Open post

EU launches blockchain association to accelerate distributed ledger technology adoption

At a ceremony today at the European Commission in Brussels, politicians, corporations, and a wide range of blockchain startups signed a charter to create an association whose goal is to promote the regulatory and business reforms needed to boost adoption of distributed ledger technologies.

The International Association of Trusted Blockchain Applications (INATBA) grew out of months of forums and roundtables held by the commission to create a strategy around the emerging technology. As the adoption of blockchain continues across a wide range of sectors, the European Commission has made it a priority, studying the potential impact and encouraging it across a number of initiatives.

The INATBA is one such initiative. The official charter was signed today at an event hosted by European Digital Commissioner Mariya Gabriel and Roberto Viola, the EC’s Director General of Communication, Networks, Content, and Technology.

The signees — more than 100 organizations — range from corporate giants such as Anheuser-Busch and Accenture, to some of the most influential distributed ledger startups, such as ConsenSys and Berlin-based IOTA.

“Developing a regulatory framework around distributed ledger and blockchain technologies is essential to their widespread adoption and growth,” said Dominik Schiener, cofounder and co-chair of IOTA Foundation. “We have established our own Public Regulatory Affairs team to lead this effort and are excited to be one of the founding members of INATBA. The strength and size of this association, as well as the support of the European Commission and other governments, only further shows the future limitless potential for distributed ledger technologies.”

INATBA’s mission will be to facilitate and promote DLT-related technologies by organizing forums where regulators and policymakers can interact with corporations and startups to develop the necessary regulatory incentives for the technology to evolve. In signing the charter and joining the association, the founding members agreed to a broad range of goals such as creating interoperability guidelines and standards, promoting transparency, and emphasizing inclusiveness.

The INATBA grew out of the EU Blockchain Industry Round Table, a European Commission-hosted group that studied the conditions needed for distributed ledger adoption. In April 2018, 27 EU member states signed a blockchain partnership declaration, agreeing to cooperate on related topics. And the Commission has created an EU Blockchain Observatory and Forum to boost innovation in the field.

Open post

Users complain of account hacks, but OkCupid denies a data breach

It’s bad enough that dating sites are a pit of exaggerations and inevitable disappointment, they’re also a hot target for hackers.

Dating sites aren’t considered the goldmine of personal information like banks or hospitals, but they’re still an intimate part of millions of people’s lives and have long been in the sights of hackers. If the hackers aren’t hitting the back-end database like with the AdultFriendFinder, Ashley Madison and Zoosk breaches, the hackers are trying break in through the front door with leaked or guessed passwords.

That’s what appears to be happening with some OkCupid accounts.

A reader contacted TechCrunch after his account was hacked. The reader, who did not want to be named, said the hacker broke in and changed his password, locking him out of his account. Worse, they changed his email address on file, preventing him from resetting his password.

OkCupid didn’t send an email to confirm the address change — it just blindly accepted the change.

“Unfortunately, we’re not able to provide any details about accounts not connected to your email address,” said OkCupid’s customer service in response to his complaint, which he forwarded to TechCrunch. Then, the hacker started harassing him with strange text messages from his phone number that was lifted from one of his private messages.

It wasn’t an isolated case. We found several cases of people saying their OkCupid account had been hacked.

Another user we spoke to eventually got his account back. “It was quite the battle,” he said. “It was two days of constant damage control until [OkCupid] finally reset the password for me.”

Other users we spoke to had better luck in getting their accounts back. One person didn’t bother, he said. Even disabled accounts can be re-enabled if a hacker logs in, some users found.

But several users couldn’t explain how their passwords — unique to OkCupid and not used on any other app or site — were inexplicably obtained.

“There has been no security breach at OkCupid,” said Natalie Sawyer, a spokesperson for OkCupid. “All websites constantly experience account takeover attempts. There has been no increase in account takeovers on OkCupid.”

Even on OkCupid’s own support pages, the company says that account takeovers often happen because someone has an account owner’s login information. “If you use the same password on several different sites or services, then your accounts on all of them have the potential to be taken over if one site has a security breach,” says the support page.

That describes credential stuffing, a technique of running vast lists of usernames and passwords against a website to see if a combination lets the hacker in. The easiest, most effective way against credential stuffing is for the user to use a unique password on each site. For companies like OkCupid, the other effective blocker is by allowing users to switch on two-factor authentication.

When asked how OkCupid plans to prevent account hacks in the future, the spokesperson said the company had “no further comment.”

In fact, when we checked, OkCupid was just one of many major dating sites — like Match, PlentyOfFish, Zoosk, Badoo, JDate and eHarmony — that didn’t use two-factor authentication at all.

As if dating wasn’t tough enough at the best of times, now you have to defend yourself from hackers, too.

Scroll to top