One of the many promises of blockchain is its ability to fight against fraud and secure our globally connected systems. But not everyone is buying it. Two prominent security minds recently put their skepticism about the power of blockchain to digital print.
“For a transaction to be trusted – whether the person is accessing the blockchain to make a transaction in the ledger, or going online to Overstock.com to buy a new TV using Bitcoins –there needs to be a strong understanding that the person involved in the transaction is the person authorised to perform it,” writes Michael Lynch, CSO of InAuth. “There also must be validation that the device itself is “clean” and doesn’t contain malware or crimeware, and it isn’t being spoofed or potentially used as part of a velocity attack.” Mr. Lynch argues that blockchain alone cannot solve authentication problems.
The CEO says this requires additionally “sophisticated device technology”, which is not inherent to blockchain technology. “Without multi-factor authentication in place, blockchain may not necessarily prevent someone from gaining access through fraudulent means to the ledger, fooling the system into believing they are someone else,” writes the expert. “Therefore, for any digital transaction, the access point at which a person is using a device (mobile phone, PC, tablet, etc) to enter into the blockchain to conduct legitimate business – or to try and commit a nefarious act – still remains pivotal to the fraud-prevention, cybersecurity equation.”
He concludes: “…In the meantime, organisations should be looking to implement advanced device intelligence and authentication solutions to better protect their customers and their organisations right now, so they are positioned as leaders in their space when and if blockchain becomes the new global financial paradigm.”
Mr. Lynch isn’t the only executive to recently put a damper on the blockchain euphoria. “… I looked into blockchain technologies carefully and I’ve ended up thinking it’s an overpromoted niche sideshow,” writes Tim Bray, the Canadian software developer behind XML specification.
While he does like the blockchain conceptually, he doesn’t “think the world needs it.” He elaborated on his opinion.
“I’m not stuck on the technical objections, for example the laughably slow transactions-per-second of most real-world blockchain implementations. Where I work, scaling out horizontally to support a million TPS is table stakes,” he writes. “I could maybe get past the socio-political issues, the misguided notion that in civilized countries, you can route around the legal system with “smart contracts” (in ad-hoc procedural languages) and algorithmic cryptography.” He is not impressed by big business investment in blockchain.
“Something on the order of a billion dollars of venture-capital money has flowed into the blockchain startup scene,” he writes. “And, what’s come out? I’m not talking about platforms that are “ready for business” or “proven enterprise-grade” or “approved by regulatory authorities”, I’m talking about blockchain in production with jobs depending on it.” He notes his age means he has some perspective.
“I’ve seen wave after wave of landscape-shifting technology sweep through the IT space: Personal computers, Unix, C, the Internet and Web, Java, REST, mobile, public cloud,” he writes. “And without exception, I observed that they were initially loaded in the back door by geeks, without asking permission, because they got shit done and helped people with their jobs.”
He adds: “That’s not happening with blockchain. Not in the slightest. Which is why I don’t believe in it.”