Warning! Kaspersky Alerts Users of Malware and 'Blockchain Abuse'

The design of the blockchain means there is the possibility of malware
being injected and permanently hosted with no methods currently
available to wipe this data. This could affect ‘cyber hygiene’ as well
as the sharing of child sexual abuse images where the blockchain could
become a safe haven for hosting such data.

http://www.kaspersky.com/about/news/virus/2015/Security-researchers-identify-malware-threat-to-virtual-currencies

Can’t believe I hadn’t considered this: what are the implications of anonymisation users (criminals or saboteurs) hosting illegal public data on SAFE?

I had only considered illegal private data, but hosting harmful and/or illegal images, video, malware etc publicly that can’t be deleted would I think be very contentious, and a significant negative feature of SAFE Network.

I already see the headlines “MAIDSAFE. A safe heaven/network for illegal data” that will put MAIDSAFE in the same bucket with bitcoin in the eyes of general public, that being illegal transactions being carried out and now an easy way to store/sell/distribute illegal content completely anonymous :slight_smile:

I already see the headlines “MAIDSAFE. The most secured internet, known to humanity” that will put MAIDSAFE on the top of the chart to be used:

  • For IOT devices
  • By Governments
  • By the general public

Using Maidsafe everybody can even become a shareholder of the new internet.

BTW only people who busy themselves with illegal or negative content will see it or have it in their possession. The eyes of the general public will be on their own business. Be No Evil, See No Evil, Hear No Evil
:stuck_out_tongue:
Keep up your good work Maidsafe team Love from the Netherlands :kissing_heart: :heart_eyes:

2 Likes

Distributing illegal content is one thing, people are people and we can choose to ignore what other people post, but how would we stop malware and malicious code from taking over the whole system???

The current Internet can be “cleaned” from a known virus or malicious code by deleting it.

catch 22 me thinks…

There is little doubt in my mind that we will see such criticism early on, it will be an easy attack from existing technology companies and government agencies.

I think that one of the ways to reduce the impact of this is to educate/remind opinion leaders and the press (as they influence popular opinion) that technology is neutral and the benefits of SAFE overwhelmingly out weigh the bad. This prompted me to write the following blog post earlier this year which is potentially the line we should take if we are accused of being a haven for unsavoury types, probably by readers of the Daily Express :slight_smile: !

3 Likes

I call BS.

This news qualifies as abuse of the forum members rather than a news about potential for child abuse.

INTERPOL cyber threat researchers, including a Kaspersky Lab expert, have identified a threat to the blockchain in virtual transactions which could result in their being embedded with malware or other illegal data, including child abuse images.

LOL, @nemo, can you explain how can ASCII art of a female breast “threaten” me?

It’s been a while since I’ve heard something so silly.
Would it help if I bought Premium subscription to all Kaspersky products?

I have half a mind to start reporting such posts as offensive because they insult our intelligence.

Where’s the unlike button when you need it?!

Edit: some technical nonsense in response to the Kaspersky nonsense:

  • Noone can read your blockchain data if you password protect your RPC port.
  • If you got malware running around your system and reading your files, guess what, you’re screwed because it probably stole your data already (not BTC, but pretty much everything else). Seeing inappropriate images would be the least of your worries.
  • This risk is fairly easily mitigated by properly protecting your bitcoin-core (if you run it), wallet.dat and client configuration files. For example bitcoin.conf could be owned by the root user and other users would not have any kind of access to it. Or even better, you could run bitcoind as a dedicated user account.
  • Malware can use a blockchain client app to download stuff from public servers and “assemble” it into harmful scripts or binaries, but what’ the big news here - that shit (and pr0n) can be downloaded from anywhere anyway.
4 Likes

and have a great day! :sunny:

4 Likes

I want UN-deletable space to post my free energy device designs just as much as the next guy, but how do we deal with the malicious code?

This is a very real issue to the project and needs to be discussed and resolved.

:slight_smile:

IMHO it’s a non-issue.
Bitcoin or MaidSafe are not security applications. They can only follow best practices.
If the pilot goes nuts, there’s no help.

4 Likes

It’s an opportunity in my opinion. If people don’t want to see it then create a filter that shares up or down voting/blocking of the data of your choosing. It’s still there but you won’t see it, your children won’t see it if you have parental locks on everything. Whoever is going to investigate the illegal activity will see it and use old detective methods to gather intel.

1 Like

@nigel there’s nothing to see! The whole thing is bollocks.
If you read TFA you’ll see it’s about embedding data in various blockchains.
There is no way for a regular user to see that information. It’s pure nonsense.

@janitor I wasn’t even talking about that. I was talking about public data on maidsafe in reference to @happybeing post earlier. I should have done a direct reply but don’t assume things, I feel like you’ve given me that advice before.

1 Like

Sorry - your comment was below mine so I couldn’t really tell.

Back to the topic - a while ago a bitcoin developer was embedding prayers in the blockchain to piss atheists off (and he succeeded). After that group made fools of themselves, I expected busybodies of all kinds would learn their lesson and not fake outrage over a years old “discovery”, but fools never learn.

The Kaspersky PR is extremely idiotic from another perspective: by the very nature of PoW chains, PoW cannot be changed which is why we have that P. So what are they going to do about ASCII pr0n (of any kind)? Ban Bitcoin? Change the offending blocks? How?
Extreme stupidity, really.

2 Likes

Lol…doesn’t sound like a very good use of dev time, in fact it takes pointlessness to a whole new level. :smile:
Seriously, why would Atheists get pissed off unless they were paying for the dev’s time? Surely, it was only a matter of time for an alternative to the “Smart contract” to come about…now we have the “Dumb contract” :smiley:

1 Like

This is recursive. We talk about it months ago and, for me, the only real solution is proposed by David on using reputation systems.

We must not forget that the difference between private and public data is encrypt, or non, the datamap. The data, in both cases, are chunks encrypted and obfuscated by the Self-Encryption.

Always a datamap will be associated with a MPID and, with a reputation system, we could filter undesirable MPID (or, maybe easy, only have relations with reliable MPID).

1 Like

I was happy to see that the dev managed to piss off hundreds of thousands of busybody atheists (even those who have no clue what he actually did and who don’t even use bitcoin) even though I’m not religious myself.
He made a good point, albeit unknowingly, about the inviolability of private property in a PoW system. He bought that space on the bitcoin blockchain, it belongs to him and he can do whatever he wants with it. Once busybodies of all colors understand that, maybe we’ll finally start seeing a drop in such nonsensical PR!

Time for a new topic named “My favorite illegal MaidSafe app”!

1 Like

Hundreds of thousands…do you have a link? In what way were this multitude of Atheists being busybodies? You stated that the Dev inserted the prayers specifically to “piss off Athiests”, not to make a good point.
I would ask what the “hundreds of thousands” of "busybody Atheists " did in the first place to motivate the dev or warrant his actions - as well as garnering your wholehearted support ?
Are you just stating your general support of the idea to set out to deliberately try to piss people off for no reason?
Alternatively are you now changing the story to one that the Dev didn’t do it to piss off Atheists and a few Dicks kicked off - the fact that they were Atheists probably being as relevant as if they were all sporting moustaches?

https://www.google.com/search?q=lukejr+prayer+blockchain
The news was quite popular, I estimate at least few million people heard about it.

I already explained. He paid for the freaking transaction. It’s none of their business.

I didn’t pay attention to the exact causes because I’m an agnostic, so from any perspective I couldn’t care less about his motivations. But I heard from others he likes to “share” his uplifting experiences with others, so I suppose he tried to do it on the blockchain too.

You shouldn’t even ask this question because the answer is so obvious.
He used his property, that’s all there is to it.
“Piss off for no reason” is their interpretation of their own inability to understand the basics of what private property and freedom mean and how things work.

You’re unnecessarily complicating things. I mentioned “busybody atheists” as yet another group of busybodies who want to order people around. Which is not to say busybody religious zealots don’t exist.
The main point is in the cryptoledger world they all can buzz off. It’s i.r.r.e.l.e.v.a.n.t.!

It’s also not about who is and who isn’t a busybody, but that their moral outrage is as fake as it is unjustified.
Private property that lives on the blockchain is inviolable and all the busybodies can funk off.

You can’t get over it so you’re repeatedly commenting here just like you did in the Utopia topic.
How to reconcile the obviously correct (that private property that belongs to others is none of your business or even concern) with a burning desire to “do something” about the disgusting perverts who pollute “our” blockchain?

Now a security firm has to bash SAFE. Maybe there should be a forum category for rebuttal to negative PR, so it all goes in one place.