Canada dismisses Chinese threats over potential 5G network ban for Huawei
By Lukas Job | News | 18 January 2019
China had warned of 'repercussions' should Canada bar Huawei from the country's 5G networks
Canada has dismissed threats from China promising "repercussions" should it ban Huawei from supplying communications hardware to the country's 5G networks.
It comes after China's ambassador in Canada urged "Canadian officials" and "relevant authorities and bodies" to "make a wise decision on this issue".
Ambassador Lu Shaye continued: "If the Canadian government does ban Huawei from participating in the 5G network, then as for what kind of repercussion there will be, I'm not sure, but I believe there will be repercussions."
The warning was conveyed to reporters during a press conference in Ottawa, Canada.
Huawei is increasingly losing ground in Western countries after the US authorities started urging close partners - partners with whom it routinely shares intelligence - not to allow Huawei hardware to be deployed in forthcoming 5G networks, citing security concerns.
The warnings have hit home, with authorities in Germany this week joining a growing list of countries considering a block on Huawei supplying 5G equipment to mobile operators.
Canada has also announced that it is evaluating the security threats connected with 5G networks. It hasn't reached a formal decision yet.
Lu's press conference is the newest development in the ongoing dispute between the two countries.
During the conference, China's ambassador Mr Lu called her arrest an act of "back-stabbing" by a friend.
Canada claimed repeatedly that the incident was not politically motivated, but purely a matter of the rule of law as authorities were acting under international treaty obligations.
In response late today to the threats, Canada's Minister for Public Safety, Ralph Goodale, said that the country would not compromise on national security.
He told Reuters: "We understand that those sorts of comments will be made in the process, but we will make our judgment based on what is right for Canada and not be deterred from making the right decision.
"We are determined to stand our ground based on what is right for Canada ... this is a tough and turbulent world."
'Faster Payments' glitch affecting Lloyds, Halifax and Bank of Scotland
By Computing News | News | 18 January 2019
No-so-Faster Payments borkage hits Lloyds Banking Group
Lloyds Banking Group's Faster Payments services have gone down today, affecting customers of Halifax, Bank of Scotland and Lloyds Bank.
The system has been down since at least 7am, with customers unable to make payments or transfer money, and reports increasing throughout the day.
The borkage sees the banking group's online and mobile banking services return an error message when a payment or transfer is attempted, with customers advised to "check back in two hours".
Lloyds Banking Group, though, took a few hours to issue a statement admitting to the downtime.
"We are aware that some customers are experiencing problems with making Faster Payments," it said.
Hi, I'm AM. We are aware that some customers are experiencing problems with making payments & are working to resolve the issue as quickly as possible. We would like to assure you that you'll not be out-of-pocket as a result of this, & apologise for inconvenience.
"We are working to resolve the issue as quickly as possible. We would like to assure customers they will not be out of pocket as a result of this issue, and apologise for any inconvenience caused."
However, the technical issue isn't just affecting ordinary consumers from making payments, but also payroll runs. And there have also been reports that customers have experienced problems withdrawing cash from Halifax ATMs.
Lloyds Banking Group customers, of course, have taken to Twitter to complain:
@AskLloydsBank@AskHalifaxBank transfered money 2-3 times on both Halifax current and Lloyds business and nothing is happening. Can you at LEAST let people know that services are down and that you are working on it?
So @AskHalifaxBank are having a problem processing sending money. Tried to send money to mum, it's either not gone through but acknowledged, or I'll have to wait two hours THEN ring them to see what's going on.
If you use Halifax, don't send money to people, not today anyway!
As of 2pm this afternoon, the problems were still ongoing. We will update this story as soon as new information comes in.
Apple loses FaceTime appeal against patent litigation specialist VirnetX
By Computing News | News | 18 January 2019
Apple to appeal order pay $440m over FaceTime patent infringement
Apple has lost its appeal in a patent infringement dispute over its FaceTime communication app and been ordered to pay $440 million to patent litigation specialist VirnetX.
The judgement earlier this week in the US Court of Appeals for the Federal Circuit has also seen the amount that Apple must pay rise from $302.4 million to $440 million, including interest, enhanced damages and other unspecified costs, according to Reuters.
Apple stated that it plans a new appeal against the latest judgement.
The case has been running since 2010, with VirnetX picking up $23 million from an out-of-court settlement in December 2014 with Microsoft over broadly the same collection of patents infringed in the company's Skype communications tool.
It continued: "The simple and irrefutable truth, proven time after time in court after court to jury after jury, is that Apple infringed the patented security technology we invented and used it in its iMessage, FaceTime and VPN on Demand services.
"In addition, the courts determined that Apple's infringement and use of our technology in FaceTime and VPN on Demand services was wilful. Now these juries have decided that Apple must compensate us for the value that we created but they used without permission.
"If fighting for our rights makes us patent trolls, then Lady Justice herself is a troll."
Google in $40m deal with Fossil to acquire smartwatch technology
By Graeme Burton | News | 18 January 2019
Technology and staff to shift to Google following deal
Google is planning a new assault on the wearables market following a $40 million tie-up with Fossil Group, the fashion company behind the Fossil watch and smartwatch brand.
The company is buying-up the smartwatch intellectual property in a deal that will also see staff transfer to Google.
The deal, McKelvey told Wareable, will result in the launch of a "new production innovation that's not yet hit the market". He added, somewhat cryptically: "It's new to the market technology and we think it's a product that has features and benefits that aren't in the category today."
Google's vice president of product management of Wear OS, Stacey Burr, added that the acquisition would enable the technology being developed by Fossil to be made available to "partners in the [Wear OS] ecosystem". She continued: "It's about bringing great features to the widest numbers of on-the-go consumers."
The deal is expected to be finalised before the end of the month, with the technology being incorporated into forthcoming new Fossil products before being rolled out by other Wear OS product makers later.
Fossil was started up in the mid-1980s to import watches from the Far East to the US and developed into a broader fashion brand, including its own range of smartwatches running Google's WearOS. In November 2015 it acquired wearables company Misfit, co-founded by former Apple CEO John Sculley, for a reported $260 million.
Today, the company has design studios in Switzerland and manufacturing facilities in China. However, the company has seen revenues decline in recent years, with sales falling from $3.51 billion in fiscal 2014 to $2.79 billion in fiscal 2017, when it also posted a net loss of $478 million.
Collection #1 data leak part of a bigger cache of compromised email addresses, claims Brian Krebs
By Computing News | News | 18 January 2019
Four terabyte data dump also being sold by online seller behind Collection #1
Krebs contact the seller, who would appear to be Russian, directly over the secure messaging app Telegram, on which he goes by the user name 'Sanixer'.
Krebs claims that while the seller has been offering more than 993GB of personal data online, split-up into seven separate collections, a package totalling more than four terabytes is also available containing user names and password spilled only over the past year.
"Sanixer said Collection#1 consists of data pulled from a huge number of hacked sites, and was not exactly his ‘freshest' offering. Rather, he sort of steered me away from that archive, suggesting that - unlike most of his other wares - Collection #1 was at least two-to-three years old.
"His other password packages [not available via his website] total more than four terabytes in size [and] are less than a year old, Sanixer explained. By way of explaining the provenance of Collection #1, Sanixer said it was a mix of ‘dumps and leaked bases'," wrote Krebs.
Like Collection #1 this larger tranche of compromised personal data is also stored on Mega.co.nz.
Krebs has advises that people use long, unique passwords to secure accounts, and to use different passwords every time, rather than re-using passwords. Or, if that proves too difficult, to use a password manager.
Writing in response to a comment, Krebs warned that pretty much all personal data points have probably already been compromised - and are for sale somewhere.
"Reality #1: Bad guys already have access to personal data points that you may believe should be secret, but which nevertheless aren't, including your credit card information, Social Security number, mother's maiden name, date of birth, address, previous addresses, phone number, and yes, even your credit file.
"Reality #2: Any data point you share with a company will in all likelihood eventually be hacked, lost, leaked, stolen or sold — usually through no fault of your own."
Huawei vs US: why trade secrets need to be carefully managed
By John-Paul Rooney | Opinion | 17 January 2019
Trade secrets don't enjoy the same legal protection as patents, warns Withers & Rogers patent attorney John-Paul Rooney. So how should they be protected?
Intellectual property protection has moved centre stage in the US-China trade war, as US criminal investigators consider bringing charges against Huawei for the alleged theft of trade secrets owned by smartphone maker, T-Mobile.
As intergovernmental tensions increase, can tech-led businesses in the UK and Europe also learn lessons from what is happening?
The criminal case against Huawei is thought to have links to various civil suits previously brought by T-Mobile, which led to the Chinese electronics company being found liable for damages of $4.8 million in 2017.
The US federal court found Huawei guilty of "abusing its relationship as a phone handset supplier for T-Mobile" to gain access to robotic technology used to test smartphones. Huawei employees were found to have copied specifications and stolen parts, software and other trade secrets, despite the existence of non-disclosure agreements.
The decision by the US Justice Department to carry out an investigation, with a view to bringing criminal charges against Huawei, is unusual. It reflects the growing tension in US-China trade relations.
In Europe, such criminal action would not be possible and, if trade secrets are breached, companies generally seek redress for any commercial damages via the civil courts, which have the power to block the sale of infringing goods.
While commonly used in fast-moving fields of research and development, the existence and use of trade secrets often falls under the radar. In Europe and the US, trade secrets are defined as a form of knowledge, which is kept secret and used to bring commercial benefit, without its owner having any rights of exclusivity. They are typically used to protect critical processes or know-how, which deliver a competitive advantage and may not be easy, or suitable, to protect with a patent.
If used properly, trade secrets can be incredibly valuable and help businesses to build and strengthen their market position when bringing innovative products to market. However, careful management is essential because the protection they provide can be undermined.
Without the rights of exclusivity that come with patent protection, if a trade secret is accidentally leaked, then there is not much the owner can do about this. If it is misappropriated on the other hand, the owner must be able to prove that it existed and belonged to the company, and that reasonable steps were taken to keep it secret.
This is usually achieved by keeping a document setting out the know-how or process in detail, labelling it as confidential, and making it available to individuals on a need-to-know basis. The trade secret should be disclosed to partners only under terms of confidence. It is also important to ensure security and IT systems are sufficiently robust to restrict access to the trade secret and prevent it from being viewed or shared inadvertently with a third party.
Owners of trade secrets are usually acutely aware of their commercial value and invest in measures to prevent them from being misappropriated. They may not realise, however, that the existence of non-disclosure and other confidentiality agreements may not be enough to prevent third parties from misappropriating their trade secrets, and companies would be wise to choose their partners carefully.
Like other intellectual property assets, trade secrets should also be kept under review. For example, if it is becoming more difficult to keep a key piece of knowledge a secret, or a rival is on the verge of discovering it for themselves, it may be wise to seek advice about patent protection.
While the circumstances surrounding the case against Huawei have yet to be clarified, innovative companies should take note of what happens next. The case certainly underlines the inherent value of trade secrets, but it also highlights that they can be susceptible to misappropriation and careful management is required.
John-Paul Rooney is a partner and patent attorney at intellectual property firm, Withers & Rogers. He specialises in advising consumer electronics companies on their international IP strategies
More than 770 million email addresses - with passwords - dumped online
By Lukas Job | News | 17 January 2019
Collection #1, originally posted in December, contains 140 million email addresses that haven't been seen in security breaches before
Security researcher Troy Hunt has released what would appear to be the largest breach of personal data in history: an 87GB folder, dubbed Collection #1, containing almost 773 million unique email addresses.
The folder had been dumped on the MEGA cloud storage service and contained more than 12,000 files compromising 1,160,253,228 combinations of email addresses and passwords - 772,904,991 unique email addresses and 21,222,975 unique passwords.
The breach is "made up of many different individual data breaches from literally thousands of different sources", according to Hunt.
Many of the discovered email addresses have already appeared in previous breaches, such as the 164 million from a LinkedIn breach revealed in 2016, and 360 million from a MySpace hack back in 2008.
But there are also roughly 140 million addresses that Hunt had never seen before, and which hadn't made it into Hunt's www.HaveIBeenPwned.com website until now, possibly from a large yet undiscovered hack or several smaller hacks.
Hunt's website provides a database of email addresses associated with data breaches, enabling anyone to check whether accounts linked to any email address have been compromised.
Collection #1 was posted in December on a popular hacking forum, but hadn't reached the attention of security researchers until now.
It has been speculated that the folder might have been put together for credential-stuffing attacks, whereby hackers simply throw random combinations of emails and passwords at a website hoping that some might match.
Hunt, who was first to report on the breach, maintains a popular website called Have I Been Pwned which allows users to search whether their email address has been breached before. Until now, Collection #1 is the largest recorded breach on the platform.
The discovery of Collection #1 further underlines the necessity for users to diversify the passwords they use rather than using the same password across multiple platforms.
In addition, password managers can help by generating random passwords for different services, reducing password re-use.
People are also advised to take advantage of multi-factor authentication, requiring them to provide more than one piece of evidence to verify their identity during logins.
Consumers can check the provenance of produce via a QR code
Our rundown of the ups, downs and long-term future of decentralised and distributed ledger technologies.
17 January 2019 WWF-Australia launches food-tracking blockchain
World Wildlife Fund Australia has launched a ‘blockchain-enabled' tracking system to trace food and other products from source to plate.
The aim, WFF-Australia says, is to "help businesses and consumers avoid illegal, environmentally damaging or unethical products, while improving supply chain accountability and transparency."
The system, called OpenSC, was developed in conjunction with BCC Digital Ventures, part of the Boston Consulting Group. It allows details of products to be added to a ledger at their point of origin so the route to their final destination can be traced. For example, the location and time at which a particular fish is caught can be recorded using a digital tag by the fishing boat, allowing consumers to check it has reallly come from a MSC-certified fishery simply by scanning a QR code using their phone.
Austral Fisheries, part of the enormous Maruha Nichiro Group, has agreed to roll out the system across its Patagonian Toothfish fleet.
The system is not limited to seafood of course. WWF-Australia plans to use it to certify other food and paper products to demonstrate that they are not the result of illegally felled forests or slave labour.
"Through OpenSC, we will have a whole new level of transparency about whether the food we eat is contributing to environmental degradation of habitats and species, as well as social injustice and human rights issues such as slavery," said WWF-Australia CEO, Dermot O'Gorman, in a press release.
"OpenSC will revolutionise how we all buy food and other products as well, enabling more informed decision making by consumers, businesses, governments, and industry bodies."
Improving supply chain transparency is one of the leading use cases for blockchain technology outside of the realm of cryptocurrencies. Recently, the Food Trust, a consortium led by Walmart, created a product recall system which allows products to be traced through the supply chain back to their origin in a matter of seconds rather than weeks (see earlier in this blog).
The Cyberspace Administration of China (CAC) has announced new rules for blockchain firms. These rules, which will come into force on February 15, will require companies that use blockchains to register their names and IP addresses with the CAC within 10 working days of the new regulations becoming law.
It applies to firms that provide public information services through blockchain services that are accessible via web or mobile devices.
Moreover, blockchain service providers may not 'produce, duplicate, publish or disseminate' content that has been banned by the Chinese government.
Firms that fail to comply could face fines of RMB 20,000 - 30,000 (£2,300 - £3,500), while serial offenders should expect a criminal investigation.
The move is the latest in an ongoing crackdown on online freedom of expression by the increasingly authoritarian Chinese authorities. Last year a group of students used the Ethereum blockchain to evade the attention of the censors and pass messages about a prominent professor accused of sexual misconduct, and this may have rattled government officials, themselves very sensitive to accusations of corruption.
In October the Chinese government drafted a regulation that would require users to provide their real names and national ID card numbers when registering for a blockchain service. The policy also demands that blockchain services remove 'illegal information' before it can be spread among users, with service providers required to retain backups of user data for six months and to hand it over to the police on request.
China also banned cryptocurrency trading last year.
08/01/2019 Rollback attack allows double-spend of more than $1m in cryptocurrency Ethereum Classic
Blockchains are supposed to be immutable. That's the point. With a blockchain-based cryptocurrency you shouldn't be able to spend the same coin twice by rewriting the transactional record, but Cryptocurrency exchange Coinbase noticed one currency, Ethereum Classic (ETC), where exactly that was occurring.
"On 1/5/2019, Coinbase detected a deep chain reorganisation of the Ethereum Classic blockchain that included a double spend," the exchange notes in its blog.
It continues: "Subsequent to this event, we detected 12 additional reorganisations that included double spends, totalling 219,500 ETC (~$1.1m)."
This latter figure was revised upwards from an earlier estimate of 88,500 ETC ($460,000).
The problem lies with a weakness in the Proof of Work consensus mechanism which most blockchains rely on for security. In this miners compete to verify blocks of transactions, ultimately agreeing to accept the longest chain of blocks as the 'true' one and going on from there. This is fine so long as more than half the miners are ‘honest' nodes. But if a dishonest miner with sufficient CPU power manages to pick a previous block and build on that, it can theoretically outstrip the other miners, creating an alternative longest chain which the other nodes will ultimately accept as true, effectively rewriting history.
So the dishonest miner could make a purchase from a merchant with his or her coins, and then build a chain from a previous block which does not contain that transaction. Once the other miners have accepted this new chain as the canonical truth, the coins are still available to spend again. The unfortunate merchant ends up with nothing.
This is known as a rollback attack because the previous transaction has effectively been rolled back - it does not exist in the record. It becomes possible once a single miner or cooperating pool of miners controls more than 50 per cent of the CPU power. The risk has been known since blockchain's inception and is the reason why it has always been stressed that mining should be as dispersed as possible. However, because specialised equipment and cheap electricity is now required to make a living from mining, power has become concentrated in fewer and fewer hands.
To make matters worse, with the collapse in the price of cryptocurrencies (ETC's value has dropped from $45 a year ago to around $5 today) many miners have given up and sold their equipment. This may have allowed some of the remaining miners to consolidate enough power to launch the attack.
Coinbase says no funds were lost from the exchange, but it has frozen transactions for the time being in ETC to prevent losses from affecting its customers.
20/12/2018 New standards group for private blockchains announced by ETSI
ETSI, the European standards group for IT, has announced a new group focused on permissioned ledgers - or private blockchains as they are often called. Members of the Industry Specification Group on Permissioned Distributed Ledger (ISG PDL) announced so far include representatives from Cadzow Comm Consulting Ltd, Ericsson, Huawei, Intel, NEC Europe, Telefónica and Vodafone.
The group will look at existing methodologies used to validate participant nodes, improve scale and throughput, achieve consensus and automate node management and operation, incorporating new research results as they become available. The aim is to specify a permissioned distributed ledger operational reference architecture that can be used as a basis for implementing private blockchains for business purposes.
Unlike public blockchains such as bitcoin where anyone can run a node, with permissioned blockchains membership is restricted. Current use cases include inter-bank ledgers where each bank in a consortium runs a node or nodes. In this way security and confidentiality are easier to provide for, while some of the 'trustlessness' aspects of a decentralised public ledger are lost. Instead governance of the ledger is the joint responsibility of its members.
ISG PDL will seek to provide the foundations for operating permissioned distributed ledgers across various industries and governmental institutions by working with various standards bodies and open source projects in the blockchain arena.
The groups initial meeting will take place on 24 January at Telefónica, Madrid where officials will be elected.
18/12/2018 Is Facebook working on a cryptocurrency?
Facebook has been quietly assembling a group of experts, academics, cryptographers and engineers with experience in blockchain and cryptocurrencies, according to a report from Cheddar.com.
The group was inaugurated in April this year and reportedly now numbers 30 or 40 individuals. It is headed by David Marcus, vice president of Facebook Messenger and former PayPal president. Many of his recent hires are also ex-employees of PayPal while others have online payments backgrounds from companies like Google and Samsung. Some are former members of cryptocurrency startups - stoking the long-running rumour that Facebook may be developing its own coin.
Facebook has said little about cryptocurrencies, save to ban ads for ICOs a while back, and it remains characteristically tight-lipped about its plans.
"Like many other companies Facebook is exploring ways to leverage the power of blockchain technology," a spokesperson said. "This new small team is exploring many different applications. We don't have anything further to share."
It could be that Facebook is looking to emulate China's WeChat - a sort of Facebook plus-plus that includes a dating app together with a native payment system that has become so popular that small traders and even beggars are starting to refuse cash - while at the same time working to head off competition from less centralised models down the line.
13/12/2018 Hyperledger adds 12 new members
Hyperledger, the open source permissioned blockchain project, has announced 12 new general members including some major banks, consortia and cloud firms. General members have certain marketing and recruitment opportunities as well as bing able to participate in members-only committees.
The latest general members feature a strong showing from China. They are: Alibaba Cloud, BlockDao (Hangzhou) Information Technology, Citi, Deutsche Telekom, Guangzhishu (Beijing) Technology Co. Ltd, Guangzhou Technology Innovation Space Information Technology Co. Ltd, KEB Hana Bank, HealthVerity, MediConCen, Techrock, we.trade and Xooa. These additions bring the total number of general members to 256.
Four new associate members also joined Hyperledger this month: Association of Blockchain Developers of Saint Petersburg, Business School of Hunan University, Sun Yat-sun University and Wall Street Blockchain Alliance.
Associate membership is limited to pre-approved non-profits, open source projects, and government entities. There are now 16 associate members.
The new members were announced at the Hyperledger Global Forum in Basel, Switzerland.
"The growing Hyperledger community reflects the increasing importance of open source efforts to build enterprise blockchain technologies across industries and markets," said executive director Brian Behlendorf. "The latest members showcase the widening interest in and impact of DLT and Hyperledger."
A number of blockchain projects are based on Hyperledger; some of them like we.trade and the Walmart food supply chain system are featured elsewhere in this blog.
23/10/2018 Blockchain too immature for government use, finds Australia's DTA
The Australian government's Digital Transformation Agency has cast doubts over the validity of blockchains for governmental purposes.
The DTA, which was granted AUS$700,000 to investigate the technology, has concluded after initial research that in almost every case examined existing technologies are more suitable than blockchain.
The agency has been working with a number of government agencies to develop prototypes for the use of blockchain to deliver services, including with the Department of Human Services for welfare payments and cargo settlement.
Peter Alexander, CDO at the DTA said the technology is worth keeping an eye on but as yet is too immature.
"Our position today, and this is an early write-up, is that blockchain is an interesting technology that would be well worth being observed, but without standardisation and a lot more work, for every use of blockchain that you would consider today there is a better technology," Alexander told a Senate hearing on Tuesday, as reported by InnovationAus.com.
Alexander said that one of the defining features of blockchains, the potential for anonymity, is among the biggest stumbling blocks.
"Generally speaking when the government is engaging with someone, we want to have a trusted relationship with them. We want to know who they are and give them a personalised service," he said. "Blockchain is good for low-trust engagement, you don't know who you're dealing with but have a series of ledgers that can give some validation and support."
According to Alexander, blockchain is at the "top of the hype cycle", with demand driven by the industry.
"It would be fair to say that a lot of the big vendors are pushing blockchain very hard and internationally most of the hype around blockchain is coming from vendors and companies, not from governments and users and deliverers of services," he said.
23/10/2018 China mulls anonymity ban
China is another nation that finds blockchain's anonymity a problem. Earlier this year Chinese students encoded allegations of sexual harassment against a prominent professor on the Ethereum blockchain to evade the country's censors, all social media posts on the issue having been blocked. The same technique was used to spread news about low quality and counterfeit vaccines, another scandal the government sought to cover up.
But the Chinese government has drafted a new regulation that would require users to provide their real names and national ID card numbers when registering for a blockchain service, reports The Verge. The policy would also demand that blockchain services remove 'illegal information' before it can be spread among users. And under the proposed legislation, service providers would also be required to retain backups of user data for six months and to hand it over to the police on request.
China has been bullish on blockchain for the last few months, with one commentator recently claiming it is worth ten times as much as the internet. The country's tech giants are pouring significant resources into its development citing smoother trade and anti-fraud possibilities. But without the possibility of anonymity, a permanent ledger could also be a powerful tool in the authoritarian regime's surveillance and control systems.
China also banned cryptocurrency trading earlier this year, although apparently this has been less than effective. The Ethereum Hotel recently opened in the country, accepting payment in cryptocurrencies.
Next page: UK leads in blockchain deployments says Capgemini; Microsoft's strategy for decentralised identity; Gary Cohn joins fintech startup Spring Labs; Horizen's privacy platform; Zone and Icons launch ledger to authenticate and track sports memorabilia; Nick Szabo, inventor of the smart contract, on its evolution; Real-world use cases emerging; Blockchain-based driving licence trial rolled out by Australian state
19/10/2018 UK leads the way in blockchain deployments for supply chain, finds Capgemini
A survey by consultancy Capgemini of 450 organisations implementing blockchain in their supply chain has found that only three per cent have so far taken initial experiments into production at scale.
The respondents, drawn from the consumer products, retail and manufacturing sectors, said that establishing return on investment was the biggest challenge to ramping up their deployments, with compatibility with existing legacy infrastructure cited as another barrier.
Across the sample, three per cent were deploying blockchain solutions at scale, 10 per cent had pilot projects in place, while 87 per cent were still at early stages of experimentation with the technology.
The main drivers for the experiments were found to be cost saving (89 per cent), enhanced traceability (81 per cent) and enhanced transparency (79 per cent), although these varied widely from sector to sector.
While adoption and the technology itself are at an early stage, the Capgemini report identifies a number of current use cases, ranging from low complexity / high adoption scenarios such as the prevention of counterfeits and tracking asset maintenance, to more ambitious but complex uses including loyalty programs, contract labour procurement and regulatory compliance.
The UK (22 per cent) currently leads the way with production and pilot implementations of blockchain projects in the supply chain, while the USA (18 per cent) leads in terms of funding blockchain initiatives.
In the UK specifically, the consumer products vertical is the biggest adopter among those surveyed, followed by manufacturing and then retail. However, globally manufacturing is in the lead.
Sudhir Pai, CTO financial services at Capgemini commented: "There are some really exciting use cases in the marketplace that are showing the benefits of blockchain for improving the supply chain, but blockchain is not a silver bullet solution for an organisation's supply chain challenges."
Pai continued: "Blockchain's ROI has not yet been quantified, and business models and processes will need to be redesigned for its adoption. Effective partnerships are needed across the supply chain to build an ecosystem-based blockchain strategy, integrated with broader technology deployments, to ensure that it can realise its potential."
Capgemini has been working with blockchain technology since 2016 when it began developing solutions for the financial services industry. The report predicts that experimentation with blockchain will peak in 2020, before entering mainstream supply chain usage by 2025.
15/01/2018 Microsoft's strategy for decentralised identity
Microsoft might seem an unlikely champion of decentralised IDs. After all, decentralised identifiers (DIDs) represent an important decoupling of identity from generated data and applications that use it, and Microsoft, in many minds, is still associated with monopolistic powergrabs. But last week the company published a new decentralised identity portal and released a whitepaper explaining the benefits of individuals being able to create, own and manage their online identities independent of any third-party.
"Over the past 18 months, Microsoft has invested in incubating a set of ideas for using blockchain and other distributed ledger technologies to create new types of digital identities - identities that are designed from the ground up to enhance personal privacy, security, and control," the whitepaper says. "We aspire to make DIDs a first-class citizen of the Microsoft identity stack."
Actually, it should not come as a surprise that Redmond should be interested in this area. Microsoft was one of the early major tech company backers of blockchain technology after all, and decentralised identifiers, where a user controls his or her online identity or identities through cryptography, are a central feature of many of the emerging decentralised applications being built on blockchains and other decentralised platforms. And as we saw when Microsoft embraced Linux as a key part of its Azure cloud ecosystem, a 180-degree turnaround from its previous position, Redmond has proved adept of late at seeing which way the wind is blowing and moving with it. The whitepaper mentions integrating personal datastores controlled by DIDs into Azure.
IBM, the other big technology company leading the blockchain charge, has been active in this area for more than a year. Like Microsoft, IBM is a member of the Decentralized Identity Foundation (DIF). Critics point out, though, that while IBM has already been active in offering open standards for DIDs and related W3C projects, Microsoft has yet to lay any code on the table.
"I don't know what Microsoft has developed, I haven't seen any actual code," Wayne Vaughan, CEO of blockchain platform Tierion and DIF steering committee member, told CoinDesk.
"Microsoft has been soliciting input from the community, but their software development has largely been done behind closed doors, and now they are releasing it publicly. With that being said, it's much better than nothing."
UPDATE 15/10/18: Twitter user @csuwildcat has pointed out that Microsoft developers are contributing to the DIF's GitHub repositories. The strapline to this article has been changed accordingly.
12/10/2018 Former Trump aide and Goldman Sachs chief Gary Cohn joins fintech startup Spring Labs as advisor
Gary Cohn, chief economic advisor to Donald Trump until April and before that president and COO of Goldman Sachs, has become an advisor to Spring Labs, a blockchain startup that aims to take on consumer credit companies like Experian and Equifax.
Unlike some of his investment banking brethren Cohn has never rejected the idea of cryptocurrencies, saying in May that a global cryptocurrency is coming.
"I'm not a big believer in Bitcoin, I am a believer in blockchain technology," Cohn told CNBC. "I do think we will have a global cryptocurrency at some point where the world understands it and it's not based on mining costs or costs of electricity or things like that."
Cohn told the FT he believes blockchain's teething issues will be overcome and that blockchains have obvious potential in the financial arena, particularly for smart contracts and currency settlements.
"We all know all the inefficiencies of the existing currency world and blockchain clearly helps to eliminate them at some point in the future," he said.
Spring Labs, which has offices in Los Angeles and Chicago, boasts a high-powered board, which as well as Cohn includes Bobby Mehta, formerly CEO of credit company TransUnion, and Brian Brooks, chief legal officer at cryptocurrency exchange Coinbase.
It continues: "The Spring network will allow users to view all attestations about their credit and identities for free, and enables functionality for open alerts and notifications."
Cohn said he would be assisting with getting the firm's technology adopted in the marketplace.
11/10/2018 Horizen's privacy platform
One of the biggest selling points of decentralised technology is privacy, believes Rob Viglione, co-founder of Horizen, a privacy-oriented blockchain platform.
Horizen was forked from ZCash, one of the leading privacy-focused cryptocurrencies. "We wanted to take it beyond currency," said Viglione.
Like most such projects, the Horizen platform does have a cryptocurrency (Zen) to power its internal market, but it was the key innovation of ZCash's founder crypto-pioneer Zooko Willcox that was the primary focus of attention, Viglione said. zk-SNARKs provide a practical cryptographic method of verifying that a computation such transaction between two parties is "correct" without having to know anything about the computation or the parties involved.
"Where ZCash is focused on currency we are actually building an application platform. That was the point of forking from ZCash - to grab the SNARK library so we could start with that base technology and cryptography. Now we are building things on top of it."
One of those things is what Viglione claims is "the most secure messaging protocols in the world". He admits it's "kind of clunky" at this stage, and because zk-SNARKs are computationally heavy it's not instant. "But if you're a reporter in Syria or China, you might want to use our app."
Viglione insists Horizen retains "very good relations with Zooko" despite having forked his code, and said the two companies collaborate on bug reporting and the like.
Asked about Horizen's potential "killer app" Viglione said the combination of a large number of nodes (there are currently 22,000 in the network) and zero-knowledge cryptography makes virtual private networking a strong candidate.
"If we can build the world's best VPN service, one that is fully anonymous and secure that could draw millions of potential users, not because they care about blockchain, but they want a service that is valuable. That's where we need to go were working very actively on those sorts of projects."
Another USP of decentralised systems is the possibilities for equality regarding decision making. The company is working on a treasury voting system that will enable Zen holders to make decisions on proposals for the network's development and allow transparency into the allocation of funds.
As for enterprise use cases, Viglione cites the simplicity of developing applications on sidechains that plug into the main network via an API. That way, they can make use of the network's privacy and security features without needing to have blockchain skills in-house.
One possible fly in the ointment is the current reliance on the Ethereum blockchain, although Viglione insists migration to another backbone would be possible. Ethereum has recently struggled to scale in the face of increased demand. "They hit the limits of natural growth in my opinion," he said, adding: "But I never discount them because they have a collection of brilliant people and I think they will overcome the issues as they come up."
02/10/2018 Zone and Icons launch ledger to authenticate and track sports memorabilia
The sports memorabilia market began with fans trading footballs and baseballs signed by their sporting heroes and expanded to an industry worth US$370bn globally, according to Forbes. These days no charity auction is complete without a signed shirt from a current or bygone star, but how can punters tell it the item is genuine when signatures written by robots are pretty much indistinguishable from the real thing particularly when many counterfeit goods are traded online?
Enter b-locked, a blockchain-based ledger designed to track the provenance of signed sports memorabilia. B-locked was developed jointly by Icons Shop Limited, which holds official merchandise licences from the FA, UEFA and FIFA World Cup and has exclusive contracts with players including Lionel Messi, Dele Alli and Eden Hazard, and Zone, a London-based customer experience agency which is part of professional service firm Cognizant.
To combat fraud, every Icons product comes with a certificate of authenticity and details of the player signing. This information can now be stored on b-locked so that future buyers can check its authenticity by typing a code or scanning a hologram via a web application.
The Zone team had originally chosen Ethereum as its blockchain platform of choice but, changed tack after the Cryptokitties debacle which showed up problems with its scalability.
"Ethereum transaction costs would have been too high for the project to be economical. So we used alpha code and ideas from Chainspace to build our prototype. We'll likely go ahead either with Chainspace or Cosmos, both of which make it easy to build the kind of logic and interactions we need," said Jon Davie, chief client officer at Zone.
Davie explained that the Zone team used an Agile methodology of short sprints to deliver the ledger. "We didn't seek to solve every challenge at the outset - rather to identify the key features and then learn by testing with customers and the Icons team," he said.
"Our next challenge is scaling the authentication process to cover every item in the Icons warehouse - it's an operational challenge as much as a technology challenge."
The system will be launched this month, with FC Barcelona star Lionel Messi signing 100 products which will be uploaded to the b-locked blockchain at an event in that city. Davie said the firm's short time to market was due in part to focusing on a specific use case.
"Unlike many blockchain ventures, we created this project to solve an existing problem for an existing business," he said, adding that it could be expanded to suit "any industry where authenticity is important - from art and antiques to whisky and wine."
28/09/2018 Nick Szabo, inventor of the smart contract, on its evolution
Nick Szabo, the computer scientist who came up with the idea of smart contracts in 1995 and coined the term, discussed the evolution of his invention during a keynote at blockchain live in London this week.
The basis of his talk was the fact that trust does not scale. Advanced societies have laws and institutions to mitigate the fact that we often have to deal with people and organisations that we know nothing about, including courts to enforce the fulfilment of agree contracts, but these are frequently ill-suited to the digital age.
The concept of smart contracts has moved on from the simple vending machine model which doles out a bar of chocolate provided you put the right money in, as defined in the program, to that embodied by distributed applications (dApps) on programmable blockchains such as Ethereum. But these are at an early stage, Szabo said.
"An Ethereum contract controls assets and typically gives some performance incentives, but it's not the full smart contract. The full smart contract involves user interfaces, it involves other features such as search and negotiation and performance monitoring, and it will also often happen off-blockchain." he said.
"For example, if you're doing logistical contracts and you want to track a package in time and space that's an off-blockchain oracle that is part of the smart contract that is fed into the Ethereum contract on chain."
Rather than the binary yes-no model, smart contracts will be negotiable, he said.
"Right now they are take-it-or-leave-it deals, but a true smart contract can be negotiated. So Alice makes an offer and Bob can accept or reject that offer, and if Bob has neither accepted or rejected the offer then Alice can revoke it. We [presumably referring to Szabo's company Global Financial Access] are working on smart contract negotiations of this nature."
They will also be customisable, and fully on-chain with parties able to make a counter offer in a "very trust minimised, environment" with the programming element eliminated via an intuitive user interface, he went on.
Szabo predicted a "win-win" scenario through the interfacing of smart contracts with what he calls "wet code": traditional contracts based on law. Each has strengths that can overcome the weaknesses of the other, he argued. Traditional contracts tend to be localised and rather subjective and unpredicatable and their enforcement is coersive, but they are based on expertise, experience and decades of case law, while smart contracts are globally scalable, predictable and enforceed through cryptography but immature and rigid.
"In many cases you want to use both together as complimentary. So now there's a contract between wet code traditional contracts and dry code smart contracts."
The low hanging fruit is financial contracts, he said "loans, bonds, derivatives". This sector he envisages a "spontaneous network of contracts formed from other smart contracts that is globally scalable."
26/09/2018 Real-world use cases emerging
A panel debate at the Connected World Summit in London this week dealt with the vexed question of blockchain hype. Yes, the panel agreed. Most blockchain projects are heavily oversold, driven on by crypto currency ICOs, but that's not to say it's all scams and vapourware. Genuine use cases, where a blockchain can do things that a distributed database can't, do exist, although most are still in the early stages.
Calvin Weise, founder of the Universal Patient Index and CEO of Kalibrate Blockchain, pointed to the health sector, in which surgeons have been occasionally known to chop off the wrong leg or doctors to deliver the wrong drug having been sent erroneous patient records. His company is working on a universal patient index stored on a blockchain that would reduce this problem considerably, he suggested.
Alfonso Delgado De Molina, analyst at Silver 8 Capital, brought up the smart bike locks marketed by Slock.IT where anyone with the right key on their smartphone can unlock the bike for a certain amount of time via a smart contract. This functionality also is being applied to cars by a startup in Berlin he said.
Alexandra Cheung, associate director of Cruxy & Co. spoke about systems to track the provenance of diamonds and also Floral Chain, which she says allows smaller growers and smaller shops to have a greater presence in the marketplace for cut flowers.
Using blockchain to help establish a presence was also mentioned by Darren Oliviero-Priestnall, CEO of Atlas City. He pointed to a project in China run by charity World Vision in which small farmers are encouraged to document themselves and their farms on a blockchain. Such evidence can help them obtain finance and establish their ownership rights. Elsewhere, undocumented refugees can start building an identity to help them in future dealings with the authorities.
The biggest current use case though is in the supply chain where goods can change hands a hundred times before reaching their destination, each transfer requiring additional paperwork. Assigning responsibility for any loss or damage is expensive and time consuming, delaying insurance payouts. This is the sort of scenario where an immutable, trustless record of events can really streamline processes - a significant caveat being that all players in the chain must be on board.
11/09/2018 Blockchain-based driving licence trial rolled out by Australian state
The Australian state of New South Wales is to extend its trial of blockchain-enhanced digital driving licences.
Changes to NSW state law in May allow drivers to use their digital licence for proof of identity and proof of age in place of a physical document for renewing fishing licences, buying alcohol, as proof of responsible gambling behaviour - and for police checks.
The licences already incorporate a number of methods to protect against ID fraud; these will soon be joined by a blockchain-based system called TrustGrid developed by Australian firm Secure Logic, an incumbent supplier to Australian government.
"The Digital Driver Licence has a range of security technologies protecting the integrity of the system and privacy of a customer's identity," a NSW spokesperson told iTNews.
The aim of the scheme is to use a blockchain-based system to secure and authenticate the information held on the licences, allowing users to validate themselves via a smartphone app without requiring further checks. The app also allows users to renew their licence or amend their details without recourse to the authorities.
The blockchain trial started last year in the town of Dubbo. 1,400 volunteers signed up for a three-month trial, using their digital licence as proof of identity and age in pubs and clubs. It will soon be expanded to 140,000 users in Sydney before an expected statewide rollout by the end of 2019.
Secure Logic CEO Santosh Devaraj is (understandably) keen to push the wider implications of the trial for government services.
"The era of standing in line to file government paperwork is coming to an end, as is our reliance on physical identification cards to establish your identity or proof of age with law enforcement or at licensed venues. These are mistake prone, time-consuming, expensive, and impractical ways to offer services," he said.
Next page: Soluna plans clean energy option for crypto-miners; UEFA's blockchain powered ticketing app; The security risks of smart contracts; Has the blockchain bubble burst?
24/08/2018 Soluna plans clean energy option for crypto-miners
Bitcoin miners tend to hunker down where energy is cheap. This means Iceland, where cryptocurrencies are already using more of the country's geothermal supplies than consumers, or places like China where electricity comes from cheap but highly polluting coal.
There are less energy-intensive alternatives to PoW such as Proof-of-Stake, Proof-of-Capacity and Proof-of-Resource, but the blockchain that powers Bitcoin and related currencies is the big one and will remain so for the foreseeable future. And of course blockchain's potential is far wider than cryptocurrency - as use cases increase so will power consumption.
Now an energy and technology firm is looking to provide a dedicated renewable resource for crypto-mining. Soluna plans to build a windfarm in one of the windiest onshore locations in the world in the Moroccan Sahara. It predicts the 15,000-hectare site will generate up to 900 megawatts - or about a third of the current energy demands of the Bitcoin blockchain. Electricity will be supplied to a high-density data centre dedicated to cryptocurrency mining at a price equivalent to or even lower than cheap Chinese coal, around US $0.03 per kilowatt-hour.
"Soluna's mission is to power the crypto-economy with clean, low-cost renewable energy. To do this, we are building a blockchain infrastructure and cryptocurrency mining company that owns its own renewable energy resources," the company says in its brochure.
Money generated from the crypto-mining will pay for further renewable development including supplying Morocco's electricity grid, the firm says. It anticipates connectivity to the main grid to be available next year.
"Soluna will provide computing power for whatever is most beneficial for its business, whether that's cryptocurrency mining, distributed graphics rendering, file storage, machine learning, AI or other services of the decentralised cloud of blockchain technologies that have yet to be invented," says Soluna. "We are prepared to foster this future innovation. Green, renewable, low-cost power will serve as a key component."
Soluna has partnered with German wind power firm Altus AG and has approached vendors of chipsets and ASICs to equip its modular data centre ‘pods'. The windfarm and the data centres will be built using a phased approach, adding additional modules as capacity increases. The firm aims to have 36 megawatts of capacity operational by 2020 with the full 900 megawatts ready in five years.
Sounds promising, but a possible downside could be the exacerbating the problem of centralisation of mining power to a small number of locations thereby making the blockchain more vulnerable to attack.
All of the tickets for the August 15th UEFA Super Cup final match between Real Madrid and Atlético de Madrid in Tallinn, Estonia were distributed through a mobile app connected to a blockchain.
"UEFA chose a blockchain-based ticket distribution system combined with mobile Bluetooth devices at the stadium entrances," says UEFA on its website.
Tickets for major football matches have long been subject to touts and fraud, and this is UEFA's attempt to tackle the problem. The Bluetooth devices installed at the gates to the Le Coq Arena to were used to validate the tickets held on Apple and Android phones.
This is the first time that all publicly available tickets have been distributed this way. UEFA [Union of European Football Associations] piloted the system at a number of events, including most recently the 2017/2018 UEFA Europa League final between Atlético de Madrid and Marseille in Lyon, France in May. Half of the tickets sold for that match were distributed by the blockchain-based system, which has since undergone some fine tuning.
UEFA says it will "continue to develop the system further, with the aim of using it at future events."
The Super Cup final finished 4-2 to Atlético, with Costa netting two.
15/08/2018 The security risks of smart contracts
Blockchain-based smart contracts present a unique risk, and companies should be wary of deploying them for anything with serious real-world repurcussions. That's according to code verification and programming language expert Grigore Rosu, professor of computer science at the Univerity of Illinois.
Smart contracts are small programs coded on top of a blockchain that run automatically as soon as conditions are right. An example might be an insurance payout after extreme weather, or a machine ordering its own consumables once stocks decline to a certain level.
Nothing new in that, you might say, but smart contracts have the potential for automating such conditions-based transactions on a massive scale, removing the need for a trusted human third party, even in white collar sectors such as law and finance.
Smart contracts are immutable; they're validated by multiple parties and can't be changed or corrupted. This is at once their strength and their weakness.
"There are two big problems with smart contracts," said Rosu. "One is that the code is public so you can work out how to attack it. Secondly, once you have a smart contract - that's it. It deploys and you cannot change it. So if you find a bug you can't fix it, you have to deploy a different version of the contract in a different account and exchange it with the old one which is a very heavy process."
He points to the example of the now-defunct cryptocurrency Beautycoin (BEC), which was killed off by a so-called batch overflow attack in April.
Two attackers, presumably having studied the code and spotted an eventuality the designers hadn't thought of, initiated simultaneous transactions using input parameters chosen to create a sort of feedback loop. Unprepared, the smart contract went beserk, generating tokens that were ostensibly worth more than five octodecillion dollars (five and eighty zeros). While no-one had to pay back that impossible sum, the coin was dead and worryingly it took two days for the hack to even be discovered.
Blockchain enthusiasts, it seems, suffer from a form of myopia; because of all that energy burned in proof of work they believe their beloved innovation is all but impregnable. But it turns out cryptocurrencies - which are after all basically just transactions stored on a blockchain - are plagued by glitches, as the number of crypto exchange hacks makes clear.
Recently, MIT researcher Corey Fields discovered a flaw in the signature verification code that would have been fatal to Bitcoin Cash had it been exploited. "The threat of software bugs is severely underestimated in the cryptocurrency world," he said.
Bugs and vulnerabilities can pop up all over the place, including the code of the smart contract itself, the programming language it's written in and the compiler that translates that code into machine-readable language.
"I'm scared because these languages are not very well designed. If a language is poorly designed then as a developer of smart contracts on a blockchain you may struggle to understand what your program actually does, and then the compiler can add its own bugs, and then the program itself may have bugs such as buffer overflow and all sorts of programming language-specific errors," Rosu said.
"Compilers also have bugs, and if you understand how the compiler works as a hacker you can exploit those."
Human verifiers are are worthless in this regard since a flawed compiler produces corruptions in the bytecode, which is only really readable by machines.
However, there are proven mathematical means of verifying the ‘correctness' of the machine code. While time-consuming, these techniques can be applied to smart contracts since they tend to consist of just a couple of hundred lines of code. Indeed, for the sake of us all, they should be said Rosu, who came up with the K-framework described as a 'rewrite-based executable semantic framework in which programming languages, type systems and formal analysis tools can be defined using configurations, computations and rules", fifteen years ago (It should be pointed out that Ruso has a vested interest here. His K-framework has been monetised via a business spun out of the University of Illinois called Runtime Verification).
While a smart contract might take two weeks to audit mathematically at the bytecode level and more complex code such as the CASPER consensus algorithm six months, most of that time is spent in specifying what the code is meant to do, said Rosu.
"If you make a mistake in the specification level then no matter what you do the proof is meaningless because the specification was wrong."
Given the complex mix of ethical and technical considerations, the specification of algorithms will require intensive human input for the foreseeable future. Coding, on the other hand, could perhaps be better done by machines. For safe smart contracts, the ultimate aim should be schematic-based compilation, or code that generates itself automatically based on what it's supposed to do, Rosu said.
"The question that many people in the blockchain space should ask themselves is why should we even write code at all? We should generate code that's automatically correct by construction, from the formal specification. This is feasible, and we are working on it."
06/08/2018 Has the blockchain bubble burst?
Have we reached peak blockchain hype? How much further can the bubble of expectations continue to inflate? Calling the top of any hype cycle is a finger-in-the-air exercise at best (unless you happen to be holding a pin behind your back), but there are signs that rationality may be taking hold.
Analyst firm Forrester reports that many blockchain pilot projects are being wound down having failed to come up with any persuasive use cases. Early adopter Nasdaq, which had high hopes for blockchain for managing shareholder meetings and issuing stock has not seen ideas come to fruition as quickly as it had envisaged two years back, according to Bloomberg.
"The disconnect between the hype and the reality is significant - I've never seen anything like it," said Gartner analyst Rajesh Kandaswamy. "In terms of actual production use, it's very rare."
Certainly, the number of organisations actively adopting blockchain is vanishingly small - just one per cent of CIOs surveyed by Gartner put themselves in that category, while 80 per cent had no interest whatsoever.
This could spell bad news for platform providers such as IBM and Microsoft which made most of the early running, although one would suspect they would have factored the hype cycle into their strategies.
The biggest hurdle is compatibility between alternative blockchains. Companies don't want to be locked into one platform at this early stage of development and are playing a game of wait-and-see. Then there are the familiar problems of scalability and throughput - all of which are being worked on but with few mature solutions to show for these efforts as yet.
That said, blockchain investment in the first half of this year has already exceeded that for the whole of 2017 with fintech applications a particular focus of that investment, according to a report by KPMG. The closed pilots may simply demonstrate a growing understanding that blockchain is not the answer to every problem after all, but could be a game changer for some.
Next page: Google joins the party; Accenture and Thales create aerospace and defence supply-chain blockchain; European banks' we.trade platform; the Stratis sidechain; Microsoft and EY track rights and royalties; Walmart's food supply system.
24/07/2018 Google joins the blockchain party
Google Cloud is nailing its colours to the blockchain mast, partnering with a couple of startups, Digital Asset and BlockApps. More details will be revealed today at the Google Cloud Next 18 event in San Francisco in a session covering Google Cloud's approach to distributed ledger technology (DLT) partnerships.
"Customers can now explore ways they might use distributed ledger technology (DLT) frameworks on GCP [Google Cloud Platform] with launch partners including Digital Asset and BlockApps, and try open-source integrations for Hyperledger Fabric and Ethereum later this year in our GCP Marketplace," Google says in a perfunctory paragraph in its cloud partnerships blog.
Google has been slower off the mark than rival cloud vendors. Microsoft Azure, Amazon AWS and IBM have had blockchain partnerships for a couple of years now and are beginning to boast of real-world projects.
Google doesn't go into a lot of detail in its blog, presumably not wanting to spoil the fun for paying delegates, but its chosen partners are more effusive. "Google's entrance into the blockchain space is a landmark event for the growing blockchain ecosystem and cements the continued investment in blockchain solutions for Enterprises," says BlockApps on its website.
"As GCP adoption grows, the developer-friendly BlockApps STRATO platform enables more enterprises the ability to test and implement blockchain application solutions across any business sector,"
STRATO is a blockchain-as-a-service platform which the company claims lowers the barriers to creating decentralised applications (dApps) as it offers a RESTful API to communicate with the blockchain backend. The company is based in New York.
Digital Asset is also headquartered in New York. It provides a distributed ledger platform and smart contract modelling language called DAML.
"In collaboration with Google Cloud, Digital Asset has expanded its developer program to include the DAML Platform-as-a-Service (PaaS) on Google Cloud Platform. The DAML PaaS is a fully-managed solution that developers can use to test and deploy DLT applications, accessible through Google Cloud's Orbitera application marketplace technologies. Combined with the DAML SDK, developers now have an end-to-end toolkit to build and deploy sophisticated distributed applications," the company says in a press release.
17/07/2018 Consortium-based efforts to rationalise supply chains are perhaps the main real-world use cases for blockchains to emerge so far, outside of the world of cryptocurrencies. Another such venture was unveiled this week when consultancy Accenture and defence firm Thales announced a blockchain-based system to secure and improve the efficiency of aerospace and defence (A&D) supply chains at the Farnborough Air Show on Monday.
The system, which is based on the Linux Foundation's Hyperledger blockchain framework, also uses Thales's "physically unclonable function (PUF) solution for silicon chips and Chronicled's tamper-proof cryptoseals" in order to keep track of parts and materials used in aircraft manufacture, where counterfeit components have been a cause for concern, according to Accenture's website.
"Identifying counterfeit and grey-market goods in the A&D supply chain can be challenging," said Gareth Williams, vice president for secure communications and information systems at Thales UK.
"Using blockchain in combination with cryptoseals and physically unclonable functions allows you to build a trusted history behind parts. This demonstration builds on the strong relationship Accenture and Thales have created developing innovative digital solutions for a variety of industries."
Like similar systems being developed by the likes of FedEx and Maersk, the system is designed to provide transparency to all participants in the supply chain, as well as creating an immutable record of all transactions in the supply chain.
"The aerospace and defence industry has one of the world's most vast and complex supply chains. Blockchain technology offers a new, elegant and secure way for the industry to track and trace myriad components while deterring counterfeiting and improving maintenance capabilities," said John Schmidt, the head of Accenture's A&D unit.
"Used in combination with technologies like digital twins and digital threads, blockchain could ultimately be a game-changing innovation for this sector."
03/07/2018 A consortium of European banks has announced the first commercial trades on its blockchain-based we.trade platform.
The we.trade platform is a collaborative effort that was kicked off by a consortium of seven banks: Deutsche Bank; HSBC; KBC; Natixis; Rabobank; Societe Generale; and UniCredit. They were later joined by Santander and Nordea. we.trade is headquartered in Dublin.
The consortium announced Tuesday that seven commercial trade transactions have now been completed by 10 companies on the platform across five countries.
"We are delighted to have launched for the first time in the world, a blockchain-based platform that enhances the overall customer experience, when trading internationally. The next step will be getting buy-in from additional banks and their customers in Europe and further afield", said we.trade COO Roberto Mancone in a statement.
By directly connecting all the parties - the buyer, the buyer's bank, the seller, the seller's bank and transporter - in a domestic or transnational transaction in a way that covers all of the governance rules and regulations that apply to the individual banks, we.trade aims to make trades more straightforward. Presently it covers 11 European countries: Belgium, Denmark, Finland, France, Germany, Italy, Netherlands, Norway, Spain, Sweden and the UK.
we.trade is built on the IBM Blockchain Platform and based on Hyperledger Fabric, the open-source blockchain framework implementation hosted by The Linux Foundation.
"As we.trade has moved from pilot applications to conducting live transactions across borders, it has demonstrated the power of blockchain technology in an enterprise setting," said Parm Sangha, GBS blockchain leader at IBM.
"To convene a large network of regulated banks and demonstrate how blockchain technology can help them gain efficiencies and provide greater transparency in live transactions is a disruptive model that has the potential to reshape the future of global trade finance."
The consortium aims to move outwards from its base of founding members, offering the service to other banks by making we.trade available on a licence-type basis in order to expand the platform as quickly as possible.
29/06/2018 UK blockchain-as-a-service firm Stratis has unveiled programmable sidechains as an alpha release.
A sidechain is a blockchain that's based on the core code of the main chain and is interoperable with it, but which allows for bespoke operations without affecting the main branch. This allows companies to experiment with creating blockchain applications without risk of adversely affecting the main chain or compromising privacy by making data public. At the same time, any updates to the main blockchain code are propagated down to the sidechains.
"Stratis sidechains have been designed so that in the future enterprises can run smart contracts on sidechains, opening up a wide range of use case such as exchanging documents between a range of companies within an industry, for example invoices or order forms," lead developer Jeremy Bokobza told Computing, adding that the sidechain can be customised by changing parameters like block interval and block size.
"One of the main advantages of sidechains are the ability to improve scalability for applications like payments and IoT, which could be hundreds of thousands of transactions."
Stratis is based on the Bitcoin blockchain but with the Proof-of-Work consensus mechanism (essentially security through burning electricity) replaced by Proof-of-Stake (decision-making powers dished out according the stake - e.g. number of coins - held by each player) to increase scalability in the enterprise setting. It is designed to support smart contracts, enabling actions to be undertaken without human intervention once predefined conditions are met.
Among the use cases for the programmable blockchain, the company lists auctions and peer-to-peer lending to investment funds, insurance settlements, real estate transactions, domain name registries and digital copyright.
The sidechains will increase the flexibility of deploying smart contracts and decentralised applications, according to CEO Chris Trew.
"As an example, if an enterprise wants to improve efficiency by moving invoicing or asset tracking to a blockchain solution, it's likely that they will not want to publicise that data. That's when a private sidechain becomes a flexible solution that's quick to test and deploy, as well as easy to maintain," he said.
"Sidechains are a critical step in making blockchain accessible to enterprises wanting to benefit from blockchain while retaining full control of their business processes and privacy."
As essentially restricted private blockchains, each sidechain would be overseen by those using it, said Bokobza.
"Sidechains are governed by a foundation which is made up of say a group of banks or a group of automotive firms that wish to collaborate on a blockchain cross-industry project. Or more simply, a collection of senior managers from an individual organisation that make decisions on the direction the sidechain takes."
26/06/2018 Some of the world's biggest food producers have come together to build a blockchain-based system for tracking the provenance of food items.
The ability to trace food through the supply chain is particularly important in the event of contamination. An outbreak of E. coli in the US involving romaine lettuce that began in April has killed five people to date with almost 200 cases reported across 35 states. The source has been tracked down to an area of Arizona, although no individual farm has yet been identified.
The complex nature of the supply chain makes it very difficult for the authorities to trace dangerous or contaminated food quickly. Each company in the chain is required to record only a small fraction of the overall steps and the authorities must reproduce the full picure from a disjointed and often incomplete set of records. In cases such as the above such delays can be fatal.
Ten companies Walmart, Nestlé, Dole Food, Driscoll's, Golden State Foods, Kroger, McCormick, McLane, Tyson Foods and Unilever have come together to create a consortium called the Food Trust which aims to reduce the product recall time using a blockchain architecture. It should also improve the efficiences in other areas of the supply chain.
Built in partnership with IBM, the system has been in development for a year and is still pre-release. The blockchain currently contains information about one million food products, and initial tests have been encouraging, reports the WSJ.
"You're capturing real-time data at every point, on every single food product," said Frank Yiannas, vice president of food safety at Walmart, adding: "It's the equivalent of FedEx tracking for food."
Yiannas said that in tests, a consignment of Mexican mangos sold in a US Walmart store was traced back to its supplier in 2.2 seconds. Using the traditional method with barcodes and paper receipts it took a week.
22/06/18 London-based professional services giant EY and Microsoft have teamed up to launch a blockchain that's designed to simplify the fiddly and time-consuming business of managing digital rights and royalties.
Intellectual property (IP) owners such as authors, songwriters, artists, production houses, developers and others will be able to track how their creations are used and monitor revenues coming in from partnerships and licencing arrangements in near real-time.
Built on the Quorum blockchain developed by investment bank JP Morgan, the EY press release says it's designed to increase efficiencies in the system. Calculations about what is owed to whom currently tends to be a manual process, it notes, and generally managed via offline data sources.
Since it will provide visibility of sales transactions as they happen, content providers will be able to react quickly to market demand, claims EY. This is made possible by smart contracts that are written into the blockchain.
"The embedded smart contract architecture is designed to enable accurate and real-time calculation of each participant's royalty position, providing enhanced visibility for recording and reconciling of royalty transactions," the blurb says.
JP Morgan's Quorum is based on Go Ethereum, an implementation of the Ethereum blockchain written in the Go language, but with a few tweaks. The first is that it's permissioned (private), meaning that only approved nodes can join it. Because of this, it can use a simplified consensus mechanism that relies on a majority vote, which also makes transactions significantly faster than Ethereum, which is a public or unpermissioned blockchain. And since it is designed to manage financial transactions more privacy is built in.
The new rights and royalties management solution runs on Microsoft Azure cloud. It has already been rolled out to a few games producers that use Microsoft's platform, among the first being Ubisoft, which is currently testing the system. It will later be extended to other gaming companies and eventually to authors and musicians and other creative types too.
While the EY press release doesn't actually give the new system an official name, Redmond seems to have already dubbed it the 'Microsoft Rights and Royalties blockchain network' with no mention of EY in the title. Now, how to manage who gets naming rights?
Next page: Blockchain doubts voiced by bankers; Microsoft's BaaS customers; EOS mainnet launch; China bigs up blockchains; Maidsafe's PARSEC consensus algorithm
18/06/2018 Blockchain came into being as a way of supporting a new currency, Bitcoin, in the wake of the global financial crisis of 2008. By cutting out the middleman (i.e. the banks and central authorities that had got us into the mess) a more just and trustworthy monetary system could be created, its founders reasoned.
The limitations of Bitcoin in this regard have been apparent for some time, and its proponents have generally downgraded its use case from ‘the new money' to more a 'store of value', like digital gold. Nevertheless, banks and central authorities have been setting up blockchain pilots to see if the immutable ledger can be utilised for their benefit.
They may be wasting their time, says Switzerland-based Bank for International Settlements (BIS) - an institution that provides banking services to central banks and international organisations. In its annual report it says that cryptocurrencies are too untrustworthy to act as a replacement for fiat currencies and that blockchains cannot scale sufficiently and are too energy intensive.
"Cryptocurrencies such as Bitcoin promise to deliver not only a convenient payment means based on digital technology but also a novel model of trust. Yet delivering on this promise hinges on a set of assumptions: that honest miners control the vast majority of computing power, that users verify the history of all transactions and that the supply of the currency is predetermined by a protocol," it says.
"Understanding these assumptions is important, for they give rise to two basic questions regarding the usefulness of cryptocurrencies. First, does this cumbersome way of trying to achieve trust come at the expense of efficiency? Second, can trust truly and always be achieved?"
BIS concludes that the answer to both of these questions is no.
The report criticises the enormous energy use of the current generation of blockchains, noting that Bitcoin has the same electricity consumption as Switzerland.
"Put in the simplest terms, the quest for decentralised trust has quickly become an environmental disaster," it says.
Other shortcomings include its lack of scalability and throughput. Blockchains are simply too slow to manage large-scale financial transactions efficiently and throughput decreases with the number of transactions. Moreover, with each new transaction the blockchain grows ever larger.
BIS points out that cryptocurrencies are unstable, putting this down to more than the current speculative nature of the market. A central bank has a duty to stabilise the currency, as well as being a lender of last resort - something not possible in a decentralised system.
"In a decentralised network of cryptocurrency users, there is no central agent with the obligation or the incentives to stabilise the value of the currency: whenever demand for the cryptocurrency decreases, so does it's price."
Then there's the lack of trust as to when payments will be made - if at all. Proof-of-work blockchain consensus on transactions never reaches 100 per cent certainty and trust may be further undermined by the very real prospect of projects being forked.
And there are issues about money laundering and regulation. Their global nature means that global legislation is needed to regulate cryptocurrencies, BIS points out.
A minor plus: blockchain can provide some benefits for the global financial system, however, BIS said. Permissioned blockchains can make cross-border payments and international supply chains can be made more efficient. The latter was recently discussed by FedEx boss Fred Smith.
So, a pretty damning report with many valid criticisms but none that are new, at least on the technical side. Most people accept that the Bitcoin blockchain is very much decentralised network mark 1, and many of the scalability, sustainability and trust problems are being worked on by other systems (see earlier in this blog).
Nevertheless, the question of whether a fully decentralised currency can ever be stable enough to be a trustworthy alternative is an interesting one, and probably not best dismissed as just central bankers hitting back.
15/06/18 Microsoft Azure CEO Mark Russinovich has been talking about a couple of customers who run blockchain based applications on the cloud platform. The first one he mentioned was chemicals corporation 3M which has implemented a system to increase trust in its supply chain.
"3M is doing it to track the provenance of sensitive pharmaceuticals to make sure when the customer gets it they can verify it actually came from a reputable source. There's so much fraud in the pharmaceutical industry with lots of fakes and tampering," Russinovich told Yahoo Finance.
The second customer he talked about was Webjet, an Australian travel company that, among other things, sells hotel rooms online.
"A single transaction of an item like a hotel room to an end user might involve five transactions, and they found that roughly one in 10 of those required some sort of manual intervention because of problems on the way," Russinovich said, adding that in one in 25 transactions "somebody in the chain doesn't get paid so there's a lot of loss and a lot of fraud".
Webjet has created a a data reconciliation service for the travel industry called Rezchain which is based on the Ethereum blockchain running on Azure. Russinovich claimed this has reduced the need for internal interventions by more than 90 per cent.
Microsoft first started experimenting with blockchains on Azure about four years ago prompted by rising interest from enterprises as bitcoin started to make headlines.
"Cryprocurrencies were on top of everyone's mind and everyone was wondering how they could make use of it, and we saw many companies looking with concern at whether they will be disrupted by somebody else that might get to a blockchain solution before them," Russinovich said.
Microsoft has moved quickly to try to corner what is still a very new market. A couple of years ago it announced a partnership with startups Blockstack and ConsenSys to develop a blockchain-based identity system on Azure.
11/06/18 The EOS mainnet, a blockchain designed as a platform for smart contracts to rival Ethereum, went live over the weekend, although it's not yet open for business.
Voting is currently underway among holders of EOS cryptocurrency tokens to decide on the first 21 block producer candidates which will manage the blockchain and mine the blocks, for which they will earn EOS tokens.
EOS is designed to support decentralised applications (dApps) and smart contracts. It is expected that it will be able to handle a much higher throughput than Ethereum - 5,000 per second compared with the latter's 15 - and at a lower latency. EOS uses a proof-of-stake consensus mechanism rather than Ethererum's proof-of-work (PoW) which is harder to scale. Transactions in Ethereum's currency the ether (ETH) also incur relatively high charges while fees to secure the EOS blockchain are managed through inflation - tokens produced to pay the miners mean there are more in circulation.
On the other hand, the EOS model is more centralised with just a few miners controlling the governance of the blockchain - and only one running the election to decide the initial 21.
There can a total of only 21 EOS block producers at any given time. This would be a big problem were all the miners to be in one jurisdiction although the block producers will be continuously rotated to reduce this problem. Nevertheless critics point out that large miners may be able to influence this process by buying votes.
The launch of the EOS mainnet was postponed after critical vulnerabilities were discovered by a cyber security company a few weeks back.
The EOS project has raised approximately $4 bn through sales of its token over the last year making it by far the largest project of its kind in financial terms.
Update 15/06/18: the voting process has now finished.
04/06/18 Blockchain hype is not restricted to fintech startups and dubious cryptocurrency launches. The Chinese government and its supported tech companies now appear to be climbing on board the bandwagon too.
On Sunday, Chen Weihong a presenter on state broadcaster China Central Television (CCTV) - a channel widely seen as a mouthpiece of the government - claimed "the economic value of blockchain is 10 times more than that of the internet".
His statement came during a discussion about blockchain technology that featured well-known figures in the field such as Canadian author Don Tapscott, who claimed that "we're moving from an internet of data to an internet of value".
"No for the first time ever people and organisations can do transactions peer-to-peer," Tapscott said.
Also present were included Chen Lei, CEO of cloud network firm Xunlei, and Stanford University professor and investor Zhang Shoucheng.
As reported by Coindesk Zhang said: "While the real value of the internet is aggregating individual pieces of information into one place, which is exactly what Google and Facebook does, we are now entering an era where information is being decentralised so that individuals can own their individual data. And that's the real value of blockchain that makes it exciting."
Since programmes on CCTV generally reflect the views of the Chinese government the debate was unsurprisingly critical of many of the cryptocurrency ‘initial coin offerings' (ICOs) that have come up from nowhere to net billions, sometimes on the strength of a single white paper. China implemented a nationwide cryptocurrency ban in February. However, there are plenty of signs that China plans to become a big player in the underlying blockchain technology.
On Saturday Baidu - the ‘Chinese Google' - announced a protocol called Super Chain designed to reduce the energy requirement for the blockchain mining process.
25/05/18 Ayr-based MaidSafe (the inspiration, incidentally, for the 'new Internet' Pied Piper in the HBO series Silicon Valley) has come up with what it claims is the most efficient solution yet to the well-known Byzantine Generals problem: achieving consensus across a masterless distributed network in which no one node can be seen as the ultimate source of truth. It's a system the firm says could replace blockchain consensus for trustless data storage.
MaidSafe has been working on its blockchainless peer-to-peer autonomous data network for more than a decade. Unlike traditional client-server networks, the SAFE Network has no central point of control. Instead, it is made up of users' own machines which are used to randomly store encrypted chunks of the files uploaded to the network - a little like BitTorrent but without any central trackers and with everything encrypted. The idea is that it allows data storage (and eventually compute) with no single point of failure and in such a way that only the user has total control of his or her data. Only the user can grant access to people and applications that might want to share it. It also has its own integral cryptocurrency which is used to balance the give and take on the network.
Byzantine fault tolerance is a central issue for all decentralised distributed networks. In brief, how without a central point of authority can 'truth' be agreed upon? A particular node might be faulty or malicious but while another node nearby will see it as such a third node located in a far-flung part of the network might see it as perfectly fine because of the time taken for messages to traverse the infrastructure. Another way of looking at it is how can the network as a whole be sure of the order in which events happen on it?
This long-standing issue was finally solved by Bitcoin inventor Satoshi Nakamoto via the proof-of-work (PoW) consensus mechanism. Miners compete to be the first to solve a complex mathematical problem for which they are awarded Bitcoin and their particular version of the truth is put forward. The other nodes then come together to accept or reject this version and ultimately the network converges on the one true agreed state that will be used going forward. A key application is to prevent the problem of double-spend, where one might otherwise spend a Bitcoin simultaneously in two places.
But while Bitcoin has been highly successful in this regard the limitations of the blockchain regarding carrying capacity, scalability and throughput have become apparent. Moreover, the energy-intensive PoW consensus system has led to a high degree of centralisation since only large-scale professional miners with access to the latest ASICs and cheap electricity can now realistically earn Bitcoin in this way.
These issues make blockchains ill-suited as the basis for a data network - the equivalent of the internet or, looking further afield, the sort of heterogeous distributed networks represented by the IoT, the company says.
"The very design of blockchains means that their use case isn't suited to a global internet that deals with vast amounts of data that needs to be both private and secure," MaidSafe writes in a blog post.
The SAFE Network actually predates the Bitcoin blockchain by a couple of years but it is still at pre-release alpha stage. One of the key things that have held back progress is the difficulty in achieving a reliable consensus mechanism - the equivalent of PoW. However, this is a nut MaidSafe now claims to have cracked with PARSEC (Protocol for Asynchronous, Reliable, Secure and Efficient Consensus), a new algorithm based on a gossip protocol which the firm will open source under the GPL3 licence.
"It provides network consensus through maths and not through burning huge amounts of electricity," said CEO David Irvine.
The blog goes into more detail: "The concept of Byzantine fault tolerance is a crucial one. It means that it is mathematically guaranteed that all parts of the network will come to the same agreement at a certain point in time. Exactly what PARSEC achieves."
It continues: "With PARSEC, consensus is mathematically guaranteed as certain (as well as having a throughput that dwarfs blockchain tech). What's more, PARSEC is highly asynchronous. This means that there is no trusted setup nor any synchronous steps involved."
The company claims that PARSEC, a type of directed acyclic graph (DAG), offers significant advantages over other alternatives to PoW such as Proof of Stake. The nearest competitor would seem to be the Hashgraph DAG, but that has shortcomings when it comes to autonomous data network applications for the IoT, the firm says.
Got any breaking decentralised developments to tell us about? Let us know. (Mature projects with code published on GitHub or similar or a paper reproduced in an established journal please, rather than speculative stuff or coin news.)
Huawei under official US investigation into intellectual property theft - WSJ
By Lukas Job | News | 17 January 2019
Huawei accused of stealing trade secrets from US partners
Huawei is facing a criminal investigation in the US over claims of theft of trade secrets from US partners.
The investigation comes amid accusations by the US government that the company had ignored US organisations' intellectual property rights and had stolen US-developed technology.
The report finds that the investigation into Huawei stems from several previous civil lawsuits against the Chinese communications hardware maker.
It specifically mentions a lawsuit against Huawei in 2014 when T-Mobile accused Huawei of stealing technology for a robot testing mobile phones. A jury in Seattle found that the company was liable for misappropriating the robot technology.
The US investigation comes amid a growing trade war between the US and China over claims by the US that China is an unfair trade partner.
And Huawei has been at centre stage of the dispute between the Trump administration and Beijing almost from the start.
The tensions escalated in December when Canadian authorities arrested Huawei's chief financial officer, Meng Wanzhou, the daughter of Huawei's founder, over a US-issued arrest warrant. She faces extradition to the US from Canada over allegations that she helped the company to violate US sanctions against Iran.
On top of that, the company is facing growing criticism from US federal agencies and lawmakers for its close ties to China's government.
Many believe that its presence at the heart of national communications networks across the world poses a security threat, with the fear that the government in Beijing could compel Huawei, or people who work for it, to used their privileged position to spy on network traffic.
Earlier this week, Huawei founder Ren Zhengfei dismissed such claims and called for more cooperation between US and Chinese businesses.
Meanwhile, the Trump administration has announced that it is considering a draconian executive order banning US companies from using Huawei products.
Microsoft plan to divorce Cortana from search in Windows 10 previewed in Insider Build 18317
By Graeme Burton | News | 17 January 2019
Windows 10 search shake-up will also bring changes to Office 365
Microsoft is planning to separate its Cortana personal assistant from search in forthcoming iterations of Windows 10, if the latest Insider build is any guide.
The change, which has been previewed in Build 18317, is a response to criticism over the way in which search has been implemented in Windows 10. Because Cortana only works effectively with Microsoft's own Bing search engine, this meant that the integrated search facility in Microsoft also had to be tied to Bing - preventing users from making Google or DuckDuckGo their default search service.
In Build 18317, the text box will be solely for searching, while Cortana will require either voice commands or for the user to click the separate Cortana button on the Windows 10 taskbar. "This will enable each experience to innovate independently to best serve their target audiences and use cases," wrote Dona Sarkar and Brandon LeBlanc in the Windows blog announcing the new build.
However, it's not yet clear whether Microsoft will enable users to set their own default search engine in the future.
The separation isn't just a response to user criticisms, though, but will also be part of a broader shake-up of search by Microsoft that will also encompass corporate Office 365 subscriptions. Microsoft is planning to unify the search function across the various elements of Office 365 to provide more consistency, and to ensure that searches encompass the whole of the Office 365 package, regardless of which element they are launched from.
Other changes previewed in Build 18317 include a "better font management experience in settings", which doesn't especially sound like something users have been crying out for; and improvements to Start menu reliability by carving it out from ShellExperienceHost.exe out into its own separate executable.
On top of that, of course, is the usual series of bug fixes and tweaks.