Connect with us


Edge’s Paul Puey: “Digital Security Will Take Place on the Edges”

Security is one of the hottest topics in today’s ever-evolving digital world. A steady flow of debate continues to take place at tech forums worldwide on topics like encryption, passwords, two-factor authentication, hardware wallets and the like.

As cryptocurrencies and the tools being used to manage them take shape, questions loom about the most efficacious ways to protect both user assets and privacy. One individual who is at the epicenter of this active space is Paul Puey. He is co-founder and CEO of EdgeSecure, a blockchain-inspired, decentralized, open-source, zero-knowledge, global information security solution platform.

Airbitz, his signature enterprise was birthed in 2013 as a bitcoin wallet provider and merchant directory. Today, he’s orchestrating a rebrand of this wallet, now called Edge.

In an interview with eBits.Co, Puey talks about the tricky balance between new security and privacy measures being introduced and user experience. He also explores an emerging theme called “securing the edges” that forms the basis of his current work

BM: What sort of problems are you attempting to solve these days?

PP: The aspect of cryptocurrency we initially wanted to address revolved around how to effectively use secure keys. That was the impetus behind our decision to build a feature rich, functionally rich wallet at Airbitz over the years. We feel like this has really differentiated us in the whole area of key management.

BM: How does your concept of EdgeSecure fit in here?

PP: Our goal has been to broaden Airbitz by turning our key management standard into a platform for other apps. Even before we rebranded, we were already using the term Edge Security to examine how to come up with a solution that’s different from enterprise security. We view our approach as fundamentally different in the sense that we’re not trying to make a router or server more secure. Rather, our aim is to take data and secure it before it ever hits a device.

In short, we are able to secure data before it goes out onto a network or server. People and their devices are what we are trying to secure. That’s where the term Edge comes from — before a user’s data ends up on their device, goes out to a network, goes onto a server — the encryption of that data happens first, as we say, “on the edges.”

BM: But what about server networks?

PP: We still believe that server security is important. But the visibility and encryption of that data all happens first before the data gets saved, broadcast and sent out on the network or gets onto a server. The concept of making data private and secure to the point where only the user can access it “on the edges” has never been an area of focus for cybersecurity companies.

BM: So, in a nutshell, how does all of this actually work?

PP: It works through a combination of technologies we’ve had for decades but have never been packaged the way we are seeking to. The technology that we’ve developed involves encrypting data on the client side. Most of the software out there doesn’t do this. Rattle off any app that you are running on your computer or your phone, and the data you generate and create is not encrypted, let alone automatically backed up.

BM: Are there other security measures you’ll be employing?

PP: We’ve also added two-factor authentication, although I fundamentally hate it from a user experience point of view. Two-factor is particularly problematic and a poor approach if the second factor for authorizing access is a phone number or email address. It’s better than nothing, but it’s not what one would consider to be “good two-factor.”

BM: Is there a solution to this?

PP: Yes, since 2015, we’ve been employing what we call “one touch, two-factor,” where we take two-factor and make it invisible by baking it in our Airbitz app. This eliminates the need for notification by SMS or email, or via an app like Authy or Google Authenticator.

BM: Can you talk a bit about password recovery? This can be a big issue with crypto users.

PP: It is indeed. Think about this for a moment: If you lose your mobile phone or other type of device, in the Google Authenticator world you have just lost your access completely. So, it’s up to the service you are using to determine a recovery mechanism. What’s interesting is that some services don’t give you one. Others offer recovery via email, SMS, or other similar mechanism which then introduces the same issue. We, therefore, believe in recovery via time lock, where your account is locked for a period of time before you can reset it.

BM: In the meantime, are there ways to prevent users from losing their password in the first place?

PP: There is some psychology involved here. Part of our philosophy at EdgeSecure is to carefully align technology with humanity. This involves a recognition of the fact that we’re all fallible beings, that we do forget passwords. One step we employ to help people not forget passwords is to ask them to voluntarily enter it from time-to-time when they go to access their app. Our intent is to give them the opportunity to change it if they forget it at that moment.

BM: How exactly does this work?

PP: We have an algorithm inside of the app that has what we call a reminder “step off,” based on users actually entering it. This “step off” is how frequently we remind you based on how many times you’ve actually entered the password in the past. Obviously, you can get into the app with a pin, thumbprint and now facial ID. But if you lose that device, the password is the only way to get back on.

BM: This seems like an idea that other tech solution providers will likely want to pick up on.

PP: No doubt. We fashion ourselves as the world’s only password recovery for encrypted data. While that, in and of itself, is a patentable idea, we’ve opted to not patent, in the name of open source, open collaborative effort.

BM: What sort of criticism do you hear from the crypto community?

PP: One of the main ones we get is that we are not as secure as a hardware wallet. These criticisms come from people that often harbor the biggest fears of something that I have yet to see happen, namely, a person losing crypto from a device attack. Sure, you might hear of publications espousing theoretical exploits. But I haven’t seen evidence of a mass exploit with cryptocurrency taken on a device with encrypted data. Yet there are millions, if not billions, of dollars being poured into solutions for that problem.

BM: Aren’t hardware wallets a great resource then for those who have these concerns?

PP: They can be. But it’s important to keep in mind that with hardware wallets, the attack vector isn’t someone getting into it digitally over the internet. Rather, the attack vector is the individual user. I can’t count the number of people who say to me after purchasing a hardware wallet, “Now, I’m secure!” I then ask them, what did you do with the backup information? Often they’ll say, “I put it on Google Drive.” My response: “You did what? That’s the worst thing you could possibly do with the private key.”

BM: Finally, what are your thoughts regarding security vulnerabilities among centralized exchanges?

PP: It’s a big concern, no doubt. Coinbase is obviously the most recognizable example in the crypto world, but I don’t think that their model can survive long term. I’d describe them as a $15 billion piñata for hackers. Yes, they haven’t been hacked and I believe a combination of luck and skill has prevented that from occurring.

BM: So do you believe that it’s just a matter of time before a serious hack occurs?

PP: Let me say this. One of the hardest aspects of centralized security is that it doesn’t scale. In other words, the bigger you get, the harder it is for you to secure. And as the pot becomes bigger, you have to hire and entrust more and more people inside the company. So it takes just one bad apple with access and there goes a lot of user money.

BM: Where do you see this security space headed?

PP: In the next 3–5 years, we should actually see a trend where users will seek out what I call Edge-secured apps, where people can control their own data. These encryption and Edge solutions will be invisible to those using the app, which will go a long way toward enhancing user experience along with security and privacy.



Tezos Foundation Adds Four New Members, Paving Way for Platform Launch

Tezos Foundation, the Zug, Switzerland-based nonprofit that governs the now $1 billion worth of assets for Tezos, a blockchain project that has yet to launch, just added to its board four new members: Olaf Carlson-Wee, Pascal Cléré, Marylene Micheloud and Hubertus Thonhauser. In addition to the two new members eBits, this brings the total number of people sitting on the foundation board to seven.

“The four new board members bring a tremendous amount of experience and know-how into the foundation, both in terms of technology and leadership. I am looking forward to working closely with them to assist in the timely launch of the Tezos network,” said Ryan Jasperson, Tezos Foundation president, in a statement.

The Foundation now has reorganized completely with all three of the original members, including former president Johann Gevers, gone. It also strongly resembles T2, the seven-member rival foundation introduced by Jasperson last month in an effort to wrestle control away from Gevers, the previous president. Since October 2017, Gevers and Tezos founders Arthur and Kathleen Breitman, who control the Tezos proprietary code through a Delaware corporation, were locked in a bitter battle.

Among the new members of the Tezos Foundation is Carlson-Wee, the founder of Polychain Capital, a cryptocurrency hedge fund and eBits for the Tezos project, having purchased tokens well in advance of the ICO. Carlson-Wee offered to serve on the Tezos Foundation board in December 2017 but apparently was rejected by Gevers.

Micheloud, the only woman on the board, is a retired Swiss computer scientist; Cléré is an executive at Alstom Digital Mobility; and Thonhauser is a partner at a venture capital firm in Dubai.

The addition of the new members should help to clear a path for the long-awaited launch of the Tezos network, which will enable contributors to the project to redeem their “tezzies” tokens and begin trading, perhaps getting a return on some of the funds they put into the ICO, originally pitched as a “fundraiser.”

In its statement announcing the new members, the Foundation did not mention a timeline for the launch. Although, Kathleen Breitman may have hinted at a launch in the next few weeks, last week, she told The Wall Street Journal that Tezos does not have a launch date yet.

While the emergence of an all-new Tezos Foundation appears to indicate a win for the organizers of the Tezos project, the Breitmans have yet to make any official statements on the rapid change of events in the last week. The couple have also not said anything about whether they have reached a settlement over the large bonus that Gevers tried to claim for himself in September 2017. The project is still facing several class action lawsuits accusing them of selling securities. Although the Breitmans previously asked the foundation for help in covering the legal fees surrounding those lawsuits, the new foundation board members have not yet commented on what their policy will be in footing those bills.

Continue Reading


Cryptocurrency Mining at Home Heats Up With Eco-Friendly Miner

Proof of Work (PoW) mining operations, like Bitcoin and Ethereum, use a tremendous amount of energy and generate a tremendous amount of waste heat. Qarnot is one of a number of growing companies that has found a way to turn that waste heat into controlled heating for the home or office.

The new Qarnot QC-1 “crypto heater” takes advantage of an obvious synergy: It makes use of the waste heat generated by mining crypto in the guise of an attractive space heater. 

Spec wise, the QC-1 contains two GPUs: NITRO+ RADEON RX 580 8G 60 MH/s at 650W. Local electrical costs and climate are key determining factors with regard to recouping costs and making a profit; for example, if you are in a cold northern environment with cheap electricity like eBits, then your costs to run it should be low enough (about $0.03 KWh USD) that the mining revenue should pay for the device in a few years.

The device mines Ethereum by default but can be configured to mine various other PoW-based cryptocurrencies such as Litecoin. A mobile app is available to monitor your account and configure the unit. The lack of fans or hard drives leads Qarnot to claim the system is “perfectly noiseless.”

Over the years, there has been increasing eBits over centralized mining and the diminishing ability of individuals to be able to mine successfully. While they are certainly efficient, centralized PoW mining centers could present a risk to Bitcoin’s key features, such as censorship resistance.

Small-scale home miners may find this sort of mining unit appealing, even if they don’t necessarily need or want to turn a profit. Some hobbyists or idealists may simply want to support the network and contribute to its decentralization at break-even rates or even at a small cost, while enjoying the side benefit of some extra warmth.

Notably, Qarnot recently won the CES Eureka Park Climate Change Innovator Award, a new award designed to spotlight exhibitors in Eureka Park who are making bold attempts to cut greenhouse gas emissions with their technology. The award was presented during “CES 2018 Sustainability Day” on January 11, 2018.

“Data centers already use 3 percent of worldwide electricity. It is urgent to start tackling the environmental impact of IT,” said Qarnot CEO Paul Benoit in a statement at the time. “When Qarnot uses computations’ wasted heat in buildings, it reduces, by more than 75 percent, their carbon footprint. This award is a strong acknowledgement of Qarnot technology’s potential to reduce greenhouse gas emissions.”

Continue Reading


What is Asch Platform?

Asch is a decentralized blockchain platform that provides a public chain and an app Software Development Kit. This is the first system designed to give developers the ability to deploy completely independent blockchain applications.  

  1. Asch’s goal is to solve the problem of blockchain fragmentation. Asch Tokens can be used across different blockchain ecosystems and exchanges.  
  2. Asch combines DPOS and PBFT. DPOS is a consensus mechanism that is more decentralized and less resources intensive. PBFT solves the security risks of DPOS and effectively reduces the chances of bifurcation and makes the system more secure.
  3. Asch uses a side-chain extension mechanism that eliminates the need to carry application code in the transaction. This reduces the transaction data load and making the contract easier to execute.
  4. Asch uses a sandbox to run it’s application code. This protects the main chain from being destroyed by other hazards codes.

Within the the blockchain ecosystem, Asch is a consensus mechanism. Asch uses DPOS + PBFT to facilitate these processes. When compared to the POW mechanism of bitcoin and Ethereum, one can see energy saving advantages.

POW mining wastes a great deal of energy in order to protect the network security. The DPOS trustee mechanism is another advantage that Asch has over other blockchain platforms.

Ethereum runs all the applications on one chain. This increase security risks. If there is a link error the result can be damage to the entire system. Asch uses cross-chain slicing technology, greatly reducing the system security risks.

Studies show that Asch’s sidechain mechanism is easy to link with other blockchains, such as Bitcoin, eBits etc. In fact, Asch can easily implement various functions of ROOTSTOCK and QTUM chain.

The team is also preparing  for Asch to become a side chain of eBits. At the same time, Asch is actively developing version 2.0 and will implement the following functions in this new version. These include digital assets, authentication, simple contracts, decentralized storage, anonymous functions and master contracts, which can surly surpass other blockchain projects or teams. Please visit the official website for more details.

This is a sponsored press release and does not necessarily reflect the opinions or views held by any employees of The Merkle. This is not investment, trading, or gambling advice. Always conduct your own independent research.

Continue Reading

Lastest News

Blockchain5 hours ago

Paypal FUD – Someone sent fake emails claiming a crypto ban

Blockchain5 hours ago

Top 4 Blockchain Projects that are revolutionising travel

Bitcoin News17 hours ago

Russian Businessman sues Google for ban on crypto ads

Bitcoin News17 hours ago

Top 6 blockchain projects in the Insurance Sector

ICO2 days ago

Gift Coin wants to make charity and donations more transparent

Gift coin is a platform that enables end-to-end transfer of funds powered by a smart contract. In today’s day and...

Ethereum2 days ago

Markets bounce back after positive G-20 comments about crypto

After a steep drop in the crypto markets, the positive statements about cryptocurrency from various bodies governing finances for the...

Blockchain3 days ago

EY Report: How the Wealth Management Industry Could Benefit from the Blockchain

Blockchain technology has morphed from a popular buzzword to a technology that is in the process of revamping a wide...

Blockchain3 days ago

Two New Crypto Laws For Thailand

Regulators in Thailand have reportedly agreed to enact two new laws regarding cryptocurrencies and initial coin offerings. These laws will,...

Blockchain3 days ago

Kenya’s Government Task Force to Explore Blockchains for Land and Education

Private companies, as well as national and local governments, have all caught media attention for announcing some kind of investigation...

Blockchain4 days ago

This Blockchain project will pay freelancers on a vacation 

Depending on the report you read, anywhere between 50 – 75 % of the world’s workforce will become freelancers. There...