Virus Bulletin :: VB2012 paper: Malware taking a bit(coin ...

Dose of Ether Podcast Covers The Phonon Network Off-Chain Scaling Solution & The GridPlus Team Answers Their Questions

The Dose of Ether podcast just revisited GridPlus on their latest episode and dived into their questions about the Phonon Network off-chain scaling solution for Ethereum and Bitcoin (and potentially other chains supported on the Lattice1 in the near future). The section covering Phonon Network begins around 36 minutes into the episode and runs till the end.
Mark D'Agostino and Karl Kreder answered some of the questions raised on Twitter and the GridPlus Telegram. Here are some of the responses provided:
Is the Lattice1 required for using Phonon Network?
Karl: " To address some of the questions. The Lattice1 is not required to use Phonon just a compatible smart card. However, having a Lattice1 allows you to do it more securely in a potentially automated way. There are plans afoot that should allow cards to operate across many vendors. " "Other manufacturers can certainly produce this as well, and these cards are pretty cheap. "
Does this require using some kind of hardware though?
Mark: "Yes! It requires having at a minimum the Java Phonon applet on a card. On the brightside, a manufacturer can produce these relatively cheaply. I bet there will be options for end users to buy them for ~$10 or so once at scale. It does not require a secure card reader (the Lattice1), but that is the safest option. A standard insecure card reader may be totally find for a user based upon their threat model. If they are making sub $5 phonon transactions, they are probably fine trusting an insecure card reader. "
Is this the Mac "walled garden" model?
Mark: "No. The Java Phonon applet is open sourced. We imagine other companies may want to produce these cards as well. I *think* Status will likely support it. It will be up to the end user who to trust. Or potentially certificates can go onto an onchain registry of certificates of cards made by supported or trusted manufacturers."
How are double spends prevented?
Karl: " The way that double spends are prevented is by the cards establishing trust when they interact. This is done via manufacturer certificates and a challenge response. Certificates attest to the HW and SW of a card. This gives assurance that Phonons are deleted once sent. The cards need to establish validity of HW/SW on a counterparties card. At manufacture, the card producer signs a public key associated with a cards PUF which serves as an attestation of HW/SW. Users/cards can then decide which cert issuers to trust. Unique certs are on each card"
What happens if I lose the SafeCard I'm storing my Phonons on?
Karl: " There are some trade offs to Phonon. Specifically, if you lose a card, you lose the money on that card. There can’t be recovery else preventing double spends would be impossible. Phonons should be thought of and treated like cash. Convenient but not super durable. "
Could a Status Keyards potentially talk to a GridPlus SafeCard?
Mark: "This is actually a really good question and has many implications. It will come down to a few things. We use certificates on cards which attest to the manufacturer. I trust the Status team, I think they are good actors. I would accept a Phonon from a Status card. I may not accept a Phonon from a random card who I don't know the manufacturer. We are exploring different ways to safely extend the root of trust to additional manufacturers. There is a neat idea floating around that needs to be fully fleshed out, but it looks like putting the certificates of the cards into an on chain registry. That's one way to let many different companies produce cards for Phonon. It would be up to the users to determine which manufacturers are trusted and should be able to add certs to the registry. This gets pretty complex and its only implementation route. Its totally unnecessary if we wanted to create a Phonon smart contract that was supported just by GridPlus or just by Status or just by both of us. But if we want many manufacturers to be able to produce cards to support this system, then it is a pretty clever way to do so."
Is there a time lock component or a need for both parties to be online simultaneously?
Mark: " Nothing like this exists. There is no concept of timeouts, there is no concept of CheckLockTimeVerify from bitcoin or a smart contract that does this in Ethereum. If you lose your card, or lose your pin code, you lose your Phonon. This keeps the implementation very simple, and makes Phonons act most similarly to cash. This has lots of implications, you probably don't want large value transactions in Phonon. Phonon also can't do complex EVM transactions. It's not a replacement for plasma or generalized state channels. It does do private scalable transfers really well, at zero cost. But there are more risks (like no backups)."
Lucian from Dose of Ether later joined the GridPlus Telegram to ask further questions so if you're curious to learn more join up and read through that discussion and share your own questions as well!
submitted by MidnightOnMars to GridPlus [link] [comments]

Setup on Mac - JavaScript Programming How to install Java JDK on Mac OS X ( with JAVA_HOME ... Intermediate Java Tutorial - 21 - How to put an Applet on ... Setup Eclipse On Mac OS X - Java Programming Java programmed moving car demo

I am displaying applet using JNLP. I have written all the necessary files. The jars are signed. Even applet is loading fine. I am getting lots of messages in Java console which are contributing to ... The Muscle Applet is a free implementation of the Cryptographic Card Edge Definition for Java Enabled Smartcards. It's capable of generating cryptographic keys on the card, and allows external keys to be inserted onto the card. These keys can be used in cryptographic operations, after proper user (or host application) authentication. The entry, penned by researcher Takashi Katsuki, describes a strain of Java Applet malware that either drops a Python-based malware in Mac operating systems or an executable-form of malware in ... The applet includes a scrollable list of pictures, which works fine in Windows, Linux and Mac OS X 10.5. We launch this applet via Java Web Start or within a web page. Our applet does not behave properly in Mac OS X 10.4, regardless of the version of Java (1.4 or 1.5). You can find a screenshot of the incorrect behaviour, when scrolling, here: is a site that allows visitors to generate hashes through a Java applet embedded in the browser. By creating an account with the site, the user can: Generate bitcoins via an interactive Java applet on the site ; Figure 3: Bitcoinplus Java applet. Send a link to other users so they generate hashes for the sender's account.

[index] [33023] [8196] [31014] [22017] [24021] [33642] [26921] [5221] [2287] [10900]

Setup on Mac - JavaScript Programming

Limited Time 95% OFF Coupon: Like our content and want to support us more directly? Help Us, Help You! ... Cr0w's Place is a site that deals with penetration testing, ethical hacking, technological news and tutorials. This is the channel of this site and we are go... Cyber 51's Channel features: * Hands-on Ethical Hacking and Penetration Testing Training Videos * Generic Cyber Security Threat Videos * Information on Cyber... Gaddis, Tony (2015-05-29). Starting Out with Java: From Control Structures through Objects (Page 488 and 489). Pearson Education. Kindle Edition.-----Bitcoin Address ... Setting up a Mac for Web Development - Homebrew / Terminal / git / Code Editor / Node.js - Duration: 1:34:51. Coding Garden with CJ 22,574 views