kuangfengli76

@kuangfengli76

152 Following

3 Followers

kuangfengli76 pfp

To make it easier for everyone reading the HN Post Title, they're talking about "Their Server(s) at OVH" being compromised, with no evidence of "OVH" itself (along with all customer servers) being compromised. Now you may go ahead and read the post.

0 reply

0 recast

1 reaction

kuangfengli76 pfp

What is this response supposed to mean in context of the actual discussion here? Just because they use a cheap trick to make the user feel more secure doesn't mean the system underneath it isn't, in fact, secure (it doesn't mean it is secure either, it says nothing one way or another). I don't hear about big bank sites (even ones using psychological trickery on their users) getting cracked very often while bitcoin exchanges/wallet services/etc are falling over seemingly daily).

0 reply

1 recast

1 reaction

kuangfengli76 pfp

You are right. A different strategy could be to use a set of distributed server hosted at different hosting providers and use shared secrets. This would require that k hosts over n are compromised for the full system to be compromised. Such system is more difficult to design so that it is as secure as the shared secret. But the benefit is that it would be distributed and thus avoid the single point of failure of a server behind a dedicated link and in a cage.

0 reply

1 recast

1 reaction

kuangfengli76 pfp

A "simple" transport medium won't prevent security issues itself (you can run PPP over RS-232), but it will force you to define a fairly minimal API, which is possible with HTTP too. Notice how all these leaks were not because of HTTP server security issues or the like, but because the critical parts of the application were not isolated.

1 reply

1 recast

1 reaction

kuangfengli76 pfp

Exactly. Why not using a host witout connection to internet to host the database ? One could use a simple serial or usb link to exchange information with the host with a specific protocol. There is no way someone could hack ino the database.

0 reply

1 recast

1 reaction

kuangfengli76 pfp

IMO, it shows that we really aren't that good at securing our data. BC is basically data that is worth cash. And that's a huge incentive for criminals to go after it, just like a thief would prefer stealing $100 cash than stealing a bike they can sell for $100.

0 reply

1 recast

1 reaction

kuangfengli76 pfp

(i) Exchange interest-bearing assets (YBA) first Enter the Fragmetric official website: https://app.fragmetric.xyz/referral?ref=DAXFUH Decide which currency to pledge based on the number of SOL or JTO tokens held in your wallet. To pledge SOL, click fragSOL, and to pledge JTO, click fragJTO; Enter the amount and pledge (staking can obtain basic annualized returns on the Fragmetric platform)

0 reply

2 recasts

2 reactions

kuangfengli76 pfp

V. Project Summary UniversalX is a benchmark project in the chain abstraction track. It not only has leading technology, but also has top capital support such as Binance Labs and Animoca Brands. As the first official application of Particle Network, UniversalX has created an on-chain trading experience close to CEX. It can realize cross-chain asset transactions without manual bridging or gas management, with high security and efficiency. For users, this is an innovative product that combines convenience and professionalism.

0 reply

1 recast

1 reaction