You are viewing a single comment's thread from:

RE: Steemit Releases Groundbreaking Account Recovery Solution

in #blockchain8 years ago (edited)

In information security speak what Dan is talking about is incident response and disaster recovery. As long as the system you build has an ability to "self heal", which means to recover from attacks and develop immunity to future attacks which use the same methods, then you'll do fine. The attacker might be successful and in that event the system is resilient enough to heal and recover continuously from threats like an immune system.

Roaches for example are almost impossible to exterminate because they mutate so fast, reproduce so fast, and adapt to threats so fast. This indicates that roaches are incredibly resilient to attack because diversity and fast mutation provides collective security for the roach species. I wrote something about this in an article called Attack Tolerant Information Systems, and the point is you're never going to be able to prevent attacks but you want to build systems which tolerate being attacked and develop an artificial immune system of a sort.

That kind of solution may go beyond what Dan is talking about with Steemit so far but I thought I would mention it anyway for people interested in the state of the art in security.

Convenience vs security can be bypassed if you have good disaster recovery. Group owned accounts using multisig is the best idea. We can secure our accounts through our social networks of friends. If we are using Facebook then in the event of a compromise we can confirm on Facebook that it is us. Or we can simply use a PGP signed message which I also made a section for for on Steemit. If you know how to put up a PGP public key then I suggest you put one up in your blog just for Steemit.

  1. https://steemit.com/tauchain/@dana-edwards/attack-tolerant-information-systems
  2. https://steemit.com/steemit/@dana-edwards/private-communication-with-me-via-pgp-for-those-who-know-and-understand
Sort:  

Although, not completely related to the technical aspect of your post- I discovered a method of roach extermination on Amazon.com -which proved to be more effective than modern pesticides. Boric acid pellets worked more effectively because the roaches will crawl upon the pellets and often ingest the powder from the pellets as well.
Aftéwards, the roaches will transport the powder from the pellets back to the nests via its limbs. All of the roaches in the nest are exposed to the Boric acid residue introduced by the host. The host dies and all of the roaches in the nest as well.
Their ability to mutate and reproduce is cancelled within the nest environment. All other roaches -when exposed to the morbidity within the nest, will eventually flee the immediate area of infestation.
I believe modern manufacturers of pesticides discovered that boric acid was less profitable-because the roaches ceased to mutate, reproduce and develop the instinct necessary to evade attack.

Pleas check out this post I made about a steemit Bug the dev's should see this post so they can fix it. https://steemit.com/bug/@stijn/steemit-bug-needs-to-be-fixed

I commented in the wrong place sorry (edited)

this is incredibly interesting, thank you.

This sounds like a lot of the concepts developed by James D'Angelo. I hope he's being reward it!

I'm confused, are we able to use multi-sig on steemit yet?​

I have no idea what you are all talking about but its interesting and I guess I have to learn how to lock my new steemit home ...Thanks for this @dan , you made my head very dizzy :)