Blockchain v World Cup – It Could Go To Penalties…

If you have been watching the World Cup on UK commercial TV, your jaw might have dropped. Not because of that Ronaldo free kick or Hannes Halldorson saving a Lionel Messi penalty. Not even England winning its first two group matches. 

If you work in the data industry, what might have surprised you was seeing ads for a blockchain-enabled IoT business, Hdac. Filled with smart locks and connected fridges, it implied that a new world of machine-to-machine data flows was already at hand, all secured thanks to the use of blockchain.

Of course, if you do work in the data industry, have tried to stand up a live blockchain service or are wrestling with the internet of things, you will know that few of these things have reached a sustainable, viable state. Hdac may have jumped the gun, not least because its own infrastructure is not ready, but also by baffling unsuspecting football fans far too early in the adoption cycle.

Look closely at the company itself and the fact that it is advertising on commercial TV becomes even more surprising. The tech industry has form on this front, of course, the 2000 Super Bowl broadcast is famous for having 14 different dot.com advertisers, of which just four are still going concerns. In choosing to spend heavy on mass-market spots, Hdac may have risked joining that band. 

It has certainly btought to the surface a number of vital issues that the current wave of blockchain-enabled start-ups need to resolve, but seem to be ignoring.

Blockchain has a Problem with Governance
There is a simple rule to follow when considering whether to deploy blockchain to support a process - if it can be done in a conventional database, do so. The infrastructure underpinning distributed ledger technologies (DLT) continues to be exotic, unstable and reliant on a long chain of third-parties. 

When it comes to putting personal information into blockchain, the rule is simple - don’t.
When it comes to putting personal information into blockchain, the rule is even more simple - don’t. Regardless of the issue of how to correct any errors that might arise (as required by GDPR and as restricted by blockchain’s inherent immutability), there is a big question mark over what happens to that data when some of these projects inevitability fail. Leaving PII in unsupervised and abandoned systems creates a big risk that could come back to bite its creators. 

Hdac intends to use blockchain chiefly for machine-to-machine interactions. But if one of its smart locks is connected to a security system that monitors when people are in their homes, for example, that quickly becomes personal data because of the uniqueness of each of those data profiles. How will it apply the necessary governance which results?

Blockchain has a Big Problem with Smart Contracts
One of the most compelling arguments for blockchain and DLT is the ability to set up smart contracts that execute automatically, thereby removing delays and human intervention. But one of the biggest areas of legal action is contesting the terms of contracts, with courts regularly deciding that they are unfair or improperly constructed or otherwise deficient. 
Say hello to a future in which the very USP of blockchain no longer obtains…

So what are the consequences if a smart contract is challenged and needs to be revised? Again, the supposed immutability of blockchain would seem to make this impossible, putting participants in potential breach of court instructions to make changes. 

That is why one of the leading blockchain platforms, Ethereum, is working on protocols that would introduce mutability into the world of blockchain. Say hello to a future in which the very USP of blockchain no longer obtains…

Blockchain has a Very Big Problem with Cyberecurity

Despite the claims for the visibility of transactions in blockchain and the need for all participants to agree to each event, the world of crypto-currencies has a very poor record on protecting itself from hackers. Hdac is a prime example - one month after its $258 million initial coin offering, it had to halt withdrawals from its mining pool because of hacking activity.

This led to the most jaw-dropping of all its recent actions - the fact that it was able to disclaim all responsibility because of the decentralised nature of its blockchain-based crypto-currency. 

In other words, it has investors’ cash, but it respects no obligations around the tokens it issued in return. Imagine a CEO saying something similar in relation to a conventional share issue which turned out to have seen an undisclosed proportion of those shares stolen by criminals.

DataIQ

You Might Also Read: 

Blockchain: What Business Executives Need To Know:

Blockchain To Secure Storage Of Sensitive Data:

 

« China’s Electronic Surveillance Program Targets Muslims
White Hat To Combat Cyber-Attacks »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Opscura

Opscura

Opscura (formerly Enigmedia) brings the reliable and cautious hands of operations together with the analytical minds of cyber experts and cryptography researchers.

BlueID

BlueID

BlueID is an IDaaS technology product which enables your objects to securely connect and interact with your users’ smart phones and smart watches.

Detack

Detack

Detack is an independent supplier of IT security auditing and consulting services.

Crest International

Crest International

Crest is focused on professionalizing the technical cyber security market whilst driving quality and standards of organizations that operate within it.

Aveshka

Aveshka

Aveshka is a professional services firm focused on addressing complex threats and challenges including Cybersecurity and Information Technology.

NSIDE Attack Logic

NSIDE Attack Logic

NSIDE Attack Logic simulates real-world cyber attacks to detect vulnerabilities in corporate networks and systems.

Corelight

Corelight

Corelight is the most powerful network visibility solution for information security professionals.

Blueskytec (BST)

Blueskytec (BST)

Blueskytec has applied its experience of over three decades of working in the field of embedded systems and encryption to provide a scalable and appropriate technology for cyber-physical devices.

Evanston Technology Partners (ETP)

Evanston Technology Partners (ETP)

ETP provides services and solutions to enable and transform businesses in the areas of cybersecurity, data protection, and efficient operations practices.

Unit21

Unit21

Unit21 helps protect businesses against adversaries through a simple API and dashboard for detecting and managing money laundering, fraud, and other sophisticated risks across multiple industries.

BreachQuest

BreachQuest

BreachQuest brings together cybersecurity experts with decades of experience identifying security flaws, penetrating networks, and responding to incidents.

Entara

Entara

Entara (formerly YJT Solutions) is an eXtended Service Provider (XSP) focused on providing cutting edge technology and cyber security solutions to companies in regulated industries.

Commission Nationale de l'Informatique et des Libertés (CNIL)

Commission Nationale de l'Informatique et des Libertés (CNIL)

The mission of CNIL is to protect personal data, support innovation, and preserve individual liberties.

Invisily

Invisily

Invisily makes enterprise and cloud computing resources invisible to attackers with zero trust solutions, making them visible only when needed to only those who need them.

Tamnoon

Tamnoon

Tamnoon is the Managed Cloud Detection and Response platform that helps you turn CNAPP and CSPM alerts into action and fortify your cloud security posture.

Ridgeline International

Ridgeline International

Ridgeline helps organizations manage digital risk through data privacy and secure infrastructure solutions.