One of the most appealing things about blockchain, besides the decentralization, is the level of security it enjoys. It’s common to hear people say it can’t be hacked. However, some experts believe this may not be entirely true, and that’s something worth taking note of as this technology continues to expand and grow in adoption like Post trade FIX once did.
History repeating itself
The blockchain is still young, but it has stood the test of time so far. However, like every other protocol, it’s likely there is a flaw in there somewhere, whether it’s in the implementation of it or in the logic that developers are using with it.
One particular example of this theory is the Bailiwick flaw, which allowed attackers to redirect email and web traffic from a victim by poisoning DNS caches. This particular flaw saw a secret collaboration across global software vendors to fix it all at the same time in order to prevent attackers from wreaking havoc on the web.
In a similar vein, SSL, another critical protocol used to ensure data privacy across the web, has had several weaknesses revealed within its implementation, uses and the protocols themselves. One example is the use of MD5 hashes to sign SSL certificates. These hashes are known to have flaws and have allowed attackers to generate trusted and valid certificates for any site on the web.
As blockchain becomes more mainstream, it will likely be no exception to the flaw theory, and it’s only a question of time before both attackers and security professionals focus on it.
Risks on the horizon
Transparency within the blockchain is a vital feature that underlies its validation and trust, but it also introduces risks at the same time. The money in your bank account and your transactions is generally private, for example, but when the blockchain is used with digital currencies, all your transactions and balances can be monitored because it’s part of a public record. Private blockchains do provide some security by keeping this data limited to authorized users; however, that means the transactions are nevertheless public across the whole user base.
As new concepts are developed for blockchain use, there will likely be instances of private data in a blockchain being pieced together or monitored to the point that it becomes a large privacy breach.
To prevent privacy breaches in a blockchain, encryption may be used. However, since this data can’t be changed, when there is a flaw in the algorithm for encryption, the data may be decrypted to reveal private information. It’s the end user who has to secure their private data themselves in the blockchain, and this can go very wrong. Bitcoin banks set up by young people, for example, have seen money stolen due to poor security.
It’s too soon to see what’s in store for a new technology like blockchain. As with post-trade FIX, the blockchain is an exciting development that is becoming part of more industries, but it does carry its own set of not-yet-known risks.