The killer app of SAFE Network: cybersecurity

notpetya
malware
maersk
cybersecurity

#1

Every so often we speculate about how mass adoption can be achieved, and what might be a killer app for the SAFE Network.

Read this tall tale to the end and I think you will agree that cybersecurity is one, probably of several IMO. But we only need one like this:

“Almost everyone who has studied NotPetya, however, agrees on one point: that it could happen again or even reoccur on a larger scale. Global corporations are simply too interconnected, information security too complex, attack surfaces too broad to protect against state-trained hackers bent on releasing the next world-shaking worm.”

The tale of NotPetya through the experience of one global company, shipping giant Maersk, accounts for about $300 million of the estimated $10 billion total cost. But Maersk got off lightly, by a slim quirk of fate, and so did we!


Things That Would Not Have Happened On Safe
Things That Would Not Have Happened On Safe
#2

Looks like this article is part of a book that looks quit interesting. It won’t be published until next summer though.


#3

If you watch ZeroDays, in it the interviewee says Stuxnet was just one tool they had for Iran, and they basically had (have?) the whole country pwned in case something more serious was required. We are definitely in a very vulnerable world when it comes to cyber security.
On the flip side of SAFE being a tool for improving things in that regard, I think it can also make things worse in some ways, at least until SAFE gets tied into operating system security. Botnets are usually brought down by capturing the command and control servers. If a mutable data is used for command and control instead of a network of servers, a different approach will be needed to stop them.


#4

I love how a guy named Greenberg talks about Russia as if it were monolithic. It’s full of factions, particularly powerful oligarchs and leftover Jewish Bolsheviks. I wonder what the Romanovs would have to say about post-Soviet Russia…

This is SO true. Next stop: Brave New World.


#5

Can you elaborate further on this point? I posted this article some time ago requesting comment on whether SafeNetwork could prevent NotPetya but got little nibble outside of @neo.


#6

Sure, my concerns are more related to botnets than something like NotPetya or ransomware. For botnets, once your computer is compromised by malware, it will start listening to some server or set of servers for commands on what it should do. For example, request something from a certain website as part of a DDoS attack, or run a certain script to mine Monero. Once the botnet gets big enough to cause some trouble, authorities usually try to take control of the servers that are giving out the commands. Once successful the botnet is eliminated because all of the bots have nothing telling them what to do. My fear is that instead of using a server to send the command, the commands could be stored in a mutable data that the bots are querying. In that case, since you can’t eliminate the source of the commands, to take down the botnet it seems you’d need to clean each bot individually or somehow stop them from reading that mutable data.


#7

It doesn’t need to prevent it, but by securing data in a way that NotPetya would not be able to destroy it, the incentive for this attack drops considerably. So less likely the attack would happen, and if it does the consequences are already lessened considerably.

That’s just based on secure data storage. Later, there may be ways that SAFE can help make such attacks harder to mount at all, but that is not necessary for this to be a very powerful incentive for adoption: a killer app.


#8

One way that I can think of SAFE being used to harden computer security is something akin to network booting. Probably it would be too slow to pull all of the OS files off of the network it boots, but a good start would be checking all of the file hashes or a hash of the image used for booting to verify no nasties are injected.


#9

I was thinking this would be a killer app a couple of years ago and still believe it could be. At the time I was thinking the licensed route with a private SAFENetwork, but I think either could suffice. A private net gives performance tuning opportunities that the public net does not, at the expense of redundancy.

To elaborate, having a network with nodes in specific data centres (only) would give some redundancy and high performance. Being able to boot VMs directly off this means you literally have a huge pool of highly resilient storage as a spine for your infrastructure. This would be much like how a SAN is used today, but with self healing and ability to use commodity hardware too. Ofc, you may want some higher performance storage for some applications, but caching may circumvent many such requirements.

I am pretty certain that the public SAFENetwork could do similar things, but the underlying hardware may not be as capable on average. Maybe that won’t matter if there is good performance competition between vaults.

In the fullness of time, I believe the maidsafe vision is to have all devices booting straight off SAFENetwork, from servers to smart phones. With networks getting ever faster, that vision is rather achievable too, imo.


#10

Thanks for the commentary. It’s indeed what we are hoping Safe to be to ensure the protection of important data. Killer app indeed–one among many, but maybe the most critical.


#11

It’s privacy, security, and freedom for a reason. Privacy is the universal right which needs to be protected. Securing and defending it is necessary but not sufficient for freedom. What other universal rights can this security application defend?