that there was no inappropriate access, at any point, to Target’s Twitter account,” the spokesperson added. “Nevertheless, we have taken a number of security measures and will continue to work with Twitter to ensure Target’s account is secure.”
The retailer refrained from naming the vendor in question.
The Bitcoin giveaway scam mystery
The details provided by Target add an odd twist to the string of cryptocurrency-related breaches of big brands on Twitter, mostly for the purpose to promote giveaway scams.
In a window of less than 10 days, hackers managed to post malicious giveaway links from the accounts of politicians , film studios , government agencies , and even an official Google profile .
Twitter told Hard Fork on November 11 it is working hard on curbing the situation – moments before Google’s G Suite account posted a malicious giveaway link ( which was swiftly deleted ).
Considering the sheer volume of compromised accounts, it seems possible the hackers had gained access to a third-party app (authorized to post content from a large list of accounts).
Earlier this year, security experts warned certain, particularly inventive attackers are much more likely to target software-providers (with access to a bunch of accounts) than individual profiles. It seems the cryptocurrency scammers were paying attention.
Blockchain sharding made so simple your dog would understand
Welcome to Hard Fork Basics, a collection of tips, tricks, guides, and advice to keep you up to date in the cryptocurrency and blockchain world.
Scaling blockchain is becoming one of the technology’s great mysteries. Does anyone know how to do it? Can it even be done? Some seem to think so, but of course, it won’t be simple.
There are numerous “solutions” being offered by various developers , researchers , and academics . One such solution being explored is known as “sharding.” In this article Hard Fork is going to take a look under the hood and see what this blockchain sharding is all about.
Sharding is nothing new
The concept of sharding existed long before it became part of the blockchain industry’s lexicon. It’s traditionally used in database management to ensure the database operates at optimum speed and efficiency.
Traditional sharding does this by separating a database into a series of smaller databases that remain connected, but spread the workload over a great number of servers or nodes on that database network.
Generally speaking, none of these smaller “sharded” databases should have anything that is also replicated in another shard to reduce duplicates of data. This further serves to increase the efficiency and reliability of the database by ensuring every entry is unique.
In a database where records are not interlinked and follow a fairly basic data structure, sharding is a relatively simple process. All system architects need to do is create a database structure that operates securely and efficiently for its given use case.
This might include geographically locating databases on servers in the countries most relevant to the data they store. This is fine when your database is centralized and you have complete control over it, so what happens when you shard the blockchain?
Sharding the blockchain is, umm, complicated
One of the blockchain‘s great strengths is decentralization, so doing anything that might compromise this will make the system weaker, and possibly susceptible to attack.
Given that all the transactions stored in a blockchain are linked, it makes sharding this type of database even more complicated. But the principle remains the same, if we can shard the blockchain, we can increase its throughput and increase the number of transactions it can handle every second – which we’re told is a good thing.
How a blockchain can be sharded depends heavily on the blockchain‘s underlying consensus mechanism – by its nature a Proof-of-Work -based blockchain is very difficult to shard. As this would involve validating transactions without having access to the entire history of transactions, so new transactions would need to be validated without its history being known. Obviously, this creates a bit of a problem.
However, cryptographer Peter Todd thinks it can be done . It would require another component adding to the functioning of the blockchain, something called a “proofchain.” A proofchain effectively maintains the historical integrity of transactions, without needing to reference the whole database. It can be thought of as an audit trail, one which could be used to punish dishonest miners should the need arise.
In the case of Proof-of-Stake blockchains sharding is a little more attainable. In Proof-of-Stake there are dedicated nodes that take care of validating transactions. These nodes can only validate transactions relational to the value of cryptocurrency they are willing to stake for the opportunity. This encourages decentralization and prevents one node/staker from having too much power.
However, because the nodes only have to validate a portion of the blockchain‘s transactions, the database could be sharded and shared amongst them lowering the processing overheard and speeding up the network’s overall throughput.
It’s likely that scaling the blockchain will continue to be one of the industry’s most contentious topics. It’s impossible to dramatically increase the throughput of true blockhain-based systems without altering its underlying structure. In doing so, some of blockchain‘s core benefits, like decentralization, might be compromised.
Gwyneth Paltrow’s ‘endorsement’ of cryptocurrency is a shameless ad
Fresh off its false advertising controversy , Gwyneth Paltrow’s lifestyle brand Goop is now encouraging people to learn more about the fundamentals of Bitcoin and cryptocurrency – and how they can make their first investment. But before you rush to celebrate mainstream adoption, there are a few things we need to talk about.
Yesterday, Paltrow took to Twitter to share a Goop piece featuring an interview with Bill Barhydt, CEO of cryptocurrency wallet and exchange service Abra. The piece poses as an explainer on cryptocurrency and blockchain tech, but really – it reads like a shameless ad for Abra.
After glossing over the hackneyed arguments for blockchain – like lower fees (a highly contentious argument), censorship resistance, and heightened security measures (Goop refers to Bitcoin as “unhackable”) – the piece goes on to promote Abra and the benefits of using it.
Of course, the piece conveniently omits the fact that Paltrow herself is involved in Abra. Indeed, the cryptocurrency service announced Paltrow as an advisor last year, shortly after an appearance on Apple’s Planet of the Apps .
Nepotism aside, this isn’t the first time Goop has engaged in questionable advertising tactics. Last month, UK-based non-profit Good Thinking Society filed a complaint with the local advertising authority, accusing Goop of relying on misleading promo materials for its beauty products.
In all fairness, the actress is hardly the only celebrity that has blindly backed cryptocurrency businesses. Among others, boxing legend Floyd Mayweather , actor Steven Seagal , and rapper T.I. have promoted in trouble cryptocurrency projects in the past (and gotten in trouble for it).
In fact, the celebrity endorsement trend had gotten so bad at one point, the US Securities and Exchange Commission (SEC) issued statement to warn investors that it is “never a good idea to make an investment decision just because someone famous says a product or service is a good investment.
That’s the same approach you should take with Paltrow’s endorsement of cryptocurrency.