Researcher Archives -
Ex-Google researcher says stopping leaks now company’s top priority, engineer had nasty message for leakersDecember 9, 2018 | dailybusinessnews
A former senior Google employee who resigned in protest over the company’s plan for a censored search engine in China has said that despite the numerous controversies surrounding the tech giant, preventing leaks is now the “number one priority” of its leadership.
A former prominent neurological researcher at Yale and New York University avoided prison time Wednesday for stealing research funds, but a judge said he must play piano for indigent elderly people in Connecticut to make amends, per the AP . The unusual sentence for Dr. Alexander Neumeister was handed out Wednesday…
One of the world’s top breast cancer researchers is taking heat after a New York Times and ProPublica report revealed he failed to list his financial ties to big pharma in major publications and elsewhere. Dr. José Baselga reportedly did not follow established guidelines for reporting such ties in articles…
A common mainstream media trope is that Bitcoin mining will soon use so much electrical power it could lead to an environmental catastrophe. We’ve often provided examples of how this is a false narrative, and now an independent energy researcher is saying the same. She points to miners migrating to locations with abundant renewable energy and highlights that the banking system is far more wasteful.
Don’t Worry, Be Happy
Dr. Katrina M. Kelly-Pitou PhD holds dual roles at the University of Pittsburgh as a Research Associate in the Department of Electrical and Computer Engineering, and as Manager of Strategy and Business Development for the Center for Energy. On Monday her article titled “Stop worrying about how much energy bitcoin uses” appeared on The Conversation, a not-for-profit outlet for content sourced from academics and researchers. In it she takes to task the notion that mining is inherently energy wasteful and thus dangerous to the environment.
Regarding the oft-cited estimation that mining used 30 terrawatt hours in 2017 – as much as Ireland – she explains: “This is a lot, but not exorbitant. Banking consumes an estimated 100 terrawatts of power annually. If bitcoin technology were to mature by more than 100 times its current market size, it would still equal only 2 percent of all energy consumption.” She believes this maturing process is inevitable, as happened with previous energy-intensive new technologies such as data centers and computers, saying: “Over time, all of these have become more efficient, a natural progression of any technology: Saving energy equates to saving costs.”
Ask How, Not How Much
The researcher states that electricity usage can increase while still maintaining a minimal impact on the environment, and suggests that the source of power is what’s important. “Not all types of energy generation are equal in their impact on the environment, nor does the world uniformly rely on the same types of generation across states and markets,” she explains, adding that, “perhaps people should quit criticizing bitcoin for its energy intensity and start criticizing states and nations for still providing new industries with dirty power supplies instead.”
Specifically, she points to miners migrating out of coal-dependent China, and into areas with cheap renewable sources such as hydroelectric power in Oregon and geothermal-rich Iceland. For another example, we reported earlier this year about a Japanese electricity company that uses excess solar power for mining.
Do you think mainstream media estimates of Bitcoin’s environmental impact have been overstated? Share your thoughts in the comments section below.
Images courtesy of Shutterstock.
Verify and track bitcoin cash transactions on our BCH Block Explorer, the best of its kind anywhere in the world. Also, keep up with your holdings, BCH and other coins, on our market charts at Satoshi’s Pulse, another original and free service from Bitcoin.com.
The post Researcher: Stop Worrying About Bitcoin’s Environmental Impact appeared first on Bitcoin News.
Is your child’s environment as sterile as an operating room? That might not be a good thing, a leading cancer researcher says in a new report. After three decades of research, Mel Greaves , from the Institute of Cancer Research in London, believes that acute lymphoblastic leukemia (ALL) is caused by…
Being light, airy, and full of holes is a good quality in an English muffin. Unfortunately for Panera Bread, their online security system seems to have similar attributes, According to the KrebsOnSecurity blog, a data breach may have exposed as many as 37 million customer records at the bakery chain…
Hardware wallet manufacturer Ledger has published a firmware update to remedy several security flaws. The exploits were independently found by a trio of white hat security researchers, one of whom, Saleem Rashid, is a 15-year-old British boy. The attack vector he discovered is hardware based, and is not limited to Ledger devices, making it difficult to mitigate altogether via software alone.
Ledger at Loggerheads with Security Researcher Who Found Flaw
On March 20, Ledger released an update to its firmware, 1.4.1, accompanied by a blog post that promised “a deep dive into security fixes”. It began: “Following a transparent and responsible disclosure process, we are giving a full detailed assessment of the fixed attack vectors that the Firmware 1.4 patches, which were initially reported by three security researchers. As the publication of these technical details might elevate the threat level of non-patched devices, we strongly encourage our users to update their firmware”.
It is the exploit discovered by Saleem Rashid that’s gathered the most attention, both on account of his tender age, and his publication today of a detailed explainer on how he achieved the feat. “An attacker can exploit this vulnerability to compromise the device before the user receives it, or to steal private keys from the device physically or, in some scenarios, remotely,” Rashid explains. “I have demonstrated this attack on a real Ledger Nano S. Furthermore, I sent the source code to Ledger a few months ago, so they could reproduce it.” He also told a security blog that “[Ledger] make it so easy to open the device that you can take your fingernail and open it up [to tamper with it]”.
White Hat Hacker Forgoes His Bounty
Ledger says the security researchers were asked to sign a Bounty Program Reward Agreement as one of the conditions of being remunerated for their efforts, while noting that this doesn’t prevent the researchers from publishing their own reports. The article is worded in such a way as to suggest all three researchers were happy to comply with this agreement, but that’s not entirely true. Rashid actually forwent his bounty reward, explaining:
I have not been paid a bounty by Ledger because their responsible disclosure agreement would have prevented me from publishing this technical report. I chose to publish this report in lieu of receiving a bounty from Ledger, mainly because Eric Larchevêque, Ledger’s CEO, made some comments on Reddit which were fraught with technical inaccuracy. As a result of this I became concerned that this vulnerability would not be properly explained to customers.
The teen researcher is of the opinion that Ledger were seeking to downplay the seriousness of the exploit he’d uncovered. Publishing a full and frank report of how he broke the Ledger wallet, and giving up his right to a reward, hasn’t done his reputation or his Twitter follower count any harm either. Saleem Rashid is clever beyond his years, and his article on the exploit is lengthy but fascinating for anyone with an interest in such matters.
Your Cryptocurrency Hardware Wallet Is Safe
One matter in danger of getting lost amidst all this is the status of Ledger wallets. Cryptography teacher Matthew Green posted a tweetstorm in response to Rashid’s blog, exploring the difficulty of fully preventing hardware-based attacks of this nature. He finishes, reassuringly: “Nothing in the post or thread above means you should freak out about these vulns, or that you should assume other wallets are better. Just be safe.” Ledger users should update to the latest firmware, but there is no cause for alarm. Attacks such as the one demonstrated by Saleem Rashid show the difficulty of creating a device that is immune from all known forms of attack.
Do you think Ledger is guilty of trying to downplay the seriousness of the exploit? Let us know in the comments section below.
Images courtesy of Shutterstock.
Need to calculate your bitcoin holdings? Check our tools section.
The post 15-Year-Old Security Researcher Shares Ledger Wallet Exploit appeared first on Bitcoin News.
The CDC statistic is a harsh one: Ninety-one Americans die from opioid overdoses—that number includes heroin and prescription opioids—every day. A University of Virginia researcher claims we’re undercounting. A new study published in the American Journal of Preventive Medicine estimates that opioid- and heroin-related mortality rates were 24%…
An Iranian cancer researcher arriving in the US to start work at a prominent Boston hospital was detained at Logan International Airport before being sent back to Iran. Boston Children’s Hospital said in a statement Tuesday that Dr. Mohsen Dehnavi was prevented from entering the country with his wife and…
If she ever abandons acting, Kristen Stewart might have a gig in artificial intelligence. The Twilight actress has just published a research paper on a machine learning technique called “neural style transfer” and its use in film, reports Quartz . Style transfer is a “fun technique,” according to Tech Crunch , though…