BitGrail checked balances before withdrawals in clientside JS. There’s no nationwide bank in the country that doesn’t spend tens of millions on appsec annually.https://twitter.com/matthew_d_green/status/962746421169487872 …
-
Show this thread
-
Replying to @tqbf
One has to ask: if the full design of those systems was completely public (and attackers were smarter) would that spending be enough?
2 replies 0 retweets 1 like -
Replying to @matthew_d_green
Enough? Of course not. Better by leagues than cryptocurrency infrastructure? Absolutely.
1 reply 0 retweets 9 likes -
Replying to @tqbf
But cryptocurrency infrastructure has been astonishingly robust. Bitcoin clients are written in C++. Heard of any network-crashing RCE? Eth uses a custom VM. Heard of any major attacks on it? Exchanges aren’t “cryptocurrency infrastructure”. They’re random websites by amateurs.
4 replies 6 retweets 37 likes -
Replying to @matthew_d_green @tqbf
Are we having another round of "PGP is great, it's just that we need better keyservers"?
1 reply 1 retweet 17 likes
https://tools.ietf.org/html/draft-koch-openpgp-webkey-service-05 … specs better key-serving, but sadly nobody uses it :(
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.