#( since they rely on her to translate the encryption ) | Explore Tumblr Posts and Blogs

stevenbasic · 9 months

Text

Growing into the Job, Post 373: Evolution Concerns

We’re just worried that her growth chart is beginning to look logarithmic came the message, the most recent in a series of alarmist communiques from a technician at their daughter company in the US.

Kristina Zhestakova had received the first text as she’d been talking with prospective recruits, young women in their second and third year. She was now between meetings, walking down the hallways of The Medical University of Warsaw. The school was her alma mater and she recognized most of the landmarks, the twists and turns of the old passages, the labs and classrooms. Many of the professors were new; the plaques on the office doors had been largely replaced by female names. Twenty years, she thought with a nod, had brought on some welcome changes.

You are working on the sequencing data? she replied, relying on the translation software of KOLECTV’s encrypted messaging app. Her English had improved over the last couple decades, ever since she’d been tasked with establishing the company’s first North American facility on the island off Mexico's coast, but she still preferred writing in her native Polish. She was glad this technician - Marcia was her name - used the secure proprietary messenger as she’d been asked; not all at this upstart American company Evolution Pharmaceuticals did.

Yes we have the bloodwork. Working on it but it’s complicated, came the tech's next message. They all knew that MM-1A’s eldritch origins complicated things, making the polymerase chain reactions difficult and keeping them from using the Sanger or NGS. The witches and their ways tended to do that, make everything either too easy or too much of a chore. But KOLECTV’s science had learned and become powerful. We’ve already identified the location of the breath and the voice.

Yes. Doctor Zhestakova’s heels <click-click-clicked> on the tiled hallways of the medical school. Ostensibly, she was still, in title, Senior Vice President of Biotechnology at Gray Global Enterprises, once an American shipping empire that was now little more than a shell company for a good-sized group of the collective’s holdings. KOLECTV, technically, was one of those. However, in the early days, like a tick it had drained GGE’s resources and quickly came to dwarf its parent company and now controlled its interests. It was now an enormous, if still shadowy, network with tendrils not only in the medical and scientific industries around the world, but deep in other businesses, banking and politics.

The hope was that, soon - especially after the victorious results in the recent American elections - KOLECTV would finally shed the false auspices of GGE and begin to reveal itself. It would grow in power tenfold, it knew, when it could step out of the shadows on its six-inch stilettos and begin to claim its empire. When it is done send the sequencing package to my team at Coronado.

Of course Doctor. We’ve also located multiple other newly active gene loci, of unknown phenotype expression, the technician’s next message explained. Dr. Zhestakova knew what that meant, other potential abilities budding within the subject.

She’d spent many of her early years with the company, after being sent to America soon after medical school for project “Bridesmaid”, and then setting up and studying at their island research facility, KOLECTV’s first in the New World. The project, nearly twenty years prior to today, had ultimately resulted in the takeover of GGE and the facility was now one of many jewels in the crown of the movement. Dr. Zhestakova had been not only an operative (088) in that operation and an integral player in building the prototypes for what the women of the new world could be, but an early beneficiary subject (Program, 3133j) as well.

Send it all. But tell no one else, for now. I want Coronado to go over it so we can develop an isolation plan. Dr. Zhestakova knew that Oksana and others in KOLECTV’s higher ranks were made nervous by her tendencies towards self-autonomy and transgression; she’d seen the old files they kept on her. She knew that her independent streak, coupled with her Program-gifted intelligence and with what they called her “relative lack of empathy” was seen as both a powerful opportunity for the movement but something they struggled to keep in check. She knew her file also described her tendencies for excessive behaviors and indulgences. Those, over the past decade or so, she’d made good progress in controlling, reining in.

She could really use some vodka.

The height? The explosion in strength? We’re not worried? came the technician’s concern..

Fuck the height and strength. I’ve seen the monsters they’d made, the failed experiments in Siberia and Kazakhstan. That can be dealt with when the time comes. Let the other abilities manifest first, so we learn, glean, farm. No we are not yet concerned.

Others would be, she knew. Others would be very concerned. Dr. Zhestakova could only do so much, but she had been trying her best to keep the snowballing irregularities in Project MM-1A's case “under the radar”, as they might say in the US. If they were to attract notice, the project could get shut down; Kristina knew there was so much potential to be culled, so much that could be achieved. Just imagine, she found herself thinking, an army of superwomen not only bigger, taller, stronger than any man alive, like we’d planned…

No, the possibilities might go well beyond that.

…but impervious to heat, and harm, and bullets…

And in a rare moment of heart-pounding speculation…

Imagine an army of women that can fly…

=========================================

for more on the enigmatic, psychopathic and high-functioning alcoholic Dr. Zhestakova, as well as “Project Bridesmaid”, please see required reading “Trophy”

#growing into the job

18 notes · View notes

neonblessing · 1 year

Text

⚠️ SPOILER ALERT! ⚠️ Click here to read Neon Blessing from the beginning!

Shiv pocketed the phone, then reached out and took Ornarch’s withered hand. “I’ll do it.”

Her god smiled. “I knew I could count on you.” With a twist of his long, thin fingers, a sleek black card appeared and found its way between her fingers. “Twenty thousand credits.”

Shiv nearly dropped the card in surprise. “Twenty thousand?!” The payout for picking a pocket was three digits at the highest: cards would be canceled long before they could be used, and there was always the risk that the mark might have augments or trackers. B&E paid better, but you needed to find a fence who could break into stolen electronics, and they were almost universally scum. The shit she and Raz had looted on the botched job could have been worth a hundred grand, even after a steep cut from both Ornarch and a middleman, but that had taken weeks of planning and cost her an arm. Twenty thousand up front was unthinkable.

Ornarch waved a hand dismissively, rings glinting in the industrial glare. “Grease some palms, hire some muscle, buy a gun. Whatever makes the job easier.”

“Thank you, lord.” She hesitated a moment, realizing she had no idea where to start looking. “Do you have any leads?”

“How were Raz’s finances?”

“About as broke as me, I think. Those implants cost a lot.”

“So they’d need to sell off some of the haul to get away from here. They aren’t safe in the Diluvian, and fare out of here is pricey.”

“I’ll ask around.”

“Wonderful.”

“Any idea as to why they did it?”

“No. No clue.” She almost choked on the words. That was the worst part, the bit that kept her up at night. What could have been so important that they’d just leave her?

“Ah well. Good luck, Shiv.” The dismissal, unspoken, was irrefutable. She would do what he wanted, he would give her what she wanted. The conversation was over. For all his immortality, Ornarch was not a patient god.

Shiv turned to leave, the roar of water rushing up to meet her as she approached the exit of the pipe. Could she even kill them? In a fistfight, even down an arm, definitely. Guns were a toss-up given that neither of them knew how to shoot. But of course, Raz was a skulljack, and a good one at that.

Skulljack. It was a dirty word, the worst kind of mage. Raz’s brilliant blue undercut hid dozens of neurocranial implants–translators and antennae and arcane batteries–all bent towards one terrible purpose: the subjugation of the will. In that dingy waiting room before their first operation, she’d told them not to do it, but she’d come to rely on their skills in the years since: skulljacking took too long to be useful in a fight, but it was priceless in an interrogation.

Of course, skulljacking was easier the better you knew someone, and they’d grown up together. Over a decade and a half, she and Raz had bared every last rotten secret–had aired out every scrap of encryption around their souls. They promised they’d never fuck with her, but would she know if they had? Even if they hadn’t, how long could she hold out against someone who knew her first crush, all her fears, and everything she’d ever dreamt of?

As she climbed the stairs back to street level, her nervous thoughts sublimated into a mantra, repeated with every step.

I’m not who I was a month ago. That woman could never imagine killing them. I can.

First Page – Previous Page – Next Page

#6 #neon blessing #shiv #ornarch

29 notes · View notes

wackygoofball · 6 years

Photo

Moodboard: Jaime x Brienne - Military Encryption AU

Brienne of Tarth always wanted to join the military ever since she was an adolescent. Never having met expectations due to her looks and attitude. She never quite fit in, but Brienne hoped that she would fit right into military service. The idea of helping end the war, of doing something purposeful instead of simply being a failure in all other matters grew to be more and more important for Brienne as she grew up.

However, her hopes were soon disappointed: The military still refuses to have women serve in active service, even if they were to fulfill all other requirements.

Not wanting to admit defeat just yet, Brienne eventually agreed to take up an administrative position at the headquarters in King’s Landing, hoping that proving herself as a useful member may perhaps heighten her chances eventually. So long she helps in the efforts to end the war in some way, it is still better than failing at what awaits her back home, after all.

Jaime Lannister always knew that the military was his place to be. It almost seems to run in his blood. His own father, Tywin Lannister, is a respected or rather feared admiral among their ranks for many years. His uncle is in the military as well. His little brother is the only male member of the family who, due to his dwarfism, did not and likely won’t ever serve. Not that Tyrion is interested in that anyway. He much rather handles finances and politics surrounding the family business. But Jaime? He was made for war.

Or so he thought until just recently.

He is only back in King’s Landing for a few weeks by now and hates nearly everything about it. Or rather, he hates everything about himself being there. Jaime would much rather be back on the battlefield, but ever since he got caught up in an explosion, his hand is likely permanently damaged, which means he is no longer of use for the battlefront. While the administration put it in nicer words, Jaime knows as a matter of fact that this is the case.

They call it “sick leave” – Jaime calls it “a way of no return.”

To make matters impossibly worse, they just recently assigned him a job in the administration that deals with something that could, to his understanding, not possibly be further away from the battlefield: Encryption.

And frankly, Jaime has no time or interest in those spy games he knows are becoming increasingly more important in the war. He is a soldier, not a spy.

Thus, Jaime is stuck behind a desk, clumsily scribbling on papers, signing as quick as possible so that people don’t see too much of his chicken scratch, waiting for the smart people crunching the numbers to decode message after message from the enemy’s side. And those people are not his kind of game. They are scientists, mathematicians, the brains. Jaime fares best with fellow soldiers, the muscles. They understand him, but the people around here? They haven’t ever seen a battlefield up close. How do you explain to them that while you jump at the sound of a stapler being too loud, you still crave nothing more but being right back there, even though it cost you your hand already?

Jaime reckons that he would do best simply accepting his fate and letting authorities have their way to discharge him. He is well aware that they give him this spot in the hope that he will drop out. Just as he is aware that his father is likely the one pulling the threads as there is a family business in need of running, and while Tyrion does that all too well, Jaime knows that the Admiral does not trust is youngest by any means.

Because his family is messed up that way.

At the office, he soon meets Brienne. When he means to assign some secretary duties to her, the mannish woman, much to Jaime’s shock, is right in his face, insisting that this is not part of her responsibility.

“And won’t ever be. I am working for the administration, not for those working within the administration. Good day, sir.”

Jaime, not having much else to do, makes a habit of it to tease her about the matter anyway, if only to have her scowl and storm out of his office when he tries to get her into doing some secretary duties for him.

While boredom dominates most of his time, Jaime soon finds the entire department in an uproar when they are confronted with a new kind of code that no one knows how to decipher, and that even though that information may prove vital to prevent more innocent people from falling victim to the war. While he fears that they won’t be successful, he knows as a matter of fact that he won’t be of much help regarding the matter.

He is a soldier, not a cryptanalyst, Seven Hells.

One evening, Brienne, as usual, stays after the working hours to wrap up paperwork and make sure everything is in order the next day. While she would much rather be out in the field, she learned to appreciate to be in this department of all those available. She always had an affinity for numbers and codes, though she mostly abandoned those when she focused on becoming a soldier. Going through the files on Commander Lannister’s desk, she finds printouts scattered around.

She would much rather just leave the things as they are for him to do it himself, but then thinks better of it because those petty fights are nothing she will join in, not when the stakes are as high as they are right now. She heard the rumors about a new code even the smartest of their department can’t figure out just yet, even though they are running out of time. And that is no joking matter. Lives depend on it that they find a solution, that they learn of the attacks before they take place so they can intervene, evacuate, preserve lives.

After all, that is their purpose.

As Brienne puts the printouts in order, she can’t help but take a closer look at the codes, but as she goes through the numbers, the young woman recognizes a pattern.

Can it be that they didn’t see it?

Brienne sneaks into the ops to take a look at more of the printouts to confirm her hypothesis, all too well aware that she is not supposed to be in there. But this is too important to leave to fate – and Brienne knows that she can’t rely on the generals to hear her out. After all, they see in her what Commander Lannister sees in her as well – only just a secretary, and an ugly one while at it.

And to quote the commander “also one quite terrible at her job.”

“What are you doing here?!” she can hear a voice ring out. Brienne turns around abruptly to see Commander Lannister standing there.

“I… I was just…,” she mutters helplessly.

This was a terrible idea.

“Now don’t say you were cleaning here,” he scoffs. Jaime knew that spying was never his kind of business, if that is the result, having to see even more people who have never been to war try to take advantage of it to serve their own needs. He is just so sick of it all.

“No, I wasn’t, Commander,” Brienne insists.

Jaime motions closer, his features grim. “If you don’t tell me what you did in here, and convince me of it, I will report you instantly. This information is too important to be leaked by a mole.”

“I am no mole!”

“Then tell me what you did that does not count as treason,” the commander demands.

Brienne licks her lips before answering, “I thought I recognized a pattern in the codes when I cleaned up your desk. I would never betray our cause, Commander. I just… I just wanted to help.”

Jaime covers the last bit of distance between them, not yet sold on the idea. Who knows, maybe she was sent here as a spy after all. However, when he takes a closer look at the printouts, her story seems confirmed: Brienne actually managed to translate parts of the message they are so desperately looking for.

“You did that.”

She nods. “Yes, Sir.”

“How? Last time I checked, you were no cryptanalyst,” Jaime huffs. “Just like the brains were not able to figure out what now a secretary is supposed to just happen to know? How is that possible, Miss Tarth, hm?”

“I am no cryptanalyst. I just always had an affinity for numbers, Sir,” Brienne answers. “I studied mathematics, but I was focused on getting into the military instead, which is why I never pursued that interest further. And then I thought that it was too late for me to try to sign up for such a post. They were not hiring by the time I was looking for a job here.”

Jaime studies her. If the woman is a spy, she is terribly good at acting terribly bad at lying.

“I want to help protect the people, Commander. That is all, I swear it. I am no spy. I am not doing this for personal gain. I just want to help.”

Jaime sucks in a deep breath. At some point he can’t believe that he is even considering this, but there is only one way of knowing – and that is by giving it a try.

“… Then what do you need?”

Brienne blinks at him. “… All printouts.”

“Alright, here is the deal: You get this one chance, and if you betray me, you won’t see the light of day in a long time, trust me. I will give you the printouts, but you won’t leave my side for only just a second. You don’t get to copy anything, you don’t get to take anything home.”

She nods. “Yes, Sir.”

“Good… then… do your thing and… crunch the numbers.”

“Yes, Sir.”

And so, Brienne sets back to work. Jaime can only ever stare as the woman single-handedly works her way through piles of paper, figuring out what an entire team of cryptanalysts failed to do in days. By the end of the night, they have all information they need, if she is telling the truth, that is.

“I would suggest the following: You take that information and run it by your sources. Give it to your bosses and say you have it from an anonymous source. If they confirm that someone is moving missiles to that location, you will know that I was telling the truth,” Brienne tells him as they are wrapping up.

“You know that if we go down that route, you wouldn’t get any credit for this.”

“I don’t want credit for this. I consider it my duty to help, Commander. And that is nothing I need praise for.”

Jaime follows through with her proposal and calls in some favors, does his research, something he didn’t quite do that way before, but finds ever the more rewarding as more and more puzzle pieces come together. In due time, Jaime can confirm Brienne’s analysis from the codes they received. Together with a group of trusted soldiers, Jaime is able to break up an arms deal before it can unfold at just the location Brienne told him.

Back at the ops, Jaime finds himself instantly surrounded by generals demanding answers about how he could possibly know this. When confronted with the interrogation, Jaime tells them that he can show them his primary source, only to lead the generals into Brienne’s tiny office.

“She did it,” he announces.

“I did what?”

“Figure out the codes, wench. You were there, you should remember,” Jaime huffs.

“Do not call me wench!” Brienne pouts, well embarrassed at the fact that he dares to use his “nickname” even when around the generals.

“Anyway,” he says, turning back to the generals with a smile. “I think you forgot one potential cryptanalyst during the recruitment – because she may just have saved all our asses, Sirs.”

The two are positively in shock how fast things move forward going from there. Only a few hours later, Admiral Lannister arrives at the scene and announces that Jaime and Brienne will be moved to Hut 5, which is the department dealing exclusively with espionage and encoding of the highest order. Jaime can sense right away that his father is not particularly pleased with the decision, well aware that his father wants him out of active duty ever since he was sent on “sick leave,” but he seemingly has to bow to the other generals calling the shots on the matter.

Authorities decided that the two may prove useful in that Jaime proved particularly well in obtaining intelligence fast while Brienne evidently has a natural talent as a cryptanalyst that they better put to use.

And while the two are relieved to get something more important to do, they are not entirely sure about whether that is the kind of job they want to do. Jaime joined the military to serve in the war, Brienne joined the admin in an effort to get there as well, and now they are supposed to play dirty, figure out codes, lie, betray, set up? Something seems very wrong about that.

Jaime is quick to agree, reckoning that this may be his only way to ever get back into active service, granted that this position will allow him some autonomy he will certainly never get in an administrative job. Brienne remains more hesitant as this conflicts more and more with the woman she wanted to become.

And then she is supposed to work closely together with Lannister of all people? Brienne is not at all impressed with that.

Things don’t go smoothly at first, not at all. While Brienne proves to be more than just a natural and Jaime finds out that he is actually as good as people believe him to be when it comes to gathering secret information, their cooperation mostly consists of clash after clash. While Brienne is supposed to just crunch the numbers, the woman is unwilling to simply stay in Hut 5 while Jaime does his part on the job.

Quite on the contrary, Miss Tarth regularly insists on coming along on missions he deems far too dangerous for a woman who evidently has no combat experience. After all, they are putting up with arms dealers, spies, and big guns working for the other side. Jaime knows that they are not messing around.

However, no matter his insistence, Miss Tarth makes a habit of it to chase after him when he is on a case.

It doesn’t take long for Jaime to realize that Brienne is far more of a gifted fighter than he ever would have imagined, following one particular instance wherein his hand fails him and she knocks the guy out before things can escalate.

“I may not be a soldier, but that doesn’t mean I didn’t train to be one.”

The two grow together as a team and learn to respect and trust one another. Against the odds of their differing viewpoints on many issues, they agree on the things that matter. Brienne wouldn’t have guessed that behind the snarky commander looming behind the office desk hides a man scarred by war, scarred by his past experiences which he hides away for the good of the people. And Jaime, for his part, never would have imagined that a woman who is so stiff and honor-bound could understand him so well, just like he never would have thought that this woman can be so intriguing in her odd way.

She even teaches him the basics of coding, and while Jaime knows that it’s just the basics, he starts to enjoy the little secrets passed between them over time. All of it makes the horrors of war, the danger of the missions, a little more bearable.

There is suddenly someone to return to.

Someone to fight for.

The stakes are raised when they are able to track down secret messages that hint at a strike against them involving wildfire. Jaime, who had to see the green fire in use under his former boss, Aerys Targaryen, is very eager to find a solution. The problem is that this is a new kind of code that no one was able to crack down on yet.

Brienne does her very best, but now feels the heat ever the more because lives depend on her to solve the code.

Over the course of the events, their relationship becomes more and more strained as both are caught up between wanting to protect the other and solving the case as fast as possible, even if that may mean putting the other in danger.

A fallout between the two, wherein Jaime demands of her to stay in Hut 5 from now on, among other things, leads to Brienne being abducted by the enemy as they have since learned about Brienne’s talent of cracking those codes and now want to force her to reveal intelligence to them so they may break into the other system.

A race against time begins for Jaime and Brienne, caught up in a game they may well end up losing if they fail to find the secret messages within…

Additional Image Sources: The Bletchley Circle (2012-2014) & The Imitation Game (2014).

#jaime x brienne #jaime lannister #brienne of tarth #moodboard #aesthetic #got moodboard #got aesthetic #wacky tries gimp #fanfic #ficlet #wacky writes fanfic #in smol

80 notes · View notes

cryptoquicknews-blog · 6 years

Photo

New Post has been published here https://is.gd/d0GcvV

ConsenSys Invests in Two Crypto Startups to Lead VCs Into Ethereum Ecosystem

This post was originally published here

Despite recent belt-tightening at Brooklyn-based ethereum venture studio ConsenSys, the company’s investment arm is ramping up outreach to independent startups.

ConsensSys Ventures, headed by managing partner Kavita Gupta, announced two new investments on Thursday: $1 million in the Paris-based crypto wallet and trading platform Coinhouse and an undisclosed amount in the encryption-centric browser Tenta.

Gupta told CoinDesk these companies distinguished themselves with teams that include bitcoin veterans serving established user-bases. According to Coinhouse, the platform has over 150,000 user accounts. Plus, the startup’s CEO, Nicolas Louvet, was an early investor in the hardware wallet startup Ledger. Ledger CEO ��ric Larchevêque was a reciprocal investor in Coinhouse and both men now sit on the boards of each other’s respective companies.

“A settlement custody solution [Ledger] working with the exchange [Coinhouse] … is very relevant to how at ConsenSys Ventures we think about investing,” Gupta told CoinDesk in an interview Thursday.

As for Tenta, which features a built-in VPN, ad blocker and full data encryption, Crunchbase lists the browser as having at least 61,489 downloads. The ConsenSys-incubated wallet startup MetaMask is already in talks with Tenta regarding how the latter’s mobile browser could include built-in crypto wallets.

“Our mission to make private and secure browsing fast and ubiquitous received a huge boost with ConsenSys support to expand to other platforms while continuing to innovate great new privacy features,” Tenta CEO Jesse Adams said in a statement.

ConsenSys Ventures was launched in 2017 with $50 million to invest in startups that would complement those under the main ConsenSys umbrella, with a similar mission to help build the ethereum ecosystem. Since then, Gupta said her seven-person team at ConsenSys Ventures has distributed roughly $14.5 million across 14 projects, noting there are still a few more equity deals in the final stages of completion.

Those deals involve early-stage projects that graduated from the inaugural cohort of the ConsenSys accelerator program Tachyon, which took place in San Francisco in 2018. Gupta said her fund will allow the teams to raise from outside venture firms and then match that valuation to buy 7 percent of the equity, as just one example of the type of deals in progress.

As such, Gupta’s strategy is to bring as many traditional venture capitalists into ConsenSys’ orbit as possible, to benefit from their experience with mainstream tech products.

“We have been helping a lot of VC funds to think through their investment thesis and introduce them to the ecosystem,” she said, adding:

“In a lot of our investment deals lately, we have invited a lot of our friends and other funds who we respect, and they have participated.”

VC synergy

Indeed, ConsenSys Venture’s portfolio now shares mutual investments with Coinbase Ventures, Intel Capital, Sequoia, General Catalyst, Kindred Ventures, Betaworks, 122 West, La Famiglia and Paradigm, just to name a few.

For Coinhouse, Gupta’s team led a $2.8 million Series A with additional funding from Digital Currency Group, XAnge Siparex Innovation, and BTU Protocol Ecosystem Fund, along with several angel investors. (Full disclosure: DCG is the parent company of CoinDesk.)

Meanwhile, more than 60 applications are already rolling in for the upcoming Berlin-based Tachyon program this year. Gupta said more than 200 projects applied for the first cohort and she expects there to be an equal number for Berlin by the time applications close in February.

More than anything, Gupta said the first Tachyon program taught her team about what they are looking for in an investment. Namely, they want startups that are able to raise capital and run businesses on their own, without solely relying on the pocketbook of ConsenSys founder Joe Lubin.

“We will invite more founders from both sides of the community to talk about being an entrepreneur, raising money,” Gupta said. “We are inviting 10–12 founders who had really good exits from their company, really good Series B raises, to talk about that experience.”

In a sense, this is consistent with the old ConsenSys strategy, which relied on partnerships within Lubin’s network and viewed portfolio companies as strategic partners. For example, several ConsenSys-incubated projects became the first users to test the loans facilitated by the portfolio company BlockFi. Sometimes portfolio companies work directly with ConsenSys teams for consulting and building products, whether the results stay in-house at ConsenSys proper or later translate to the external portfolio company.

“It’s very close-knit,” Gupta said. “They [Coinhouse] will also be working with any other exchange products, wallet products, custody and settlement solutions that have been incubated by ConsenSys.”

Going forward Gupta says she’s looking to prioritize investments in startups that focus on three things: infrastructure, privacy and network effects.

Speaking about ethereum at-large, she added:

“For us, we want to focus on what is going to drive adoption.”

Kavita Gupta at Tachyon Demo Day 2018 image via ConsenSys Ventures

#crypto #cryptocurrency #btc #xrp #litecoin #altcoin #money #currency #finance #news #alts #hodl #coindesk #cointelegraph #dollar #bitcoin View the website

New Post has been published here https://is.gd/d0GcvV

#Uncategorized

0 notes

embhm · 8 years

Text

Chapter 184: The Surprisingly GOOD NEWS

Note: Hey guys, it’s Alec. Using a self-adapting reverse encryption program, I managed to hack into Sae’s account. Possibly to spy on her followers and the like, send clandestine messages to certain people to help my rise for dominion over the BL world! Muahahaha! ( ๑‾̀◡‾́)σ» But I digress... thank you for your patience awaiting these upcoming chapters. Please don’t forget to thank our lovely translators for their hard work which the Addicted fandom relies on. Much love to the entire Addicted fan community.

NO SPOILERS PLEASE!!!, in the comments or anywhere on this account. We have not finished reading the novel. No copy/paste and all that other shenanigans either. Vote/likes/comments are highly appreciated.

Translators: Grantye, Sienna, Sae Editors: Jowly & Alec

As always, THANK YOU for reading and enjoying the journey with our HEADSTRONG boys:

GU HAI & BAI LUO YIN

《你丫上瘾了》

Chapter 184: The Surprisingly GOOD NEWS

By the time Gu Wei Ting lay down, Gu Hai was already sleeping soundly and the lights in the room have long been turned off.

He stared at the darkness for a couple of minutes before his hand started creeping towards the switch. He couldn’t sleep so he wanted to turn the lights back on. His hand had reached the switch but then he decided not to press it. He looked at his son who was sleeping soundly beside him. They were merely inches apart. Seeing him in such a calm and relaxed manner, Gu Wei Ting can’t help but feel the urge to observe him closer.

Since Gu Hai was a kid, Gu Wei Ting can only count the fingers of one hand the number of times he’d been able to look at him attentively like this. His last memory of such a time was when Gu Hai’s face was just the size of his palm. In the blink of an eye, that once innocent face had turned mature and strikingly handsome.

Years of absence from Gu Hai’s life robbed Gu Wei Ting of not only the chance to experience the joys that come with being a father, but also the chance to watch his only son grow little by little into the fine young man that he is today. Try as he might, there are so many details about Gu Hai’s life and personality that Gu Wei Ting can’t remember. For one, he has no recollection of the first time Gu Hai called him “father.” He also has no memory of the very first time Gu Hai learned to walk. He also does not know what his son liked to eat as a kid, or the toys he liked to play with.

As far as he can remember, every time he would face his son, Gu Wei Ting has always worn a monstrous appearance and a rather formidable aura.

When Gu Hai lazed around during training, stirred up trouble at school, licentiously wandered around, and even when his twisted love affair was exposed, it was always .this strong and sinister image that loomed over him. Always.

Gu Wei Ting neither tried to hear his son’s side nor did he ever ask him to sit down for a proper talk. His means for solving whatever problem he faced was always to throw a fit of rage and beat Gu Hai. The sad part of this reality is, for the longest time, this was the only way that the two ever interacted.

In all the years that passed, Gu Wei Ting never showed any warmth towards Gu Hai. Even during the first few days after his wife passed away, Gu Wei Ting never stuck around. He ran off; went from one place to another. He left his only son alone. A son who was forced to deal with the misery of losing the only person who showed him love and compassion all by himself. He never once thought how broken-hearted, sad, or devastated a 14 year old child could be when faced with such a tragedy. What’s worse is that it never occurred to him how traumatizing that experience was for a child.

So the moment, he saw his son--who was more than 180cm--tightly holding on to his own leg and huddling inside a small wardrobe, a stabbing pain unexpectedly struck his heart.

He thought, “Regardless of the mistakes Gu Hai had made, the one person who should take the blame is me.”

Gu Wei Ting quietly observed Gu Hai’s face in the darkness. Even he was not aware of how tender his own eyes were as they stared at his son. As he took in all the details of his son’s face, Gu Wei Ting saw two cotton balls stuck on Gu Hai’s hair. He immediately reached out and removed them. He then saw a trace of mud at the corner of his mouth. Without even asking why and how it got there, he wiped it away.

The lights were still off.

Gu Wei Ting lay down on his back. Not long after, he sensed Gu Hai turning over and moving closer to him. Of course, Gu Hai was already in a deep sleep and his guard was already down. What remained is some semblance of innocence and the undeniable promise of youth.

Ignoring the person moving closer to him, Gu Wei Ting turned to his side, facing Gu Hai. He was about to close his eyes when he felt someone grab one of his hands. Those two hands were warmer than his by tenfold. And as they wrapped tightly around his, Gu Wei Ting’s expression became listless for a moment. His eyes fell on Gu Hai once more.

He’s not awake. Is he just subconsciously looking for a place to warm his hand?

As he looked at his son in this state, Gu Wei Ting became deeply moved.

-----

During breakfast the next day, Gu Wei Ting was contemplating the situation he and his sons were facing. He kept quiet for a while, pondering by himself, before he turned and asked Sun Jingwei.

“What do you think about Gu Hai’s situation?”

Sun Jingwei had just taken a spoonful of porridge. He nearly choked on it when he heard those words.

“You’re asking for my opinion?” He asked in a somewhat startled manner.

“Is there anyone else here?” Gu We Ting raised a brow.

Sun Jingwei never expected Gu Wei Ting to ask for his opinion regarding this matter. To say that he was shocked by this sudden show trust is an understatement.

He placed his chopsticks down and smiled awkwardly before taking in a deep breath.

“Actually...as parents, I don’t think we need to make such a big fuss over a minor issue like this” he says. “More often than not, our strong desire to control our children backfires and causes them to be even more determined to do the very things we don’t want them to. I say, let them decide how to handle things themselves.”

“Take my daughter for example. She dated a guy when she was in her second year of junior middle school. They’ve already broken up yet her mother and I still don’t know exactly what caused them to separate. My daughter has learned from her past and is better now. The one time she opened up about it, she completely laughed the entire matter off as if it was a joke. Just think about it! If my wife and I had known about their relationship when they were still together, and tried to break them apart, would she have inevitably taken the matter as just puppy love? Wouldn’t that joke of a relationship become real and genuine in her eyes? Similarly, if you were to personally break the boys up, wouldn’t the two of them subconsciously define their feelings as love? Actually, what have you seen? Hugging? Being intimate? Think about it, when we were younger, who wasn’t affectionate with each other, huh? Perhaps, two or three years from now, when they’re living in a new environment, they’ll turn back and look at everything and see that all of it was just a joke and nothing else.”

Gu Wei Ting remained silent. His gaze never left Sun Jingwei as he contemplated the things he just said.

“Do you mean, I should let go and not care about this?”

“I never said that you shouldn’t care,” Sun Jingwei kindly smiled. He was much calmer now. “The best you can do is guide them. Whether they listen or not is totally up to them.”

Gu Wei Ting gave a cold snort when he heard Sun Jingwei’s last statement. “Then he definitely won’t listen.”

“In all honesty, I think you’re overthinking this matter. Do you remember Xiao Zheng from the third brigade? That guy who--during one of the nightly room check-ups--was found squeezed inside one blanket with with Er Hu, the soldier who slept beside him? After further investigation, it was discovered that their relationship wasn’t normal, and they were immediately expelled. But what happened in the end? After leaving the army, they’ve both respectively got married and had kids within two years. Now, I reckon there was never anything between them from the start.”

“I’ve already thought about everything that you’ve said. But the point is, my son is not Xiao Zheng or Er Hu. You’ll never meet such an unusual breed like him, even in a hundred years.”

Sun Jingwei stifled a giggle.

Even if he’s an unusual breed, he’s still your offspring.

“I don’t think he’s unusual in any way at all. But because he’s your son, you subconsciously think that he’s unusual. If this kind of situation happened to my child, I would also be anxious and eager to separate them at once. But the point is, you can’t rush this sort of situation. It’s useless to be anxious about it. Right now, those two are at a phase where there’s yearning and affection for one another. What can you do to them? Send one abroad and lock the other up in the military base? If they keep on thinking and worrying about each other like this, no matter what you do to separate them, they’ll continue to think of ways to get back together.”

It might not have been evident, but mentally Gu Wei Ting acknowledged those last few words. It gave him the will--but not the strength--to consider another course of action.

Controlling either Gu Hai and Bai Luo Yin or the situation was impossible, but ignoring it all together was impossible as well. From the looks of it, no matter what he does, those two would not allow their passion and love for each other to be weakened or whittle down.

------

Once afternoon class was over, Gu Wei Ting summoned his two sons to have lunch with him.

“After this meal, you both can leave and do whatever you want!” Gu Wei Ting said in a low yet powerful tone.

After hearing those words, Bai Luo Yin and Gu Hai--who were busy burying their faces in their plates-- lifted their heads. They cannot believe what they just heard.

“Dad, what do you mean by that, huh?” Gu Hai asked with furrowed brows. He then glanced at Bai Luo Yin from the corner of his eyes.

With indifference written all over his face, Gu Wei Ting simply let his gaze sweep by him. “What I mean is, you two better not hang around in front of me anymore. Just looking at both of you annoys me.”

Silence. This bit of good news was totally unexpected and unbelievable so neither of them were able to respond immediately.

Bai Luo Yin looked at Gu Wei Ting with disbelief. Just this morning, he was still worrying about the secret tunnel that linked his and Gu Hai’s rooms. He had been considering to quickly cover up the tunnel in fear of Gu Wei Ting discovering it and beating Gu Hai again.

It seems he had nothing to worry about after all, for things have taken a sudden turn for the better.

To Bai Luo Yin’s side, Gu Hai’s hand started to move. He reached out to touch Gu Wei Ting’s forehead but his hands were met in midair by a pair of chopsticks.

“Dad, wait. Are you suffering from something?”

“Don’t act stupid with me!” Gu Wei Ting’s expression darkened, “Hurry up and eat! After you finish eating, leave immediately!”

Gu Hai’s black pupils flickered as he spoke, “Dad, you don’t care about me anymore?”

Gu Wei Ting only spared Gu Hai a few words, “Excuse me. That can never happen.”

“Don’t!” Gu Hai pretended to be obedient and innocent after he succeeded in gaining an advantage. “Dad, you can’t ignore me ah! I’m still counting on you to guide me to the right path. If you stand aside and do nothing, then what would happen to me if some twisted idea comes to mind and I start causing trouble again?”

Gu Wei Ting continued to eat the food inside his bowl. His expression remained calm and composed. “When I cared for you, you never stopped giving me a hard time. Now that I stopped caring for you, you can do whatever you want. At least I don’t have to see any of it anymore.”

“Then, what should I do if I miss you?”

This sentence finally caused the chopsticks in Gu Wei Ting’s hand to stop moving.

Looking at the sudden change in his father’s expression, a knot immediately wrapped around Gu Hai’s heart and strangled it.

Oh my God! Don’t tell me he’s touched by what I just said? What should I do if he really changes his mind and make me stay here? Fuck! I’m so stupid. I should’ve just kept my mouth shut instead of saying that!

Gu Wei Ting shot Gu Hai a quick glance. Then out of nowhere, he burst into laughter. Not a single word was said again. The three simply continued to finish the food inside their bowls.

On their way out, Bai Luo Yin gave the father and son a quick glance. Gu Wei Ting was smiling as he bid his sons farewell. His smile reminded Bai Luo Yin of Bai Han Qi. He would always give him the same sincere smile every time he would leave home.

“Dad, I’ll be going then!” Gu Hai finally said. He was carrying two large bags as he stood at the entrance to bid his father one last farewell.

During the entire time, Bai Luo Yin kept his eyes on Gu Wei Ting. However, when Gu Wei Ting shifted his gaze towards Bai Luo Yin, the latter immediately moved his eyes in order to avoid meeting Gu Wei Ting’s.

As they walked away side by side, Gu Hai and Bai Luo Yin greeted Sun Jingwei who couldn’t refrain from letting out a heavy sigh as he watched the two figures fade into the distance. “Bai Luo Yin is a pretty good kid.”

Gu Wei Ting, who was standing next to him, shot him a side glance, “How about I introduce your daughter to someone else so you can forget about him?”

“Don’t…” Sun Jingwei laughed while shaking his head, “I’m not worthy of being associated with the higher ups.”

Gu Wei Ting laughed along with him. The two then turned around and went inside together.

-----

As they made their way back home, Bai Luo Yin couldn’t help but be consumed with anxiety. He was so overwhelmed by this emotion, that he could not conceal it from the person beside him.

Gu Hai placed his hand on the back of Bai Luo Yin’s head and happily asked, “Don’t tell me that you’re still mulling over last night’s shock?”

“No, it’s not that,” Bai Luo Yin quietly replied. “I suddenly remembered my dad.”

Gu Hai halted his steps, “How about we go straight to your house?”

“No.” Bai Luo Yin suddenly gripped Gu Hai’s arm tightly, “I’ve been wanting to tell you….I plan on confessing to my father.”

After hearing those words, Gu Hai, whose mood that had just started to relax, suddenly became serious again.

“Is it okay if we take a breather first?” he wearily asked.

“Let’s get it done as soon as possible. Since the first try is always the most impressive, the second is weak and the third one is exhausting...”

Gu Hai’s forehead dropped to his hands, “It can’t be that torturous...”

____________

Are you addicted?

The original novel is written by Chai Jidan.

We do not own any of its content, we are translators and editors.

#are you addicted?#addicted the web series #addicted the novel #bai luo yin #gu hai #xu wei zhou #huang jingyu #hailuoyin #heroin #chinese novel #chinese webseries #chinese translations #chinesebl #guhaixbailuoyin #chai jidan

297 notes · View notes

matrixcoin · 5 years

Text

Bsfinance Best Investment Site

Works since 682 Days Ago

Welcome to BSFinance Limited!

BSFinance Limited is a well-oiled machine and a talented team. Each company’s employee clearly understands its responsibilities and tasks in the investment process.

BSFinance Limited is an investment company focused on making security transactions at stock exchanges and using the investment capital on Forex and the cryptocurrency market.

Speculative stock exchange transactions involving crypto-currency and similar operations in fiat currencies on the Forex market significantly improve the flexibility of the company when it comes to taking important decisions and concluding contracts and reduce the time it takes BSFinance Limited experts to process buying and selling orders.

BSFinance Limited confidently outperforms its competitor’s thanks to the task-oriented and highly professional members of our team, making company’s services and products stand out.

Our features

01 —

Worldwide

02 —

Pro-Management Team

03 —

Reliable Investment Plans

04 —

Wide Trading Experience

05 —

Fast Withdrawals

06 —

Live Support

07 —

Strong DDoS Protection

08 —

Strong EV SSL Encryption

Payment Processors

Referral Program

Terms ; Conditions General Rules 1) This report is created in accordance with the regulations of global regulation and business practice. 2) BSFinance Limited accepts folks aged 18. 3) The registration manner is integral for every BSFinance Limited client. 4) You agree with phrases and stipulations by using being a client of BSFinance Limited.

Investment Rules 1) Every deposit is considered to be a private transaction between BSFinance Limited and its client. 2) Clients manner all financial transactions fully at their personal discretion and their very own risk. The size and term of credit score are determined individually via each client. 3) Accrual of pastime on the funding is calculated and credited to the client’s account at the quit of funding time period for “After” funding plans and each day on ‘Daily’ funding plans. 4) The main is covered in earnings in ‘After’ investment plans and not blanketed (will be back after the credit expiration) on ‘Daily’ funding plans. 5) The activity price relies upon on the quantity of investment, investment layout, and credit term. 6) The client can use our Profit Calculator for an accurate calculation of his/her profit. 7) The client may pick any charge machine or cryptocurrency that we take delivery of in order to make a deposit. BSFinance Limited accepts only USD for investing. 8) The client can open solely one account per IP/Family/Device. If you want to open any other account contact us before at [email protected]. If a new account is opened, the historic account will be closed.

Anti-Spam Rules Spam is an industrial electronic mail or unsolicited bulk e-mail, consisting of “junk mail”, which has now not been requested via the recipient. It is intrusive and frequently irrelevant or offensive, and it wastes precious resources. Inappropriate newsgroup activities, consisting of immoderate posting of the equal substances to a number of newsgroups, are additionally deemed to be spam.

1) We don’t tolerate SPAM in our company. 2) We forbid unsolicited e-mails of any variety in connection with the advertising and marketing of the services furnished via BSFinance Limited. 3) If any regulation enforcement agency, internet provider, internet hosting issuer or other individual or entity grant us with word that you can also have engaged in transmission of unsolicited e-mails or may additionally have engaged in any other case illegal habits or habits in violation of an internet carrier provider’s terms of provider or any such insurance policies or regulations, we will reserve the right to cooperate in any investigation bearing on to your activities together with disclosure of your account information. 4) If you did not obtain a letter from BSFinance Limited, please don’t forget about to take a look at your Spam folder because some email services might also mark our e-mail as Spam.

Procedure for amending the existing rules 1) Administration of BSFinance Limited reserves the right to make changes to the contemporary report besides the consent of investors. 2) Administration of BSFinance Limited will inform consumers about adjustments with the aid of publishing word on the website online of the company. 3) Terms and Conditions adjustments come into force considering that the date of publishing records on the site, except otherwise supplied in the text.

Customer Service and Support 1) Every consumer has the proper to get any additional information from our aid service. 2) The client may additionally contact our assist service via our Support Form or some other approach which is convenient for him. 3) The client consents to behave with courtesy with our help service and follow the guidelines to prevent everybody from a potentially bad situation.

============================== Where is BSFinance Limited incorporated? BSFinance Limited is definitely a prison investment corporation included in the United Kingdom. Reg. number: #11903886. Office Address: 1 Scott Pl, London, United Kingdom, M3 3RN. Learn extra about BSFinance Limited.

How long does it take to make my consumer account active? Your account will be active right now after registration.

Who may additionally be a purchaser of BSFinance Limited? Everyone might also be a customer of BSFinance Limited, but he\she should be no longer much less 18 years old.

How may I become a consumer of BSFinance Limited? You might also become a customer of BSFinance Limited and it is completely free of charge. All you need is to signal up and fill all required fields.

Is it free of cost to open an account? Yes, it is totally free of charge.

I have bother for the duration of registering. What shall I do? Check the proper of the entered information. Displayed errors might also assist you. The gadget suggests the place you made mistakes. Sometimes it could be a browser issue. Try to alternate your browser or turn off any translator if you use it. If you need similar assistance do not hesitate to contact us.

How may I get admission to my account? You can also log into your account by using clicking the link Login and enter your username and password.

How can I control my account? In order to manipulate your account, you want to use a navigation menu on the right side of our site.

May I trade my account details? You may additionally exchange your account details on the Edit Account page. You will get a verification code on your electronic mail tackle which you need kind in the subsequent page.

How secure person debts and personal data? All stored statistics on our servers remain blanketed through encryption science all the time. All account associated transactions completed with the aid of our clients are mediated exclusively by secured internet connections.

What if I can not log into my account due to the fact I forgot my password? Click password recuperation link, type your username or email and you have to acquire reset password link. If you haven’t obtained a password reset hyperlink test your spam folder or contact our help service.

How many bills can I open on the site? Any patron can have solely one account per IP/Family/Payment account. In the tournament of a couple of registrations from your gadget, we have the rights to droop all of your accounts.

How BSFinance Limited is non-public for me? We keep the privacy of our clients and don’t share any personal statistics with any third party. Read more about Privacy Policy.

Do you require account verification? Do I want to ship any documents? No, we do no longer require any verification documents confirming the identity, tackle or beginning of your funds.

========================= How can also I make a deposit? You may also make your credit score on Make Deposit. Type favored quantity in the ‘Amount’ field, select payment device and click on ‘Confirm’. Follow further instructions on your fee system.

Do you have any affiliate program? Yes, we have an affiliate program and it is three-level: 5%-2%-1% from the credit of your referral.

When the savings must be activated? Your savings need to be activated at once if you use Payeer or Perfect Money. If you use cryptocurrencies it should be some time lag which is required for getting confirmations by the cryptocurrency network. For deposits in cryptocurrencies, we need at least 1 confirmation. If your credit hasn’t shown up in your account for a long time, please contact us.

When my affiliate bonus will be paid? Affiliate bonus will be paid to your account balance as quickly as your referral strategies his savings from the exterior processor.

My referral made his deposit however I have not obtained any referral commission. Why? Pay attention that you want to be a lively investor in order to acquire a referral commission. This is a very necessary point because you can not recommend your friends or partners to work with our agency if you have not strived our service.

Where can I study the funding plans? You can take a look at all true investment plans in your member vicinity on the Make Deposit page.

Do you have any limits for a funding amount? The minimum investment amount is only $10 and the maximum amount is $500,000 per transaction. But please pay attention that you may have as many deposits as you want. So there is no most for your funding portfolio.

Does the profit consist of my preliminary deposit? In ‘after’ investment plans your profit consists of your initial deposit and in ‘daily’ funding plans your initial savings will be returned to your account balance.

And More…..

========================

The post Bsfinance Best Investment Site appeared first on .

from WordPress https://ift.tt/2QZ4YPR via IFTTT

#IFTTT #WordPress

0 notes

cryptswahili · 6 years

Text

Zero Knowledge Proofs Part One: The Cryptographic Protocols and Their Variations

This is part one of a two-part series on zero-knowledge proofs. Part two will examine the implementations and applications of zero-knowledge proof protocols by Zcash, Ethereum, Aztec, Coda, Leverj, REN Project and more.

Zero-knowledge proofs are a family of cryptographic protocols whose value lies in their seemingly paradoxical attribute of proving a statement without revealing anything about it (that is, proving its validity without revealing it itself or anything else about it). On the surface, it appears as if a verifier given a zero-knowledge proof (ZKP) is supposed to be told by God that this is so. However, God, in such a setting, functions as the underlying protocol that both Alice and Bob (A and B) follow (or Peggy and Victor, in a ZK context, for Prover and Verifier). Importantly, for the purpose of blockchains in their institutional roles, zero-knowledge constructions enable malicious actors to be forced into a protocol whereby they execute in accordance with predetermined steps to ensure security and enforce honest behavior within otherwise non-transparent privacy.

Zcash is the first and perhaps the most popular crypto-currency to implement zero-knowledge cryptography as a means of upgrading the Bitcoin protocol with private and selectively disclosable (to, for example, auditors or regulators, should that be required) transactions, while nonetheless still taking place in accordance with the protocol (i.e., the transactions taking place, even though hidden, are guaranteed to be valid within the context in which they take place). ZClassic and ZenCash also derive from Zcash and make use of the same libraries (libsnark), while Ethereum has incorporated a broader implementation for use within dApps and contract code. Below we provide a quick overview of applications based on zero-knowledge schemes with accompanying examples so as to help one acquire a basic intuition of ZKP applications in distributed public networks.

A Bit of Background: The P and NP (Computational) Complexity Zoo

A few fundamental notions from computational complexity are important in order to acquire a good understanding of zero-knowledge proofs as they relate to public networks, distributed systems and their shared records. In computer science, P class problems refer to problems that can be solved by a reasonably fast program on a computer of some sort (e.g., a Turing machine). In other words such that there is an implementable solution, which can be refined in what is called polynomial time (in effect, synonymous with fast time). Roughly speaking, if one has to compute some value (and not "search" for something) the problem is usually a P class problem (e.g., verifying a Bitcoin transaction is a P class problem).

Most importantly, polynomial expressions (from Greek, “many names”) are not exponential functions (i.e., to the power of), but map to arithmetic circuit problems of linear, quadratic, cubic and similar types, where the number of (computational) steps required are acceptable compared to the size of the problem. That is to say, problems involving things like mazes, multiplication, subtraction, etc. - or that could otherwise be reduced or translated to instances of such problems.

youtube

In the fabric of distributed ledgers, where the records of events or transactions are massively replicated among peers reproducing the same outputs (similar in principle to how lie-detector polygraphs operate), it is important that the number of computational steps in a set of executable instructions on-chain is kept at the minimum necessary to carry out what it is meant to. This is why zero-knowledge proofs in such (block-chained) environments need to be “succinct” and not require reproducing the execution of a program (i.e., set of instructions, smart contract or script) on-chain by an entire world in order to demonstrate or verify the validity of that execution.

The NP (for non-deterministic polynomial time) complexity class, on the other hand, describes problems where the soundness of their solutions have proofs which can be efficiently verified by deterministic computations in said polynomial time (as is usually the case of most blockchain-based systems, being deterministic and synchronous). That is, the mental work necessary for solving a particular problem can be reduced or translated to a simpler problem or set of problems (e.g., P problems) which is then capable of mechanizing the process of thinking that unfolds a particular binary decision tree. That way zero-knowledge proofs can be extended to any problem that falls in the NP class (practical zkSNARKs can be applied to all problems in NP in a generic fashion).

And since blockchains as such require strict determinism to maintain the integrity of global consensus (the same input must always reproduce the same output with no deviation), they scale much better if engaged to only verify/read instead of execute/write. Zero-knowledge (ZK) constructions in this scenario allow for optimizing a solution which utilizes the blockchain as a verifier of general computational integrity off-chain, with verification times on-chain magnitudes faster than execution times - in the logarithm (that is, the inverse of exponentiation) of the steps or cycles involved (measured in gas expenditure on the Ethereum blockchain).

Zero-Knowledge Proofs: Basic Conditions and Defining Properties

Zero-knowledge proofs are, in essence, cryptographic constructions which investigate how far formal logic can be taken in solving tricky problems. In a ZKP a prover, Peggy and a verifier Victor (in place of the proverbial Alice and Bob) interact in a series of steps in such a way that Peggy is able to prove to Victor the validity of some statement without revealing anything about that statement, given that both follow the rules or constraints of the same protocol.

The basic intuition is commonly illustrated with the anecdote of Ali Baba's cave. Imagine a ring-shaped cave with an entrance and a magic door inside on the other end obstructing the sides, as shown below.

Ali Baba's cave, illustrating the reasoning behind zero-knowledge proofs.

Peggy wants to prove to Victor her knowledge of the secret phrase that opens the door, but in a way that wouldn't reveal the phrase itself. So, Victor waits outside a bit, then walks in and shouts which side he wants Peggy to show up from. This is repeated until the probability of Peggy simply having turned out lucky approaches zero. Such scenario exemplifies interactive zero-knowledge proofs (ZKPs), while non-interactive ZKPs usually rely on a common reference string (CRS) both parties share (and thus don't require any interactive rounds).

Shafi Goldwasser is an American-Israeli computer scientist and winner of the Turing Award in 2012. She is a scientific advisor for several start-ups in the area of security specializing in zero-knowledge proof implementations and distributed proof-of-stake consensus algorithms. Goldwasser's research areas include computational complexity theory, cryptography, and computational number theory. She is the co-inventor of probabilistic encryption, which set up and achieved the gold standard for security for data encryption today. She is the co-inventor of zero-knowledge proofs, the first category of which probabilistically and interactively demonstrate the validity of an assertion without conveying any additional knowledge, and are a key tool in the design of cryptographic protocols.

The concept of interactive zero-knowledge proof systems and probabilistic protocols was first proposed by Shafi Goldwasser and Silvio Micali in the late 1980s, and the general assumption of how the proof of a given statement as such contains more knowledge than the sole true/false value or validity of that statement (making use of things like auxiliary inputs, “trapdoors”, etc.) underpins much of modern cryptography since.

A zero-knowledge proof must by definition satisfy the following three properties:

Completeness: If a statement is true and both parties follow the same protocol correctly, then the verifier naturally becomes convinced. If the prover is being honest and providing an authentic, legitimate proof, the verifier will be eventually convinced (with high probability).

Soundness: If a statement is false, the verifier will almost certainly not be convinced (Probabilistically Checkable Proof constructions rely on the strong evidence of high probability, i.e. repetition until the probability of falsehood or plain luck approaches zero) and no cheating prover can reliably convince an honest verifier that a false statement may be true. The soundness property, therefore, means that a zero-knowledge proof must not be able to prove false statements.

Zero-knowledge: The verifier learns no further information (about the content of the statement). Micali and Manuel Blum further investigated the possibilities of saving up on computational resources by eliminating the interactive communication rounds (which tend to be the most computationally expensive), instead relying on a common reference string derived from a shared or public random beacon (for instance, the same Geiger counter).

A general-purpose succint ZKP. A public function f and a private input x produce a public output y. A prover wants to prove he knows x without revealing it and such that the above statement holds. Additionally, the proof needs to be succinct, i.e. verifiable much faster than computing f itself. Source: "STARKS: Proofs and Polynomials" from Vitalik Buterin's personal blog.

In the past 30 years, research on zero-knowledge proof systems has been progressively improving with focus on optimizing their efficiency for specific problems and applications, making particular improvements in various different parameter scenarios. This has led to ZK schemes yielding dramatic reductions in the size of the proof as well as the length of the common reference string (in the case of non-interactive proofs that rely on them).

Two Types of Zero-Knowledge Constructions: zk-SNARKs and zk-STARKS

In the world of distributed ledgers and crypto-currency, two forms of ZK constructions are most commonly used in applications. Zcash is the first widespread application of zk-SNARKs (Succinct Non-Interactive ARguments of Knowledge), while zk-STARKs is a ZK mechanism developed by cryptographers and researchers in Technion (Israel Institute of Technology) that doesn't require a trusted setup (as SNARKs do, which in the case of Zcash is the well-known ceremony), is quantum-proof and significantly faster to generate.

zk-SNARKs: Zero-Knowledge Succinct Non-Interactive ARguments of Knowledge

“If I had but the time and you had but the brain.”

- Lewis Carroll, The Hunting of the Snark

Zk-SNARKs are particular ZKP schemes and the first kind of ZKPs to be incorporated within crypto-currency blockchain ledgers. A zk-SNARK construction as such involves three algorithms:

A key generator: Setting up the parameters for generating a key pair. For example, a trusted set of people generates a private/public key pair (as with the above mentioned Zcash ceremony), destroys the private shards and goes on to generate another key pair from the public key. This second key pair creates a proving and a verification key for some given program within that range.

A prover: The prover takes the provided proving key, a given public input and a private witness (representing the satisfying assignment for the program/formula/algorithm at hand, verifying that a variable assignment satisfies the specific task and can be solved in polynomial time; the witness is usually generated along with the proof) and generates a proof.

A verifier: Verification is computed from the verification key, the public input and the provided proof, evaluating to either true or false depending on whether the proof is correct or not (in the circumstance of what is being verified to satisfy what conditions). To render this more vivid, two polynomial strings are produced which are expected to not deviate much from agreeing most of the time, given legitimacy according to protocol. Then a series of quick random checks at arbitrary sites on the strings are performed to make sure they do agree.

While the above may sound a bit byzantine at first (and the mathematical underpinnings are undoubtedly complex, but we need not concern ourselves to that extent in order to grasp the basic reasoning behind it), it gradually starts making sense along the way and with particular examples and instances of real-world applications.

zk-STARKs: Zero-Knowledge Succinct Transparent ARguments of Knowledge

The weakest point in zk-SNARK schemes is that they depend on an initial trusted setup phase (as already mentioned) that could potentially be compromised. Additionally, zk-SNARKs are vulnerable to quantum attacks (since they rely on elliptic curve cryptography). A more recent innovation in zero-knowledge cryptography that resolves these issues is zk-STARKs (Zero-Knowledge Scalable Transparent ARguments of Knowledge).

Zk-STARKs are a faster, cheaper, quantum-proof alternative that doesn't require a trusted setup. Zk-SNARKs researcher Professor Eli Ben-Sasson explains,

zk-SNARKs use asymmetric public key cryptography to establish security. zk-STARKs instead requires a leaner symmetric cryptography, namely, collision resistant hash functions, and thus removes the need for a trusted setup. These same techniques also eliminate the number-theoretic assumptions of zk-SNARKs that are computationally expensive and prone to attack by quantum computers. This makes zk-STARKs both faster to generate and post-quantum secure.

Eli Ben-Sasson is a professor of computer science at Technion – Israel Institute of Technology. His areas of interest and research are in the fields of theoretical computer science, the study of the mathematical foundations of computation and computational complexity. He's a founding scientist of the Zcash company, having developed the scientific-technological platform behind the crypto-currency and is also a co-founder and chief scientist of StarkWare Industries which are dedicated to developing STARK-based zero-knowledge proofs, improving scalability and privacy in blockchains. An Epicenter Podcast with him where he discusses the technology in more depth and detail is available here.

ZkSNARKs are to be eventually upgraded to zkSTARKs in many of the present applications. The 80-page long paper co-authored by Prof. Eli Ben-Sasson ("Scalable, transparent, and post-quantum secure computational integrity") that describes the protocol in depth is available here.

That concludes part one of this two-part series on zero-knowledge proofs. Part two will examine the implementations and applications of zero-knowledge proof protocols by Zcash, Ethereum, Aztec, Coda, Leverj, REN Project and more.

Links and Resources

ZoKrates Gitter and documentation (for zkSNARK constructions on Ethereum).

Clipperz.is is a nice example of a simple SKP app - a zero-knowledge password manager and confidential data vault written in Javascript. Everything submitted is locally encrypted by the browser before transmitted with the passphrase known only to the user client-side.

Zeroknowledge.fm is podcast focusing on DLT and ZKP applications.

Zcash public forum and Rocket chat.

A primer on ZKP by Matthew Green.

"ZkSNARKs in a Nutshell", a great explanatory paper by Christian Reitwießner.

Horizen (formerly ZenCash) official site.

ZClassic official site.

[Telegram Channel | Original Article ]

#cryptocurrency

0 notes

click2watch · 6 years

Text

ConsenSys Invests in Two Crypto Startups to Lead VCs Into Ethereum Ecosystem

Despite recent belt-tightening at Brooklyn-based ethereum venture studio ConsenSys, the company’s investment arm is ramping up outreach to independent startups.

Gupta told CoinDesk these companies distinguished themselves with teams that include bitcoin veterans serving established user-bases. According to Coinhouse, the platform has over 150,000 user accounts. Plus, the startup’s CEO, Nicolas Louvet, was an early investor in the hardware wallet startup Ledger. Ledger CEO Éric Larchevêque was a reciprocal investor in Coinhouse and both men now sit on the boards of each other’s respective companies.

As such, Gupta’s strategy is to bring as many traditional venture capitalists into ConsenSys’ orbit as possible, to benefit from their experience with mainstream tech products.

“We have been helping a lot of VC funds to think through their investment thesis and introduce them to the ecosystem,” she said, adding:

“In a lot of our investment deals lately, we have invited a lot of our friends and other funds who we respect, and they have participated.”

VC synergy

Going forward Gupta says she’s looking to prioritize investments in startups that focus on three things: infrastructure, privacy and network effects.

Speaking about ethereum at-large, she added:

“For us, we want to focus on what is going to drive adoption.”

Kavita Gupta at Tachyon Demo Day 2018 image via ConsenSys Ventures

!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod? n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n; n.push=n;n.loaded=!0;n.version='2.0';n.queue=[];t=b.createElement(e);t.async=!0; t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window, document,'script','//connect.facebook.net/en_US/fbevents.js'); fbq('init', '239547076708948'); fbq('track', "PageView"); This news post is collected from CoinDesk

Recommended Read

Editor choice

BinBot Pro – Safest & Highly Recommended Binary Options Auto Trading Robot

Do you live in a country like USA or Canada where using automated trading systems is a problem? If you do then now we ...

9.5

Demo & Pro Version Try It Now

Read full review

The post ConsenSys Invests in Two Crypto Startups to Lead VCs Into Ethereum Ecosystem appeared first on Click 2 Watch.

More Details Here → https://click2.watch/consensys-invests-in-two-crypto-startups-to-lead-vcs-into-ethereum-ecosystem

#Click2Watch

0 notes

bobbynolanios88 · 6 years

Text

Real Estate Looks Toward Blockchain-Based Transactions |

Less than a decade ago, blockchain was a foreign term, often associated with the crypto-craze that young investors took hold of instead of the private, secure ledger it is based on, widely used today to record sensitive information across a multitude of sectors.

Now, the use of blockchain is trending even in real estate, making its way into the home-selling and -buying markets, and being used to streamline fragmented transaction processes with the goal of simplifying both the consumer and business experience and reducing risk, primarily within the deed recording and conveyance steps of a sale’s closing.

What are the benefits?

Security – The decentralized nature of blockchain reduces risk because there is no one single point of control. Relying on several authorities instead of one creates a system that cannot easily be taken advantage of. This makes it the ideal place to record property deeds and other significant transaction processes, instead of continuing to use the centralized databases currently implemented, which can be tampered with by those looking to steal information or alter existing records in order to falsely claim property ownership.

Additionally, the permanence of blockchain safeguards important documents that could easily be lost or altered if kept only by government records, including titles. Information and transactions recorded on the blockchain remain on the ledger on a permanent basis; therefore, unpredictable forces, such as natural disasters or hacking, would not pose a significant threat as they would be with traditional methods of storing real estate transaction information.

Efficiency – With blockchain, the time it takes to record a deed is often significantly slashed. The transaction is completed electronically, thus reducing costs and time constraints. With a physical deed, there is scanning, printing and delivering involved, and, many times, real estate professionals are at the mercy of local government offices, which often run at their own, much slower, pace.

Accuracy – With manual indexing, information can get lost in translation. Much like the telephone game played during childhood, passing on the information from one department to another can result in miscommunication or misplacing documents. Since every step of the transaction can be recorded on the blockchain ledger, there is no chance of information being lost or incorrectly relayed.

Who’s offering blockchain-based deed/transaction recording?

ShelterZoom: A New York-based company that is reportedly the industry’s first blockchain-powered, end-to-end deal platform, ShelterZoom promises that all parties involved in a real estate transaction will be able to see their offers and acceptances in real-time, as well as access property titles, mortgages and related documents through the platform’s Ethereum-based blockchain ledger, which is fully encrypted. These capabilities are set to go live in the first quarter of 2019.

Propy: A global real estate market that runs on a decentralized title registry, with Propy, Inc., all involved parties in a real estate transaction can utilize blockchain-based smart contracts to facilitate closings. The digital transfer of ownership is often much faster and less costly than traditional methods used.

Ubitquity: An SaaS platform that allows users to input data and store it on a blockchain of their choice, with Ubitquity, title companies, municipalities and recorders of deeds can save information on the ledger in order to increase transparency, reduce title search time and keep a clean record of ownership.

velox.RE: A blockchain-based real estate company that allegedly produced the first legal blockchain deed software and procedural protocol, this platform boasts being able to give real estate stakeholders added transparency and liquidity, as well as increased profits.

What does the future hold?

There has already been government implementation of blockchain technology for land title records, meaning a more widespread adoption of the technology across the real estate industry may not be far away. According to Mintz.com, several countries, including Sweden, Dubai and Brazil—and even the U.S, in Cook County, Ill., with velox.RE—have begun utilizing blockchain technology for land title records.

Will title companies continue to be a necessity if transactions are fully recorded on the blockchain ledger? While title insurance is currently needed to protect against any possible title defects, some say the need for this added mode of defense may not prove as useful if blockchain can greatly reduce the risks of title fraud. Consumers should keep in mind, however, that blockchain does not fully eliminate risk, leaving room for services that offer protection.

Liz Dominguez is RISMedia’s associate content editor. Email her your real estate news ideas at [email protected]. For the latest real estate news and trends, bookmark RISMedia.com.

Source link http://bit.ly/2BJP5mP

#IFTTT #Cryptocurrency and Bitcoin

0 notes

courtneyvbrooks87 · 6 years

Text

Real Estate Looks Toward Blockchain-Based Transactions |

What are the benefits?

Who’s offering blockchain-based deed/transaction recording?

What does the future hold?

Liz Dominguez is RISMedia’s associate content editor. Email her your real estate news ideas at [email protected]. For the latest real estate news and trends, bookmark RISMedia.com.

Source link http://bit.ly/2BJP5mP

#IFTTT #Cryptocurrency and Bitcoin

0 notes

mccartneynathxzw83 · 6 years

Text

Real Estate Looks Toward Blockchain-Based Transactions |

What are the benefits?

Who’s offering blockchain-based deed/transaction recording?

What does the future hold?

Liz Dominguez is RISMedia’s associate content editor. Email her your real estate news ideas at [email protected]. For the latest real estate news and trends, bookmark RISMedia.com.

Source link http://bit.ly/2BJP5mP

0 notes

teiraymondmccoy78 · 6 years

Text

Real Estate Looks Toward Blockchain-Based Transactions |

What are the benefits?

Who’s offering blockchain-based deed/transaction recording?

What does the future hold?

Liz Dominguez is RISMedia’s associate content editor. Email her your real estate news ideas at [email protected]. For the latest real estate news and trends, bookmark RISMedia.com.

Source link http://bit.ly/2BJP5mP

0 notes

adrianjenkins952wblr · 6 years

Text

Real Estate Looks Toward Blockchain-Based Transactions |

What are the benefits?

Who’s offering blockchain-based deed/transaction recording?

What does the future hold?

Liz Dominguez is RISMedia’s associate content editor. Email her your real estate news ideas at [email protected]. For the latest real estate news and trends, bookmark RISMedia.com.

Source link http://bit.ly/2BJP5mP

#IFTTT #Cryptocurrency and Bitcoin

0 notes

vanessawestwcrtr5 · 6 years

Text

Real Estate Looks Toward Blockchain-Based Transactions |

What are the benefits?

Who’s offering blockchain-based deed/transaction recording?

What does the future hold?

Liz Dominguez is RISMedia’s associate content editor. Email her your real estate news ideas at [email protected]. For the latest real estate news and trends, bookmark RISMedia.com.

Source link http://bit.ly/2BJP5mP

0 notes

neptunecreek · 7 years

Text

A Technical Deep Dive: Securing the Automation of ACME DNS Challenge Validation

Earlier this month, Let's Encrypt (the free, automated, open Certificate Authority EFF helped launch two years ago) passed a huge milestone: issuing over 50 million active certificates. And that number is just going to keep growing, because in a few weeks Let's Encrypt will also start issuing “wildcard” certificates—a feature many system administrators have been asking for.

What's A Wildcard Certificate?

In order to validate an HTTPS certificate, a user’s browser checks to make sure that the domain name of the website is actually listed in the certificate. For example, a certificate from www.eff.org has to actually list www.eff.org as a valid domain for that certificate. Certificates can also list multiple domains (e.g., www.eff.org, ssd.eff.org, sec.eff.org, etc.) if the owner just wants to use one certificate for all of her domains. A wildcard certificate is just a certificate that says “I'm valid for all of the subdomains in this domain” instead of explicitly listing them all off. (In the certificate, this is indicated by using a wildcard character, indicated by an asterisk. So if you examine the certificate for eff.org today, it will say it's valid for *.eff.org.) That way, a system administrator can get a certificate for their entire domain, and use it on new subdomains they hadn't even thought of when they got the certificate. In order to issue wildcard certificates, Let's Encrypt is going to require users to prove their control over a domain by using a challenge based on DNS, the domain name system that translates domain names like www.eff.org into IP addresses like 69.50.232.54. From the perspective of a Certificate Authority (CA) like Let's Encrypt, there's no better way to prove that you control a domain than by modifying its DNS records, as controlling the domain is the very essence of DNS. But one of the key ideas behind Let's Encrypt is that getting a certificate should be an automatic process. In order to be automatic, though, the software that requests the certificate will also need to be able to modify the DNS records for that domain. In order to modify the DNS records, that software will also need to have access to the credentials for the DNS service (e.g. the login and password, or a cryptographic token), and those credentials will have to be stored wherever the automation takes place. In many cases, this means that if the machine handling the process gets compromised, so will the DNS credentials, and this is where the real danger lies. In the rest of this post, we'll take a deep dive into the components involved in that process, and what the options are for making it more secure.

How Does the DNS Challenge Work?

At a high level, the DNS challenge works like all the other automatic challenges that are part of the ACME protocol—the protocol that a Certificate Authority (CA) like Let's Encrypt and client software like Certbot use to communicate about what certificate a server is requesting, and how the server should prove ownership of the corresponding domain name. In the DNS challenge, the user requests a certificate from a CA by using ACME client software like Certbot that supports the DNS challenge type. When the client requests a certificate, the CA asks the client to prove ownership over the domain by adding a specific TXT record to its DNS zone. More specifically, the CA sends a unique random token to the ACME client, and whoever has control over the domain is expected to put this TXT record into its DNS zone, in the predefined record named "_acme-challenge" under the actual domain the user is trying to prove ownership of. As an example, if you were trying to validate the domain for *.eff.org, the validation subdomain would be "_acme-challenge.eff.org." When the token value is added to the DNS zone, the client tells the CA to proceed with validating the challenge, after which the CA will do a DNS query towards the authoritative servers for the domain. If the authoritative DNS servers reply with a DNS record that contains the correct challenge token, ownership over the domain is proven and the certificate issuance process can continue.

DNS Controls Digital Identity

What makes a DNS zone compromise so dangerous is that DNS is what users’ browsers rely on to know what IP address they should contact when trying to reach your domain. This applies to every service that uses a resolvable name under your domain, from email to web services. When DNS is compromised, a malicious attacker can easily intercept all the connections directed toward your email or other protected service, terminate the TLS encryption (since they can now prove ownership over the domain and get their own valid certificates for it), read the plaintext data, and then re-encrypt the data and pass the connection along to your server. For most people, this would be very hard to detect.

Separate and Limited Privileges

Strictly speaking, in order for the ACME client to handle updates in an automated fashion, the client only needs to have access to credentials that can update the TXT records for "_acme-challenge" subdomains. Unfortunately, most DNS software and DNS service providers do not offer granular access controls that allow for limiting these privileges, or simply do not provide an API to handle automating this outside of the basic DNS zone updates or transfers. This leaves the possible automation methods either unusable or insecure. A simple trick can help maneuver past these kinds of limitations: using the CNAME record. CNAME records essentially act as links to another DNS record. Let's Encrypt follows the chain of CNAME records and will resolve the challenge validation token from the last record in the chain.

Ways to Mitigate the Issue

Even using CNAME records, the underlying issue exists that the ACME client will still need access to credentials that allow it to modify some DNS record. There are different ways to mitigate this underlying issue, with varying levels of complexity and security implications in case of a compromise. In the following sections, this post will introduce some of these methods while trying to explain the possible impact if the credentials get compromised. With one exception, all of them make use of CNAME records.

Only Allow Updates to TXT Records

The first method is to create a set of credentials with privileges that only allow updating of TXT records. In the case of a compromise, this method limits the fallout to the attacker being able to issue certificates for all domains within the DNS zone (since they could use the DNS credentials to get their own certificates), as well as interrupting mail delivery. The impact to mail delivery stems from mail-specific TXT records, namely SPF, DKIM, its extension ADSP and DMARC. A compromise of these would also make it easy to deliver phishing emails impersonating a sender from the compromised domain in question.

Use a "Throwaway" Validation Domain

The second method is to manually create CNAME records for the "_acme-challenge" subdomain and point them towards a validation domain that would reside in a zone controlled by a different set of credentials. For example, if you want to get a certificate to cover yourdomain.tld and www.yourdomain.tld, you'd have to create two CNAME records—"_acme-challenge.yourdomain.tld" and "_acme-challenge.www.yourdomain.tld"—and point both of them to an external domain for the validation. The domain used for the challenge validation should be in an external DNS zone or in a subdelegate DNS zone that has its own set of management credentials. (A subdelegate DNS zone is defined using NS records and it effectively delegates the complete control over a part of the zone to an external authority.) The impact of compromise for this method is rather limited. Since the actual stored credentials are for an external DNS zone, an attacker who gets the credentials would only gain the ability to issue certificates for all the domains pointing to records in that zone. However, figuring out which domains actually do point there is trivial: the attacker would just have to read Certificate Transparency logs and check if domains in those certificates have a magic subdomain pointing to the compromised DNS zone.

Limited DNS Zone Access

If your DNS software or provider allows for creating permissions tied to a subdomain, this could help you to mitigate the whole issue. Unfortunately, at the time of publication the only provider we have found that allows this is Microsoft Azure DNS. Dyn supposedly also has granular privileges, but we were not able to find a lower level of privileges in their service besides “Update records,” which still leaves the zone completely vulnerable. Route53 and possibly others allow their users to create a subdelegate zone, new user credentials, point NS records towards the new zone, and point the "_acme-challenge" validation subdomains to them using the CNAME records. It’s a lot of work to do the privilege separation correctly using this method, as one would need to go through all of these steps for each domain they would like to use DNS challenges for.

Use ACME-DNS

As a disclaimer, the software discussed below is written by the author, and it’s used as an example of the functionality required to handle credentials required for DNS challenge automation in a secure fashion. The final method is a piece of software called ACME-DNS, written to combat this exact issue, and it's able to mitigate the issue completely. One downside is that it adds one more thing to your infrastructure to maintain as well as the requirement to have DNS port (53) open to the public internet. ACME-DNS acts as a simple DNS server with a limited HTTP API. The API itself only allows updating of TXT records of automatically generated random subdomains. There are no methods to request lost credentials, update or add other records. It provides two endpoints:

/register – This endpoint generates a new subdomain for you to use, accompanied by a username and password. As an optional parameter, the register endpoint takes a list of CIDR ranges to whitelist updates from.

/update – This endpoint is used to update the actual challenge token to the server.

In order to use ACME-DNS, you first have to create A/AAAA records for it, and then point NS records towards it to create a delegation node. After that, you simply create a new set of credentials via the /register endpoint, and point the CNAME record from the "_acme-challenge" validation subdomain of the originating zone towards the newly generated subdomain. The only credentials saved locally would be the ones for ACME-DNS, and they are only good for updating the exact TXT records for the validation subdomains for the domains on the box. This effectively limits the impact of a possible compromise to the attacker being able to issue certificates for these domains. For more information about ACME-DNS, visit https://github.com/joohoi/acme-dns/.

Conclusion

To alleviate the issues with ACME DNS challenge validation, proposals like assisted-DNS to IETF’s ACME working group have been discussed, but are currently still left without a resolution. Since the only way to limit exposure from a compromise is to limit the DNS zone credential privileges to only changing specific TXT records, the current possibilities for securely implementing automation for DNS validation are slim. The only sustainable option would be to get DNS software and service providers to either implement methods to create more fine-grained zone credentials or provide a completely new type of credentials for this exact use case.

from Deeplinks http://ift.tt/2EXLORh

#Deeplinks

0 notes