Skip to main content
banner image
venafi logo

“I Bought My House on Blockchain” and Other Possible Futures [Encryption Digest 10]

“I Bought My House on Blockchain” and Other Possible Futures [Encryption Digest 10]

blockchain and encryption
September 5, 2019 | Katrina Dobieski


This week, we again explore the breaking points of encryption, while basking in its unexplored potential. It’s a complicated relationship. Japan races to be quantum ready, struggling to catch up with China and the US, and what was thought to be secure communication in China—isn't. And it may not even be China’s fault. How Telegram may have let down it’s pro-democracy users with the fine print, and why your firewall provider may need a firewall provider. Plus, at a time where blockchain never ceases to amaze us, we’re asking it to do one more trick—all in this week’s Encryption Digest.
 

 

Hong Kong Pro-Democracy Activists Left Exposed by Telegram Flaw 

“Need help from @telegram.”  
 

Popular among democracy seekers in China, (banned-but-cracked) Telegram is the app-based communication haven for Chinese activists who would otherwise be putting their wellbeing at risk. Well, it may not be such a haven anymore. 
 

According to the Chinese software developer who outed the vulnerability on Twitter, the app allows those who have your number to see who you are on public messaging boards, even though you may have turned the settings to private. In a few swift steps, the Chinese government could pair with local Telcos to track those numbers to the users themselves. 
 

To protesters who already claim to have been targeted by the Chinese government, this is a bug. To Telegram, simply a little-known feature.  In either case, this parallels the encryption backdoor debate, showing what could happen when—by any means—a government has increased access to what were intended to be secure communications.  
 

Related Posts: 

 

Japan Goals Quantum Encryption in 2025 

In the race to quantum computing, no one wants to be left behind.  
 

China had quested quantum information science as a flagship in their 2006-2020 plans and has already constructed a quantum landline between Shanghai and Beijing. It works. The United States has been investing heavily in quantum cryptography, and Japan is now formalizing plans to follow suit. 
 

$14 million dollars will be petitioned for research and development in 2020, per Japan’s Ministry of Internal Affairs and Communications. The country that is re-upping efforts to recycle old electronics will also investigate the use of existing fiber optic networks to make the technology run.  
 

Right now, encrypted government communications are just that, and the cyber-spies are held at reasonable distance. That might not be the case for long. 


With experts estimating anywhere from 3-10 years before quantum computing cracks our current encryption, 2025 seems like … a good timeline. 
 

Why We Need Quantum Cryptography, Now


Related Posts: 

 

“I Bought My House on Blockchain” 

Soon, we might be able to make a shorter list of things blockchain doesn’t do. We already see it revolutionizing the futures of IoT, refugee aid, voting machines, medical records and supply chains. Now, it’s gearing up for its latest role—as real estate broker. It’s like the astronaut-doctor-lifeguard Barbie of the '90s, only less plastic. We hope. 
 

Implementation is still contingent upon acceptance by regulators and the industry at large, but should blockchain ever be utilized for house-hunting, here are some foreseeable benefits: 
 

  • Transparency. “Smart Contracts” slash bureaucracy and ensure all steps are completed before money changes hands. 
     
  • Cost Reduction. The platform can cut “middlemen” out of the buying process (listings, legal and payments). It’s not only blue-collar jobs the robots are after. 
     
  • Fraud Prevention. Fake listings and forged contracts might be yesterday’s news with “digital ownership certificates” tracking paper trails of properties, making replications nearly obsolete. 


It’s no Chip and Joanna but given the increased digital speed of nearly everything else, maybe we’ll settle for fast, safe and viciously accurate.  
 

It’s replaced everything else, but can blockchain really replace SSL? 
 

Related Posts: 
 

  

To the Best of Us: When Your Firewall Provider Gets Breached [Imperva] 

No one is immune. 
 

“For a security-as-a-service provider like Imperva, this is the kind of mistake that’s up there with their worst nightmare” confided Rich Mogull, founder at DisruptOps, a cloud security firm. 
 

On August 20, Imperva disclosed a breach in their cloud-based Web Application Firewall (WAF) product, Incapsula. The attackers made off with API keys, client-provided SSL certificates, email addresses and passwords.  
 

According to Mogull, Imperva is one of the top three web-based firewall providers in the industry, and this attack—is significant.  
 

In a worst-case scenario, attackers could divert traffic going to Imperva clients’ web pages to their own. Or whitelist venomous sites. Or lower WAF security settings for all users.  
 

These breaches can come down to small mistakes, says Alissa Knight, senior analyst at Aite Group, which is a point of concern. Cloud-based security providers are often given the “keys to the kingdom,” and it’s important to ask them the “tough questions” - like how they are securing the platforms that secure your data.  
 

Related Posts: 

 

 

 

How safe is your code signing?

  
 

You can find out the hard way that you've been compromised, or you could automate code signing across all encrypted assets to make sure that what you see, is what you get. See how it works.

 

 

 

 

 

 

Like this blog? We think you will love this.
defi-stolen-funds-and-private-keys
Featured Blog

With Rapid Rise in Funds Stolen from DeFi Protocols, Private Keys in Play

Massive heist begins with

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies
eBook

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Katrina Dobieski
Katrina Dobieski

Katrina writes for Venafi's blog and helps optimize Venafi's online presence to advance awareness of Machine Identity Protection.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more