Why Blockchain Isn’t as Secure as You Thought

Blockchain, the revolutionary technology used to host cryptocurrency, NFTs and similar digital investment products, is widely celebrated as an incredible innovation in computing. Blockchain works as a dispersed ledger, tracking certain transactions in the form of blocks that are saved on every member’s device.

At the forefront of nearly every discussion about the benefits of blockchain is the platform’s security: It is essentially impossible for a hacker to manipulate data within the blockchain. Many proponents advocate for using the blockchain for all manner of other sensitive information, like health records and property deeds. Users of the blockchain feel confident that their data is safe.

Unfortunately, it isn’t.

Blockchain Users Are Still Vulnerable

Several features of the blockchain work together to make hacking the ledger more or less fruitless. The need for consensus amongst blocks means that hacking a single block won’t result in any meaningful change to the chain, and because the blockchain is decentralized, hackers must attack thousands, perhaps millions of devices at once. It seems like a perfectly secure system…

Except that blockchain users remain vulnerable to some of the simplest forms of attack: malware, social engineering and phishing. If a user is tricked into revealing the login credentials for their crypto wallet, there is essentially nothing they can do to prevent an attacker with those credentials from transferring the contents of their wallet elsewhere. Worse, because those transfers are now blocks within the ledger, it is incredibly difficult if not downright impossible to get their crypto assets back. The ramifications of this insecurity are even more dire if other assets, like property deeds or vehicle titles, are recorded only on the blockchain.

Read More  Microsoft Edge is coming to Linux soon

Most crypto wallet services don’t use additional layers of security, like multi-factor authentication, so even the most basic ransomware could put a user’s crypto portfolio at risk. It is incredibly important that blockchain users arm their devices with the best antivirus software they can find and employ impeccable cyber hygiene to lower their risk of attack.

The Blockchain Isn’t Private

Blockchain proponents like to say that the blockchain offers users anonymity, but the truth is that the blockchain allows users the opportunity to be pseudonymous. Every user on the blockchain is assigned an address, and every address that touches a block gets recorded in the ledger for anyone to see. Users have the choice to assign their address to a pseudonym instead of their real, legal identity, and security experts strongly advocate for this.

When a user employs a pseudonym, their fake identity helps shield their assets from the inherent insecurity of the blockchain. Other users on the blockchain are not able to connect a public address and pseudonym to a private individual, and vice versa — as long as the user does not disclose the connection themselves. Still, the public nature of blockchain information means that the ledger can never feasibly be used in sensitive applications, like health records, which must be linked to a person’s true identity. Hosted on the blockchain, health information would be accessible by anyone, essentially eliminating an individual’s hope for discretion and dignity. Unless and until the blockchain resolves its privacy issues, it is not fit for any sensitive recordkeeping.

Read More  Exciting offers with Huawei Watch GT 2; Grab Freelace with the Watch

Blockchain Administrators Can Change Data

Blockchain is often touted as a more democratic technology, where all users have equal power and influence — but that simply is not the case. Blockchain administrators have ultimate control of the ledger, and they are able to alter the course of the chain if they so choose.

An excellent example of this is the hard fork that resulted in the creation of Ethereum Classic in 2016. Prior to the fork, a hack of the network caused millions of dollars’ worth of ETH, the platform’s cryptocurrency, from high-profile users’ wallets. To appease users, the administrators rolled back the official ledger to eliminate records of the hack and restore the stolen ETH. However, many users believe that this fork marked an incorrect ideological shift away from the immutability of blockchain, so they maintained the unedited ledger and named it Ethereum Classic.

If administrators have the option of forking the ledger whenever they wish, users have roughly the same power over the blockchain system as they do existing systems. This issue coupled with the insecurity of entirely digital assets and the lack of privacy with authenticity makes blockchain as it is now utterly inappropriate for anything other than a market for speculative assets.

Read More  You Can't Get Away With Skimping on Technology

 

Leave a Comment