IF, and that is an IF, we are entering a correction, this is what to do

I can’t wait for the black gold rush.

My first project into ETH was hosting sites using web 3.0 tech like Ethereum using web 2.0 tech like Amazon AWS. I did this by creating a TXT record in DNS that is effectively a public-key-pin for a transaction hash with a blob of ABI data in the Ethereum network. I used a custom built memcache server that acted as a gateway for retrieving the data. It blew my mind that I actually loaded a working site, javascript and everything, that wasn't hosted anywhere. There were no physical servers hosting that. It was all on the blockchain. Like, an entire website. So I got curious and made a vulnerable application and attempted to shell it. The hack failed. There is nothing hosting the site, therefore there is nothing to hack. If that code were on a traditional website, with a traditional server, I'd have forced the server to execute local shell commands, like ping or ifconfig. Since there is no server, there is no shell. See the incoming request, pull the data from the hash, and send it. Any interactive or dynamic content is done through embedded contracts.

It gets even crazier: I'm building a protocol for authentication using the type of bleeding edge cryptography used in the latest fork of Ethereum and Monero. I got an interactive zero knowledge proof, for the purposes of proving authentication, working just before Thanksgiving. I successfully sent a username and password to login to a website without actually sending it all. Traditional systems compare the password you gave to the one stored. This one compared a random number with a meaningless number stored on the blockchain, and proved thousands of times that it was correct, all in an instant. Enter the wrong password, and it fails every time. Zero Knowledge proofs and decentralization of applications is extremely mind blowing. Let that sink in. Combine the two and you have real hackerproof systems.

Before I started my current role I worked as a pentester hacking telecom giants and big tech companies. I'd break in all the time by reusing passwords found through leaked data. Over time I accumulated a few billion usernames and passwords. Your old one is probably one of these: dopamehy abdulramon dylan11240 yoda03 jarvs Given how common your username is though, it's hard to pinpoint exactly. There are a 35 hits for Jarvis03s in the Chicago area. This is a huge problem that leads to many companies and also people being breached without even being aware of it. I hope to make this kind of attack impossible in the future.

/r/ethtrader Thread Parent