A library of snippets
xxx
In a statement published today, Twitter disclosed a security incident during which an unknown attacker exploited the company’s official API (Application Programming Interface) to match public usernames with users’ phone numbers.
Twitter said the attack took place on December 24, 2019, and the attacker used a large network of fake accounts to exploit its API.
From Twitter says an attacker used its API to match usernames to phone numbers | ZDNet:
xxx
xxx
Pim Techamuanvivit, the owner and chef of a few popular restaurants in San Francisco, was managing the floor at Kin Khao the other night when a call came in from someone asking about their delivery order. This was surprising to her, since her restaurant doesn’t do delivery – not even takeout. After hanging up the phone, she googled “Kin Khao delivery” and found something astonishing: a complete impersonation of their menu and brand, complete with delivery ordering, on Seamless, Grubhub and Yelp.
xxx
xxx
You may have heard of “honey laundering”, when cheaper Chinese honey gets mixed in and sold as North American honey in order to evade tariffs.
xxx
xxx
The Rijksmuseum Twenthe in Enschede, the Netherlands, was in the midst of a months-long email negotiation with dealer Simon C. Dickinson to purchase a prized John Constable painting when hackers hijacked the exchange, posing as Dickinson and convincing the museum to funnel the money into a Hong Kong bank account.
Now the museum is attempting to sue Dickinson, claiming the dealer should have known about the fraud, according to Bloomberg.
In a London commercial court this morning, Gideon Shirazi, a lawyer representing the museum, argued that negligence on the part of the dealer’s team allowed the thieves to steal the museum’s money.
Dickinson’s lawyer, Bobby Friedman, said the museum should have independently confirmed the legitimacy of the bank account before wiring the money, adding that his client, a specialist in Old Master paintings, was never aware any fraud was taking place. Each side is accusing the other of having been hacked.
xxx
xxx
We would expect all the finance-industry activity to drive the price of the Pound up much higher than it otherwise would be, and therefore to push United Kingdom-based Industrial activity right out of the United Kingdom, regardless of any Euro-based shenanigans. This also matches with the observation that, economically-speaking, the United Kingdom has become a one-city nation (London, i.e. Finance), with prior hubs of maritime trade and/or manufacturing fallen to irrelevance (Liverpool, Birmingham, Manchester, etc., don’t follow those links if you’re in a cheery mood).[8]
From Essays | Conrad Bastable:
xxx
xxx
The new bank obviously needs to comply with regulation. In the US, this is most often achieved by finding a sponsoring bank partner. (This tactic is much faster and has a higher likelihood of success than applying for a license.) A regulated bank agrees to “lend” the new bank its license in exchange for a financial cut of whatever the new bank is offering. Typically, that means the sponsoring bank gets more deposits without having to pay to acquire those customers.
From Banking on the Future: Why our most hated institutions will become our most beloved:
xxx
xxx
The decision of AA v Persons Unknown & Ors, Re Bitcoin [2019] EWHC 3556 (Comm) of the English High Court provides some hope that in the right case, some of the ransom could be recovered.
The facts
The customer of an English insurer (who chose to remain anonymous) suffered a ransomware attack in which their data and systems were encrypted and a Bitcoin ransom payment was demanded. The Insurer, after some negotiation, agreed to pay the ransom in exchange for a decryption tool. The payment was about $950,000. After the ransom was paid, the Insurer investigated whether it could be recovered. While some of the Bitcoin had been transferred into untraceable legal tender, a substantial portion of the Bitcoin could still be traced to a specific Bitcoin address. This address was linked to an exchange platform called Bitfinex operated by two of the Defendants in the case. The other two Defendants were the unknown persons who demanded the ransom and the unknown controllers of the Bitcoin address. The Insurer sought a proprietary injunction over the traced Bitcoin as the first step in recovering the ransom payment.
The decision
Fundamentally, the Court decided that crypto assets such as Bitcoin are considered to be ‘property’ capable of being the subject of a proprietary injunction. The Judge also decided that the test for a proprietary injunction was satisfied for the purposes of interim relief which included addressing the serious fraud issue that was to be tried and the traceability of the fraudulent recipient of the Bitcoin.
From High Court grants proprietary injunction over Bitcoin cyber ransom payment to a third party | RPC:
xxx
As Angela Strange said at the Andressen-Horowitz summit in November 2019, “in the not-too-distant future, I believe nearly every company will derive a significant portion of its revenue from financial services“.
xxx
Take digital currencies: They had their share of attention and discussion this week, but it is clear to me that the next decade will see many government-backed digital currencies become part of the global economy. Some governments will embrace these new currencies for their efficiencies and the potential for reaching the unbanked. We will also see legitimate private digital currencies find their niche but only when they focus on solving a real consumer need, are consistent with the economic system of the markets they operate in, and balance the interests of all stakeholders in the ecosystem.
From What happens in Paris shouldn’t stay in Paris | LinkedIn:
xxx
If Bitcoin isn’t going to be used for crime, as I have previously mused,
By the way, the idea of money that isn’t fungible but that can be tracked, traced and monitored reminds me of Nitipak Samsen’s winning entry in the Consult Hyperion 2011 Future of Money Design Award. He said “Have you ever wondered where the money in your pocket had come from? Who was the previous owner? Who was the owner before that? Might it be a famous celebrity?”. It is interesting to me to see these different perspectives (Nitipak’s artistic imagination about the bastard child of Facebook and Bitcoin, and the more technical ideas about fungibility) coming together and, to my mind, again illustrates just why the FOM Design Award was such a popular session in the Tomorrow’s Transactions Forum. We (technologists) need artists to help us to imagine alternative futures.
then what is it going to be used for? Certainly not the purchase of goods or services, not as a store of value (except for speculators) and certainly not as a mechanism for deferred payments, since there is no real reason to imagine that it will still be around a decade from now. After all, “the total addressable market of people who want to buy bitcoin is very, very thin” [American Banker] and most of them aren’t in America or any other developed market. Last time I looked at the detailed figures pretty much all of the Bitcoins in the world were being bought for Yen, Won and (if I recall) Turkish Lire. It’s easy to understand why. As Bram Cohen succinctly described the situation a couple of years ago, “Bitcoin is more expensive and inconvenient than regular banking is, and far more expensive and inconvenient than regular banking could be if it starts supporting smart transactions on public ledgers without bothering with the baggage of mining”.
This robust (and accurate) remark from Bram (who happens to be the chap who invented BitTorrent) is just what the Bitcoin chaps don’t want to hear. As I’ve said before, and will say again (having being falsely accused of being “anti-Bitcoin” yet again), I think noted cryptographer Craig Wright’s observations on this topic are that ones that resonate with me. He once said that Bitcoin mining is “a security service that alone creates no wealth. Consequently, those using the network pay for the service”.
A shared security service that people will pay to use seems like a much better way to imagine Bitcoin than as a new form of payment or a new kind of currency. This shared security service may be used for a great many things, most of them as yet undiscovered, and I don’t doubt that people will try and possibly succeed to build a viable payment service on top of Bitcoin, but I am unconvinced that Bitcoin itself will be that mass market payment service to take on Visa and MasterCard.
However, continuing this line of thinking does give us at least an outline picture of the future, where some form of cryptocurrency is used as a secure global transaction service that underpins (but is not itself) digital asset trading. I understand the arguments for this to be a public, permissionless infrastructure.
Snippings