Cadbury owner Mondelez sues Zurich for refusing to pay-up on cyber security insurance policy

By Graeme Burton | News | 11 January 2019
Is Mondelez crying over spilt Dairy Milk?

Cadbury factories were shutdown by the NotPetya virus in 2017, which has been blamed on Russia

Cadbury owner Mondelez is suing Zurich Insurance for its refusal to pay-up on a $100 million claim relating to the NotPetya virus outbreak in 2017.

Mondelez has filed suit in Illinois, according to the Financial Times. The food conglomerate that acquired Cadbury in 2010 had been seeking the insurance pay-out under the terms of its property cover, which is underwritten by the Swiss insurance giant.

In those papers, Mondelez claimed that the company had been hit twice by NotPetya, rendering 1,700 servers and 24,000 laptops "permanently dysfunctional" as a result.

Under the terms of the property insurance policy, Mondelez claims that it was entitled to claim for up to $100 million for "physical loss or damage to electronic data, programs, or software, including physical loss or damage caused by the malicious introduction of a machine code or instruction".

However, while Zurich was initially prepared to make an interim $10 million up-front payment, it later refused to pay, citing an exclusion clause for a "hostile or warlike action" by a sovereign power, or people acting on their behalf.

Zurich was able to cite security experts' claims that the NotPetya attack appeared to have been one of many launched by Russia against its neighbour Ukraine.

NotPetya struck in June 2017, just one month after WannaCry. Both made use of the same EternalBlue exploit that older, unpatched versions of Microsoft Windows were vulnerable to.

EternalBlue was revealed following the Shadow Brokers series of leaks of US National Security Agency exploits. These started in the summer of 2016, with EternalBlue part of the fifth and final tranche of leaks in April 2017. The Windows security flaw that EternalBlue took advantage of had been patched a month earlier.

The initial NotPetya attack vector was the poorly secured update server of a Ukrainian accounting company, whose software is used by around four-fifths of business in the former Soviet state. This enabled the virus to be quickly propagated, not just to organisations across Ukraine, but multinationals operating in the country.

An ensuing investigation found that the update servers of the accounting firm, ME Doc, hadn't been patched in four years. The outbreak occurred on the even of the Constitution Day public holiday in Ukraine.

Mondelez wasn't the only company badly affected by NotPetya. Shipping giant Maersk pinned a $300 million cost on the outbreak, while UK-based fast-moving consumer goods maker Reckitt Benckiser admitted in a trading warning one month after the attack that it had cost the company £100 million.

Former Reckitt CIO Darrell Stein left the company shortly after.

AWS guns for MongoDB with DocumentDB service offering full compatibility

By Graeme Burton | News | 11 January 2019

AWS hawks database service compatible with version 3.6 of MongoDB

Amazon Web Services (AWS) has taken aim at MongoDB with the launch of DocumentDB, a database service that, it claims, is fully compatible with the widely used open-source NoSQL database.

As The Register points out, the launch comes just months after MongoDB introduced a new software licence intended to stop cloud computing giants from ripping off its hard work.

The release was revealed this week in a blog post by Jeff Barr, chief evangelist at AWS (‘evangelist' being a fancy name for ‘marketing manager'). He described it as a "fast, scalable, and highly available document database that is designed to be compatible with your existing MongoDB applications and tools".

In the release, the company continues: "Customers use MongoDB as a document database to store, retrieve, and manage semi-structured data.

"However, it is hard to build performant, highly available applications that can quickly scale to multiple terabytes and hundreds of thousands of reads- and writes-per-second because of the complexity that comes with setting up and managing MongoDB clusters at scale.

"Amazon DocumentDB is designed from the ground-up to give you the performance, scalability, and availability you need when operating mission-critical MongoDB workloads at scale."

In October, MongoDB rejigged its software licensing legalese in a bid to head-off the risk that it could be ripped-off by cloud service vendors. It included a new clause obliging anyone offering MongoDB in the cloud must release the enabling code to open source.

At the same time, it introduced a new licence, called the Server Side Public Licence (SSPL), partly in response to China's technology giants Baidu, Tencent and Alibaba already repackaging the company's software as free cloud services.

Most open-source software license lack clauses covering cloud computing because the rise of open-source pre-dates cloud computing.

The AWS DocumentDB service therefore only promises compatibility with version 3.6 of MongoDB, which comfortably predates the licence change. That version of MongoDB is more than a year old, with the latest mainline version, MongoDB 4.0, having been released in June 2018. The stable release is currently at version 4.0.5.

MongoDB also announced its own database-as-a-service, called MongoDB Atlas, in June 2016. It now claims to have more than 6,200 customers for Atlas, accounting for around one-fifth of the company's total revenues, according to its last quarterly accounts filed in December. It is also, coincidentally, available on the AWS marketplace.

Predictably, MongoDB co-founder and chief technology officer Eliot Horowitz declared that the company had nothing to worry about.

He told Business Insider: "More than anything, it shows how much developers love the MongoDB API and database, and how desperate Amazon was to have something in this case."

PC market recovery goes into reverse due to Intel chip shortage

By Graeme Burton | News | 11 January 2019

Worldwide PC sales fall by 4.3 per cent in the fourth quarter as supply issues stymie demand

The 2018 recovery in PC sales ground to a halt in the fourth quarter, according to the box counters at Gartner, with global sales falling by 4.3 per cent.

That had come after sales growth in the second and third quarters of the year had indicated a recovery in the PC market.

Mikako Kitagawa, senior principal analyst at Gartner, attributed the decline to a CPU shortage, with manufacturing issues at Intel pushing up chip prices and leaving PC makers unable to fulfil orders, particularly as part of the business PC upgrade cycle.

On top of that, added Kitagawa, there were also some political and economic uncertainties across the world dampening demand. And, furthermore, PCs and laptops don't feature as prominently on Christmas lists as they once used to.

Nevertheless, the top-three vendors strengthened their positions across the world, with Lenovo, HP and Dell accounting for 63 per cent of global PC shipments in the fourth quarter, up from 59 per cent in the same quarter in 2017.

Globally, Lenovo nosed ahead of HP, with Lenovo taking a 24.2 per cent market share against HP's 22.4 per cent. Dell came in third, increasing its global market share from 15 per cent to 15.9 per cent.

The big losers among the ‘big six' were Asus and Acer in fifth and sixth place, respectively, with Asus sales down by more than one-tenth and Acer sales down by almost one-fifth.

Apple sales also fell, despite the long-awaited introduction of new models, although its market share was more or less flat - 7.2 per cent in the fourth quarter of 2018 compared to 7.1 per cent in 2017.

Preliminary Worldwide PC Vendor Unit Shipment Estimates for 4Q18 (Thousands of Units) 

Company 4Q18 (sales) 4Q18 (share) 4Q17 (sales) 4Q17 (share) Growth/decline
Lenovo 16,628 24.2 15,697 21.9 5.9
HP Inc 15,380 22.4 16,092 22.4 -4.4
Dell 10,915 15.9 10,763 15 1.4
Apple 4,920 7.2 5,112 7.1 -3.8
Asus 4,211 6.1 4,716 6.6 -10.7
Acer 3,861 5.6 4,726 6.6 -18.3
Others 12710 18.5 14590 20.3 -12.9

Source: Gartner

Much of the growth over the past ten years enjoyed by the major vendors has come at the expense of "Others" - second tier PC vendors, often focused on single national markets. Ten years ago in the same quarter "Others" accounted for a global market share of 43.6 per cent. In Gartner's latest figures, this has fallen to just 18.5 per cent, down by another 12.5 per cent, year on year.

Gartner's figures, it should be noted, include desk-top PCs, laptops and ultramobiles, including the Microsoft Surface, but exclude Chromebooks, iPads and Android tablets.

 

Blockchain update: China cracks down on blockchain companies

By John Leonard | News | 11 January 2019
Sun sets on online anonymity

Another day another ban

There's a lot going on in the world of decentralised networking and not just the daily rollercoaster ride of the cryptocurrency markets. A decade after the mysterious Satoshi Nakamoto first unleashed Bitcoin on an unsuspecting world, the blockchain has grown and branched out and now a thousand flowers blossom, some of them rather peculiar blooms indeed.

Look around and you'll see that blockchains are apparently the answer to every problem. From replacing the global banking system to guaranteeing the provenance of diamonds to paying your dentist - there's a blockchain for that.

Overhyped they may be, but blockchains actually are a big deal and they will get bigger. Their potential for secure 'trustless' interchange is too great to ignore and once the silliness has died down inevitably some serious use cases will emerge.

Indeed that's already starting to happen, hence this blog. We'll be updating this page every few days to reflect the serious innovations bubbling up in this most interesting and volatile of spaces. (Also check out our rolling 5G coverage.)

11/01/2019 China cracks down on blockchain companies

Hot on the heels of handing out fines to VPN users accessing the 'international internet', China continues its crackdown on the anonymity of its citizens by targeting the country's many blockchain startups.

The Cyberspace Administration of China (CAC) has announced new rules for blockchain firms. These rules, which will come into force on February 15, will require companies that use blockchains to register their names and IP addresses with the CAC within 10 working days of the new regulations becoming law.

It applies to firms that provide public information services through blockchain services that are accessible via web or mobile devices.

Moreover, blockchain service providers may not 'produce, duplicate, publish or disseminate' content that has been banned by the Chinese government.

Firms that fail to comply could face fines of RMB 20,000 - 30,000 (£2,300 - £3,500), while serial offenders should expect a criminal investigation.

The move is the latest in an ongoing crackdown on online freedom of expression by the increasingly authoritarian Chinese authorities. Last year a group of students used the Ethereum blockchain to evade the attention of the censors and pass messages about a prominent professor accused of sexual misconduct, and this may have rattled government officials, themselves very sensitive to accusations of corruption.

In October the Chinese government drafted a regulation that would require users to provide their real names and national ID card numbers when registering for a blockchain service. The policy also demands that blockchain services remove 'illegal information' before it can be spread among users, with service providers required to retain backups of user data for six months and to hand it over to the police on request.

China also banned cryptocurrency trading last year.

08/01/2019 Rollback attack allows double-spend of more than $1m in cryptocurrency Ethereum Classic

Blockchains are supposed to be immutable. That's the point. With a blockchain-based cryptocurrency you shouldn't be able to spend the same coin twice by rewriting the transactional record, but Cryptocurrency exchange Coinbase noticed one currency, Ethereum Classic (ETC), where exactly that was occurring.

"On 1/5/2019, Coinbase detected a deep chain reorganisation of the Ethereum Classic blockchain that included a double spend," the exchange notes in its blog.

It continues: "Subsequent to this event, we detected 12 additional reorganisations that included double spends, totalling 219,500 ETC (~$1.1m)."

This latter figure was revised upwards from an earlier estimate of 88,500 ETC ($460,000).

The problem lies with a weakness in the Proof of Work consensus mechanism which most blockchains rely on for security. In this miners compete to verify blocks of transactions, ultimately agreeing to accept the longest chain of blocks as the 'true' one and going on from there. This is fine so long as more than half the miners are ‘honest' nodes. But if a dishonest miner with sufficient CPU power manages to pick a previous block and build on that, it can theoretically outstrip the other miners, creating an alternative longest chain which the other nodes will ultimately accept as true, effectively rewriting history.

So the dishonest miner could make a purchase from a merchant with his or her coins, and then build a chain from a previous block which does not contain that transaction. Once the other miners have accepted this new chain as the canonical truth, the coins are still available to spend again. The unfortunate merchant ends up with nothing.

This is known as a rollback attack because the previous transaction has effectively been rolled back - it does not exist in the record. It becomes possible once a single miner or cooperating pool of miners controls more than 50 per cent of the CPU power. The risk has been known since blockchain's inception and is the reason why it has always been stressed that mining should be as dispersed as possible. However, because specialised equipment and cheap electricity is now required to make a living from mining, power has become concentrated in fewer and fewer hands.

To make matters worse, with the collapse in the price of cryptocurrencies (ETC's value has dropped from $45 a year ago to around $5 today) many miners have given up and sold their equipment. This may have allowed some of the remaining miners to consolidate enough power to launch the attack.

Coinbase says no funds were lost from the exchange, but it has frozen transactions for the time being in ETC to prevent losses from affecting its customers.

20/12/2018 New standards group for private blockchains announced by ETSI

ETSI, the European standards group for IT, has announced a new group focused on permissioned ledgers - or private blockchains as they are often called. Members of the Industry Specification Group on Permissioned Distributed Ledger (ISG PDL) announced so far include representatives from Cadzow Comm Consulting Ltd, Ericsson, Huawei, Intel, NEC Europe, Telefónica and Vodafone.

The  group will look at existing methodologies used to validate participant nodes, improve scale and throughput, achieve consensus and automate node management and operation, incorporating new research results as they become available. The aim is to specify a permissioned distributed ledger operational reference architecture that can be used as a basis for implementing private blockchains for business purposes.

Unlike public blockchains such as bitcoin where anyone can run a node, with permissioned blockchains membership is restricted. Current use cases include inter-bank ledgers where each bank in a consortium runs a node or nodes. In this way security and confidentiality are easier to provide for, while some of the 'trustlessness' aspects of a decentralised public ledger are lost. Instead governance of the ledger is the joint responsibility of its members.

ISG PDL will seek to provide the foundations for operating permissioned distributed ledgers across various industries and governmental institutions by working with various standards bodies and open source projects in the blockchain arena.

The groups initial meeting will take place on 24 January at Telefónica, Madrid where officials will be elected.

18/12/2018 Is Facebook working on a cryptocurrency?

Facebook has been quietly assembling a group of experts, academics, cryptographers and engineers with experience in blockchain and cryptocurrencies, according to a report from Cheddar.com.

The group was inaugurated in April this year and reportedly now numbers 30 or 40 individuals. It is headed by David Marcus, vice president of Facebook Messenger and former PayPal president. Many of his recent hires are also ex-employees of PayPal while others have online payments backgrounds from companies like Google and Samsung. Some are former members of cryptocurrency startups - stoking the long-running rumour that Facebook may be developing its own coin.

Facebook has said little about cryptocurrencies, save to ban ads for ICOs a while back, and it remains characteristically  tight-lipped about its plans.

"Like many other companies Facebook is exploring ways to leverage the power of blockchain technology," a spokesperson said.  "This new small team is exploring many different applications. We don't have anything further to share."

It could be that Facebook is looking to emulate China's WeChat  - a sort of Facebook plus-plus that includes a dating app together with a native payment system that has become so popular that small traders and even beggars are starting to refuse cash - while at the same time working to head off competition from less centralised models down the line.

13/12/2018 Hyperledger adds 12 new members

Hyperledger, the open source permissioned blockchain project, has announced 12 new general members including some major banks, consortia and cloud firms. General members have certain marketing and recruitment opportunities as well as bing able to participate in members-only committees.

The latest general members feature a strong showing from China. They are: Alibaba Cloud, BlockDao (Hangzhou) Information Technology, Citi, Deutsche Telekom, Guangzhishu (Beijing) Technology Co. Ltd, Guangzhou Technology Innovation Space Information Technology Co. Ltd, KEB Hana Bank, HealthVerity, MediConCen, Techrock, we.trade and Xooa. These additions bring the total number of general members to 256.

Four new associate members also joined Hyperledger this month: Association of Blockchain Developers of Saint Petersburg, Business School of Hunan University, Sun Yat-sun University and Wall Street Blockchain Alliance.

Associate membership is limited to pre-approved non-profits, open source projects, and government entities. There are now 16 associate members.

The new members were announced at the Hyperledger Global Forum in Basel, Switzerland.

"The growing Hyperledger community reflects the increasing importance of open source efforts to build enterprise blockchain technologies across industries and markets," said executive director Brian Behlendorf. "The latest members showcase the widening interest in and impact of DLT and Hyperledger."

A number of blockchain projects are based on Hyperledger; some of them like we.trade and the Walmart food supply chain system are featured elsewhere in this blog.

23/10/2018 Blockchain too immature for government use, finds Australia's DTA

The Australian government's Digital Transformation Agency has cast doubts over the validity of blockchains for governmental purposes.

The DTA, which was granted AUS$700,000 to investigate the technology, has concluded after initial research that in almost every case examined existing technologies are more suitable than blockchain.

The agency has been working with a number of government agencies to develop prototypes for the use of blockchain to deliver services, including with the Department of Human Services for welfare payments and cargo settlement.

Peter Alexander, CDO at the DTA said the technology is worth keeping an eye on but as yet is too immature.

"Our position today, and this is an early write-up, is that blockchain is an interesting technology that would be well worth being observed, but without standardisation and a lot more work, for every use of blockchain that you would consider today there is a better technology," Alexander told a Senate hearing on Tuesday, as reported by InnovationAus.com.

Alexander said that one of the defining features of blockchains, the potential for anonymity, is among the biggest stumbling blocks.

"Generally speaking when the government is engaging with someone, we want to have a trusted relationship with them. We want to know who they are and give them a personalised service," he said. "Blockchain is good for low-trust engagement, you don't know who you're dealing with but have a series of ledgers that can give some validation and support."

According to Alexander, blockchain is at the "top of the hype cycle", with demand driven by the industry.

"It would be fair to say that a lot of the big vendors are pushing blockchain very hard and internationally most of the hype around blockchain is coming from vendors and companies, not from governments and users and deliverers of services," he said.

23/10/2018 China mulls anonymity ban

China is another nation that finds blockchain's anonymity a problem. Earlier this year Chinese students encoded allegations of sexual harassment against a prominent professor on the Ethereum blockchain to evade the country's censors, all social media posts on the issue having been blocked. The same technique was used to spread news about low quality and counterfeit vaccines, another scandal the government sought to cover up.

But the Chinese government has drafted a new regulation that would require users to provide their real names and national ID card numbers when registering for a blockchain service, reports The Verge. The policy would also demand that blockchain services remove 'illegal information' before it can be spread among users. And under the proposed legislation, service providers would also be required to retain backups of user data for six months and to hand it over to the police on request.

China has been bullish on blockchain for the last few months, with one commentator recently claiming it is worth ten times as much as the internet. The country's tech giants are pouring significant resources into its development citing smoother trade and anti-fraud possibilities. But without the possibility of anonymity, a permanent ledger could also be a powerful tool in the authoritarian regime's surveillance and control systems.

China also banned cryptocurrency trading earlier this year, although apparently this has been less than effective. The Ethereum Hotel recently opened in the country, accepting payment in cryptocurrencies.

Next page: UK leads in blockchain deployments says Capgemini; Microsoft's strategy for decentralised identity; Gary Cohn joins fintech startup Spring Labs; Horizen's privacy platform; Zone and Icons launch ledger to authenticate and track sports memorabilia; Nick Szabo, inventor of the smart contract, on its evolution; Real-world use cases emerging; Blockchain-based driving licence trial rolled out by Australian state

19/10/2018 UK leads the way in blockchain deployments for supply chain, finds Capgemini

A survey by consultancy Capgemini of 450 organisations implementing blockchain in their supply chain has found that only three per cent have so far taken initial experiments into production at scale.

The respondents, drawn from the consumer products, retail and manufacturing sectors, said that establishing return on investment was the biggest challenge to ramping up their deployments, with compatibility with existing legacy infrastructure cited as another barrier.

Across the sample, three per cent were deploying blockchain solutions at scale, 10 per cent had pilot projects in place, while 87 per cent were still at early stages of experimentation with the technology.

The main drivers for the experiments were found to be cost saving (89 per cent), enhanced traceability (81 per cent) and enhanced transparency (79 per cent), although these varied widely from sector to sector.

While adoption and the technology itself are at an early stage, the Capgemini report identifies a number of current use cases, ranging from low complexity / high adoption scenarios such as the prevention of counterfeits and tracking asset maintenance, to more ambitious but complex uses including loyalty programs, contract labour procurement and regulatory compliance.

The UK (22 per cent) currently leads the way with production and pilot implementations of blockchain projects in the supply chain, while the USA (18 per cent) leads in terms of funding blockchain initiatives.

In the UK specifically, the consumer products vertical is the biggest adopter among those surveyed, followed by manufacturing and then retail. However, globally manufacturing  is in the lead.

Sudhir Pai, CTO financial services at Capgemini commented: "There are some really exciting use cases in the marketplace that are showing the benefits of blockchain for improving the supply chain, but blockchain is not a silver bullet solution for an organisation's supply chain challenges."

Pai continued: "Blockchain's ROI has not yet been quantified, and business models and processes will need to be redesigned for its adoption. Effective partnerships are needed across the supply chain to build an ecosystem-based blockchain strategy, integrated with broader technology deployments, to ensure that it can realise its potential."

Capgemini has been working with blockchain technology since 2016 when it began developing solutions for the financial services industry. The report predicts that experimentation with blockchain will peak in 2020, before entering mainstream supply chain usage by 2025.

15/01/2018 Microsoft's strategy for decentralised identity

Microsoft might seem an unlikely champion of decentralised IDs. After all, decentralised identifiers (DIDs) represent an important decoupling of identity from generated data and applications that use it, and Microsoft, in many minds, is still associated with monopolistic powergrabs. But last week the company published a new decentralised identity portal and released a whitepaper explaining the benefits of individuals being able to create, own and manage their online identities independent of any third-party.

"Over the past 18 months, Microsoft has invested in incubating a set of ideas for using blockchain and other distributed ledger technologies to create new types of digital identities - identities that are designed from the ground up to enhance personal privacy, security, and control," the whitepaper says. "We aspire to make DIDs a first-class citizen of the Microsoft identity stack."

Actually, it should not come as a surprise that Redmond should be interested in this area. Microsoft was one of the early major tech company backers of blockchain technology after all, and decentralised identifiers, where a user controls his or her online identity or identities through cryptography, are a central feature of many of the emerging decentralised applications being built on blockchains and other decentralised platforms. And as we saw when Microsoft embraced Linux as a key part of its Azure cloud ecosystem, a 180-degree turnaround from its previous position, Redmond has proved adept of late at seeing which way the wind is blowing and moving with it. The whitepaper mentions integrating personal datastores controlled by DIDs into Azure.

IBM, the other big technology company leading the blockchain charge, has been active in this area for more than a year. Like Microsoft, IBM is a member of the Decentralized Identity Foundation (DIF). Critics point out, though, that while IBM has already been active in offering open standards for DIDs and related W3C projects, Microsoft has yet to lay any code on the table.

"I don't know what Microsoft has developed, I haven't seen any actual code," Wayne Vaughan, CEO of blockchain platform Tierion and DIF steering committee member, told CoinDesk.

"Microsoft has been soliciting input from the community, but their software development has largely been done behind closed doors, and now they are releasing it publicly. With that being said, it's much better than nothing."

UPDATE 15/10/18: Twitter user @csuwildcat has pointed out that Microsoft developers are contributing to the DIF's GitHub repositories. The strapline to this article has been changed accordingly.

12/10/2018 Former Trump aide and Goldman Sachs chief Gary Cohn joins fintech startup Spring Labs as advisor

Gary Cohn, chief economic advisor to Donald Trump until April and before that president and COO of Goldman Sachs, has become an advisor to Spring Labs, a blockchain startup that aims to take on consumer credit companies like Experian and Equifax.

Unlike some of his investment banking brethren Cohn has never rejected the idea of cryptocurrencies, saying in May that a global cryptocurrency is coming.

"I'm not a big believer in Bitcoin, I am a believer in blockchain technology," Cohn told CNBC. "I do think we will have a global cryptocurrency at some point where the world understands it and it's not based on mining costs or costs of electricity or things like that."

Cohn told the FT he believes blockchain's teething issues will be overcome and that blockchains have obvious potential in the financial arena, particularly for smart contracts and currency settlements.

"We all know all the inefficiencies of the existing currency world and blockchain clearly helps to eliminate them at some point in the future," he said.

Spring Labs, which has offices in Los Angeles and Chicago, boasts a high-powered board, which as well as Cohn includes Bobby Mehta, formerly CEO of credit company TransUnion, and Brian Brooks, chief legal officer at cryptocurrency exchange Coinbase.

Spring Labs' website says its technology will create "the foundation for a credit system that is more transparent and secure for consumers".

It continues: "The Spring network will allow users to view all attestations about their credit and identities for free, and enables functionality for open alerts and notifications."

Cohn said he would be assisting with getting the firm's technology adopted in the marketplace.

11/10/2018 Horizen's privacy platform

One of the biggest selling points of decentralised technology is privacy, believes Rob Viglione, co-founder of Horizen, a privacy-oriented blockchain platform.

Horizen was forked from ZCash, one of the leading privacy-focused cryptocurrencies. "We wanted to take it beyond currency," said Viglione.

Like most such projects, the Horizen platform does have a cryptocurrency (Zen) to power its internal market, but it was the key innovation of ZCash's founder crypto-pioneer Zooko Willcox that was the primary focus of attention, Viglione said. zk-SNARKs provide a practical cryptographic method of verifying that a computation such transaction between two parties is "correct" without having to know anything about the computation or the parties involved.

"Where ZCash is focused on currency we are actually building an application platform. That was the point of forking from ZCash - to grab the SNARK library so we could start with that base technology and cryptography. Now we are building things on top of it."

One of those things is what Viglione claims is "the most secure messaging protocols in the world". He admits it's "kind of clunky" at this stage, and because zk-SNARKs are computationally heavy it's not instant. "But if you're a reporter in Syria or China, you might want to use our app."

Viglione insists Horizen retains "very good relations with Zooko" despite having forked his code, and said the two companies collaborate on bug reporting and the like.

Asked about Horizen's potential "killer app" Viglione said the combination of a large number of nodes (there are currently 22,000 in the network) and zero-knowledge cryptography makes virtual private networking a strong candidate.

"If we can build the world's best VPN service, one that is fully anonymous and secure that could draw millions of potential users, not because they care about blockchain, but they want a service that is valuable. That's where we need to go were working very actively on those sorts of projects."

Another USP of decentralised systems is the possibilities for equality regarding decision making. The company is working on a treasury voting system that will enable Zen holders to make decisions on proposals for the network's development and allow transparency into the allocation of funds.

As for enterprise use cases, Viglione cites the simplicity of developing applications on sidechains that plug into the main network via an API. That way, they can make use of the network's privacy and security features without needing to have blockchain skills in-house.

One possible fly in the ointment is the current reliance on the Ethereum blockchain, although Viglione insists migration to another backbone would be possible. Ethereum has recently struggled to scale in the face of increased demand. "They hit the limits of natural growth in my opinion," he said, adding: "But I never discount them because they have a collection of brilliant people and I think they will overcome the issues as they come up."

02/10/2018 Zone and Icons launch ledger to authenticate and track sports memorabilia

The sports memorabilia market began with fans trading footballs and baseballs signed by their sporting heroes and expanded to an industry worth US$370bn globally, according to Forbes. These days no charity auction is complete without a signed shirt from a current or bygone star, but how can punters tell it the item is genuine when signatures written by robots are pretty much indistinguishable from the real thing particularly when many counterfeit goods are traded online?

Enter b-locked, a blockchain-based ledger designed to track the provenance of signed sports memorabilia. B-locked was developed jointly by Icons Shop Limited, which holds official merchandise licences from the FA, UEFA and FIFA World Cup and has exclusive contracts with players including Lionel Messi, Dele Alli and Eden Hazard, and Zone, a London-based customer experience agency which is part of professional service firm Cognizant.

To combat fraud, every Icons product comes with a certificate of authenticity and details of the player signing. This information can now be stored on b-locked so that future buyers can check its authenticity by typing a code or scanning a hologram via a web application.

The Zone team had originally chosen Ethereum as its blockchain platform of choice but, changed tack after the Cryptokitties debacle which showed up problems with its scalability.

"Ethereum transaction costs would have been too high for the project to be economical. So we used alpha code and ideas from Chainspace to build our prototype. We'll likely go ahead either with Chainspace or Cosmos, both of which make it easy to build the kind of logic and interactions we need," said Jon Davie, chief client officer at Zone.

Davie explained that the Zone team used an Agile methodology of short sprints to deliver the ledger. "We didn't seek to solve every challenge at the outset - rather to identify the key features and then learn by testing with customers and the Icons team," he said.

"Our next challenge is scaling the authentication process to cover every item in the Icons warehouse - it's an operational challenge as much as a technology challenge."

The system will be launched this month, with FC Barcelona star Lionel Messi signing 100 products which will be uploaded to the b-locked blockchain at an event in that city. Davie said the firm's short time to market was due in part to focusing on a specific use case.

"Unlike many blockchain ventures, we created this project to solve an existing problem for an existing business," he said, adding that it could be expanded to suit "any industry where authenticity is important - from art and antiques to whisky and wine."

28/09/2018 Nick Szabo, inventor of the smart contract, on its evolution

Nick Szabo, the computer scientist who came up with the idea of smart contracts in 1995 and coined the term, discussed the evolution of his invention during a keynote at blockchain live in London this week.

The basis of his talk was the fact that trust does not scale. Advanced societies have laws and institutions to mitigate the fact that we often have to deal with people and organisations that we know nothing about, including courts to enforce the fulfilment of agree contracts, but these are frequently ill-suited to the digital age.

The concept of smart contracts has moved on from the simple vending machine model which doles out a bar of chocolate provided you put the right money in, as defined in the program, to that embodied by distributed applications (dApps) on programmable blockchains such as Ethereum. But these are at an early stage, Szabo said.

"An Ethereum contract controls assets and typically gives some performance incentives, but it's not the full smart contract. The full smart contract involves user interfaces, it involves other features such as search and negotiation and performance monitoring, and it will also often happen off-blockchain." he said.

"For example, if you're doing logistical contracts and you want to track a package in time and space that's an off-blockchain oracle that is part of the smart contract that is fed into the Ethereum contract on chain."

Rather than the binary yes-no model, smart contracts will be negotiable, he said.

"Right now they are take-it-or-leave-it deals, but a true smart contract can be negotiated. So Alice makes an offer and Bob can accept or reject that offer, and if Bob has neither accepted or rejected the offer then Alice can revoke it. We [presumably referring to Szabo's company Global Financial Access] are working on smart contract negotiations of this nature."

They will also be customisable, and fully on-chain with parties able to make a counter offer in a "very trust minimised, environment" with the programming element eliminated via an intuitive user interface, he went on.

Szabo predicted a "win-win" scenario through the interfacing of smart contracts with what he calls "wet code": traditional contracts based on law. Each has strengths that can overcome the weaknesses of the other, he argued. Traditional contracts tend to be localised and rather subjective and unpredicatable and their enforcement is coersive, but they are based on expertise, experience and decades of case law, while smart contracts are globally scalable, predictable and enforceed through cryptography but immature and rigid.

"In many cases you want to use both together as complimentary. So now there's a contract between wet code traditional contracts and dry code smart contracts."

The low hanging fruit is financial contracts, he said "loans, bonds, derivatives". This sector he envisages a "spontaneous network of contracts formed from other smart contracts that is globally scalable."

26/09/2018 Real-world use cases emerging

A panel debate at the Connected World Summit in London this week dealt with the vexed question of blockchain hype. Yes, the panel agreed. Most blockchain projects are heavily oversold, driven on by crypto currency ICOs, but that's not to say it's all scams and vapourware. Genuine use cases, where a blockchain can do things that a distributed database can't, do exist, although most are still in the early stages.

Calvin Weise, founder of the Universal Patient Index and CEO of Kalibrate Blockchain, pointed to the health sector, in which surgeons have been occasionally known to chop off the wrong leg or doctors to deliver the wrong drug having been sent erroneous patient records. His company is working on a universal patient index stored on a blockchain that would reduce this problem considerably, he suggested.

Alfonso Delgado De Molina, analyst at Silver 8 Capital, brought up the smart bike locks marketed by Slock.IT where anyone with the right key on their smartphone can unlock the bike for a certain amount of time via a smart contract. This functionality also is being applied to cars by a startup in Berlin he said.

Alexandra Cheung, associate director of Cruxy & Co. spoke about systems to track the provenance of diamonds and also Floral Chain, which she says allows smaller growers and smaller shops to have a greater presence in the marketplace for cut flowers.

Using blockchain to help establish a presence was also mentioned by Darren Oliviero-Priestnall, CEO of Atlas City. He pointed to a project in China run by charity World Vision in which small farmers are encouraged to document themselves and their farms on a blockchain. Such evidence can help them obtain finance and establish their ownership rights. Elsewhere, undocumented refugees can start building an identity to help them in future dealings with the authorities.

The biggest current use case though is in the supply chain where goods can change hands a hundred times before reaching their destination, each transfer requiring additional paperwork. Assigning responsibility for any loss or damage is expensive and time consuming, delaying insurance payouts. This is the sort of scenario where an immutable, trustless record of events can really streamline processes - a significant caveat being that all players in the chain must be on board.  

11/09/2018 Blockchain-based driving licence trial rolled out by Australian state

The Australian state of New South Wales is to extend its trial of blockchain-enhanced digital driving licences.

Changes to NSW state law in May allow drivers to use their digital licence for proof of identity and proof of age in place of a physical document for renewing fishing licences, buying alcohol, as proof of responsible gambling behaviour - and for police checks.

The licences already incorporate a number of methods to protect against ID fraud; these will soon be joined by a blockchain-based system called TrustGrid developed by Australian firm Secure Logic, an incumbent supplier to Australian government.

"The Digital Driver Licence has a range of security technologies protecting the integrity of the system and privacy of a customer's identity," a NSW spokesperson told iTNews.

The aim of the scheme is to use a blockchain-based system to secure and authenticate the information held on the licences, allowing users to validate themselves via a smartphone app without requiring further checks. The app also allows users to renew their licence or amend their details without recourse to the authorities.

The blockchain trial started last year in the town of Dubbo. 1,400 volunteers signed up for a three-month trial, using their digital licence as proof of identity and age in pubs and clubs. It will soon be expanded to 140,000 users in Sydney before an expected statewide rollout by the end of 2019.

Secure Logic CEO Santosh Devaraj is (understandably) keen to push the wider implications of the trial for government services.

"The era of standing in line to file government paperwork is coming to an end, as is our reliance on physical identification cards to establish your identity or proof of age with law enforcement or at licensed venues. These are mistake prone, time-consuming, expensive, and impractical ways to offer services," he said.

Next page: Soluna plans clean energy option for crypto-miners; UEFA's blockchain powered ticketing app; The security risks of  smart contracts; Has the blockchain bubble burst?

24/08/2018 Soluna plans clean energy option for crypto-miners

Blockchain has a big energy problem. To remain secure, blockchains such as Bitcoin rely on the Proof-of-Work (PoW) consensus mechanism must burn a colossal amount of energy. Just a decade old, Bitcoin already consumes as much energy as Ireland and will hit Austrian levels by the end of this year

Bitcoin miners tend to hunker down where energy is cheap. This means Iceland, where cryptocurrencies are already using more of the country's geothermal supplies than consumers, or places like China where electricity comes from cheap but highly polluting coal.

There are less energy-intensive alternatives to PoW such as Proof-of-Stake, Proof-of-Capacity and Proof-of-Resource, but the blockchain that powers Bitcoin and related currencies is the big one and will remain so for the foreseeable future. And of course blockchain's potential is far wider than cryptocurrency - as use cases increase so will power consumption.

Now an energy and technology firm is looking to provide a dedicated renewable resource for crypto-mining. Soluna plans to build a windfarm in one of the windiest onshore locations in the world in the Moroccan Sahara. It predicts the 15,000-hectare site will generate up to 900 megawatts - or about a third of the current energy demands of the Bitcoin blockchain. Electricity will be supplied to a high-density data centre dedicated to cryptocurrency mining at a price equivalent to or even lower than cheap Chinese coal, around US $0.03 per kilowatt-hour.

"Soluna's mission is to power the crypto-economy with clean, low-cost renewable energy. To do this, we are building a blockchain infrastructure and cryptocurrency mining company that owns its own renewable energy resources," the company says in its brochure.

Money generated from the crypto-mining will pay for further renewable development including supplying Morocco's electricity grid, the firm says. It anticipates connectivity to the main grid to be available next year.

"Soluna will provide computing power for whatever is most beneficial for its business, whether that's cryptocurrency mining, distributed graphics rendering, file storage, machine learning, AI or other services of the decentralised cloud of blockchain technologies that have yet to be invented," says Soluna. "We are prepared to foster this future innovation. Green, renewable, low-cost power will serve as a key component."

Soluna has partnered with German wind power firm Altus AG and has approached vendors of chipsets and ASICs to equip its modular data centre ‘pods'. The windfarm and the data centres will be built using a phased approach, adding additional modules as capacity increases. The firm aims to have 36 megawatts of capacity operational by 2020 with the full 900 megawatts ready in five years.

Sounds promising, but a possible downside could be the exacerbating the problem of centralisation of mining power to a small number of locations thereby making the blockchain more vulnerable to attack.

20/08/2018 UEFA's blockchain powered ticketing app

All of the tickets for the August 15th UEFA Super Cup final match between Real Madrid and Atlético de Madrid in Tallinn, Estonia were distributed through a mobile app connected to a blockchain.

"UEFA chose a blockchain-based ticket distribution system combined with mobile Bluetooth devices at the stadium entrances," says UEFA on its website.

Tickets for major football matches have long been subject to touts and fraud, and this is UEFA's attempt to tackle the problem. The Bluetooth devices installed at the gates to the Le Coq Arena to were used to validate the tickets held on Apple and Android phones.

This is the first time that all publicly available tickets have been distributed this way. UEFA [Union of European Football Associations] piloted the system at a number of events, including most recently the 2017/2018 UEFA Europa League final between Atlético de Madrid and Marseille in Lyon, France in May. Half of the tickets sold for that match were distributed by the blockchain-based system, which has since undergone some fine tuning.

UEFA says it will "continue to develop the system further, with the aim of using it at future events."

The Super Cup final finished 4-2 to Atlético, with Costa netting two.

15/08/2018 The security risks of  smart contracts

Blockchain-based smart contracts present a unique risk, and companies should be wary of deploying them for anything with serious real-world repurcussions. That's according to code verification and programming language expert Grigore Rosu, professor of computer science at the Univerity of Illinois.

Smart contracts are small programs coded on top of a blockchain that run automatically as soon as conditions are right. An example might be an insurance payout after extreme weather, or a machine ordering its own consumables once stocks decline to a certain level.

Nothing new in that, you might say, but smart contracts have the potential for automating such conditions-based transactions on a massive scale, removing the need for a trusted human third party, even in white collar sectors such as law and finance.

Smart contracts are immutable; they're validated by multiple parties and can't be changed or corrupted. This is at once their strength and their weakness.

"There are two big problems with smart contracts," said Rosu. "One is that the code is public so you can work out how to attack it. Secondly, once you have a smart contract - that's it. It deploys and you cannot change it. So if you find a bug you can't fix it, you have to deploy a different version of the contract in a different account and exchange it with the old one which is a very heavy process."

He points to the example of the now-defunct cryptocurrency Beautycoin (BEC), which was killed off by a so-called batch overflow attack in April.

Two attackers, presumably having studied the code and spotted an eventuality the designers hadn't thought of, initiated simultaneous transactions using input parameters chosen to create a sort of feedback loop. Unprepared, the smart contract went beserk, generating tokens that were ostensibly worth more than five octodecillion dollars (five and eighty zeros). While no-one had to pay back that impossible sum, the coin was dead and worryingly it took two days for the hack to even be discovered.

Blockchain enthusiasts, it seems, suffer from a form of myopia; because of all that energy burned in proof of work they believe their beloved innovation is all but impregnable. But it turns out cryptocurrencies - which are after all basically just transactions stored on a blockchain - are plagued by glitches, as the number of crypto exchange hacks makes clear.

Recently, MIT researcher Corey Fields discovered a flaw in the signature verification code that would have been fatal to Bitcoin Cash had it been exploited. "The threat of software bugs is severely underestimated in the cryptocurrency world," he said.

Bugs and vulnerabilities can pop up all over the place, including the code of the smart contract itself, the programming language it's written in and the compiler that translates that code into machine-readable language.

Smart contracts tend to be coded in specialised languages such as Solidity which are modified versions of general purpose languages like JavaScript. Rosu declined to single out a particular language for criticism, but said they all have flaws when it comes to smart contracts.

"I'm scared because these languages are not very well designed. If a language is poorly designed then as a developer of smart contracts on a blockchain you may struggle to understand what your program actually does, and then the compiler can add its own bugs, and then the program itself may have bugs such as buffer overflow and all sorts of programming language-specific errors," Rosu said.

"Compilers also have bugs, and if you understand how the compiler works as a hacker you can exploit those."

Human verifiers are are worthless in this regard since a flawed compiler produces corruptions in the bytecode, which is only really readable by machines.

However, there are proven mathematical means of verifying the ‘correctness' of the machine code. While time-consuming, these techniques can be applied to smart contracts since they tend to consist of just a couple of hundred lines of code. Indeed, for the sake of us all, they should be said Rosu, who came up with the K-framework described as a 'rewrite-based executable semantic framework in which programming languages, type systems and formal analysis tools can be defined using configurations, computations and rules", fifteen years ago (It should be pointed out that Ruso has a vested interest here. His K-framework has been monetised via a business spun out of the University of Illinois called Runtime Verification).

While a smart contract might take two weeks to audit mathematically at the bytecode level and more complex code such as the CASPER consensus algorithm six months, most of that time is spent in specifying what the code is meant to do, said Rosu.

"If you make a mistake in the specification level then no matter what you do the proof is meaningless because the specification was wrong."

Given the complex mix of ethical and technical considerations, the specification of algorithms will require intensive human input for the foreseeable future. Coding, on the other hand, could perhaps be better done by machines. For safe smart contracts, the ultimate aim should be schematic-based compilation, or code that generates itself automatically based on what it's supposed to do, Rosu said.

"The question that many people in the blockchain space should ask themselves is why should we even write code at all? We should generate code that's automatically correct by construction, from the formal specification. This is feasible, and we are working on it."

06/08/2018 Has the blockchain bubble burst?

Have we reached peak blockchain hype? How much further can the bubble of expectations continue to inflate? Calling the top of any hype cycle is a finger-in-the-air exercise at best (unless you happen to be holding a pin behind your back), but there are signs that rationality may be taking hold.

Analyst firm Forrester reports that many blockchain pilot projects are being wound down having failed to come up with any persuasive use cases. Early adopter Nasdaq, which had high hopes for blockchain for managing shareholder meetings and issuing stock has not seen ideas come to fruition as quickly as it had envisaged two years back, according to Bloomberg.

"The disconnect between the hype and the reality is significant - I've never seen anything like it," said Gartner analyst Rajesh Kandaswamy. "In terms of actual production use, it's very rare."

Certainly, the number of organisations actively adopting blockchain is vanishingly small - just one per cent of CIOs surveyed by Gartner put themselves in that category, while 80 per cent had no interest whatsoever.

This could spell bad news for platform providers such as IBM and Microsoft which made most of the early running, although one would suspect they would have factored the hype cycle into their strategies.

The biggest hurdle is compatibility between alternative blockchains. Companies don't want to be locked into one platform at this early stage of development and are playing a game of wait-and-see. Then there are the familiar problems of scalability and throughput - all of which are being worked on but with few mature solutions to show for these efforts as yet.

That said, blockchain investment in the first half of this year has already exceeded that for the whole of 2017 with fintech applications a particular focus of that investment, according to a report by KPMG. The closed pilots may simply demonstrate a growing understanding that blockchain is not the answer to every problem after all, but could be a game changer for some.

Next page: Google joins the party; Accenture and Thales create aerospace and defence supply-chain blockchain; European banks' we.trade platform; the Stratis sidechain; Microsoft and EY track rights and royalties; Walmart's food supply system.

 

24/07/2018 Google joins the blockchain party

Google Cloud is nailing its colours to the blockchain mast, partnering with a couple of startups, Digital Asset and BlockApps. More details will be revealed today at the Google Cloud Next 18 event in San Francisco in a session covering Google Cloud's approach to distributed ledger technology (DLT) partnerships. 

"Customers can now explore ways they might use distributed ledger technology (DLT) frameworks on GCP [Google Cloud Platform] with launch partners including Digital Asset and BlockApps, and try open-source integrations for Hyperledger Fabric and Ethereum later this year in our GCP Marketplace," Google says in a perfunctory paragraph in its cloud partnerships blog.

Google has been slower off the mark than rival cloud vendors. Microsoft Azure, Amazon AWS and IBM have had blockchain partnerships for a couple of years now and are beginning to boast of real-world projects.

Google doesn't go into a lot of detail in its blog, presumably not wanting to spoil the fun for paying delegates, but its chosen partners are more effusive. "Google's entrance into the blockchain space is a landmark event for the growing blockchain ecosystem and cements the continued investment in blockchain solutions for Enterprises," says BlockApps on its website.

"As GCP adoption grows, the developer-friendly BlockApps STRATO platform enables more enterprises the ability to test and implement blockchain application solutions across any business sector,"

STRATO is a blockchain-as-a-service platform which the company claims lowers the barriers to creating decentralised applications (dApps) as it offers a RESTful API to communicate with the blockchain backend. The company is based in New York.

Digital Asset is also headquartered in New York. It provides a distributed ledger platform and smart contract modelling language called DAML.

"In collaboration with Google Cloud, Digital Asset has expanded its developer program to include the DAML Platform-as-a-Service (PaaS) on Google Cloud Platform. The DAML PaaS is a fully-managed solution that developers can use to test and deploy DLT applications, accessible through Google Cloud's Orbitera application marketplace technologies. Combined with the DAML SDK, developers now have an end-to-end toolkit to build and deploy sophisticated distributed applications," the company says in a press release.

17/07/2018 Consortium-based efforts to rationalise supply chains are perhaps the main real-world use cases for blockchains to emerge so far, outside of the world of cryptocurrencies. Another such venture was unveiled this week when consultancy Accenture and defence firm Thales announced a blockchain-based system to secure and improve the efficiency of aerospace and defence (A&D) supply chains at the Farnborough Air Show on Monday.

The system, which is based on the Linux  Foundation's Hyperledger blockchain framework, also uses Thales's "physically unclonable function (PUF) solution for silicon chips and Chronicled's tamper-proof cryptoseals" in order to keep track of parts and materials  used in aircraft manufacture, where counterfeit components have been a cause for concern, according to Accenture's website.

"Identifying counterfeit and grey-market goods in the A&D supply chain can be challenging," said Gareth Williams, vice president for secure communications and information systems at Thales UK.

"Using blockchain in combination with cryptoseals and physically unclonable functions allows you to build a trusted history behind parts. This demonstration builds on the strong relationship Accenture and Thales have created developing innovative digital solutions for a variety of industries."

Like similar systems being developed by the likes of FedEx and Maersk, the system is designed to provide transparency to all participants in the supply chain, as well as creating an immutable record of all transactions in the supply chain.

"The aerospace and defence industry has one of the world's most vast and complex supply chains. Blockchain technology offers a new, elegant and secure way for the industry to track and trace myriad components while deterring counterfeiting and improving maintenance capabilities," said John Schmidt, the head of Accenture's A&D unit.

"Used in combination with technologies like digital twins and digital threads, blockchain could ultimately be a game-changing innovation for this sector."

03/07/2018  A consortium of European banks has announced the first commercial trades on its blockchain-based we.trade platform.

The we.trade platform is a collaborative effort that was kicked off by a consortium of seven banks: Deutsche Bank; HSBC; KBC; Natixis; Rabobank; Societe Generale; and UniCredit. They were later joined by Santander and Nordea. we.trade is headquartered in Dublin.

The consortium announced Tuesday that seven commercial trade transactions have now been completed by 10 companies on the platform across five countries.

"We are delighted to have launched for the first time in the world, a blockchain-based platform that enhances the overall customer experience, when trading internationally. The next step will be getting buy-in from additional banks and their customers in Europe and further afield", said we.trade COO Roberto Mancone in a statement.

By directly connecting all the parties  - the buyer, the buyer's bank, the seller, the seller's bank and transporter - in a domestic or transnational transaction in a way that covers all of the governance rules and regulations that apply to the individual banks, we.trade aims to make trades more straightforward. Presently it covers 11 European countries: Belgium, Denmark, Finland, France, Germany, Italy, Netherlands, Norway, Spain, Sweden and the UK.

we.trade is built on the IBM Blockchain Platform and based on Hyperledger Fabric, the open-source blockchain framework implementation hosted by The Linux Foundation.

Hyperledger Fabric is designed to simplify the act of developing blockchain-based applications and smart contracts by allowing components such as consensus and membership services to be plug-and-play. Originally introduced by IBM and Digital Asset, many of the banks that make up the we.trade consortium are also members of the Hyperedger project.

"As we.trade has moved from pilot applications to conducting live transactions across borders, it has demonstrated the power of blockchain technology in an enterprise setting," said Parm Sangha, GBS blockchain leader at IBM.

"To convene a large network of regulated banks and demonstrate how blockchain technology can help them gain efficiencies and provide greater transparency in live transactions is a disruptive model that has the potential to reshape the future of global trade finance."

The consortium aims to move outwards from its base of founding members, offering the service to other banks by making we.trade available on a licence-type basis in order to expand the platform as quickly as possible.

29/06/2018 UK blockchain-as-a-service firm Stratis has unveiled programmable sidechains as an alpha release.

A sidechain is a blockchain that's based on the core code of the main chain and is interoperable with it, but which allows for bespoke operations without affecting the main branch. This allows companies to experiment with creating blockchain applications without risk of adversely affecting the main chain or compromising privacy by making data public. At the same time, any updates to the main blockchain code are propagated down to the sidechains.

"Stratis sidechains have been designed so that in the future enterprises can run smart contracts on sidechains, opening up a wide range of use case such as exchanging documents between a range of companies within an industry, for example invoices or order forms," lead developer Jeremy Bokobza told Computing, adding that the sidechain can be customised by changing parameters like block interval and block size.

"One of the main advantages of sidechains are the ability to improve scalability for applications like payments and IoT, which could be hundreds of thousands of transactions."

The Stratis blockchain runs on the Microsoft .Net framework and is written in the familiar C# rather than using a specialist language and environment, a decision the company took to make creating decentralised applications and smart contracts more accessible to enterprise developers. It says it will soon provide support for Microsoft's functional programming language F# which is particularly popular in the financial sector, the main area of focus for the London-based firm.

Stratis is based on the Bitcoin blockchain but with the Proof-of-Work consensus mechanism (essentially security through burning electricity) replaced by Proof-of-Stake (decision-making powers dished out according the stake - e.g. number of coins - held by each player) to increase scalability in the enterprise setting. It is designed to support smart contracts, enabling actions to be undertaken without human intervention once predefined conditions are met.

Among the use cases for the programmable blockchain, the company lists auctions and peer-to-peer lending to investment funds, insurance settlements, real estate transactions, domain name registries and digital copyright.

The sidechains will increase the flexibility of deploying smart contracts and decentralised applications, according to CEO Chris Trew.

"As an example, if an enterprise wants to improve efficiency by moving invoicing or asset tracking to a blockchain solution, it's likely that they will not want to publicise that data. That's when a private sidechain becomes a flexible solution that's quick to test and deploy, as well as easy to maintain," he said.

"Sidechains are a critical step in making blockchain accessible to enterprises wanting to benefit from blockchain while retaining full control of their business processes and privacy."

As essentially restricted private blockchains, each sidechain would be overseen by those using it, said Bokobza.

"Sidechains are governed by a foundation which is made up of say a group of banks or a group of automotive firms that wish to collaborate on a blockchain cross-industry project. Or more simply, a collection of senior managers from an individual organisation that make decisions on the direction the sidechain takes."

26/06/2018 Some of the world's biggest food producers have come together to build a blockchain-based system for tracking the provenance of food items.  

The ability to trace food through the supply chain is particularly important in the event of contamination. An outbreak of E. coli in the US involving romaine lettuce that began in April has killed five people to date with almost 200 cases reported across 35 states. The source has been tracked down to an area of Arizona, although no individual farm has yet been identified.

The complex nature of the supply chain makes it very difficult for the authorities to trace dangerous or contaminated food quickly. Each company in the chain is required to record only a small fraction of the overall steps and the authorities must reproduce the full picure from a disjointed and often incomplete set of records. In cases such as the above such delays can be fatal.

Ten companies Walmart, Nestlé, Dole Food, Driscoll's, Golden State Foods, Kroger, McCormick, McLane, Tyson Foods and Unilever have come together to create a consortium called the Food Trust which aims to reduce the product recall time using a blockchain architecture. It should also improve the efficiences in other areas of the supply chain.

Built in partnership with IBM, the system has been in development for a year and is still pre-release. The blockchain currently contains information about one million food products, and initial tests have been encouraging, reports the WSJ.

"You're capturing real-time data at every point, on every single food product," said Frank Yiannas, vice president of food safety at Walmart, adding: "It's the equivalent of FedEx tracking for food."

Yiannas said that in tests, a consignment of Mexican mangos sold in a US Walmart store was traced back to its supplier in 2.2 seconds. Using the traditional method with barcodes and paper receipts it took a week.

22/06/18 London-based professional services giant EY and Microsoft have teamed up to launch a blockchain that's designed to simplify the fiddly and time-consuming business of managing digital rights and royalties.

Intellectual property (IP) owners such as authors, songwriters, artists, production houses, developers and others will be able to track how their creations are used and monitor revenues coming in from partnerships and licencing arrangements in near real-time.

Built on the Quorum blockchain developed by investment bank JP Morgan, the EY press release says it's designed to increase efficiencies in the system. Calculations about what is owed to whom currently tends to be a manual process, it notes, and generally managed via offline data sources.

Since it will provide visibility of sales transactions as they happen, content providers will be able to react quickly to market demand, claims EY. This is made possible by smart contracts that are written into the blockchain.

"The embedded smart contract architecture is designed to enable accurate and real-time calculation of each participant's royalty position, providing enhanced visibility for recording and reconciling of royalty transactions," the blurb says.

JP Morgan's Quorum is based on Go Ethereum, an implementation of the Ethereum blockchain written in the Go language, but with a few tweaks. The first is that it's permissioned (private), meaning that only approved nodes can join it. Because of this, it can use a simplified consensus mechanism that relies on a majority vote, which also makes transactions significantly faster than Ethereum, which is a public or unpermissioned blockchain. And since it is designed to manage financial transactions more privacy is built in.

The new rights and royalties management solution runs on Microsoft Azure cloud. It has already been rolled out to a few games producers that use Microsoft's platform, among the first being Ubisoft, which is currently testing the system. It will later be extended to other gaming companies and eventually to authors and musicians and other creative types too.

While the EY press release doesn't actually give the new system an official name, Redmond seems to have already dubbed it the 'Microsoft Rights and Royalties blockchain network' with no mention of EY in the title. Now, how to manage who gets naming rights?

Next page: Blockchain doubts voiced by bankers; Microsoft's BaaS customers; EOS mainnet launch; China bigs up blockchains; Maidsafe's PARSEC consensus algorithm

18/06/2018 Blockchain came into being as a way of supporting a new currency, Bitcoin, in the wake of the global financial crisis of 2008. By cutting out the middleman (i.e. the banks and central authorities that had got us into the mess) a more just and trustworthy monetary system could be created, its founders reasoned.

The limitations of Bitcoin in this regard have been apparent for some time, and its proponents have generally downgraded its use case from ‘the new money' to more a 'store of value', like digital gold. Nevertheless, banks and central authorities have been setting up blockchain pilots to see if the immutable ledger can be utilised for their benefit.

They may be wasting their time, says Switzerland-based Bank for International Settlements (BIS) - an institution that provides banking services to central banks and international organisations. In its annual report it says that cryptocurrencies are too untrustworthy to act as a replacement for fiat currencies and that blockchains cannot scale sufficiently and are too energy intensive.

"Cryptocurrencies such as Bitcoin promise to deliver not only a convenient payment means based on digital technology but also a novel model of trust. Yet delivering on this promise hinges on a set of assumptions: that honest miners control the vast majority of computing power, that users verify the history of all transactions and that the supply of the currency is predetermined by a protocol," it says.

"Understanding these assumptions is important, for they give rise to two basic questions regarding the usefulness of cryptocurrencies. First, does this cumbersome way of trying to achieve trust come at the expense of efficiency? Second, can trust truly and always be achieved?"

BIS concludes that the answer to both of these questions is no.

The report criticises the enormous energy use of the current generation of blockchains, noting that Bitcoin has the same electricity consumption as Switzerland.

"Put in the simplest terms, the quest for decentralised trust has quickly become an environmental disaster," it says.

Other shortcomings include its lack of scalability and throughput. Blockchains are simply too slow to manage large-scale financial transactions efficiently and throughput decreases with the number of transactions. Moreover, with each new transaction the blockchain grows ever larger.

BIS points out that cryptocurrencies are unstable, putting this down to more than the current speculative nature of the market. A central bank has a duty to stabilise the currency, as well as being a lender of last resort - something not possible in a decentralised system.

"In a decentralised network of cryptocurrency users, there is no central agent with the obligation or the incentives to stabilise the value of the currency: whenever demand for the cryptocurrency decreases, so does it's price."

Then there's the lack of trust as to when payments will be made - if at all. Proof-of-work blockchain consensus on transactions never reaches 100 per cent certainty and trust may be further undermined by the very real prospect of projects being forked.

And there are issues about money laundering and regulation. Their global nature means that global legislation is needed to regulate cryptocurrencies, BIS points out.

A minor plus: blockchain can provide some benefits for the global financial system, however, BIS said. Permissioned blockchains can make cross-border payments and international supply chains can be made more efficient. The latter was recently discussed by FedEx boss Fred Smith.

So, a pretty damning report with many valid criticisms but none that are new, at least on the technical side. Most people accept that the Bitcoin blockchain is very much decentralised network mark 1, and many of the scalability, sustainability and trust problems are being worked on by other systems (see earlier in this blog).

Nevertheless, the question of whether a fully decentralised currency can ever be stable enough to be a trustworthy alternative is an interesting one, and probably not best dismissed as just central bankers hitting back.

15/06/18 Microsoft Azure CEO Mark Russinovich has been talking about a couple of customers who run blockchain based applications on the cloud platform. The first one he mentioned was chemicals corporation 3M which has implemented a system to increase trust in its supply chain.

"3M is doing it to track the provenance of sensitive pharmaceuticals to make sure when the customer gets it they can verify it actually came from a reputable source. There's so much fraud in the pharmaceutical industry with lots of fakes and tampering," Russinovich told Yahoo Finance.

The second customer he talked about was Webjet, an Australian travel company that, among other things, sells hotel rooms online.

"A single transaction of an item like a hotel room to an end user might involve five transactions, and they found that roughly one in 10 of those required some sort of manual intervention because of problems on the way," Russinovich said, adding that in one in 25 transactions "somebody in the chain doesn't get paid so there's a lot of loss and a lot of fraud".

Webjet has created a a data reconciliation service for the travel industry called Rezchain which is based on the Ethereum blockchain running on Azure. Russinovich claimed this has reduced the need for internal interventions by more than 90 per cent.

Microsoft first started experimenting with blockchains on Azure about four years ago prompted by rising interest from enterprises as bitcoin started to make headlines.

"Cryprocurrencies were on top of everyone's mind and everyone was wondering how they could make use of it, and we saw many companies looking with concern at whether they will be disrupted by somebody else that might get to a blockchain solution before them," Russinovich said.

Microsoft has moved quickly to try to corner what is still a very new market. A couple of years ago it announced a partnership with startups Blockstack and ConsenSys to develop a blockchain-based identity system on Azure.

11/06/18 The EOS mainnet, a blockchain designed as a platform for smart contracts to rival Ethereum, went live over the weekend, although it's not yet open for business.

Voting is currently underway among holders of EOS cryptocurrency tokens to decide on the first 21 block producer candidates which will manage the blockchain and mine the blocks, for which they will earn EOS tokens.

EOS is designed to support decentralised applications (dApps) and smart contracts. It is expected that it will be able to handle a much higher throughput than Ethereum - 5,000 per second compared with the latter's 15 - and at a lower latency. EOS uses a proof-of-stake consensus mechanism rather than Ethererum's proof-of-work (PoW) which is harder to scale. Transactions in Ethereum's currency the ether (ETH) also incur relatively high charges while fees to secure the EOS blockchain are managed through inflation - tokens produced to pay the miners mean there are more in circulation.

On the other hand, the EOS model is more centralised with just a few miners controlling the governance of the blockchain - and only one running the election to decide the initial 21.

There can a total of only 21 EOS block producers at any given time. This would be a big problem were all the miners to be in one jurisdiction although the block producers will be continuously rotated to reduce this problem. Nevertheless critics point out that large miners may be able to influence this process by buying votes.

The launch of the EOS mainnet was postponed after critical vulnerabilities were discovered by a cyber security company a few weeks back.

The EOS project has raised approximately $4 bn through sales of its token over the last year making it by far the largest project of its kind in financial terms.

Update 15/06/18: the voting process has now finished.

04/06/18 Blockchain hype is not restricted to fintech startups and dubious cryptocurrency launches. The Chinese government and its supported tech companies now appear to be climbing on board the bandwagon too.

On Sunday, Chen Weihong a presenter on state broadcaster China Central Television (CCTV) - a channel widely seen as a mouthpiece of the government - claimed "the economic value of blockchain is 10 times more than that of the internet".

His statement came during a discussion about blockchain technology that featured well-known figures in the field such as Canadian author Don Tapscott, who claimed that "we're moving from an internet of data to an internet of value".

"No for the first time ever people and organisations can do transactions peer-to-peer," Tapscott said.

Also present were included Chen Lei, CEO of cloud network firm Xunlei, and Stanford University professor and investor Zhang Shoucheng.

As reported by Coindesk Zhang said: "While the real value of the internet is aggregating individual pieces of information into one place, which is exactly what Google and Facebook does, we are now entering an era where information is being decentralised so that individuals can own their individual data. And that's the real value of blockchain that makes it exciting."

Since programmes on CCTV generally reflect the views of the Chinese government the debate was unsurprisingly critical of many of the cryptocurrency ‘initial coin offerings' (ICOs) that have come up from nowhere to net billions, sometimes on the strength of a single white paper. China implemented a nationwide cryptocurrency ban in February. However, there are plenty of signs that China plans to become a big player in the underlying blockchain technology.

On Saturday Baidu  - the ‘Chinese Google'  - announced a protocol called Super Chain designed to reduce the energy requirement for the blockchain mining process.

Last November the firm unveiled a service called Baidu Jinkuang which would allow users to take advantage of unused computer resources in a peer-to-peer fashion. Baidu is also in the process of creating a blockchain-based photo store that protects owners' copyright and has a blockchain as a service platform in the offing.

25/05/18 Ayr-based MaidSafe (the inspiration, incidentally, for the 'new Internet' Pied Piper in the HBO series Silicon Valley) has come up with what it claims is the most efficient solution yet to the well-known Byzantine Generals problem: achieving consensus across a masterless distributed network in which no one node can be seen as the ultimate source of truth. It's a system the firm says could replace blockchain consensus for trustless data storage.

MaidSafe has been working on its blockchainless peer-to-peer autonomous data network for more than a decade. Unlike traditional client-server networks, the SAFE Network has no central point of control. Instead, it is made up of users' own machines which are used to randomly store encrypted chunks of the files uploaded to the network - a little like BitTorrent but without any central trackers and with everything encrypted. The idea is that it allows data storage (and eventually compute) with no single point of failure and in such a way that only the user has total control of his or her data. Only the user can grant access to people and applications that might want to share it. It also has its own integral cryptocurrency which is used to balance the give and take on the network.

Byzantine fault tolerance is a central issue for all decentralised distributed networks. In brief, how without a central point of authority can 'truth' be agreed upon? A particular node might be faulty or malicious but while another node nearby will see it as such a third node located in a far-flung part of the network might see it as perfectly fine because of the time taken for messages to traverse the infrastructure. Another way of looking at it is how can the network as a whole be sure of the order in which events happen on it?

This long-standing issue was finally solved by Bitcoin inventor Satoshi Nakamoto via the proof-of-work (PoW) consensus mechanism. Miners compete to be the first to solve a complex mathematical problem for which they are awarded Bitcoin and their particular version of the truth is put forward. The other nodes then come together to accept or reject this version and ultimately the network converges on the one true agreed state that will be used going forward. A key application is to prevent the problem of double-spend, where one might otherwise spend a Bitcoin simultaneously in two places.

But while Bitcoin has been highly successful in this regard the limitations of the blockchain regarding carrying capacity, scalability and throughput have become apparent. Moreover, the energy-intensive PoW consensus system has led to a high degree of centralisation since only large-scale professional miners with access to the latest ASICs and cheap electricity can now realistically earn Bitcoin in this way.

These issues make blockchains ill-suited as the basis for a data network - the equivalent of the internet or, looking further afield, the sort of heterogeous distributed networks represented by the IoT, the company says.

"The very design of blockchains means that their use case isn't suited to a global internet that deals with vast amounts of data that needs to be both private and secure," MaidSafe writes in a blog post.

The SAFE Network actually predates the Bitcoin blockchain by a couple of years but it is still at pre-release alpha stage. One of the key things that have held back progress is the difficulty in achieving a reliable consensus mechanism - the equivalent of PoW. However, this is a nut MaidSafe now claims to have cracked with PARSEC (Protocol for Asynchronous, Reliable, Secure and Efficient Consensus), a new algorithm based on a gossip protocol which the firm will open source under the GPL3 licence.

"It provides network consensus through maths and not through burning huge amounts of electricity," said CEO David Irvine.

The blog goes into more detail: "The concept of Byzantine fault tolerance is a crucial one. It means that it is mathematically guaranteed that all parts of the network will come to the same agreement at a certain point in time. Exactly what PARSEC achieves."

It continues: "With PARSEC, consensus is mathematically guaranteed as certain (as well as having a throughput that dwarfs blockchain tech). What's more, PARSEC is highly asynchronous. This means that there is no trusted setup nor any synchronous steps involved."

The company claims that PARSEC, a type of directed acyclic graph (DAG), offers significant advantages over other alternatives to PoW such as Proof of Stake. The nearest competitor would seem to be the Hashgraph DAG, but that has shortcomings when it comes to autonomous data network applications for the IoT, the firm says.

Got any breaking decentralised developments to tell us about? Let us know. (Mature projects with code published on GitHub or similar or a paper reproduced in an established journal please, rather than speculative stuff or coin news.)

"Right to be forgotten" not globally applicable

By Lukas Job | News | 10 January 2019
The suggestion comes as a big win for the online giant

The ECJ has been told that the ruling can only be enforced in EU member states

The European Court of Justice has been told that the EU's "Right to be Forgotten" (RTBF) cannot be globally applied, but is only enforceable across EU member states.

This was suggested by the Court's advocate general, Maciej Szpunar. His opinion is not legally binding, but usually endorsed by the court.

The advocate general found that European data regulators should not be able to determine the search results of users across the globe and pointed out the importance of balancing the RTBF principle with citizen's right to data protection, privacy and freedom of speech.

His opinion comes as a big win for Google and other search engine providers and brings further clarity on the boundaries of the RTBF principle. The company had previously criticised the principle for being an assault on freedom of expression and "the public's right to access lawful information".

The advocate general's advice resulted from a legal dispute between the French National Commission for Information Technology and Civil Liberties (CNIL) and Google. The French agency wanted to fine Google €100,000 for failing to enforce the RTBF globally after it refused to remove a French citizen's name from all of its domains.

Following the ruling of the ECB, a VPN located in a non-EU member state could soon be sufficient to access omitted search results.

The "right to be forgotten" was a landmark ruling that arose in 2014 after the complaint of a Spanish citizen, Mario Costeja González, about links on the Google search engine to the auction of his foreclosed home in 1998 over a debt he subsequently repaid. 

The prominence of links in Google to the story in local newspapers when people Googled his name, González claimed, was damaging. 

The ruling allows users to request the removal of links to websites containing irrelevant, inadequate or outdated content from search engines.

Systems administrator played crucial role in capture of "El Chapo"

By Lukas Job | News | 10 January 2019
Mexican authorities have been chasing the drug lord for years

Christian Rodriguez collaborated with the FBI to bring down Mexican drug lord

The trial of Mexican mobster Joaquin Guzman this week found its most important witness to date: the man who set up his encrypted communication network.

It has been revealed that the system administrator of "El Chapo" played a crucial role in his capture by enabling the FBI to listen to encrypted phone calls.

The phone calls contained conversations between Guzman and family members, bribed police officers, cartel members and business partners.

They used a network created by Christian Rodriguez, an engineer specialising in cybersecurity who dropped out of college to start his own business. Shortly after, he got involved with drug cartels, who hired him to set up encrypted electronic networks for them.

Following a recommendation from Colombian cocaine supplier Jorge Cifuentes, Guzman hired Rodriguez to create an electronic network that blocked investigators from intercepting with his calls and enabled him to spy on his family members.

He set up a secure comms network using an encrypted VoIP network which could only be accessed by those within the system. Guzman could log into the system using his Wi-Fi and make encrypted calls to associates without being detected by authorities.

The FBI found out about Rodriguez's involvement with the drug lord and contacted him. He agreed to support their investigation by shifting the servers used by Guzman from Canada to the Netherlands and giving them decryption keys.

This enabled the FBI to listen to phone calls made by Guzman and gather crucial information about his associates, private life and whereabouts.

On one account he talked with one of his bodyguards about chasing police officers, in another he joked about arming his 18-month old daughter with a rifle.

The information gathered through the phone calls is crucial evidence in the trial against Guzman, who was once the most-wanted man in the world.

He managed to escape prison multiple times in Mexico and was eventually caught and extradited to the US in 2016.

He is now housed in a high-security prison in New York State and, if found guilty, will almost certainly be sentenced to spend the rest of his life in prison - a prison that will be a lot harder to escape from. 

AMD promises 7nm Ryzen 3000 CPUs from mid-2019 - ahead of Intel's planned 10nm shift

By Graeme Burton | News | 10 January 2019
AMD CEO Lisa Su presenting the keynote at CES 2019

AMD's Ryzen 3000 microprocessors to launch before Intel cranks up output of 10nm Ice Lake CPUs

AMD CEO Lisa Su used her keynote at this week's CES 2019 trade show to reveal more details about the forthcoming 7nm Ryzen 3000 microprocessors.

The Ryzen 3000 will be pin-compatible with existing X370 and X470 motherboards and will be the world's first mainstream CPU to support PCIe 4.0 x16.

On stage, Su showed off an "early version" of the Ryzen 3000 running Cinebench, achieving a score of 2,023, well ahead of the Intel Core i9-9900K and AMD's own Ryzen 7 2700X CPU, its current top-of-the-range Ryzen branded microprocessor.

However, a number of recent rumours over the forthcoming Ryzen 3000 remain unaddressed.

Last week, a leak by a Russian retailer indicated that the Ryzen 3000 series of CPUs would be headed up by a Ryzen 9 3800X CPU offering 16 cores - two eight core Zen 2 dies in one package - and 32 threads. The device, according to the leak, would offer a base clock speed of 3.9GHz, but be capable of boosting all the way up to 4.7GHz for demanding tasks.

Below that, the leak suggested that AMD is planning a Ryzen 7 3700X with 12 cores and 24 threads, with a base clock speed of 3.8GHz, but boosting all the way up to 5GHz.

Su's keynote also included details about the forthcoming Radeon VII graphics card, available from 7 February. The card, based on the second-generation Vega architecture optimised for 7nm, will be capable of 4k gaming with frame-rates in excess of 60fps.

The card will cost $699 in the US, and about £650 including VAT in the UK. The company claims that the Radeon VII will offer an improvement in performance of about 29 per cent compared to the company's current top-of-the-range graphics card, the Radeon RX Vega 64.

AMD unveils 7nm Radeon VII graphics card at CES 2019

By Graeme Burton | News | 10 January 2019
First reveal of AMD's 7nm Radeon VII graphics card

CEO Lisa Su uses CES 2019 keynote to reveal details on second generation Vega architecture GPUs

AMD has revealed details of its forthcoming 7nm Radeon VII graphics cards, which will be available from 7 February.

The Radeon VII will cost $699 in the US, which will equate to about £649 in the UK, including VAT.

AMD CEO Lisa Su used her keynote at CES 2019 to launch the new graphics card - just days after Nvidia launched its mainstream RTX 2060 - and to provide an update on the next generation Ryzen CPUs, which are now set for a mid-2019 release.

The forthcoming Radeon VII is based on the second-generation Vega architecture optimised for TSMC's 7nm process node. The company claims that the Radeon VII graphics card will provide twice the memory, 2.1 times the memory bandwidth and up to 29 per cent better gaming performance compared to AMD's Radeon RX Vega 64, the company's current top-of-the-range graphics card.

The company also claims that it will be capable of gaming at ultrawide 1440p (2K) and ultraHD 4k resolutions.

The card will be equipped with 60 compute units or 3,840 stream processors running at up to 1.8GHz, and will be packed with 16GB of HBM2 memory. "Ground-breaking 1 TB/s memory bandwidth and a 4,096-bit memory interface paves the way for ultra-high resolution textures, hyper-realistic settings and life-like characters," claimed the company in a statement.

Outside of gaming, the graphics card should also improve the performance of ‘content creators' and other people involved in demanding graphics work.

Compared to the first-generation Vega 64, the Radeon VII will provide up to 27 per cent better performance in the popular 3D graphics application Blender, a similar boost in performance for professional video editing using DaVinci Resolve 15 and an up to 62 per cent performance improvement in the OpenCL Lux Mark benchmark.

Cambridge Analytica parent fined £15,000 for non-compliance with ICO

By Lukas Job | News | 9 January 2019
Cambridge Analytica - failed to hand over data

SCL Elections breached the Data Protection Act by ignoring an enforcement issue

SCL Elections, parent company of Cambridge Analytica, has been fined £15,000 for repeatedly ignoring a request to disclose information it holds on a US citizen.

The company pleaded guilty to breaking the Data Protection Act of 1998 by failing to act on an enforcement notice issued by the Information Commissioner's Office (ICO).

The ICO had requested SCL Elections to release information on the US academic David Carroll. The American had contacted the ICO after having sent multiple enquiries to the company asking to disclose their data on his profile.

Even though the company was willing to reveal some of its data on Mr Carroll, the ICO agreed with him that it did not disclose all the information he was entitled to.

The case been complicated by the fact that SCL Elections went into administration earlier this year. The defence argued that the information on Mr Carroll was saved on servers that had been seized by the ICO.

The judge found that there was enough evidence for a "wilful disregard" of the enforcement notice issued by the ICO and ruled that the company had to pay £6,000 to cover the ICO's legal costs, along with a fine of £15,000 for failing to comply with the enforcement notice.

The prosecutor claimed that the case was "a discrete part of a broader matter" surrounding Cambridge Analytica.

The company received widespread attention last year when it was revealed that it had built an algorithm to target social media users with adverts based on their political preferences. It was accused of influencing elections in various countries including the USA, Italy, Latvia, India and South Africa. It was closed down following an undercover operation by media companies including Channel 4.

Information Commissioner, Elizabeth Denham, said in a statement: "This prosecution, the first against Cambridge Analytica, is a warning that there are consequences for ignoring the law.

"Wherever you live in the world, if your data is being processed by a UK company, UK data protection laws apply. Organisations that handle personal data must respect people's legal privacy rights. Where that does not happen and companies ignore ICO enforcement notices, we will take action."

Microsoft's January 2019 Patch Tuesday fixes 51 security flaws

By Computing News | News | 9 January 2019

Microsoft also plans to 'reserve' 7GB of users' disk space to facilitate future updates

Microsoft's January 2019 Patch Tuesday has pushed out 51 fixes for security flaws across Windows, Exchange Server, Hyper-V and other Microsoft packages

One major security flaw in the Windows Jet Database Engine, which can be found in every modern version of the Windows operating systems and affects how objects are handled in memory, has been fixed. That flaw has been known about since September.

Critical flaws in Microsoft's Exchange Server and Hyper-V were also fixed, along with remote execution bugs in scripting engines for the Internet Explorer and Edge web browsers. In addition, an elevated execution privilege vulnerability in Skype for Android has also been fixed.

The full release notes have been published by Microsoft here

However, news has also filtered out of plns by Microsoft to reserve 7GB of individuals' PC storage to better facilitate its major updates.

Having gone through what can only be described as quite a mess when it came to last year's October Update, Microsoft's storage segregation will aim to ensure that updates install more reliably.

The reserved space will be used for cached and temporary files so that it's not sitting there sullen and unused. But when an update wings its way out of Redmond's servers, the files will be purged to make way for the patch.

"Starting with the next major update we're making a few changes to how Windows 10 manages disk space. Through reserved storage, some disk space will be set aside to be used by updates, apps, temporary files, and system caches,' said Microsoft program manager Jesse Rajwan.

He continued: "Our goal is to improve the day-to-day function of your PC by ensuring critical OS functions always have access to disk space. Without reserved storage, if a user almost fills up her or his storage, several Windows and application scenarios become unreliable.

"Windows and application scenarios may not work as expected if they need free space to function. With reserved storage, updates, apps, temporary files, and caches are less likely to take away from valuable free space and should continue to operate as expected."

Rajwan added that the 7GB of reserved storage might grow in the future: "We may adjust the size of reserved storage in the future based on diagnostic data or feedback."

The move could affect users with limited storage space - such as the base level Surface devices, which come with just 64GB of built-in storage.