Zhou Hongyi's blockchain calls you for security

1. Security in blockchain comes from some attributes< mining blocks need to use resources< Br > 2. Each block contains the hash value of the previous block< Br > imagine if the attacker wants to change the chain by changing the transaction five blocks ago. If they tamper with the block, the hash value of the block changes. Then the attacker must change the pointer from the next block to the changed block, and then change the hash value of the next block... This will continue until the end of the chain. This means that the farther the block is behind the chain, the greater the resistance to change. In fact, the attacker has to simulate the hash capability of the whole network up to the front end of the chain. However, when the attacker tries to attack, the chain continues to move forward. If the attacker's hash value is lower than the rest of the chain (< 50%), they will always chase and never proce the longest chain. Therefore, this type of blockchain can resist attacks, where the attacker's hash value is less than 50%< Br > when attackers have 51% hash value, they can rewrite the network history with a list of valid transactions. This is because they can recalculate the hash value of any block sort faster than the rest of the network, so they can ultimately guarantee a longer chain. The main danger of 51% attacks is the possibility of double spending. This simply means that an attacker can buy an item and show that they have paid with any number of confirmations on the blockchain. Once they receive the item, they can reorder the blockchain so that it doesn't include the send transaction and get a refund< Br > even if the attacker has more than 50% hash value, the attacker can only do so much damage. They can't do things like transfer money from the victim's account to their account or print more coins. This is because all transactions are recorded by the account?? Account owners sign, so even if they control the entire network, they cannot forge account signatures.

2.

One of the characteristics of blockchain projects (especially public chains) is open source. Through open source code, to improve the credibility of the project, so that more people can participate. But the open source code also makes it easier for attackers to attack blockchain system. In the past two years, there have been a number of hacker attacks. Recently, the anonymous currency verge (xvg) was attacked again. The attacker locked a vulnerability in the xvg code, which allowed malicious miners to add false timestamps on the block, and then quickly dig out new blocks. In a few hours, the attacker obtained nearly $1.75 million worth of digital currency. Although the subsequent attack was successfully stopped, no one can guarantee whether the attacker will attack again in the future

of course, blockchain developers can also take some measures

one is to use professional code audit services,

the other is to understand the security coding specifications and take preventive measures

the security of cryptographic algorithm

with the development of quantum computer, it will bring a major security threat to the current cryptosystem. Blockchain mainly relies on elliptic curve public key encryption algorithm to generate digital signature for secure transactions. Currently, the most commonly used ECDSA, RSA, DSA, etc. can not withstand quantum attacks in theory, and there will be greater risks. More and more researchers begin to pay attention to cryptographic algorithms that can resist quantum attacks

of course, in addition to changing the algorithm, there is another way to improve the security:

refer to bitcoin's treatment of public key address to rece the potential risk of public key disclosure. As users, especially bitcoin users, the balance after each transaction is stored in a new address to ensure that the public key of the address where bitcoin funds are stored is not leaked

security of consensus mechanism

the current consensus mechanisms include proof of work (POW), proof of stake (POS), delegated proof of stake (dpos), practical Byzantine fault tolerance (pbft), etc

POW faces 51% attack. Because POW depends on computing power, when the attacker has the advantage of computing power, the probability of finding a new block will be greater than that of other nodes. At this time, the attacker has the ability to cancel the existing transaction. It should be noted that even in this case, the attacker can only modify his own transaction, but not the transaction of other users (the attacker does not have the private key of other users)

in POS, attackers can attack successfully only when they hold more than 51% token, which is more difficult than 51% computing power in pow

in pbft, when the malicious nodes are less than 1 / 3 of the total nodes, the system is secure. Generally speaking, any consensus mechanism has its own conditions. As an attacker, we also need to consider that once the attack is successful, the value of the system will return to zero. At this time, the attacker does not get any other valuable return except destruction

for the designers of blockchain projects, they should understand the advantages and disadvantages of each consensus mechanism, so as to select an appropriate consensus mechanism or design a new consensus mechanism according to the needs of the scene

security of smart contract

smart contract has the advantages of low operation cost and low risk of human intervention, but if there are problems in the design of smart contract, it may bring greater losses. In June 2016, the Dao, the most popular funding project of Ethereum, was attacked. The hacker obtained more than 3.5 million Ethereum coins, which later led to the bifurcation of Ethereum into Eth and etc

there are two aspects of the proposed measures:

one is to audit the security of smart contract, and the other is to follow the principle of smart contract security development

the security development principles of smart contract are: to be prepared for possible errors, to ensure that the code can correctly handle the bugs and vulnerabilities; Release smart contracts carefully, do well in function test and security test, and fully consider the boundary; Keep smart contracts simple; Pay attention to the threat intelligence of blockchain and check and update in time; Be clear about the characteristics of blockchain, such as calling external contracts carefully

security of digital wallet

there are three main security risks in digital wallet: first, design defects. At the end of 2014, a user lost hundreds of digital assets e to a serious random number problem (repeated r value). Second, the digital wallet contains malicious code. Third, the loss of assets caused by the loss or damage of computers and mobile phones

there are four main countermeasures:

one is to ensure the randomness of the private key

The second is to check the hash value before installing the software to ensure that the digital wallet software has not been tampered with

The third is to use cold wallet

The fourth is to back up the private key

3. Because each block contains its own hash value and the hash value of the previous block, changing a hash value will invalidate the rest of the blockchain
if you have problems with blockchain, you are welcome to chat in private~~~~~

4. The zodiac has already run away. Those who have joined the zodiac for a long time have earned money. Now they play the new Zodiac. Now they play the new Zodiac. The zodiac has just opened on August 1. I'll play it again. I'm very stable now,

5. Before 2019, I haven't been in touch with the digital currency instry. I'm just a little Bai. Through the foundation of the whole year of 2019, I have some experience to share with you, right or not. Welcome to comment
first, ask the respondents how many people have played this pocc
Second, all the projects are fake at the beginning. believe me. Only in the process of doing it successfully, it's true
Third, bitcoin is successful, with a market size of $1 trillion today. If it fails, it is a liar
Fourth, in addition to the mainstream digital currency, the risk is smaller (not without risk), similar to bitcoin, TEDA currency, ether currency, etc. Other small-scale counterfeit currencies are highly risky. How to determine the scale of a digital currency, or the market value, and recommend a software (non trumpet)< No need to think about supervision. There is no guarantee. It all depends on your control and understanding of the project. The brave starve the timid< 6. To judge whether a project is safe or not, it is necessary to have an in-depth understanding and communicate with the team. You need to know what the team wants to do, whether it's running for money or really want to do something< How to judge the quality of a project
there are roughly two points: the way of admission, the rate of return of offline development
is it simply to give money to the project party? Is sharing the benefits of offline development very outrageous

as far as I know, pocc mode is to spend money to buy digital currency, POC is using POC to replace mining machine, mining machine proces ore, and sells it in the exchange. The model is similar to bitcoin, but different. Moreover, in the process of transaction, the project party can't receive any money at all, and they all transfer their own business. This greatly limits the project side to circle money. And basically a miner can be realized once in about 6 days. It's also very secure for money. Secondly, the development of offline, can get about 3 poccs a day, this should not be outrageous
1. At present, the supervision of all digital currencies is not perfect, including bitcoin, Ethereum EOS and other top digital currencies in the world
2. Clearly reply that you are not a MLM company. You can understand pocc as a start-up company. It wants to go public (make it into a big currency like bitcoin Ethereum EOS). If you succeed, everyone will benefit. If you fail, your investment will not be affected, because you can recover the cost in six months
3. For those who say they have been cheated, publish their ID or your currency address, and the platform will query the records for you to see if you have been cheated
4. Pocc skin shrimp public chain, with (non small) can query the relevant information, non small is a professional third-party information website, all digital currency can query
5. As far as I know, there are a group of professional spurts on the Internet. One is to release negative news to attract attention and improve their own traffic. The second is to blackmail the platform for sealing fees
6. Since September 2018, there has been no loss and it is still running steadily. The benefits are consistent. Your friend tried, earned, recommended to you, you are still hesitant, to the Internet to find those who have not played the project, do reference, you will never earn money
7. Many people have been cheated by blockchain and various kinds of funds. You've heard about it and seen it. But you just didn't get involved
8, those who say pull the head, the tiktok speed version of the top page speed version does not pull the head? Wechat does not attract people in the initial stage? Alipay didn't pull the plug at the beginning? The network does not pull the head in the initial stage
9. Any project can't do without fans. Only fans can grow and last, and fans can only gain profits without loss, just like stocks. Those who hold the original stocks can make profits, but the loss is the secondary market
10. I hope those who talk nonsense blindfolded can experience it. Here's the screenshot BB.

6.

Zhou Hongyi believes that the harm of network security has expanded from the online cyberspace affected by traditional network attacks to national security, national defense security, key infrastructure security, social security, family security, and even personal security. Therefore, Zhou Hongyi believes that network security has entered the era of "big security" from the era of "information security"

in the era of great security, network attacks bring new threats and challenges. Zhou Hongyi pointed out in his speech that in the era of great security, we are facing six new threats

Fifth, cyber attacks threaten financial and economic security. Internet finance has penetrated into the public life, and network attacks against the financial system are emerging in an endless stream, threatening financial and economic security. The popularity of blockchain also makes virtual currency a new target for hackers

Sixth, network attacks threaten the personal security of users. Data show that network crime is becoming the largest type of crime, and the vast majority of crimes may be carried out by means of network in the future. In addition to causing user privacy leakage and property loss, cyber crime is also affecting personal safety

7.

On September 4, the 2018 ISC Internet security conference was held in Beijing. In an interview after the conference, Zhou Hongyi, chairman and CEO of 360 group, said that early warning should be given for user privacy leakage. Once the data is leaked, it is meaningless to deal with the aftermath“ We have studied all security incidents. In the final analysis, the most serious incidents start from attacking a very small terminal. " Zhou Hongyi said

According to Zhou Hongyi, 360's "safe brain" technology can, to a certain extent, warn and deal with such attacks. The so-called "security brain" is to continuously collect security big data through hundreds of millions of sensors, then transmit the data to the cloud of the security brain for storage and calculation, and use big data and artificial intelligence technology to realize automatic and intelligent response and disposal of network threats

8.

Nowadays, with the rapid development of science and technology, human beings have entered the digital age. The birth and development of privacy protection in the digital age is obvious to all. At the beginning, we have been busy moving all kinds of real scenes, such as communication and trade, to create a new space without borders that can meet the needs of any time and any place. In terms of the privacy leakage incidents around us, there is no full sense of security in the digital age

whatever is beneficial to people, then it will have the opposite side, which we realize when we enter the digital age< the virtual space created by people also needs & lt; Security door & quot; The of. In recent years, privacy protection has become very valued by the state, media, universities and other institutions. This sudden & quot; Mutation & quot; It means that the digital age has entered an unprecedented new stage. When the problem of privacy protection has to be managed, the establishment of law is an effective measure to maintain the civilized world order. By strengthening people's awareness of privacy protection through law, can protect personal privacy to a certain extent. It's a good choice

in this way, people's sense of security in the digital age will be seriously insufficient, this requires us to improve the awareness of personal privacy protection, but also need policy support from relevant departments< only when both sides take protective measures can they give people a full sense of security