Microsoft bundles telemetry into September 'security-only' patches for Windows 7 and 8.1

By Dev Kundaliya | News | 13 September 2019
It's not the first time that Microsoft has been accused of sneaking telemetry into Windows security updates

And not for the first time. In July, the Windows 7 security update was also found to have installed telemetry onto users' systems

Microsoft's security-only updates released a few days back for its legacy desktop operating systems appear to have dropped new telemetry components on systems running Windows 7 and Windows 8.1.

Microsoft's security-only updates are intended to fix only security flaws in those versions of Windows, and no other features. 

This is not the first time Microsoft has been accused of bundling non-security related features - especially telemetry - within security-only updates.

Earlier in July, the Win7 security-only update (KB4507456) was also found to have installed telemetry feature on systems. While Microsoft never acknowledged the presence of any such functionality in its security update, many users said that the feature was being triggered by newly installed scheduled tasks, namely, Microsoft Compatibility Appraiser, ProgramDataUpdater, and AitAgent.

Some experts defended Microsoft's snooping attempt, saying that the company needs telemetry data to monitor Windows 7 installations and to guide users to shift to newest version of Windows operating system. The company was also accused of bundling telemetry features into Windows 7 patches back when it released Windows 10. 

Furthermore, Windows 10 also exfiltrates telemetry data - an issue that is currently being investigated by Ireland's data protection registrar over claims that it breaches GDPR

Microsoft defines telemetry as the "system data that is uploaded by the Connected User Experience and Telemetry component". This data includes lots of details about the device and its configuration, including hardware attributes such as installed memory, CPU, and storage. It also includes details about number of crashes, hangs, installed applications, drivers, and much more.

According to AskWoody, users who have already installed the September security-only patches, and want to disable the telemetry functionality can do so by simply deleting or disabling the following schedule tasks after installation (before reboot):

With its September update, Microsoft addressed a high CPU usage issue that was affecting some users on Windows 10 version 1903. The issue reportedly appeared after Microsoft released the cumulative update KB4512941 for Windows 10 version 1903 in early September.

The company said the issued was caused by Cortana process SearchUI.exe, which increased the load on the system.

According to reports, some users still have complaints about broken searchers on the system, even after installing the latest patch. Those who have issues with search said a blank results page appears when they run searches.

Google pays €1bn to French authorities to settle tax-dodging claims

By Computing News | News | 13 September 2019
Google bungs a few sacks of cash at French authorities to settle tax claims

Google to pay France €465m in back taxes and a fine of €500m - a long way short of the €1.6bn France's finance ministry had demanded

Google is to pay €965 million to the French authorities over claims that it underpaid corporate taxes. The investigation was started in 2016, with the authorities in France arguing that the company, with its European headquarters in Ireland, had failed to declare all of its business activities to the French state and had, therefore, evaded corporate taxes.

However, the sum falls well short of the €1.6 billion that the France's Ministry of Public Action and Accounts had been demanding following a high-profile raid on the company's offices in 2016. Furthermore, the sum has been split into two: just €465 million in back taxes, together with a fine of €500 million.

The best way to provide a clear framework for companies that operate around the world is co-ordinated reform of the international tax system

"We have now settled tax and related disputes in France that have persisted for many years," a Google spokesperson said in a statement. "The settlements comprise a €500m payment that was ordered today by a French court, as well as €465m in additional taxes that we had agreed to pay, and that has been substantially reflected in our prior financial results.

"We continue to believe that the best way to provide a clear framework for companies that operate around the world is co-ordinated reform of the international tax system."

According to Reuters, the dispute centred upon a loophole in EU tax law that enables Google to report its sales in low-tax Ireland by simply having staff in Dublin concluding all sales contracts.

France's Le Figaro newspaper also quoted the French finance minister, Gerald Darmanin, saying that the country's finance ministry is also in talks with a number of other companies that have run similar tax minimisation strategies to Google.

Google's settlement comes two months after the French government passed its own bill to tax global technology companies operating within the country.

Under the bill, digital companies with more than €750 million in global revenue and €25 million in French revenue will be required to pay a per cent tax on total annual revenue generated by providing services to French users.

Massive ticket fraud scheme targeting Groupon and Ticketmaster uncovered with discovery of unsecured database

By Dev Kundaliya | News | 13 September 2019
Researchers have uncovered a massive online ticket fraud scheme impacting online ticket vendors

Unsecured database containing 17 million email addresses was found to be part of fraud targeting Groupon, Ticketmaster and other online ticket vendors

Researchers at cyber security firm vpnMentor have discovered a massive online ticket fraud targeting Groupon, Ticketmaster and several other ticket vendors for at least three years.

The fraud was uncovered after the research team, led by Ran Locar and Noam Rotem, discovered an unsecured database exposing 17 million email addresses online.

At first, the researchers thought they had found a database owned by a legitimate organisation. But they quickly discovered that the database actually belonged to a criminal network rather than a company.

According to vpnMentor, the gang had collected a large number of emails in the past years, and also created their own email accounts, which were eventually used to create fake accounts on Groupon, and several other online ticket vendors. The fake accounts were linked with stolen credit card details and then used to purchase online tickets from the websites of ticket vendors.

The tickets purchased were eventually sold to fans in order to earn profits. The scheme was running smoothly since 2016, according to researchers, until the cybercriminals made a huge error by leaving the unsecured email database on internet.

In total, the database contained 1.2 terabytes of data, containing personal information of all individuals who purchased tickets from a vendor website that used ticket processing platform Neuroticket.

Nearly 90 per cent of the database records (approximately 16 million) belonged to popular coupon and discounts website Groupon.

The remaining 10 per cent of the database included records from other vendors like Ticketmaster and Tickpick, as well as several local venues, such as Fox Theatre in Georgia, the Pacific Northwest Ballet, and the Colorado Ballet in Denver.

The researchers said they notified Groupon about the findings. The company said that the database discovered was similar to what they had earlier found in the 2016 fraud. The company also stated that the total number of emails present in the exposed dataset and actually related to the purchase of tickets was not more than 673.

In 2016, a large number of Groupon users were left out of pocket after being targeted by hackers.

The hacked users said they lost thousands of pounds after the attackers took over their accounts to buy things like holidays and Playstation games consoles on their accounts.

In March, a study by security researchers at Distil Networks revealed that 'bad bots' account for as much as 40 per cent of the traffic on ticketing websites.

The study claimed that these automated programmes are used by brokers, cybercriminals and hospitality agencies to perform a variety of activities including denial of inventory, scraping seat map inventory, spinning and scalping of tickets, customer account takeover, and committing frauds.

Two pen testers hired to check courthouse security arrested for burglary

By Dev Kundaliya | News | 13 September 2019
Gary Demercurio and Justin Wynn - arrested in September 2019 while conducting a physical penetration test of an Iowa courthouse

State commissioned the penetration test hadn't anticipated that the security pros would test the court's physical security

Two men hired to conduct a penetration test of an Iowa courthouse were arrested this week after attempting a break-in of the facility.

The men were arrested early on Wednesday after attempting the break-in of Dallas County Courthouse in Adel, Iowa.

Under interrogation, the men told police that they were hired by the state court administration to test the safety of court records and to find out potential security vulnerabilities

According to the Des Moines Register, Gary Demercurio, 43, of Seattle, Washington, and Justin Wynn, 29, of Naples in Florida, were arrested on Wednesday for the attempted break-in of the court building. They were found in the courthouse after Dallas County deputies responded to a reported burglary alarm.

Both were allegedly "walking around on the third floor of the courthouse" when the deputies' arrived at the site.

Wynn and Demercurio were in possession of numerous burglary tools and told deputies that they were hired to test the viability of the courthouse alarm system and to check the response time of law enforcement agencies.

The Dallas County officials, however, were not aware of the alleged contract, as claimed by the two men, the criminal complaint revealed.

Later, the County official discovered that the two men were in fact, hired by the state court administration to try to "access" court records through "various means" to find out potential security vulnerabilities of the electronic court records.

The state court administration acknowledged that the two men had been hired, but said they were not supposed to physically break into the courthouse.

"It's a strange case," said Dallas County Sheriff Chad Leonard. "We're still investigating this thing."

Gary Demercurio and Justin Wynn were employed by cyber-security firm Coalfire, based in Colorado, Iowa, and the state court administration had contacted Coalfire to test the security of court records.

"Our employees work diligently to ensure our engagements are conducted with utmost integrity and in alignment with the objectives of our client," Coalfire said in a statement.

The company declined to provide further detail on this specific case.

Both men have been charged with third-degree burglary and possession of burglary tools. They are being held on a $50,000 bond each.

The state court administration said such penetration tests are required to ensure safety of personal information contained in the court documents. The administration has also issued an apology to Dallas County officials, who are still investigating the case. 

Blockchain latest news: Santander unveils $20 million bond that lives on the Ethereum blockchain

By John Leonard | News | 13 September 2019
Santander is a blockchain pioneer

Bank is looking for 'innovative clients' to bring end-to-end blockchain bond into production

13/09/2019 Santander unveils $20 million bond that lives on the Ethereum blockchain

The Santander Banking Group has long been a keen experimenter with blockchain technologies, seeing the potential to automate many of the processes required to verify and guarantee financial transactions.

In 2018 it launched a blockchain-based foreign exchange service for international money transfers, including an app called One Pay FX, and now it has announced a bond that runs entirely on the Ethereum public blockchain.

The $20 million one-year bond, which will only exist on the blockchain, is a fixed income security that pays 1.89 per cent per quarter. So far it is an internal affair: Banco Santander issued the bond, it was tokenised by Santander Securities Services which is in charge of the cryptographic keys, and Santander Corporate and Investment Banking (CIB) acted as a dealer. However, the bank is hailing the new bond as a "milestone" because of its end-to-end nature. No part of its management, including the payouts, takes place outside of the blockchain, and the bond is 'permissioned', despite being on a public blockchain.

"Thanks to this automation, the one-year maturity bond has reduced the number of intermediaries required in the process, making the transaction faster, more efficient and simpler," Santander says in a press release.

Santander CIB is now looking "to engage with our most innovative clients" to move the project into production.

The project was developed in part by London-based Nivuara, a fintech startup that has been working on  blockchain-based solutions for issuing of bonds, derivatives, and equities. Earlier this year Nivuara attracted funding from a group led by the London Stock Exchange Group which included Santander.

19/08/2019 Agoric's plans for smart contracts that span multiple blockchains

If you think smart contracts began with Etherum or even Nick Szabo think again. Dean Tribble, founder and CTO of Agoric, claims they go all the way back to 1989, when Tribble, Mark Miller, now chief scientist at Agoric and others were working on at the American Information Exchange (AmiX) an online resources marketplace on which complex contractual relationships were programmed.

"To us, a smart contract has always been, a contract-like arrangement expressed in code, where the behaviour of the programme enforces the terms of the contract. We were doing that way before blockchains came along, although we didn't call them smart contracts then," said Tribble. Those early programmatic deals ran on standard clients and servers, but blockchains have changed the game, he added. "What blockchains do is they give us places to run code that have very high integrity."

Tribble and Miller founded Agoric almost as an old devs reunion to bring together a people who had worked at AMiX on market-based distributed computation back in the day. The San Francisco startup, which recently received $4 million in VC funding, is working on two secure subsets of JavaScript suitable for writing smart contracts: SES and Jessie. SES has a broad object-capable set of capabilities, while Jessie has had features stripped out to make it easier for developers to write smart contracts.

JavaScript was chosen because of its popularity, and also because frameworks and reusable components are well established in the ecosystem. Using current technologies, a company wanting to build smart contracts has to start basically from scratch, said Tribble; there are very few genuinely reusable components out there.

"It's like they're doing their own janitorial and legal and money management and banking and everything else, with very little ability to outsource any of that."

Of course, Solidity is also based on JavaScript, but Tribble claims security was something of an afterthought in Ethereum's smart contract language. He points to the infamous case of the DAO, in which millions were syphoned off due to a re-entrancy bug, a feature that allows a new contract to be initiated before the last one has completed.

"This has been a bad idea since the ‘60s. It was identified in the Ethereum review by Brian Warner, who now works for Agoric. It's a known hazard and they stepped right into it."

Currently, most smart contracts are restricted to their native blockchains, a constraining factor when it comes to representing real economies. So, another issue Agoric is working on is interoperability between blockchains. To this end, the firm has partnered with Cosmos, which is developing a protocol with similar aims.

"Agoric is really all about getting the world's economy online, not fighting over portions of the current crypto niche," Tribble said. "Cosmos was very aligned with that. They're building an inter-blockchain protocol that is designed to enable multiple blockchains built with different purposes, different optimisation priorities,and different use cases to interoperate. And that's crucial to us because no one blockchain is going to be the one-size-fits-all."

The idea is that whatever its consensus protocol, transaction speed or specialism, a blockchain should be able to transmit and receive data from other chains. But a blockchain is, at heart, just a ledger. How will this work?

Communication is via publication, Tribble explained. Blockchains can't transmit information directly, but they can post it on a public billboard (the ledger itself) where the intended recipient can see it. If that recipient is another blockchain, then you need a middle layer, a relay, to watch out for such notifications and pass them on to the relevant chain. It then becomes a matter of how much you trust that information, and what sort of cryptographic proofs you demand.

"If I'm passing a message to set a calendar invite I have to rely on the relay to pass that message, and yeah I'll believe it," Tribble said.

"But I'm not going to believe such a relay chain when it comes to passing lots of monetary value. I'm going to want it to be just a carrying party, where the proof validation is each blockchain validating the records produced by the other blockchain. So, the relay is acting as the transport but not a party that you rely on for the correctness of the message."

By opening up blockchains to allow for communications with granular security settings, Agoric hopes to realise the original dream of an automated computational economy, he added.

"If we can get [economic instruments] into a decentralised environment, that means people that are outside of the US could participate in the US economy and people outside of the EU could participate in the EU economy. So you start to be able to enable decentralised access to the valuable participation and activities of people across the world. That's exciting to us, and there are people we're talking to about that."

13/06/2019 Zilliqa's smart contracts and Facebook's crypto tease

Blockchain startup Zilliqa unveiled smart contract capabilities this week, via a specially developed language called Scilla.

Zilliqa launched its mainnet (a blockchain capable of running live transactions) in January. It has already been adopted by Project Proton, a venture by WPP offshoot Mindshare to deliver programmatic advertising more efficiently.

The firm's president Amrit Kumar claims Zilliqa's blockchain has a couple of things going for it that make it stand out in an increasingly crowded space. The first is its early adoption of the principle of sharding, dividing workloads between nodes - or groups of nodes - rather than requiring every node in the network to participate in verifying an event or transaction.

"While there are many blockchains today that are now exploring different flavours of sharding, whether by way of network sharing, transaction sharding, or even state sharding, Zilliqa remains the first public blockchain platform to have a working model that applies network and transaction sharding," Kumar said, adding that the advantage of network-level sharding is around security.

Sharding allows new nodes to be added without decreasing performance, and blockchain projects such as Ethereum are looking to introduce it as a solution to scalability problems. Zilliqa claims to have achieved a throughput of 2,828 transactions per second in an earlier testnet, compared to Ethereum's 15 or so.

The second key feature is secure smart contracts. Smart contracts are immutable; they cannot be changed, which makes bugs extremely problematic, as famously illustrated in the case of the DAO where millions of dollars were lost because of a programmatic oversight.

Some of the main vulnerabilities are inherent  programming languages themselves, as explored earlier in this blog. Scilla is a language developed by Zilliqa to address some of these issues while retaining usability, he explained. It is a functional programming language that allows developers to perform formal verification of their code and includes tools for checking bugs in the smart contract.

"As a smart contract platform, we recognised that our smart contract language would need to be able to provide greater security guarantees than what can be found in the industry today," Kumar said.

"Scilla takes several elements from functional programming languages, making it amenable to formal verification, allowing developers to apply mathematical proofs to ensure that one's codebase fulfils critical security requirements."

Currently, the company is focused on sectors that require complex high-throughput transactions such as advertising, gaming and financial services with use cases where blockchains can increase security or efficiency, but Kumar said he keeps an open mind as to future partnerships.

"We designed Zilliqa as an open, public platform, imposing no limitations on what can be built on the network and what industries these applications might touch upon."

Meanwhile, speculation about a possible Facebook cryptocurrency looks set to be clarified on June 18th with an announcement by the social media behemoth on something called "Project Libra". For months now, Facebook has been hoovering up blockchain talent into its inner sanctum, but has been tight-lipped as to its plans, throwing out bland generalisms about "leveraging the power of blockchain", as it is wont to do.

But leaks - deliberate or otherwise - suggest that Libra will be a new currency integrated into WhatsApp, which users will be able to use to transfer funds to each other or spend on products and services. China's Tencent has operated such a system for a few years now on WeChat and it's thought that Facebook's effort could be primarily aimed at the vast Indian market.  

The cryptocurrency - which may possibly be called GlobalCoin - will be pegged to the US dollar like other so-called ‘stablecoins' such as Tether, to reduce speculative swings in value. Why Facebook requires a blockchain for this purpose will hopefully become clearer in a few days' time.

21/05/2019 By ignoring crypto Berners-Lee's Solid is missing a trick, says Web 3 investor

Jamie Burke is founder and CEO of Outlier Ventures, an incubator and investor in decentralised, AI and IoT technologies.

Outlier is building a portfolio of startups to create what it calls a ‘convergence stack', ranging from the hardware layer, through distribution, routing, verification, interfacing and up to applications. Projects funded so far include Fetch.AI, Agoric, IOTA, Sovrin, Haja Networks, SEED and Ocean Protocol.

This stack is designed to form a viable basis for the next-generation web. Web 3 will be characterised by bots trading with bots and intelligent agents making economic decisions based on smart contracts, with human interaction playing an ever smaller part. It will also be decentralised to mitigate the worst aspects of the current web, such as surveillance capitalism, the easy spread of disinformation and the growing number of malicious bots.

Part of the blame for the current online malaise must be laid at the door of creators of the internet and web which for reasons of expediency and ideology had very little governance built in, according to Burke.

"It was designed very much with a kind of libertarian free market capitalism framing, and we're dealing with the consequences today," he said.

"We're now in a place where we have surveillance capitalism as a consequence, with a huge gap left open for stateless corporations to exploit that niche to the detriment to society."

At least one of those originators is well aware of these issues. Tim Berners-Lee has long railed against the fencing off of the web by corporations and their government sponsors. Indeed, he is working on Solid, a project designed to allow individuals to manage their personal data and that resulting from their online interactions in their own stores, outside of the corporate walled gardens. Solid was launched with some fanfare last year by Berners-Lee and Inrupt, a startup created to commercialise the project.

However, says Burke, it's missing a trick.

The key innovation of bitcoin was the idea of digital scarcity, he believes, the use of cryptography to give value to a digital asset on a network and control its distribution. Digital scarcity allows such assets to be spent and traded online like a currency as cryptotokens - and can also be used to exact a cost on those who would attack or abuse the network.

"I find it quite intriguing is he is deliberately not tokenised anything," he said. "I hate to say this about the Godfather of the Web, but there still seems to be a lot of naivety and dogma that is driving the decisions."

Burke continued: "My view of Web 3 is that with the innovation of digital scarcity we can make machines not just read the web but also have economic agency. And so that's why tokenisation is important because to facilitate economic agency by machines there needs to be a digital form of value that is scarce that can be transferred.

"I don't think everything has to be tokenised. But when I think about what he's trying to achieve, if it's not tokenised then what is the cost to abusing it?

"We now have the ability to hard-code cost into the internet, but I think there's just this resistance, this idea that the internet should be totally free. I don't think it should be totally free; I think it should be almost to the point of free, but with a cost whereby bad activity at scale isn't worth the reward."

The lack of built-in disincentives for malicious behaviour risks replicating the past, or worse he added.

"The reason why there's such a high volume of malicious activity is because there's no cost to it, or at least the cost of doing it at scale is negligible because the web doesn't really have any rules."

Watch out for a longer interview with Burke and others involved with decentralised technologies to appear shortly, in which they explore some of the promises and challenges of Web 3.0.

20/05/2019 Bluzelle takes aim at Redis with its decentralised cache network

Decentralised database-as-a-service startup Bluzelle has released an early iteration of its decentralised database as a globally distributed cache.

The fully operational decentralised, in-memory, NoSQL key-value store is planned for early 2020, but, explained CEO Pavel Bains, with the caching layer in place Bluzelle can already provide global access to data at extremely low latency for applications such as online multiplayer gaming, ecommerce and ad bidding.

Currently in beta and installed on 25 globally dispersed datacentre servers, the Bluzelle network replicates data across its nodes with a high level of redundancy, so it's always close to where it's needed. As a potential use case, Bains gave a hypothetical example of an online gaming firm based in Seattle where suddenly a large number of players join from India and then the UK. Instead of urgently having to provision extra servers and cache in those locations to void unacceptable lag, the data would already be nearby on the network and extra resources provisioned instantly. This is similar to the way content delivery networks (CDNs) like Akamai and Cloudflare work, and Bains dubbed Bluzelle cache a 'DDN' - or data delivery network.

A live, load-testing demonstration by Bains appeared to show response times between the US West Coast and Singapore of 19 milliseconds using the Bluzelle network compared to more than 700 milliseconds going through a datacentre fitted with Redis cache located on the US East Coast. (The firm publishes a video of this same demo on its website.)

The Bluzelle network is based on a Kademlia distributed hash table (DHT) architecture with a blockchain (ethereum) to manage identity, smart contracts and token payments. Storage networks Sia and Storj have a similar setup, but Bains insisted they are working in a different area.

"Sia and Storj are more focused on file storage, whereas our target customers are those who require real-time data access across multiple regions, so the competition would be Redis and Couchbase," he said.

Ultimately, as with those storage networks, the datacentre servers will be replaced by users' machines with their owners rewarded for donating spare capacity. According to Bains, any standard laptop with 50GB of storage and "a few gigs of RAM" should suffice. It remains to be seen what effect that will have on latency, of course. The full database, once released, should allow for CRUD (create, read, update, delete) operations and protection against common attacks, according to the company's whitepaper (PDF).

13/05/2019  Microsoft's blockchain-based decentralised identity system unveiled

Microsoft is working an open-source, blockchain-based decentralised identitity system.

Decentralised IDs (DIDs) are a cryptographic means by which people can identify themselves to an online service while remaining in full control of their credentials and without requiring a centralised registry, identity provider or certificate authority.

Microsoft's project is called ION. Its GitHub page describes it as "public, permissionless, Decentralised Identifier (DID) network that implements the blockchain-agnostic Sidetree protocol on top of bitcoin."

It continues: "By leveraging the blockchain-agnostic Sidetree protocol, ION makes it possible to anchor tens of thousands of DID/PKI operations on a target chain (in ION's case, bitcoin) using a single on-chain transaction. "

Yorke Rhodes, a programme manager on Microsoft's blockchain engineering team, told CoinDesk that his team has been working on ways to make use of the secure inmmutibility of blockchains like bitcoin and ethereum while overcoming some of their scalability problems.

"To have Microsoft say they are not scared of bitcoin, and in fact, it has some very good properties and we are willing to take advantage of those properties, is, I think, a step in the right direction," Rhodes said, adding that the DIDs could be used alongside Active Directory, Microsoft's system for managing identities within an enterprise setting. DIDs could thus be used across the very wide range of Microsoft enterprise services and beyond, allowing authentication and verification while leaving the user in control of their identity.

Microsoft has been interested in this area for some time. In January 2018, the company published a decentralised identity portal and promoted the benefits of individuals being able to create, own and manage their online identities independent of any third-party. The company is also a founding member of the World Wide Web Consortium (W3C) working group for decentralised identity.

In the CoinDesk article, Rhodes likened the possible impact of ION on decentralised technologies and self-sovereign identity to that of Windows 95 on consumer computing. "Networking stacks were very tied to logins to existing networks," Rhodes said, describing how IDs were managed in the pre-internet era. "Like that, I think [ION] is pretty significant."

03/04/2019 Blockchain not dead as Facebook and PayPal announce further investments

No doubt about it, last year blockchain hopes crashed down to earth with an almighty bang. Closely tied up with get-rich-quick cryptocurrency schemes (and scams), when that market lost 75 per cent of its value blockchain lost a lot of its lustre, with some analysts and pundits writing it off altogether. It was too much too soon, they said.

But now that the balloon has popped a welcome pragmatism has taken place of all the guff and bluster, with many decentralised projects (those that are still solvent) and companies just quietly getting on with it.

Two high-profile companies have announced they'd be investing more in blockchain technologies over the past few days. First, PayPal made its first blockchain investment in the shape of Cambridge Blockchain Inc, a digital identity enterprise software provider. PayPal joined other investors including Foxconn and Omidyar Network in the extended investment round.

Meanwhile, Facebook, which is working on a cryptocurrency of its own and has been poaching high-profile blockchain researchers, posted an additional five Silicon Valley blockchain vacancies on top of the 20 it had advertised earlier.

And recruitment site Indeed.com revealed that US bank JPMorgan Chase (which announced its own digital currency in February, see below) was behind only technology and consultancy firms IBM and Cisco, Accenture, EY, KPMG and Deloitte in its snapping up of blockchain talent, according to Forbes - although thenews site did say interest from applicants had dropped in line with the bitcoin price.

While venture capital investment on blockchain startups is unlikely to reach the $5.5 bn of the bubble year of 2018, it looks set to match or exceed 2017's $1 bn.

In some cases this will be about keeping a hand in, in case of some big development - or fear of missing out (FOMO). In others (maybe Facebook's), covering bases may be mixed with a large dollop of PR. However, with much of the hype behind it and the technology maturing, there's certainly life in the old dog yet. Coincidentally, for reasons that are as yet unclear, the price of Bitcoin surged 15 per cent on Tuesday.

The AI and Machine Learning Awards are coming! In July this year, Computing will be recognising the best work in AI and machine learning across the UK. Do you have research or a project that you think deserves wider recognition? Enter the awards today - entry is free. 

13/03/2019 Energy firm Ovo invests in blockchain startup Electron in move towards zero-carbon smart grid

As covered by our sister publication Business Green, UK energy supplier Ovo has taken a minority stake in blockchain company Electron in a bid to accelerate the development of a smart electricity grid.

London-based Electron develops blockchain solutions specificially for the energy sector.

The terms of the deal were not disclosed, but Ovo, which focuses on supplying energy from renewable sources, said that the investment comes through Kaluza, a new division within the Ovo that develops "software and hardware to support the integration of electric vehicles, electric heating and battery storage onto the grid."

In a blog post Ovo explained the strategy further.

"The integration of technologies such as blockchain and IoT, is essential to support the transition to a highly distributed, complex energy system, made up of multi-agents and millions of connected devices. The development of Electron's shared asset register will be crucial to supporting the growth of Kaluza and deliver on its mission to securely connect all devices to an intelligent zero-carbon grid," the company said.

A smart grid could to allow people to buy solar power from their neighbours and enable domestic appliances to exchange information and co-ordinate electricity use.

The move follows Mitsubishi's acquisition of a 20 per cent stake in Ovo last month.

Bank JP Morgan bets on blockchain, unveils its own digital currency

 Jamie Dimon, CEO of Wall Street investment bank JP Morgan, has spent an inordinate amount of time bashing bitcoin and banning employees from trading in cryptocurrencies. But now the bank has announced it's been testing its own digital (not crypto-) currency for use in its wholesale payments business.

The digital currency is called the JPM Coin and has been trialled so far with one corporate client. It is pegged 1:1 against the US dollar, in the manner of so called stablecoins such as tether, and is instantly redeemable against that currency. There are plans to deploy it against other fiat currencies too.

The bank envisages three main uses for the JPM coin. The first is to offer corporate clients a real-time alternative to money transfer systems like Swift and wire transfers. Transfers can take hours or even days, whereas a trusted blockchain-based digital currency could allow the process to be virtually instantaneous.

Another is for securities transactions, reducing the time between settling the transaction and money changing hands. Again, wire transfers can introduce a significant delay.

The third use-case is to allow corporations that use J.P Morgan's treasury services to replace the dollars they hold in subsidiaries across the world with JPM Coin.

These use cases are just the start, said Umar Farooq, head of the bank's blockchain projects.

"So anything that currently exists in the world, as that moves onto the blockchain, this would be the payment leg for that transaction," Farooq said on the bank's website.

"The applications are frankly quite endless; anything where you have a distributed ledger which involves corporations or institutions can use this."

Farooq drew a distinction between the cryptocurrency markets and the sort of private blockchain applications represented by JPM Coin.

"We have always believed in the potential of blockchain technology and we are supportive of cryptocurrencies as long as they are properly controlled and regulated," he said.

"As a globally regulated bank, we believe we have a unique opportunity to develop the capability in a responsible way with the oversight of our regulators."

The pilot programme will be expanded later this year to include other corporate clients.

JP Morgan has also been involved in a consorteum developing the Ethereum-based Quorum blockchain. See earlier in this blog.

Next page: Facebook's crypto rumours, WWF-Australia launches food-tracking blockchain, China cracks down, Ethereum Classic hacked, New standards group for private blockchains, Hyperledger adds members, Blockchain too immature for government use, finds Australia, China mulls anonymity ban 

05/02/2019  Facebook reportedly aquires UK blockchain startup Chainspace fuelling more cryptocurrency rumours

Facebook has reportedly acquired Chainspace, a London-based start-up working on decentralised blockchain-based smart contracts, fuelling speculation that the social media behemoth is developing its own cryptocurrency.

In a 2017 white paper, team members of Chainspace describe the project as a "decentralized infrastructure, known as a distributed ledger, that supports user-defined smart contracts and executes user-supplied transactions on their objects."

It continues: "The correct execution of smart contract transactions is verifiable by all. The system is scalable, by sharding state and the execution of transactions, and using S-BAC, a distributed commit protocol, to guarantee consistency."

Chainspace was founded by researchers from University College London Alberto Sonnino, Dave Hrycyszyn, Ramsey Khoury and George Danezis. Cheddar reports that a number of members of the team have now been hired by Facebook.

Facebook has been quietly assembling a group of experts, academics, cryptographers and engineers with experience in blockchain and cryptocurrencies, sparking rumours that it is looking to develop its own cryptocurrency. The company appointed former PayPal president David Marcus to manage this group.

Bloomberg reports that any cryptocurrency that emerges is likely to be a ‘stablecoin', one whose market value is pegged to a fiat currency such as the US dollar and that it would be used to transfer funds via WhatsApp with the initial rollout in India. China's WeChat social media app already allows users to transfer money in many fiat currencies (but not the Indian rupee) using Alipay.

Facebook is acquiring the team's knowhow rather than its technology, according to Cheddar. To rival more traditional digital money transfer services a decentralised blockchain-based system will need to be able to demonstrate the type of speed, efficiency and scalability that have so far eluded first-generation cryptocurrencies such as Bitcoin and Ethereum. This is an area the team has been working on through its sharding technology and Byzantine fault-tolerant consensus protocol Blockmania. But these appear to be early-days projects judging by the level of activity on GitHub.

Facebook was characteristically opaque about its alleged 'acqui-hire'.

"Like many other companies, Facebook is exploring ways to leverage the power of blockchain technology. This new small team is exploring many different applications. We don't have anything further to share," a spokesperson said.

17 January 2019 WWF-Australia launches food-tracking blockchain

World Wildlife Fund Australia has launched a ‘blockchain-enabled' tracking system to trace food and other products from source to plate.

The aim, WFF-Australia says, is to "help businesses and consumers avoid illegal, environmentally damaging or unethical products, while improving supply chain accountability and transparency."

The system, called OpenSC, was developed in conjunction with BCC Digital Ventures, part of the Boston Consulting Group. It allows details of products to be added to a ledger at their point of origin so the route to their final destination can be traced. For example, the location and time at which a particular fish is caught can be recorded using a digital tag by the fishing boat, allowing consumers to check it has reallly come from a MSC-certified fishery simply by scanning a QR code using their phone.

Austral Fisheries, part of the enormous Maruha Nichiro Group, has agreed to roll out the system across its Patagonian Toothfish fleet.

The system is not limited to seafood of course. WWF-Australia plans to use it to certify other food and paper products to demonstrate that they are not the result of illegally felled forests or slave labour.

"Through OpenSC, we will have a whole new level of transparency about whether the food we eat is contributing to environmental degradation of habitats and species, as well as social injustice and human rights issues such as slavery," said WWF-Australia CEO, Dermot O'Gorman, in a press release.

"OpenSC will revolutionise how we all buy food and other products as well, enabling more informed decision making by consumers, businesses, governments, and industry bodies."

Improving supply chain transparency is one of the leading use cases for blockchain technology outside of the realm of cryptocurrencies. Recently, the Food Trust, a consortium led by Walmart, created a product recall system which allows products to be traced through the supply chain back to their origin in a matter of seconds rather than weeks (see earlier in this blog).

Fedex is another company looking at decentralised ledgers as a way of driving efficiencies in the supply chain. CEO Fred Smith described blockchain as "a chain of custody system on steroids".

11/01/2019 China cracks down on blockchain companies

Hot on the heels of handing out fines to VPN users accessing the 'international internet', China continues its crackdown on the anonymity of its citizens by targeting the country's many blockchain startups.

The Cyberspace Administration of China (CAC) has announced new rules for blockchain firms. These rules, which will come into force on February 15, will require companies that use blockchains to register their names and IP addresses with the CAC within 10 working days of the new regulations becoming law.

It applies to firms that provide public information services through blockchain services that are accessible via web or mobile devices.

Moreover, blockchain service providers may not 'produce, duplicate, publish or disseminate' content that has been banned by the Chinese government.

Firms that fail to comply could face fines of RMB 20,000 - 30,000 (£2,300 - £3,500), while serial offenders should expect a criminal investigation.

The move is the latest in an ongoing crackdown on online freedom of expression by the increasingly authoritarian Chinese authorities. Last year a group of students used the Ethereum blockchain to evade the attention of the censors and pass messages about a prominent professor accused of sexual misconduct, and this may have rattled government officials, themselves very sensitive to accusations of corruption.

In October the Chinese government drafted a regulation that would require users to provide their real names and national ID card numbers when registering for a blockchain service. The policy also demands that blockchain services remove 'illegal information' before it can be spread among users, with service providers required to retain backups of user data for six months and to hand it over to the police on request.

China also banned cryptocurrency trading last year.

08/01/2019 Rollback attack allows double-spend of more than $1m in cryptocurrency Ethereum Classic

Blockchains are supposed to be immutable. That's the point. With a blockchain-based cryptocurrency you shouldn't be able to spend the same coin twice by rewriting the transactional record, but Cryptocurrency exchange Coinbase noticed one currency, Ethereum Classic (ETC), where exactly that was occurring.

"On 1/5/2019, Coinbase detected a deep chain reorganisation of the Ethereum Classic blockchain that included a double spend," the exchange notes in its blog.

It continues: "Subsequent to this event, we detected 12 additional reorganisations that included double spends, totalling 219,500 ETC (~$1.1m)."

This latter figure was revised upwards from an earlier estimate of 88,500 ETC ($460,000).

The problem lies with a weakness in the Proof of Work consensus mechanism which most blockchains rely on for security. In this miners compete to verify blocks of transactions, ultimately agreeing to accept the longest chain of blocks as the 'true' one and going on from there. This is fine so long as more than half the miners are ‘honest' nodes. But if a dishonest miner with sufficient CPU power manages to pick a previous block and build on that, it can theoretically outstrip the other miners, creating an alternative longest chain which the other nodes will ultimately accept as true, effectively rewriting history.

So the dishonest miner could make a purchase from a merchant with his or her coins, and then build a chain from a previous block which does not contain that transaction. Once the other miners have accepted this new chain as the canonical truth, the coins are still available to spend again. The unfortunate merchant ends up with nothing.

This is known as a rollback attack because the previous transaction has effectively been rolled back - it does not exist in the record. It becomes possible once a single miner or cooperating pool of miners controls more than 50 per cent of the CPU power. The risk has been known since blockchain's inception and is the reason why it has always been stressed that mining should be as dispersed as possible. However, because specialised equipment and cheap electricity is now required to make a living from mining, power has become concentrated in fewer and fewer hands.

To make matters worse, with the collapse in the price of cryptocurrencies (ETC's value has dropped from $45 a year ago to around $5 today) many miners have given up and sold their equipment. This may have allowed some of the remaining miners to consolidate enough power to launch the attack.

Coinbase says no funds were lost from the exchange, but it has frozen transactions for the time being in ETC to prevent losses from affecting its customers.

20/12/2018 New standards group for private blockchains announced by ETSI

ETSI, the European standards group for IT, has announced a new group focused on permissioned ledgers - or private blockchains as they are often called. Members of the Industry Specification Group on Permissioned Distributed Ledger (ISG PDL) announced so far include representatives from Cadzow Comm Consulting Ltd, Ericsson, Huawei, Intel, NEC Europe, Telefónica and Vodafone.

The  group will look at existing methodologies used to validate participant nodes, improve scale and throughput, achieve consensus and automate node management and operation, incorporating new research results as they become available. The aim is to specify a permissioned distributed ledger operational reference architecture that can be used as a basis for implementing private blockchains for business purposes.

Unlike public blockchains such as bitcoin where anyone can run a node, with permissioned blockchains membership is restricted. Current use cases include inter-bank ledgers where each bank in a consortium runs a node or nodes. In this way security and confidentiality are easier to provide for, while some of the 'trustlessness' aspects of a decentralised public ledger are lost. Instead governance of the ledger is the joint responsibility of its members.

ISG PDL will seek to provide the foundations for operating permissioned distributed ledgers across various industries and governmental institutions by working with various standards bodies and open source projects in the blockchain arena.

The groups initial meeting will take place on 24 January at Telefónica, Madrid where officials will be elected.

18/12/2018 Is Facebook working on a cryptocurrency?

Facebook has been quietly assembling a group of experts, academics, cryptographers and engineers with experience in blockchain and cryptocurrencies, according to a report from Cheddar.com.

The group was inaugurated in April this year and reportedly now numbers 30 or 40 individuals. It is headed by David Marcus, vice president of Facebook Messenger and former PayPal president. Many of his recent hires are also ex-employees of PayPal while others have online payments backgrounds from companies like Google and Samsung. Some are former members of cryptocurrency startups - stoking the long-running rumour that Facebook may be developing its own coin.

Facebook has said little about cryptocurrencies, save to ban ads for ICOs a while back, and it remains characteristically  tight-lipped about its plans.

"Like many other companies Facebook is exploring ways to leverage the power of blockchain technology," a spokesperson said.  "This new small team is exploring many different applications. We don't have anything further to share."

It could be that Facebook is looking to emulate China's WeChat  - a sort of Facebook plus-plus that includes a dating app together with a native payment system that has become so popular that small traders and even beggars are starting to refuse cash - while at the same time working to head off competition from less centralised models down the line.

13/12/2018 Hyperledger adds 12 new members

Hyperledger, the open source permissioned blockchain project, has announced 12 new general members including some major banks, consortia and cloud firms. General members have certain marketing and recruitment opportunities as well as bing able to participate in members-only committees.

The latest general members feature a strong showing from China. They are: Alibaba Cloud, BlockDao (Hangzhou) Information Technology, Citi, Deutsche Telekom, Guangzhishu (Beijing) Technology Co. Ltd, Guangzhou Technology Innovation Space Information Technology Co. Ltd, KEB Hana Bank, HealthVerity, MediConCen, Techrock, we.trade and Xooa. These additions bring the total number of general members to 256.

Four new associate members also joined Hyperledger this month: Association of Blockchain Developers of Saint Petersburg, Business School of Hunan University, Sun Yat-sun University and Wall Street Blockchain Alliance.

Associate membership is limited to pre-approved non-profits, open source projects, and government entities. There are now 16 associate members.

The new members were announced at the Hyperledger Global Forum in Basel, Switzerland.

"The growing Hyperledger community reflects the increasing importance of open source efforts to build enterprise blockchain technologies across industries and markets," said executive director Brian Behlendorf. "The latest members showcase the widening interest in and impact of DLT and Hyperledger."

A number of blockchain projects are based on Hyperledger; some of them like we.trade and the Walmart food supply chain system are featured elsewhere in this blog.

23/10/2018 Blockchain too immature for government use, finds Australia's DTA

The Australian government's Digital Transformation Agency has cast doubts over the validity of blockchains for governmental purposes.

The DTA, which was granted AUS$700,000 to investigate the technology, has concluded after initial research that in almost every case examined existing technologies are more suitable than blockchain.

The agency has been working with a number of government agencies to develop prototypes for the use of blockchain to deliver services, including with the Department of Human Services for welfare payments and cargo settlement.

Peter Alexander, CDO at the DTA said the technology is worth keeping an eye on but as yet is too immature.

"Our position today, and this is an early write-up, is that blockchain is an interesting technology that would be well worth being observed, but without standardisation and a lot more work, for every use of blockchain that you would consider today there is a better technology," Alexander told a Senate hearing on Tuesday, as reported by InnovationAus.com.

Alexander said that one of the defining features of blockchains, the potential for anonymity, is among the biggest stumbling blocks.

"Generally speaking when the government is engaging with someone, we want to have a trusted relationship with them. We want to know who they are and give them a personalised service," he said. "Blockchain is good for low-trust engagement, you don't know who you're dealing with but have a series of ledgers that can give some validation and support."

According to Alexander, blockchain is at the "top of the hype cycle", with demand driven by the industry.

"It would be fair to say that a lot of the big vendors are pushing blockchain very hard and internationally most of the hype around blockchain is coming from vendors and companies, not from governments and users and deliverers of services," he said.

23/10/2018 China mulls anonymity ban

China is another nation that finds blockchain's anonymity a problem. Earlier this year Chinese students encoded allegations of sexual harassment against a prominent professor on the Ethereum blockchain to evade the country's censors, all social media posts on the issue having been blocked. The same technique was used to spread news about low quality and counterfeit vaccines, another scandal the government sought to cover up.

But the Chinese government has drafted a new regulation that would require users to provide their real names and national ID card numbers when registering for a blockchain service, reports The Verge. The policy would also demand that blockchain services remove 'illegal information' before it can be spread among users. And under the proposed legislation, service providers would also be required to retain backups of user data for six months and to hand it over to the police on request.

China has been bullish on blockchain for the last few months, with one commentator recently claiming it is worth ten times as much as the internet. The country's tech giants are pouring significant resources into its development citing smoother trade and anti-fraud possibilities. But without the possibility of anonymity, a permanent ledger could also be a powerful tool in the authoritarian regime's surveillance and control systems.

China also banned cryptocurrency trading earlier this year, although apparently this has been less than effective. The Ethereum Hotel recently opened in the country, accepting payment in cryptocurrencies.

Next page: UK leads in blockchain deployments says Capgemini; Microsoft's strategy for decentralised identity; Gary Cohn joins fintech startup Spring Labs; Horizen's privacy platform; Zone and Icons launch ledger to authenticate and track sports memorabilia; Nick Szabo, inventor of the smart contract, on its evolution; Real-world use cases emerging; Blockchain-based driving licence trial rolled out by Australian state

19/10/2018 UK leads the way in blockchain deployments for supply chain, finds Capgemini

A survey by consultancy Capgemini of 450 organisations implementing blockchain in their supply chain has found that only three per cent have so far taken initial experiments into production at scale.

The respondents, drawn from the consumer products, retail and manufacturing sectors, said that establishing return on investment was the biggest challenge to ramping up their deployments, with compatibility with existing legacy infrastructure cited as another barrier.

Across the sample, three per cent were deploying blockchain solutions at scale, 10 per cent had pilot projects in place, while 87 per cent were still at early stages of experimentation with the technology.

The main drivers for the experiments were found to be cost saving (89 per cent), enhanced traceability (81 per cent) and enhanced transparency (79 per cent), although these varied widely from sector to sector.

While adoption and the technology itself are at an early stage, the Capgemini report identifies a number of current use cases, ranging from low complexity / high adoption scenarios such as the prevention of counterfeits and tracking asset maintenance, to more ambitious but complex uses including loyalty programs, contract labour procurement and regulatory compliance.

The UK (22 per cent) currently leads the way with production and pilot implementations of blockchain projects in the supply chain, while the USA (18 per cent) leads in terms of funding blockchain initiatives.

In the UK specifically, the consumer products vertical is the biggest adopter among those surveyed, followed by manufacturing and then retail. However, globally manufacturing  is in the lead.

Sudhir Pai, CTO financial services at Capgemini commented: "There are some really exciting use cases in the marketplace that are showing the benefits of blockchain for improving the supply chain, but blockchain is not a silver bullet solution for an organisation's supply chain challenges."

Pai continued: "Blockchain's ROI has not yet been quantified, and business models and processes will need to be redesigned for its adoption. Effective partnerships are needed across the supply chain to build an ecosystem-based blockchain strategy, integrated with broader technology deployments, to ensure that it can realise its potential."

Capgemini has been working with blockchain technology since 2016 when it began developing solutions for the financial services industry. The report predicts that experimentation with blockchain will peak in 2020, before entering mainstream supply chain usage by 2025.

15/01/2018 Microsoft's strategy for decentralised identity

Microsoft might seem an unlikely champion of decentralised IDs. After all, decentralised identifiers (DIDs) represent an important decoupling of identity from generated data and applications that use it, and Microsoft, in many minds, is still associated with monopolistic powergrabs. But last week the company published a new decentralised identity portal and released a whitepaper explaining the benefits of individuals being able to create, own and manage their online identities independent of any third-party.

"Over the past 18 months, Microsoft has invested in incubating a set of ideas for using blockchain and other distributed ledger technologies to create new types of digital identities - identities that are designed from the ground up to enhance personal privacy, security, and control," the whitepaper says. "We aspire to make DIDs a first-class citizen of the Microsoft identity stack."

Actually, it should not come as a surprise that Redmond should be interested in this area. Microsoft was one of the early major tech company backers of blockchain technology after all, and decentralised identifiers, where a user controls his or her online identity or identities through cryptography, are a central feature of many of the emerging decentralised applications being built on blockchains and other decentralised platforms. And as we saw when Microsoft embraced Linux as a key part of its Azure cloud ecosystem, a 180-degree turnaround from its previous position, Redmond has proved adept of late at seeing which way the wind is blowing and moving with it. The whitepaper mentions integrating personal datastores controlled by DIDs into Azure.

IBM, the other big technology company leading the blockchain charge, has been active in this area for more than a year. Like Microsoft, IBM is a member of the Decentralized Identity Foundation (DIF). Critics point out, though, that while IBM has already been active in offering open standards for DIDs and related W3C projects, Microsoft has yet to lay any code on the table.

"I don't know what Microsoft has developed, I haven't seen any actual code," Wayne Vaughan, CEO of blockchain platform Tierion and DIF steering committee member, told CoinDesk.

"Microsoft has been soliciting input from the community, but their software development has largely been done behind closed doors, and now they are releasing it publicly. With that being said, it's much better than nothing."

UPDATE 15/10/18: Twitter user @csuwildcat has pointed out that Microsoft developers are contributing to the DIF's GitHub repositories. The strapline to this article has been changed accordingly.

12/10/2018 Former Trump aide and Goldman Sachs chief Gary Cohn joins fintech startup Spring Labs as advisor

Gary Cohn, chief economic advisor to Donald Trump until April and before that president and COO of Goldman Sachs, has become an advisor to Spring Labs, a blockchain startup that aims to take on consumer credit companies like Experian and Equifax.

Unlike some of his investment banking brethren Cohn has never rejected the idea of cryptocurrencies, saying in May that a global cryptocurrency is coming.

"I'm not a big believer in Bitcoin, I am a believer in blockchain technology," Cohn told CNBC. "I do think we will have a global cryptocurrency at some point where the world understands it and it's not based on mining costs or costs of electricity or things like that."

Cohn told the FT he believes blockchain's teething issues will be overcome and that blockchains have obvious potential in the financial arena, particularly for smart contracts and currency settlements.

"We all know all the inefficiencies of the existing currency world and blockchain clearly helps to eliminate them at some point in the future," he said.

Spring Labs, which has offices in Los Angeles and Chicago, boasts a high-powered board, which as well as Cohn includes Bobby Mehta, formerly CEO of credit company TransUnion, and Brian Brooks, chief legal officer at cryptocurrency exchange Coinbase.

Spring Labs' website says its technology will create "the foundation for a credit system that is more transparent and secure for consumers".

It continues: "The Spring network will allow users to view all attestations about their credit and identities for free, and enables functionality for open alerts and notifications."

Cohn said he would be assisting with getting the firm's technology adopted in the marketplace.

11/10/2018 Horizen's privacy platform

One of the biggest selling points of decentralised technology is privacy, believes Rob Viglione, co-founder of Horizen, a privacy-oriented blockchain platform.

Horizen was forked from ZCash, one of the leading privacy-focused cryptocurrencies. "We wanted to take it beyond currency," said Viglione.

Like most such projects, the Horizen platform does have a cryptocurrency (Zen) to power its internal market, but it was the key innovation of ZCash's founder crypto-pioneer Zooko Willcox that was the primary focus of attention, Viglione said. zk-SNARKs provide a practical cryptographic method of verifying that a computation such transaction between two parties is "correct" without having to know anything about the computation or the parties involved.

"Where ZCash is focused on currency we are actually building an application platform. That was the point of forking from ZCash - to grab the SNARK library so we could start with that base technology and cryptography. Now we are building things on top of it."

One of those things is what Viglione claims is "the most secure messaging protocols in the world". He admits it's "kind of clunky" at this stage, and because zk-SNARKs are computationally heavy it's not instant. "But if you're a reporter in Syria or China, you might want to use our app."

Viglione insists Horizen retains "very good relations with Zooko" despite having forked his code, and said the two companies collaborate on bug reporting and the like.

Asked about Horizen's potential "killer app" Viglione said the combination of a large number of nodes (there are currently 22,000 in the network) and zero-knowledge cryptography makes virtual private networking a strong candidate.

"If we can build the world's best VPN service, one that is fully anonymous and secure that could draw millions of potential users, not because they care about blockchain, but they want a service that is valuable. That's where we need to go were working very actively on those sorts of projects."

Another USP of decentralised systems is the possibilities for equality regarding decision making. The company is working on a treasury voting system that will enable Zen holders to make decisions on proposals for the network's development and allow transparency into the allocation of funds.

As for enterprise use cases, Viglione cites the simplicity of developing applications on sidechains that plug into the main network via an API. That way, they can make use of the network's privacy and security features without needing to have blockchain skills in-house.

One possible fly in the ointment is the current reliance on the Ethereum blockchain, although Viglione insists migration to another backbone would be possible. Ethereum has recently struggled to scale in the face of increased demand. "They hit the limits of natural growth in my opinion," he said, adding: "But I never discount them because they have a collection of brilliant people and I think they will overcome the issues as they come up."

02/10/2018 Zone and Icons launch ledger to authenticate and track sports memorabilia

The sports memorabilia market began with fans trading footballs and baseballs signed by their sporting heroes and expanded to an industry worth US$370bn globally, according to Forbes. These days no charity auction is complete without a signed shirt from a current or bygone star, but how can punters tell it the item is genuine when signatures written by robots are pretty much indistinguishable from the real thing particularly when many counterfeit goods are traded online?

Enter b-locked, a blockchain-based ledger designed to track the provenance of signed sports memorabilia. B-locked was developed jointly by Icons Shop Limited, which holds official merchandise licences from the FA, UEFA and FIFA World Cup and has exclusive contracts with players including Lionel Messi, Dele Alli and Eden Hazard, and Zone, a London-based customer experience agency which is part of professional service firm Cognizant.

To combat fraud, every Icons product comes with a certificate of authenticity and details of the player signing. This information can now be stored on b-locked so that future buyers can check its authenticity by typing a code or scanning a hologram via a web application.

The Zone team had originally chosen Ethereum as its blockchain platform of choice but, changed tack after the Cryptokitties debacle which showed up problems with its scalability.

"Ethereum transaction costs would have been too high for the project to be economical. So we used alpha code and ideas from Chainspace to build our prototype. We'll likely go ahead either with Chainspace or Cosmos, both of which make it easy to build the kind of logic and interactions we need," said Jon Davie, chief client officer at Zone.

Davie explained that the Zone team used an Agile methodology of short sprints to deliver the ledger. "We didn't seek to solve every challenge at the outset - rather to identify the key features and then learn by testing with customers and the Icons team," he said.

"Our next challenge is scaling the authentication process to cover every item in the Icons warehouse - it's an operational challenge as much as a technology challenge."

The system will be launched this month, with FC Barcelona star Lionel Messi signing 100 products which will be uploaded to the b-locked blockchain at an event in that city. Davie said the firm's short time to market was due in part to focusing on a specific use case.

"Unlike many blockchain ventures, we created this project to solve an existing problem for an existing business," he said, adding that it could be expanded to suit "any industry where authenticity is important - from art and antiques to whisky and wine."

28/09/2018 Nick Szabo, inventor of the smart contract, on its evolution

Nick Szabo, the computer scientist who came up with the idea of smart contracts in 1995 and coined the term, discussed the evolution of his invention during a keynote at blockchain live in London this week.

The basis of his talk was the fact that trust does not scale. Advanced societies have laws and institutions to mitigate the fact that we often have to deal with people and organisations that we know nothing about, including courts to enforce the fulfilment of agree contracts, but these are frequently ill-suited to the digital age.

The concept of smart contracts has moved on from the simple vending machine model which doles out a bar of chocolate provided you put the right money in, as defined in the program, to that embodied by distributed applications (dApps) on programmable blockchains such as Ethereum. But these are at an early stage, Szabo said.

"An Ethereum contract controls assets and typically gives some performance incentives, but it's not the full smart contract. The full smart contract involves user interfaces, it involves other features such as search and negotiation and performance monitoring, and it will also often happen off-blockchain." he said.

"For example, if you're doing logistical contracts and you want to track a package in time and space that's an off-blockchain oracle that is part of the smart contract that is fed into the Ethereum contract on chain."

Rather than the binary yes-no model, smart contracts will be negotiable, he said.

"Right now they are take-it-or-leave-it deals, but a true smart contract can be negotiated. So Alice makes an offer and Bob can accept or reject that offer, and if Bob has neither accepted or rejected the offer then Alice can revoke it. We [presumably referring to Szabo's company Global Financial Access] are working on smart contract negotiations of this nature."

They will also be customisable, and fully on-chain with parties able to make a counter offer in a "very trust minimised, environment" with the programming element eliminated via an intuitive user interface, he went on.

Szabo predicted a "win-win" scenario through the interfacing of smart contracts with what he calls "wet code": traditional contracts based on law. Each has strengths that can overcome the weaknesses of the other, he argued. Traditional contracts tend to be localised and rather subjective and unpredicatable and their enforcement is coersive, but they are based on expertise, experience and decades of case law, while smart contracts are globally scalable, predictable and enforceed through cryptography but immature and rigid.

"In many cases you want to use both together as complimentary. So now there's a contract between wet code traditional contracts and dry code smart contracts."

The low hanging fruit is financial contracts, he said "loans, bonds, derivatives". This sector he envisages a "spontaneous network of contracts formed from other smart contracts that is globally scalable."

26/09/2018 Real-world use cases emerging

A panel debate at the Connected World Summit in London this week dealt with the vexed question of blockchain hype. Yes, the panel agreed. Most blockchain projects are heavily oversold, driven on by crypto currency ICOs, but that's not to say it's all scams and vapourware. Genuine use cases, where a blockchain can do things that a distributed database can't, do exist, although most are still in the early stages.

Calvin Weise, founder of the Universal Patient Index and CEO of Kalibrate Blockchain, pointed to the health sector, in which surgeons have been occasionally known to chop off the wrong leg or doctors to deliver the wrong drug having been sent erroneous patient records. His company is working on a universal patient index stored on a blockchain that would reduce this problem considerably, he suggested.

Alfonso Delgado De Molina, analyst at Silver 8 Capital, brought up the smart bike locks marketed by Slock.IT where anyone with the right key on their smartphone can unlock the bike for a certain amount of time via a smart contract. This functionality also is being applied to cars by a startup in Berlin he said.

Alexandra Cheung, associate director of Cruxy & Co. spoke about systems to track the provenance of diamonds and also Floral Chain, which she says allows smaller growers and smaller shops to have a greater presence in the marketplace for cut flowers.

Using blockchain to help establish a presence was also mentioned by Darren Oliviero-Priestnall, CEO of Atlas City. He pointed to a project in China run by charity World Vision in which small farmers are encouraged to document themselves and their farms on a blockchain. Such evidence can help them obtain finance and establish their ownership rights. Elsewhere, undocumented refugees can start building an identity to help them in future dealings with the authorities.

The biggest current use case though is in the supply chain where goods can change hands a hundred times before reaching their destination, each transfer requiring additional paperwork. Assigning responsibility for any loss or damage is expensive and time consuming, delaying insurance payouts. This is the sort of scenario where an immutable, trustless record of events can really streamline processes - a significant caveat being that all players in the chain must be on board.  

11/09/2018 Blockchain-based driving licence trial rolled out by Australian state

The Australian state of New South Wales is to extend its trial of blockchain-enhanced digital driving licences.

Changes to NSW state law in May allow drivers to use their digital licence for proof of identity and proof of age in place of a physical document for renewing fishing licences, buying alcohol, as proof of responsible gambling behaviour - and for police checks.

The licences already incorporate a number of methods to protect against ID fraud; these will soon be joined by a blockchain-based system called TrustGrid developed by Australian firm Secure Logic, an incumbent supplier to Australian government.

"The Digital Driver Licence has a range of security technologies protecting the integrity of the system and privacy of a customer's identity," a NSW spokesperson told iTNews.

The aim of the scheme is to use a blockchain-based system to secure and authenticate the information held on the licences, allowing users to validate themselves via a smartphone app without requiring further checks. The app also allows users to renew their licence or amend their details without recourse to the authorities.

The blockchain trial started last year in the town of Dubbo. 1,400 volunteers signed up for a three-month trial, using their digital licence as proof of identity and age in pubs and clubs. It will soon be expanded to 140,000 users in Sydney before an expected statewide rollout by the end of 2019.

Secure Logic CEO Santosh Devaraj is (understandably) keen to push the wider implications of the trial for government services.

"The era of standing in line to file government paperwork is coming to an end, as is our reliance on physical identification cards to establish your identity or proof of age with law enforcement or at licensed venues. These are mistake prone, time-consuming, expensive, and impractical ways to offer services," he said.

Next page: Soluna plans clean energy option for crypto-miners; UEFA's blockchain powered ticketing app; The security risks of  smart contracts; Has the blockchain bubble burst?

24/08/2018 Soluna plans clean energy option for crypto-miners

Blockchain has a big energy problem. To remain secure, blockchains such as Bitcoin rely on the Proof-of-Work (PoW) consensus mechanism must burn a colossal amount of energy. Just a decade old, Bitcoin already consumes as much energy as Ireland and will hit Austrian levels by the end of this year

Bitcoin miners tend to hunker down where energy is cheap. This means Iceland, where cryptocurrencies are already using more of the country's geothermal supplies than consumers, or places like China where electricity comes from cheap but highly polluting coal.

There are less energy-intensive alternatives to PoW such as Proof-of-Stake, Proof-of-Capacity and Proof-of-Resource, but the blockchain that powers Bitcoin and related currencies is the big one and will remain so for the foreseeable future. And of course blockchain's potential is far wider than cryptocurrency - as use cases increase so will power consumption.

Now an energy and technology firm is looking to provide a dedicated renewable resource for crypto-mining. Soluna plans to build a windfarm in one of the windiest onshore locations in the world in the Moroccan Sahara. It predicts the 15,000-hectare site will generate up to 900 megawatts - or about a third of the current energy demands of the Bitcoin blockchain. Electricity will be supplied to a high-density data centre dedicated to cryptocurrency mining at a price equivalent to or even lower than cheap Chinese coal, around US $0.03 per kilowatt-hour.

"Soluna's mission is to power the crypto-economy with clean, low-cost renewable energy. To do this, we are building a blockchain infrastructure and cryptocurrency mining company that owns its own renewable energy resources," the company says in its brochure.

Money generated from the crypto-mining will pay for further renewable development including supplying Morocco's electricity grid, the firm says. It anticipates connectivity to the main grid to be available next year.

"Soluna will provide computing power for whatever is most beneficial for its business, whether that's cryptocurrency mining, distributed graphics rendering, file storage, machine learning, AI or other services of the decentralised cloud of blockchain technologies that have yet to be invented," says Soluna. "We are prepared to foster this future innovation. Green, renewable, low-cost power will serve as a key component."

Soluna has partnered with German wind power firm Altus AG and has approached vendors of chipsets and ASICs to equip its modular data centre ‘pods'. The windfarm and the data centres will be built using a phased approach, adding additional modules as capacity increases. The firm aims to have 36 megawatts of capacity operational by 2020 with the full 900 megawatts ready in five years.

Sounds promising, but a possible downside could be the exacerbating the problem of centralisation of mining power to a small number of locations thereby making the blockchain more vulnerable to attack.

20/08/2018 UEFA's blockchain powered ticketing app

All of the tickets for the August 15th UEFA Super Cup final match between Real Madrid and Atlético de Madrid in Tallinn, Estonia were distributed through a mobile app connected to a blockchain.

"UEFA chose a blockchain-based ticket distribution system combined with mobile Bluetooth devices at the stadium entrances," says UEFA on its website.

Tickets for major football matches have long been subject to touts and fraud, and this is UEFA's attempt to tackle the problem. The Bluetooth devices installed at the gates to the Le Coq Arena to were used to validate the tickets held on Apple and Android phones.

This is the first time that all publicly available tickets have been distributed this way. UEFA [Union of European Football Associations] piloted the system at a number of events, including most recently the 2017/2018 UEFA Europa League final between Atlético de Madrid and Marseille in Lyon, France in May. Half of the tickets sold for that match were distributed by the blockchain-based system, which has since undergone some fine tuning.

UEFA says it will "continue to develop the system further, with the aim of using it at future events."

The Super Cup final finished 4-2 to Atlético, with Costa netting two.

15/08/2018 The security risks of  smart contracts

Blockchain-based smart contracts present a unique risk, and companies should be wary of deploying them for anything with serious real-world repurcussions. That's according to code verification and programming language expert Grigore Rosu, professor of computer science at the Univerity of Illinois.

Smart contracts are small programs coded on top of a blockchain that run automatically as soon as conditions are right. An example might be an insurance payout after extreme weather, or a machine ordering its own consumables once stocks decline to a certain level.

Nothing new in that, you might say, but smart contracts have the potential for automating such conditions-based transactions on a massive scale, removing the need for a trusted human third party, even in white collar sectors such as law and finance.

Smart contracts are immutable; they're validated by multiple parties and can't be changed or corrupted. This is at once their strength and their weakness.

"There are two big problems with smart contracts," said Rosu. "One is that the code is public so you can work out how to attack it. Secondly, once you have a smart contract - that's it. It deploys and you cannot change it. So if you find a bug you can't fix it, you have to deploy a different version of the contract in a different account and exchange it with the old one which is a very heavy process."

He points to the example of the now-defunct cryptocurrency Beautycoin (BEC), which was killed off by a so-called batch overflow attack in April.

Two attackers, presumably having studied the code and spotted an eventuality the designers hadn't thought of, initiated simultaneous transactions using input parameters chosen to create a sort of feedback loop. Unprepared, the smart contract went beserk, generating tokens that were ostensibly worth more than five octodecillion dollars (five and eighty zeros). While no-one had to pay back that impossible sum, the coin was dead and worryingly it took two days for the hack to even be discovered.

Blockchain enthusiasts, it seems, suffer from a form of myopia; because of all that energy burned in proof of work they believe their beloved innovation is all but impregnable. But it turns out cryptocurrencies - which are after all basically just transactions stored on a blockchain - are plagued by glitches, as the number of crypto exchange hacks makes clear.

Recently, MIT researcher Corey Fields discovered a flaw in the signature verification code that would have been fatal to Bitcoin Cash had it been exploited. "The threat of software bugs is severely underestimated in the cryptocurrency world," he said.

Bugs and vulnerabilities can pop up all over the place, including the code of the smart contract itself, the programming language it's written in and the compiler that translates that code into machine-readable language.

Smart contracts tend to be coded in specialised languages such as Solidity which are modified versions of general purpose languages like JavaScript. Rosu declined to single out a particular language for criticism, but said they all have flaws when it comes to smart contracts.

"I'm scared because these languages are not very well designed. If a language is poorly designed then as a developer of smart contracts on a blockchain you may struggle to understand what your program actually does, and then the compiler can add its own bugs, and then the program itself may have bugs such as buffer overflow and all sorts of programming language-specific errors," Rosu said.

"Compilers also have bugs, and if you understand how the compiler works as a hacker you can exploit those."

Human verifiers are are worthless in this regard since a flawed compiler produces corruptions in the bytecode, which is only really readable by machines.

However, there are proven mathematical means of verifying the ‘correctness' of the machine code. While time-consuming, these techniques can be applied to smart contracts since they tend to consist of just a couple of hundred lines of code. Indeed, for the sake of us all, they should be said Rosu, who came up with the K-framework described as a 'rewrite-based executable semantic framework in which programming languages, type systems and formal analysis tools can be defined using configurations, computations and rules", fifteen years ago (It should be pointed out that Ruso has a vested interest here. His K-framework has been monetised via a business spun out of the University of Illinois called Runtime Verification).

While a smart contract might take two weeks to audit mathematically at the bytecode level and more complex code such as the CASPER consensus algorithm six months, most of that time is spent in specifying what the code is meant to do, said Rosu.

"If you make a mistake in the specification level then no matter what you do the proof is meaningless because the specification was wrong."

Given the complex mix of ethical and technical considerations, the specification of algorithms will require intensive human input for the foreseeable future. Coding, on the other hand, could perhaps be better done by machines. For safe smart contracts, the ultimate aim should be schematic-based compilation, or code that generates itself automatically based on what it's supposed to do, Rosu said.

"The question that many people in the blockchain space should ask themselves is why should we even write code at all? We should generate code that's automatically correct by construction, from the formal specification. This is feasible, and we are working on it."

06/08/2018 Has the blockchain bubble burst?

Have we reached peak blockchain hype? How much further can the bubble of expectations continue to inflate? Calling the top of any hype cycle is a finger-in-the-air exercise at best (unless you happen to be holding a pin behind your back), but there are signs that rationality may be taking hold.

Analyst firm Forrester reports that many blockchain pilot projects are being wound down having failed to come up with any persuasive use cases. Early adopter Nasdaq, which had high hopes for blockchain for managing shareholder meetings and issuing stock has not seen ideas come to fruition as quickly as it had envisaged two years back, according to Bloomberg.

"The disconnect between the hype and the reality is significant - I've never seen anything like it," said Gartner analyst Rajesh Kandaswamy. "In terms of actual production use, it's very rare."

Certainly, the number of organisations actively adopting blockchain is vanishingly small - just one per cent of CIOs surveyed by Gartner put themselves in that category, while 80 per cent had no interest whatsoever.

This could spell bad news for platform providers such as IBM and Microsoft which made most of the early running, although one would suspect they would have factored the hype cycle into their strategies.

The biggest hurdle is compatibility between alternative blockchains. Companies don't want to be locked into one platform at this early stage of development and are playing a game of wait-and-see. Then there are the familiar problems of scalability and throughput - all of which are being worked on but with few mature solutions to show for these efforts as yet.

That said, blockchain investment in the first half of this year has already exceeded that for the whole of 2017 with fintech applications a particular focus of that investment, according to a report by KPMG. The closed pilots may simply demonstrate a growing understanding that blockchain is not the answer to every problem after all, but could be a game changer for some.

Next page: Google joins the party; Accenture and Thales create aerospace and defence supply-chain blockchain; European banks' we.trade platform; the Stratis sidechain; Microsoft and EY track rights and royalties; Walmart's food supply system.

 

24/07/2018 Google joins the blockchain party

Google Cloud is nailing its colours to the blockchain mast, partnering with a couple of startups, Digital Asset and BlockApps. More details will be revealed today at the Google Cloud Next 18 event in San Francisco in a session covering Google Cloud's approach to distributed ledger technology (DLT) partnerships. 

"Customers can now explore ways they might use distributed ledger technology (DLT) frameworks on GCP [Google Cloud Platform] with launch partners including Digital Asset and BlockApps, and try open-source integrations for Hyperledger Fabric and Ethereum later this year in our GCP Marketplace," Google says in a perfunctory paragraph in its cloud partnerships blog.

Google has been slower off the mark than rival cloud vendors. Microsoft Azure, Amazon AWS and IBM have had blockchain partnerships for a couple of years now and are beginning to boast of real-world projects.

Google doesn't go into a lot of detail in its blog, presumably not wanting to spoil the fun for paying delegates, but its chosen partners are more effusive. "Google's entrance into the blockchain space is a landmark event for the growing blockchain ecosystem and cements the continued investment in blockchain solutions for Enterprises," says BlockApps on its website.

"As GCP adoption grows, the developer-friendly BlockApps STRATO platform enables more enterprises the ability to test and implement blockchain application solutions across any business sector,"

STRATO is a blockchain-as-a-service platform which the company claims lowers the barriers to creating decentralised applications (dApps) as it offers a RESTful API to communicate with the blockchain backend. The company is based in New York.

Digital Asset is also headquartered in New York. It provides a distributed ledger platform and smart contract modelling language called DAML.

"In collaboration with Google Cloud, Digital Asset has expanded its developer program to include the DAML Platform-as-a-Service (PaaS) on Google Cloud Platform. The DAML PaaS is a fully-managed solution that developers can use to test and deploy DLT applications, accessible through Google Cloud's Orbitera application marketplace technologies. Combined with the DAML SDK, developers now have an end-to-end toolkit to build and deploy sophisticated distributed applications," the company says in a press release.

17/07/2018 Consortium-based efforts to rationalise supply chains are perhaps the main real-world use cases for blockchains to emerge so far, outside of the world of cryptocurrencies. Another such venture was unveiled this week when consultancy Accenture and defence firm Thales announced a blockchain-based system to secure and improve the efficiency of aerospace and defence (A&D) supply chains at the Farnborough Air Show on Monday.

The system, which is based on the Linux  Foundation's Hyperledger blockchain framework, also uses Thales's "physically unclonable function (PUF) solution for silicon chips and Chronicled's tamper-proof cryptoseals" in order to keep track of parts and materials  used in aircraft manufacture, where counterfeit components have been a cause for concern, according to Accenture's website.

"Identifying counterfeit and grey-market goods in the A&D supply chain can be challenging," said Gareth Williams, vice president for secure communications and information systems at Thales UK.

"Using blockchain in combination with cryptoseals and physically unclonable functions allows you to build a trusted history behind parts. This demonstration builds on the strong relationship Accenture and Thales have created developing innovative digital solutions for a variety of industries."

Like similar systems being developed by the likes of FedEx and Maersk, the system is designed to provide transparency to all participants in the supply chain, as well as creating an immutable record of all transactions in the supply chain.

"The aerospace and defence industry has one of the world's most vast and complex supply chains. Blockchain technology offers a new, elegant and secure way for the industry to track and trace myriad components while deterring counterfeiting and improving maintenance capabilities," said John Schmidt, the head of Accenture's A&D unit.

"Used in combination with technologies like digital twins and digital threads, blockchain could ultimately be a game-changing innovation for this sector."

03/07/2018  A consortium of European banks has announced the first commercial trades on its blockchain-based we.trade platform.

The we.trade platform is a collaborative effort that was kicked off by a consortium of seven banks: Deutsche Bank; HSBC; KBC; Natixis; Rabobank; Societe Generale; and UniCredit. They were later joined by Santander and Nordea. we.trade is headquartered in Dublin.

The consortium announced Tuesday that seven commercial trade transactions have now been completed by 10 companies on the platform across five countries.

"We are delighted to have launched for the first time in the world, a blockchain-based platform that enhances the overall customer experience, when trading internationally. The next step will be getting buy-in from additional banks and their customers in Europe and further afield", said we.trade COO Roberto Mancone in a statement.

By directly connecting all the parties  - the buyer, the buyer's bank, the seller, the seller's bank and transporter - in a domestic or transnational transaction in a way that covers all of the governance rules and regulations that apply to the individual banks, we.trade aims to make trades more straightforward. Presently it covers 11 European countries: Belgium, Denmark, Finland, France, Germany, Italy, Netherlands, Norway, Spain, Sweden and the UK.

we.trade is built on the IBM Blockchain Platform and based on Hyperledger Fabric, the open-source blockchain framework implementation hosted by The Linux Foundation.

Hyperledger Fabric is designed to simplify the act of developing blockchain-based applications and smart contracts by allowing components such as consensus and membership services to be plug-and-play. Originally introduced by IBM and Digital Asset, many of the banks that make up the we.trade consortium are also members of the Hyperedger project.

"As we.trade has moved from pilot applications to conducting live transactions across borders, it has demonstrated the power of blockchain technology in an enterprise setting," said Parm Sangha, GBS blockchain leader at IBM.

"To convene a large network of regulated banks and demonstrate how blockchain technology can help them gain efficiencies and provide greater transparency in live transactions is a disruptive model that has the potential to reshape the future of global trade finance."

The consortium aims to move outwards from its base of founding members, offering the service to other banks by making we.trade available on a licence-type basis in order to expand the platform as quickly as possible.

29/06/2018 UK blockchain-as-a-service firm Stratis has unveiled programmable sidechains as an alpha release.

A sidechain is a blockchain that's based on the core code of the main chain and is interoperable with it, but which allows for bespoke operations without affecting the main branch. This allows companies to experiment with creating blockchain applications without risk of adversely affecting the main chain or compromising privacy by making data public. At the same time, any updates to the main blockchain code are propagated down to the sidechains.

"Stratis sidechains have been designed so that in the future enterprises can run smart contracts on sidechains, opening up a wide range of use case such as exchanging documents between a range of companies within an industry, for example invoices or order forms," lead developer Jeremy Bokobza told Computing, adding that the sidechain can be customised by changing parameters like block interval and block size.

"One of the main advantages of sidechains are the ability to improve scalability for applications like payments and IoT, which could be hundreds of thousands of transactions."

The Stratis blockchain runs on the Microsoft .Net framework and is written in the familiar C# rather than using a specialist language and environment, a decision the company took to make creating decentralised applications and smart contracts more accessible to enterprise developers. It says it will soon provide support for Microsoft's functional programming language F# which is particularly popular in the financial sector, the main area of focus for the London-based firm.

Stratis is based on the Bitcoin blockchain but with the Proof-of-Work consensus mechanism (essentially security through burning electricity) replaced by Proof-of-Stake (decision-making powers dished out according the stake - e.g. number of coins - held by each player) to increase scalability in the enterprise setting. It is designed to support smart contracts, enabling actions to be undertaken without human intervention once predefined conditions are met.

Among the use cases for the programmable blockchain, the company lists auctions and peer-to-peer lending to investment funds, insurance settlements, real estate transactions, domain name registries and digital copyright.

The sidechains will increase the flexibility of deploying smart contracts and decentralised applications, according to CEO Chris Trew.

"As an example, if an enterprise wants to improve efficiency by moving invoicing or asset tracking to a blockchain solution, it's likely that they will not want to publicise that data. That's when a private sidechain becomes a flexible solution that's quick to test and deploy, as well as easy to maintain," he said.

"Sidechains are a critical step in making blockchain accessible to enterprises wanting to benefit from blockchain while retaining full control of their business processes and privacy."

As essentially restricted private blockchains, each sidechain would be overseen by those using it, said Bokobza.

"Sidechains are governed by a foundation which is made up of say a group of banks or a group of automotive firms that wish to collaborate on a blockchain cross-industry project. Or more simply, a collection of senior managers from an individual organisation that make decisions on the direction the sidechain takes."

26/06/2018 Some of the world's biggest food producers have come together to build a blockchain-based system for tracking the provenance of food items.  

The ability to trace food through the supply chain is particularly important in the event of contamination. An outbreak of E. coli in the US involving romaine lettuce that began in April has killed five people to date with almost 200 cases reported across 35 states. The source has been tracked down to an area of Arizona, although no individual farm has yet been identified.

The complex nature of the supply chain makes it very difficult for the authorities to trace dangerous or contaminated food quickly. Each company in the chain is required to record only a small fraction of the overall steps and the authorities must reproduce the full picure from a disjointed and often incomplete set of records. In cases such as the above such delays can be fatal.

Ten companies Walmart, Nestlé, Dole Food, Driscoll's, Golden State Foods, Kroger, McCormick, McLane, Tyson Foods and Unilever have come together to create a consortium called the Food Trust which aims to reduce the product recall time using a blockchain architecture. It should also improve the efficiences in other areas of the supply chain.

Built in partnership with IBM, the system has been in development for a year and is still pre-release. The blockchain currently contains information about one million food products, and initial tests have been encouraging, reports the WSJ.

"You're capturing real-time data at every point, on every single food product," said Frank Yiannas, vice president of food safety at Walmart, adding: "It's the equivalent of FedEx tracking for food."

Yiannas said that in tests, a consignment of Mexican mangos sold in a US Walmart store was traced back to its supplier in 2.2 seconds. Using the traditional method with barcodes and paper receipts it took a week.

22/06/18 London-based professional services giant EY and Microsoft have teamed up to launch a blockchain that's designed to simplify the fiddly and time-consuming business of managing digital rights and royalties.

Intellectual property (IP) owners such as authors, songwriters, artists, production houses, developers and others will be able to track how their creations are used and monitor revenues coming in from partnerships and licencing arrangements in near real-time.

Built on the Quorum blockchain developed by investment bank JP Morgan, the EY press release says it's designed to increase efficiencies in the system. Calculations about what is owed to whom currently tends to be a manual process, it notes, and generally managed via offline data sources.

Since it will provide visibility of sales transactions as they happen, content providers will be able to react quickly to market demand, claims EY. This is made possible by smart contracts that are written into the blockchain.

"The embedded smart contract architecture is designed to enable accurate and real-time calculation of each participant's royalty position, providing enhanced visibility for recording and reconciling of royalty transactions," the blurb says.

JP Morgan's Quorum is based on Go Ethereum, an implementation of the Ethereum blockchain written in the Go language, but with a few tweaks. The first is that it's permissioned (private), meaning that only approved nodes can join it. Because of this, it can use a simplified consensus mechanism that relies on a majority vote, which also makes transactions significantly faster than Ethereum, which is a public or unpermissioned blockchain. And since it is designed to manage financial transactions more privacy is built in.

The new rights and royalties management solution runs on Microsoft Azure cloud. It has already been rolled out to a few games producers that use Microsoft's platform, among the first being Ubisoft, which is currently testing the system. It will later be extended to other gaming companies and eventually to authors and musicians and other creative types too.

While the EY press release doesn't actually give the new system an official name, Redmond seems to have already dubbed it the 'Microsoft Rights and Royalties blockchain network' with no mention of EY in the title. Now, how to manage who gets naming rights?

Next page: Blockchain doubts voiced by bankers; Microsoft's BaaS customers; EOS mainnet launch; China bigs up blockchains; Maidsafe's PARSEC consensus algorithm

18/06/2018 Blockchain came into being as a way of supporting a new currency, Bitcoin, in the wake of the global financial crisis of 2008. By cutting out the middleman (i.e. the banks and central authorities that had got us into the mess) a more just and trustworthy monetary system could be created, its founders reasoned.

The limitations of Bitcoin in this regard have been apparent for some time, and its proponents have generally downgraded its use case from ‘the new money' to more a 'store of value', like digital gold. Nevertheless, banks and central authorities have been setting up blockchain pilots to see if the immutable ledger can be utilised for their benefit.

They may be wasting their time, says Switzerland-based Bank for International Settlements (BIS) - an institution that provides banking services to central banks and international organisations. In its annual report it says that cryptocurrencies are too untrustworthy to act as a replacement for fiat currencies and that blockchains cannot scale sufficiently and are too energy intensive.

"Cryptocurrencies such as Bitcoin promise to deliver not only a convenient payment means based on digital technology but also a novel model of trust. Yet delivering on this promise hinges on a set of assumptions: that honest miners control the vast majority of computing power, that users verify the history of all transactions and that the supply of the currency is predetermined by a protocol," it says.

"Understanding these assumptions is important, for they give rise to two basic questions regarding the usefulness of cryptocurrencies. First, does this cumbersome way of trying to achieve trust come at the expense of efficiency? Second, can trust truly and always be achieved?"

BIS concludes that the answer to both of these questions is no.

The report criticises the enormous energy use of the current generation of blockchains, noting that Bitcoin has the same electricity consumption as Switzerland.

"Put in the simplest terms, the quest for decentralised trust has quickly become an environmental disaster," it says.

Other shortcomings include its lack of scalability and throughput. Blockchains are simply too slow to manage large-scale financial transactions efficiently and throughput decreases with the number of transactions. Moreover, with each new transaction the blockchain grows ever larger.

BIS points out that cryptocurrencies are unstable, putting this down to more than the current speculative nature of the market. A central bank has a duty to stabilise the currency, as well as being a lender of last resort - something not possible in a decentralised system.

"In a decentralised network of cryptocurrency users, there is no central agent with the obligation or the incentives to stabilise the value of the currency: whenever demand for the cryptocurrency decreases, so does it's price."

Then there's the lack of trust as to when payments will be made - if at all. Proof-of-work blockchain consensus on transactions never reaches 100 per cent certainty and trust may be further undermined by the very real prospect of projects being forked.

And there are issues about money laundering and regulation. Their global nature means that global legislation is needed to regulate cryptocurrencies, BIS points out.

A minor plus: blockchain can provide some benefits for the global financial system, however, BIS said. Permissioned blockchains can make cross-border payments and international supply chains can be made more efficient. The latter was recently discussed by FedEx boss Fred Smith.

So, a pretty damning report with many valid criticisms but none that are new, at least on the technical side. Most people accept that the Bitcoin blockchain is very much decentralised network mark 1, and many of the scalability, sustainability and trust problems are being worked on by other systems (see earlier in this blog).

Nevertheless, the question of whether a fully decentralised currency can ever be stable enough to be a trustworthy alternative is an interesting one, and probably not best dismissed as just central bankers hitting back.

15/06/18 Microsoft Azure CEO Mark Russinovich has been talking about a couple of customers who run blockchain based applications on the cloud platform. The first one he mentioned was chemicals corporation 3M which has implemented a system to increase trust in its supply chain.

"3M is doing it to track the provenance of sensitive pharmaceuticals to make sure when the customer gets it they can verify it actually came from a reputable source. There's so much fraud in the pharmaceutical industry with lots of fakes and tampering," Russinovich told Yahoo Finance.

The second customer he talked about was Webjet, an Australian travel company that, among other things, sells hotel rooms online.

"A single transaction of an item like a hotel room to an end user might involve five transactions, and they found that roughly one in 10 of those required some sort of manual intervention because of problems on the way," Russinovich said, adding that in one in 25 transactions "somebody in the chain doesn't get paid so there's a lot of loss and a lot of fraud".

Webjet has created a a data reconciliation service for the travel industry called Rezchain which is based on the Ethereum blockchain running on Azure. Russinovich claimed this has reduced the need for internal interventions by more than 90 per cent.

Microsoft first started experimenting with blockchains on Azure about four years ago prompted by rising interest from enterprises as bitcoin started to make headlines.

"Cryprocurrencies were on top of everyone's mind and everyone was wondering how they could make use of it, and we saw many companies looking with concern at whether they will be disrupted by somebody else that might get to a blockchain solution before them," Russinovich said.

Microsoft has moved quickly to try to corner what is still a very new market. A couple of years ago it announced a partnership with startups Blockstack and ConsenSys to develop a blockchain-based identity system on Azure.

11/06/18 The EOS mainnet, a blockchain designed as a platform for smart contracts to rival Ethereum, went live over the weekend, although it's not yet open for business.

Voting is currently underway among holders of EOS cryptocurrency tokens to decide on the first 21 block producer candidates which will manage the blockchain and mine the blocks, for which they will earn EOS tokens.

EOS is designed to support decentralised applications (dApps) and smart contracts. It is expected that it will be able to handle a much higher throughput than Ethereum - 5,000 per second compared with the latter's 15 - and at a lower latency. EOS uses a proof-of-stake consensus mechanism rather than Ethererum's proof-of-work (PoW) which is harder to scale. Transactions in Ethereum's currency the ether (ETH) also incur relatively high charges while fees to secure the EOS blockchain are managed through inflation - tokens produced to pay the miners mean there are more in circulation.

On the other hand, the EOS model is more centralised with just a few miners controlling the governance of the blockchain - and only one running the election to decide the initial 21.

There can a total of only 21 EOS block producers at any given time. This would be a big problem were all the miners to be in one jurisdiction although the block producers will be continuously rotated to reduce this problem. Nevertheless critics point out that large miners may be able to influence this process by buying votes.

The launch of the EOS mainnet was postponed after critical vulnerabilities were discovered by a cyber security company a few weeks back.

The EOS project has raised approximately $4 bn through sales of its token over the last year making it by far the largest project of its kind in financial terms.

Update 15/06/18: the voting process has now finished.

04/06/18 Blockchain hype is not restricted to fintech startups and dubious cryptocurrency launches. The Chinese government and its supported tech companies now appear to be climbing on board the bandwagon too.

On Sunday, Chen Weihong a presenter on state broadcaster China Central Television (CCTV) - a channel widely seen as a mouthpiece of the government - claimed "the economic value of blockchain is 10 times more than that of the internet".

His statement came during a discussion about blockchain technology that featured well-known figures in the field such as Canadian author Don Tapscott, who claimed that "we're moving from an internet of data to an internet of value".

"No for the first time ever people and organisations can do transactions peer-to-peer," Tapscott said.

Also present were included Chen Lei, CEO of cloud network firm Xunlei, and Stanford University professor and investor Zhang Shoucheng.

As reported by Coindesk Zhang said: "While the real value of the internet is aggregating individual pieces of information into one place, which is exactly what Google and Facebook does, we are now entering an era where information is being decentralised so that individuals can own their individual data. And that's the real value of blockchain that makes it exciting."

Since programmes on CCTV generally reflect the views of the Chinese government the debate was unsurprisingly critical of many of the cryptocurrency ‘initial coin offerings' (ICOs) that have come up from nowhere to net billions, sometimes on the strength of a single white paper. China implemented a nationwide cryptocurrency ban in February. However, there are plenty of signs that China plans to become a big player in the underlying blockchain technology.

On Saturday Baidu  - the ‘Chinese Google'  - announced a protocol called Super Chain designed to reduce the energy requirement for the blockchain mining process.

Last November the firm unveiled a service called Baidu Jinkuang which would allow users to take advantage of unused computer resources in a peer-to-peer fashion. Baidu is also in the process of creating a blockchain-based photo store that protects owners' copyright and has a blockchain as a service platform in the offing.

25/05/18 Ayr-based MaidSafe (the inspiration, incidentally, for the 'new Internet' Pied Piper in the HBO series Silicon Valley) has come up with what it claims is the most efficient solution yet to the well-known Byzantine Generals problem: achieving consensus across a masterless distributed network in which no one node can be seen as the ultimate source of truth. It's a system the firm says could replace blockchain consensus for trustless data storage.

MaidSafe has been working on its blockchainless peer-to-peer autonomous data network for more than a decade. Unlike traditional client-server networks, the SAFE Network has no central point of control. Instead, it is made up of users' own machines which are used to randomly store encrypted chunks of the files uploaded to the network - a little like BitTorrent but without any central trackers and with everything encrypted. The idea is that it allows data storage (and eventually compute) with no single point of failure and in such a way that only the user has total control of his or her data. Only the user can grant access to people and applications that might want to share it. It also has its own integral cryptocurrency which is used to balance the give and take on the network.

Byzantine fault tolerance is a central issue for all decentralised distributed networks. In brief, how without a central point of authority can 'truth' be agreed upon? A particular node might be faulty or malicious but while another node nearby will see it as such a third node located in a far-flung part of the network might see it as perfectly fine because of the time taken for messages to traverse the infrastructure. Another way of looking at it is how can the network as a whole be sure of the order in which events happen on it?

This long-standing issue was finally solved by Bitcoin inventor Satoshi Nakamoto via the proof-of-work (PoW) consensus mechanism. Miners compete to be the first to solve a complex mathematical problem for which they are awarded Bitcoin and their particular version of the truth is put forward. The other nodes then come together to accept or reject this version and ultimately the network converges on the one true agreed state that will be used going forward. A key application is to prevent the problem of double-spend, where one might otherwise spend a Bitcoin simultaneously in two places.

But while Bitcoin has been highly successful in this regard the limitations of the blockchain regarding carrying capacity, scalability and throughput have become apparent. Moreover, the energy-intensive PoW consensus system has led to a high degree of centralisation since only large-scale professional miners with access to the latest ASICs and cheap electricity can now realistically earn Bitcoin in this way.

These issues make blockchains ill-suited as the basis for a data network - the equivalent of the internet or, looking further afield, the sort of heterogeous distributed networks represented by the IoT, the company says.

"The very design of blockchains means that their use case isn't suited to a global internet that deals with vast amounts of data that needs to be both private and secure," MaidSafe writes in a blog post.

The SAFE Network actually predates the Bitcoin blockchain by a couple of years but it is still at pre-release alpha stage. One of the key things that have held back progress is the difficulty in achieving a reliable consensus mechanism - the equivalent of PoW. However, this is a nut MaidSafe now claims to have cracked with PARSEC (Protocol for Asynchronous, Reliable, Secure and Efficient Consensus), a new algorithm based on a gossip protocol which the firm will open source under the GPL3 licence.

"It provides network consensus through maths and not through burning huge amounts of electricity," said CEO David Irvine.

The blog goes into more detail: "The concept of Byzantine fault tolerance is a crucial one. It means that it is mathematically guaranteed that all parts of the network will come to the same agreement at a certain point in time. Exactly what PARSEC achieves."

It continues: "With PARSEC, consensus is mathematically guaranteed as certain (as well as having a throughput that dwarfs blockchain tech). What's more, PARSEC is highly asynchronous. This means that there is no trusted setup nor any synchronous steps involved."

The company claims that PARSEC, a type of directed acyclic graph (DAG), offers significant advantages over other alternatives to PoW such as Proof of Stake. The nearest competitor would seem to be the Hashgraph DAG, but that has shortcomings when it comes to autonomous data network applications for the IoT, the firm says.

Got any breaking decentralised developments to tell us about? Let us know. (Mature projects with code published on GitHub or similar or a paper reproduced in an established journal please, rather than speculative stuff or coin news.)

Who's headlining the Women in Tech Festival UK 2019?

By Holly Brockwell | News | 13 September 2019
Our speakers include comedians, authors and technology experts

And what can they teach you?

Every tech festival has a huge list of speakers and panellists, impressive and interesting in their own right. But honestly, we all want to know who the biggest names are. In other words, who's headlining?

Here's a quick introduction to our host and our three headliners for the Women in Tech Festival, plus why you won't want to miss a minute of their talks.

Our host: Viv Groskop

The Women in Tech Festival 2019 will be hosted by the brilliant Viv Groskop, comedian and author of How to Own the Room, plus host of the popular podcast of the same name.

She'll be giving an interactive presentation about how inspirational women get the world to sit up, pay attention and really hear what they're saying. She'll cover everyone from Virginia Woolf to Michelle Obama via Joan River, pointing out their signature techniques and explaining how you can use them for your own benefit.

Viv has spent years coaching senior executive women, as well as hosting book tours for the likes of Jo Brand, Dawn French and Jennifer Saunders. She's been taking one-woman shows to the Edinburgh Fringe for half a decade, and has written books including The Anna Karenina Fix: Life Lessons from Russian Literature, and of course How to Own the Room: Women and the Art of Brilliant Speaking. Right now, she's working on the next one, called Au Revoir, Tristesse: Lessons in Happiness from French Literature.

You might also have seen her on The Week on BBC 1, and presenting Front Row and Saturday Review on BBC Radio 4. Her talk will begin at 9.20am.

Headliner: Anne-Marie Imafidon

Dr Anne-Marie Imafidon MBE is the Co-Founder of Stemettes, which -in the unlikely event you haven't heard the name - is a multi-award-winning social enterprise that encourages girls into careers in STEM (science, tech, engineering and maths).

Dr Imafidon earned her Masters' degree in Mathematics and Computer Science from the University of Oxford at the age of just 20, and went on to win the Barclays UK ‘Woman of the Year' award among many others. She's frequently listed in compilations of the brightest and most influential tech stars in the world, and received her MBE in the 2017 New Year's Honours for services to young women and STEM sectors.

Anne-Marie's keynote speech will take you through the journey from the bottom to the top of tech, working for companies including Goldman Sachs, Hewlett-Packard and Deutsche Bank on the way. She's given brilliant talks at huge festivals including SXSW and Founders Forum, and now brings her inspiring brand of tech activism to the Women in Tech Festival.

You'll come away with tactics and strategies you can use to climb the ladder in tech, ways to lay a path to your dream career and insights from the stumbles Dr Imafidon made along the way. This will undoubtedly be one of the most popular talks of the day, so make sure you're comfortably seated for the kickoff at 9.50am.

Headliner: Angelique Vu

Software engineer and co-chair of Financial Times Women UK, Angelique specialises in publishing software and content management systems for newsrooms. This focus has put her at the heart of the news industry for the past decade.

Having moved over from the art world, Angelique was surprised to find how few women there are in tech when she transitioned into software development at the Financial Times. As a result, she founded FT Women UK, which she still co-chairs, and has spearheaded several other initiatives aimed at getting more women to join and stay in the industry.

Angelique's headline speech is titled Entering the tech industry, and covers how to identify transferable skills from other roles to help you make the move into tech. She'll also discuss how we get women into a wider range of tech roles, how we can improve education around the jobs available in tech now and in the future and how to choose which qualifications to take when the future is ever-changing. Her talk starts at 4pm.

Headliner: Natasha Sayce-Zelem

Head of Technology at Sky, Natasha's talk will be happening at the same time as Angelique Vu's - so you'll need to choose between them. Tough call!

Natasha heads up technology for Sky's huge Digital Service sector, but she's also the founder of Leeds' Ladies Of Code group as well as being on the Industrial Advisory Board for the University of Leeds' School of Computing. If that wasn't enough prestige, she's been named one of the top 100 women in tech for founding the national Empowering Women With Tech initiative, which has welcomed more than 1,000 people to its educational events and mentoring scheme.

Meanwhile, The Times' named Sky as one of the top 50 employers for women.

Natasha's talk will discuss why human or 'soft' skills are every bit as important as the 'hard' skills, aka the technical stuff. The title - Anything but FLUFFY - refers to the fact that while they might be called 'soft,' human skills aren't some woolly nice-to-have attributes. They're actually vital, especially considering the skills shortage in tech right now.

Natasha will also cover personal development, especially outside work, and how we improve inclusivity in tech.

Decided which talks you most want to see? Grab your tickets for the Women in Tech Festival UK 2019 here.

IBM pitches new z15 mainframe as platform for mission-critical hybrid cloud

By Graeme Burton | News | 12 September 2019
The IBM z15 mainframe

Encrypt data everywhere and revoke access to data instantly, promises IBM with launch of z15 mainframe

IBM has launched the latest iteration of its IBM Z mainframe, the IBM z15, pitching it as the ideal platform for running mission-critical applications in a hybrid cloud environment.

In particular, IBM has emphasised its ability to protect customer data with pervasive encryption - the ability for the mainframe to "encrypt data everywhere" across hybrid multi-cloud environments. It also offers policy-based controls that can "instantly revoke access to data" across an organisation's hybrid cloud, based on IBM's Data Privacy Passports technology.

This technology, IBM claims, enables organisations to control how their data is stored and shared, including revocation of access to that data at any time, "not only within the z15 [mainframe] environment but across an enterprise's hybrid multi-cloud environment".

Our enterprise clients are continuing to embrace the mainframe as part of a hybrid approach to infrastructure

IBM also claims that z15 supports cloud-native application development, especially for mission-critical applications, with new development tools such as Red Hat OpenShift. It added that cloud developers can now deploy z/OS applications using OpenShift with no special z15 skills required.

That shift towards cloud and Agile development has been supported by partner companies within the IBM mainframe ecosystem, such as Compuware

IBM has also pledged to deliver IBM Cloud Pak offerings to Linux running on z-system mainframes.

For organisations whose core mainframe workloads continues to be transaction processing, IBM claims that the z15 can perform up to one trillion web transactions every day. Supporting that is Instant Recovery, a new feature enabling the the system to recover more quickly from both planned and unplanned downtime.

At the same time as launching the z15, IBM also unveiled a new high-end, enterprise storage system, the IBM DS8900F, intended to support organisations running mission-critical, hybrid multi-cloud environments. IBM claims that the new storage systems will offer 99.99999 per cent uptime, with disaster recovery options bring recovery times to "near zero".

IBM is the last global mainframe hardware player.

The demise of the mainframe has been predicted since the late 1980s, with multiple players falling out of the market, while it retrenches down to a handful of players - IBM, Fujitsu and NEC. Nevertheless, it remains a core component of many major organisations' in-house IT systems.

"We actually see our enterprise clients continuing to embrace the mainframe as part of a hybrid approach to infrastructure," said Oliver Presland, a vice president at managed IT services company Ensono. He continued: "Everything that mainframe is renowned for, from security to reliability, versatility to performance - makes them as relevant today as they have ever been."

However, he added, IDC also forecasts the market to decline in value from $3.57 billion in 2017 to $2.8 billion in 2022. 

Oracle CEO Mark Hurd takes leave of absence for health-related reasons as company reports disappointing quarterly results

By Dev Kundaliya | News | 12 September 2019
Mark Hurd has occupied the role of co-CEO alongside Safra Catz since 2014

Hurd will nevertheless continue to receive all employment benefits during his leave of absence from Oracle

Oracle co-CEO Mark Hurd is taking a leave of absence due to health-related reasons, the company announced on Wednesday.

During his absence co-CEO Safra Catz, and founder and CTO Larry Ellison, will handle Hurd's responsibilities.

Oracle didn't provide any details on what Hurd's health issues might be, but added that he will continue to receive all employment benefits during his absence. 

In a statement, Hurd said that the leave came at his request. "Though we all worked hard together to close the first quarter, I've decided that I need to spend time focused on my health," Hurd wrote in a message to Oracle employees.

Hurd joined Oracle as president in September 2010, about a month after his controversial resignation from Hewlett-Packard. Hurd had been the CEO of HP since 2005, but was forced to resign following allegations of sexual harassment.

Prior to HP, Hurd spent about 25 years at NCR, where he rose to the position of CEO. In 2014, Ellison appointed Hurd as co-CEO of Oracle alongside Catz. In that capacity, Hurd has administered sales, marketing, support, consulting, and other units focusing on industries.

The news of Hurd's medical leave came the same day that Oracle released disappointing results for its fiscal first quarter.

The company was expected to report its quarterly earnings on Thursday, but released them a day early as the management felt "it made sense to share all of our news at once" following Mark's decision to go on a medical leave.

Oracle announced that its total revenues were $9.22 billion, just missing Wall Street consensus expectations of $9.29 billion.

Nearly 75 per cent of the Oracle's revenue comes from cloud services and licence support, the company claimed, although it has long been criticised for obfuscating the performance of its cloud push by bundling cloud revenues in with software licence sales. 

Oracle has struggled to achieve organic growth for some time. For instance, in March, the company reported flat third quarter sales, but claimed that its cloud revenues were growing. At that time, Safra Catz stated that the company was shifting its cloud focus to its infrastructure business, which would include its widely used database products.

Vote now to choose the winners of the Technology Product Awards 2019

By Tom Allen | News | 12 September 2019
Vote now to choose the winners of the Technology Product Awards 2019

The Technology Product Awards are unique - your votes determine who walks away with a gong

We are no stranger to running events here at Computing, and while they are all unique in their own way, one in particular stands out from the rest. Instead of a panel of judges, it is you - the end-users - who choose the winners of the Technology Product Awards.

VOTE NOW

Your votes on the shortlist will determine who walks away from the ceremony with a prize this November. Categories cover the gamut of the technology industry - from hardware to software and vendors to projects. 

For our entrants, winning one of these awards is not simply a recognition of your ability by a panel of experts, but represents your audience naming you as a leader in your field.

Get your votes in as soon as possible - judging closes on the 18th October. There's no need to vote in every category, only those that are relevant to you and your experience. Note that only true end-user votes will be used: entries from companies who have entered the awards will be discounted in categories they have entered.

Technology Product Awards 2019 shortlist

Best Business Application Best Business Mobile Solution Best Business Intelligence / Analytics Vendor Best Software-as-a-Service Provider Best Business Software Provider Best AI/Machine Learning Provider Most Innovative Use of AI / Automation - SMEs Most Innovative Use of AI / Automation - Enterprise IoT Product of the Year Best Networking or Communications Provider Best Business Storage Product Best Business Backup and Continuity Provider Best Digital Transformation Product or Service Best SME Security Product Best Enterprise Security Product Best Enterprise Security Product - Access Best Enterprise Security Product - Intelligence and Analytics Security Innovation of the Year - SME Security Innovation of the Year - Enterprise Best Business Security Provider Best Virtualisation Product Best Cloud Service Best Cloud Security Product Infrastructure Product of the Year Most Innovative Use of Open Source Technologies Best Cloud Computing Provider Technology Hero of the Year Customer Project of the year Technology Innovator of the Year Product of the Year - SME Product of the Year - Enterprise

Mike Lawrie to step-down as CEO of DXC Technology with Mike Salvino taking over

By Dev Kundaliya | News | 12 September 2019
Mike Lawrie has stepped down as the president and CEO of DXC Technology

Lawrie's departure as chairman at the end of December strategically timed to coincide with New Year celebrations for DXC staff...

Mike Lawrie has stepped down as president and CEO of DXC Technology, the services firm created via the mash-up of CSC and HPE's services division.

In a statement, the IT services company said on Wednesday that Lawrie had retired with immediate effect, and former Accenture executive Mike Salvino was being appointed as the new CEO of the company. Lawrie will remain as chairman until the end of the year. 

According to DXC, Lawrie had planned his retirement one year ago and assisted the board in the search for his successor. "We want to thank Mike Lawrie for guiding DXC through its successful integration and initial phase of transformation," said Manoj Singh, chairman of the DXC board's nominating committee.

We want to thank Mike Lawrie for guiding DXC through its successful integration and initial phase of transformation

Lawrie was appointed CEO of DXC Technology in 2017, when the firm came into existence following the mashing together of HPE Enterprise Services and CSC. 

Lawrie was previously the chief executive of CSC, and prior to that, he worked for UK-based Misys. He had risen up through the ranks at IBM over a period of 27 years, holding various increasingly senior executive roles in the company.

Lawrie said it had been a privilege to serve as CEO of DXC. He added that Salvino was "the perfect choice" to guide the company into its next phase.

Salvino joined the DXC board in May this year. He had earlier served as group CEO of Accenture Operations for seven years.

He left Accenture in 2016 after a tenure of 22 years at the IT services company. Most recently, Salvino was managing director at Carrick Capital Partners, a private equity firm based in the US.

As the new CEO of DXC Technology, Salvino's primary focus will be on increasing revenues for the company, but will no doubt also continue to cut costs, as Lawrie had done. Despite the large number of layoffs in recent months, DXC's latest quarterly report sent its share price through the floor.

Earlier this year, DXC Technology acquired customer software developer Luxoft in $2 billion deal in a bid to expand its offshore development services. 

"DXC has an enviable client portfolio, deep industry partnerships and a talented global team," Salvino said. "I am looking forward to leveraging these strengths and my proven operational playbook to accelerate the execution of our growth strategy," he added.