Is block power about to revolutionise banking? | John Naughton

Blockchain technology has the potential to bring the world of finance into the modern world. And it cant come soon enough

Science advances, said the great German physicist Max Planck, one funeral at a time. Actually, this is a paraphrase of what he really said, which was: A new scientific truth does not triumph by convincing its opponents and making them see the light, but rather because its opponents eventually die, and a new generation grows up that is familiar with it. But you get the drift.

I always think of Plancks aphorism whenever moral panic breaks out over the supposedly dizzying pace of technological change. Which happens all the time nowadays, even though the data says otherwise. If you take as your measure of speed how long it takes a new technology to be adopted by 50% of US households, for example, then radios (eight years) and black-and-white TVs (nine) reached that threshold faster than PCs (17) or mobile phones (15).

So when we talk about the pace of change, it makes sense to distinguish between different kinds of innovation. If the change requires the building of infrastructure the electricity grid or the internet, say then the pace of change can be very slow. But if it just involves innovations that harness existing infrastructure new TV formats or smartphone apps the pace can indeed be dizzying, because they just piggyback on existing infrastructure. This is why Uber and Airbnb took so long to materialise: they needed smartphones, GPS and ubiquitous wireless networking before they became viable, whereas Facebook only needed the web. And the web itself spread like wildfire only because the infrastructure it needed the wired internet was already in place. No digging required.

Where the trope about accelerating technology-driven change really breaks down, though, is when you try to apply it to governmental, legal and commercial institutions. What you then find is a chaotic spectrum that runs from astonishingly rapid change in some areas to glacial inertia in others. On the governmental/regulation front, for example, data protection legislation is fighting a losing battle against the proliferating ambiguities of big data. Yet at the same time, we learn from Edward Snowden how far the NSA and GCHQ have been ahead of the technological curve while being at the same time supposedly answerable to government bureaucracies running the last but one version of Microsoft Windows (or even XP, for Gods sake).

Or take the finance industry. On the one hand, its banks are global institutions apparently able to move trillions of dollars between continents at the speed of light. High-speed traders spent billions of dollars digging a straight-line trench from Chicago to New York to shave nanoseconds off the time that it takes a buy-or-sell instruction to traverse a strand of glass fibre. On the other hand, it takes five working days to clear a cheque.

Illustration
Illustration by Matt Murphy.

In a fascinating article in the Financial Times last week, the veteran commentator Martin Wolf turned his gaze on the banks. Information technology, he wrote, has disrupted the entertainment, media and retail businesses and, most recently, the supply of hotel rooms and taxis. Is it going to do the same to finance? My first response is: please. My second response is: yes.

Wolfs reasoning is that banks and insurance companies are our core financial institutions because they do three essential things: enable payments, act as intermediaries between saving and investment and provide insurance. But they dont do any of these things well and mostly they do them with staggering inefficiency. Even today, Wolf says, 40% of the global revenues of the banking system thats $1.7tn come from payments and settlement can take still take hours or days.

So here we have a global industry that, in one of its core competencies, is operating at a pace that Mayer Rothschild, the founder of the great banking dynasty in the 1760s, might have recognised. Could digital technology help? Yes, says Wolf. It could, for example, transform payments using some variant of the blockchain technology that underpins cryptocurrencies such as bitcoin.

Hes right: blockchain technology could make payments nearly instantaneous and at very low cost. Which is presumably why the Bank of England has encouraged some UCL computer scientists to design a cryptocurrency that would combine the affordances of a blockchain system with the control over monetary policy that a central bank would expect to retain. And its also why the governments chief scientific adviser recently published a report extolling the potential of blockchains for streamlining government services.

So here we have an interesting conundrum: with astonishing speed, computer scientists have come up with a truly revolutionary technology that could transform both banking and the provision of public services. I said could. But we will have to wait until we can make blockchain payments every day before we know what the real pace of change is. One funeral at a time, remember.

Read more: www.theguardian.com

‘Accidental hero’ halts ransomware attack and warns: this is not over

Expert who stopped spread of attack by activating softwares kill switch says criminals will change the code and start again

The accidental hero who halted the global spread of an unprecedented ransomware attack by registering a garbled domain name hidden in the malware has warned the attack could be rebooted.

The ransomware used in Fridays attack wreaked havoc on organisations including FedEx and Telefnica, as well as the UKs National Health Service (NHS), where operations were cancelled, X-rays, test results and patient records became unavailable and phones did not work.

But the spread of the attack was brought to a sudden halt when one UK cybersecurity researcher tweeting as @malwaretechblog, with the help of Darien Huss from security firm Proofpoint, found and inadvertently activated a kill switch in the malicious software.

The researcher, who identified himself only as MalwareTech, is a 22-year-old from south-west England who works for Kryptos logic, an LA-based threat intelligence company.

I was out having lunch with a friend and got back about 3pm and saw an influx of news articles about the NHS and various UK organisations being hit, he told the Guardian. I had a bit of a look into that and then I found a sample of the malware behind it, and saw that it was connecting out to a specific domain, which was not registered. So I picked it up not knowing what it did at the time.

The kill switch was hardcoded into the malware in case the creator wanted to stop it spreading. This involved a very long nonsensical domain name that the malware makes a request to just as if it was looking up any website and if the request comes back and shows that the domain is live, the kill switch takes effect and the malware stops spreading. The domain cost $10.69 and was immediately registering thousands of connections every second.

MalwareTech explained that he bought the domain because his company tracks botnets, and by registering these domains they can get an insight into how the botnet is spreading. The intent was to just monitor the spread and see if we could do anything about it later on. But we actually stopped the spread just by registering the domain, he said. But the following hours were an emotional rollercoaster.

Initially someone had reported the wrong way round that we had caused the infection by registering the domain, so I had a mini freakout until I realised it was actually the other way around and we had stopped it, he said.

MalwareTech said he preferred to stay anonymous because it just doesnt make sense to give out my personal information, obviously were working against bad guys and theyre not going to be happy about this.

He also said he planned to hold onto the URL, and he and colleagues were collecting the IPs and sending them off to law enforcement agencies so they can notify the infected victims, not all of whom are aware that they have been affected.

He warned people to patch their systems, adding: This is not over. The attackers will realise how we stopped it, theyll change the code and then theyll start again. Enable windows update, update and then reboot.

He said he got his first job out of school without any real qualifications, having skipped university to start up a tech blog and write software.

Its always been a hobby to me, Im self-taught. I ended up getting a job out of my first botnet tracker, which the company I now work for saw and contacted me about, asking if I wanted a job. Ive been working there a year and two months now.

But the dark knight of the dark web still lives at home with his parents, which he joked was so stereotypical. His mum, he said, was aware of what had happened and was excited, but his dad hadnt been home yet. Im sure my mother will inform him, he said.

Its not going to be a lifestyle change, its just a five-minutes of fame sort of thing. It is quite crazy, Ive not been able to check into my Twitter feed all day because its just been going too fast to read. Every time I refresh it its another 99 notifications.

Proofpoints Ryan Kalember said the British researcher gets the accidental hero award of the day. They didnt realise how much it probably slowed down the spread of this ransomware.

The time that @malwaretechblog registered the domain was too late to help Europe and Asia, where many organisations were affected. But it gave people in the US more time to develop immunity to the attack by patching their systems before they were infected, said Kalember.

Play Video
0:32

Theresa May: ‘This is not targeted at the NHS, its an international attack’ video

The kill switch wont help anyone whose computer is already infected with the ransomware, and its possible that there are other variants of the malware with different kill switches that will continue to spread.

The malware was made available online on 14 April through a dump by a group called Shadow Brokers, which claimed last year to have stolen a cache of cyber weapons from the National Security Agency (NSA).

Ransomware is a type of malware that encrypts a users data, then demands payment in exchange for unlocking the data. This attack used a piece of malicious software called WanaCrypt0r 2.0 or WannaCry, that exploits a vulnerability in Windows. Microsoft released a patch (a software update that fixes the problem) for the flaw in March, but computers that have not installed the security update remain vulnerable.

MalwareTech (@MalwareTechBlog)

I will confess that I was unaware registering the domain would stop the malware until after i registered it, so initially it was accidental.

May 13, 2017

The ransomware demands users pay $300 worth of cryptocurrency Bitcoin to retrieve their files, though it warns that the payment will be raised after a certain amount of time. Translations of the ransom message in 28 languages are included. The malware spreads through email.

This was eminently predictable in lots of ways, said Kalember. As soon as the Shadow Brokers dump came out everyone [in the security industry] realised that a lot of people wouldnt be able to install a patch, especially if they used an operating system like Windows XP [which many NHS computers still use], for which there is no patch.

Security researchers with Kaspersky Lab have recorded more than 45,000 attacks in 74 countries, including the UK, Russia, Ukraine, India, China, Italy, and Egypt. In Spain, major companies including telecommunications firm Telefnica were infected.

By Friday evening, the ransomware had spread to the United States and South America, though Europe and Russia remained the hardest hit, according to security researchers Malware Hunter Team. The Russian interior ministry says about 1,000 computers have been affected.

Read more: www.theguardian.com

WannaCry ransomware has links to North Korea, cybersecurity experts say

Similarities spotted between details of last weeks massive cyber-attack and code used by a prolific cybergang with links to North Korean government

Two top security firms have found evidence linking the WannaCry ransomware to the prolific North Korean cybergang known as Lazarus Group.

Kaspersky and Symantec both said on Monday that technical details within an early version of the WannaCry code are similar to code used in a 2015 backdoor created by the government-linked North Korean hackers, who were implicated in the 2014 attack on Sony Pictures and an $81m heist on a Bangladeshi bank in 2016. Lazarus Group has also been known to use and target Bitcoin in its hacking operations. The similarities were first spotted by Google security researcher Neal Mehta and echoed by other researchers including Matthieu Suiche from UAE-based Comae Technologies.

Matthieu Suiche (@msuiche)

Similitude between #WannaCry and Contopee from Lazarus Group ! thx @neelmehta – Is DPRK behind #WannaCry ? pic.twitter.com/uJ7TVeATC5

May 15, 2017

Shared code doesnt always mean the same hacking group is responsible an entirely different group may have simply re-used Lazarus groups backdoor code from 2015 as a false flag to confuse anyone trying to identify the perpetrator. However the re-used code appears to have been removed from later versions of WannaCry, which according to Kaspersky gives less weight to the false flag theory.

We believe its important that other researchers around the world investigate these similarities and attempt to discover more facts about the origin of WannaCry, said Kaspersky Lab in a blogpost, pointing out that in the early days of the Bangladesh bank attack, there were scant clues linking it to the Lazarus group. However, over time researchers found more clues to build the case against the North Korea-linked cybergang.

Kaspersky is among the research teams to have been studying Lazarus Group for years, and in April it published a detailed under the hood report exposing the groups modus operandi.

This level of sophistication is something that is not generally found in the cybercriminal world. Its something that requires strict organization and control at all stages of operation. Thats why we think that Lazarus is not just another advanced persistent threat actor, said Kaspersky, which also found attacks originating from IP addresses in North Korea.

The WannaCry ransomware attack has now now hit more than 200,000 computers in 150 countries, crippling hospitals, governments and businesses.

The links to North Korea come at a time when security researchers and technology companies are criticizing the US government for stockpiling cyberweapons including the malicious software used in WannaCry.

The WannaCry exploits used in the attack were drawn from a cache of exploits stolen from the NSA by the Shadow Brokers in August 2016. The NSA and other government agencies around the world create and collect vulnerabilities in popular pieces of software (such as Windows) and cyberweapons to use for intelligence gathering and cyberwarfare.

Once these vulnerabilities were leaked by the Shadow Brokers, they became available for cybercriminals to adapt for financial gain by creating ransomware. This ransomware spread rapidly on Friday by exploiting a vulnerability contained in the NSA leak, targeting computers running Microsofts Windows operating system, taking over users files and demanding $300 to restore them.

Employees
Employees monitor possible ransomware cyber-attacks at the Korea Internet and Security Agency (Kisa) in Seoul, South Korea, on 15 May. Photograph: YONHAP/EPA

This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem, said Brad Smith, president and chief legal officer of Microsoft, in a blogpost.

Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen.

The blogposts mentions that vulnerabilities stockpiled by the CIA also ended up in the public domain via Wikileaks.

This is an emerging pattern in 2017, Smith said, adding that the latest attack represents a completely unintended but disconcerting link between nation-state action (the NSA) and organized criminal action (the ransomware creator).

The governments of the world should treat this attack as a wake-up call, said Smith, urging nations to treat cyber weapons in the same way that physical weapons are treated.

We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits.

Jeremy Wittkop, chief technology officer of security company Intelisecure, argues that if governments are to stockpile weapons they need to secure them better.

The government has a responsibility like with nuclear weapons to make sure they dont fall into the hands of the wrong people, he said. If you are going to create something that can cause this much damage you have to protect it.

Microsoft has called for a Digital Geneva Convention requiring governments to report vulnerabilities to the creators of the software instead of stockpiling, selling or exploiting them.

Read more: www.theguardian.com

Blockchain: the answer to life, the universe and everything?

Bitcoin hasnt lived up to the salvation rhetoric, but the digital engine behind the currency may be about to change the world

Have you heard the good news? The blockchain is here and its going to save everything.

If you arent tied to the tech community, you might not have picked up on this salvation rhetoric. But you probably have heard of bitcoin, which burst into the public consciousness before imploding dramatically in 2014.

But now, bitcoin is starting to look less important than the engine that drives it the blockchain. It was created to solve a problem that had been puzzling digital activists for decades: how to create digital property without a central authority keeping track of who owns what.

Read more: www.theguardian.com

Massive ransomware cyber-attack hits nearly 100 countries around the world

More than 45,000 attacks recorded in countries including the UK, Russia, India and China may have originated with theft of cyber weapons from the NSA

A ransomware cyber-attack that may have originated from the theft of cyber weapons linked to the US government has hobbled hospitals in England and spread to countries across the world.

Security researchers with Kaspersky Lab have recorded more than 45,000 attacks in 99 countries, including the UK, Russia, Ukraine, India, China, Italy, and Egypt. In Spain, major companies including telecommunications firm Telefnica were infected.

By Friday evening, the ransomware had spread to the United States and South America, though Europe and Russia remained the hardest hit, according to security researchers Malware Hunter Team. The Russian interior ministry says about 1,000 computers have been affected.

Markus Jakobsson, chief scientist with security firm Agari, said that the attack was scattershot rather than targeted.

Its a very broad spread, Jakobsson said, noting that the ransom demand is relatively small.

This is not an attack that was meant for large institutions. It was meant for anyone who got it.

MalwareHunterTeam (@malwrhunterteam)

Fresh IDR based heatmap for WanaCrypt0r 2.0 ransomware (WCry/WannaCry).
Also follow @MalwareTechBlog‘s tracker: https://t.co/mjFwsT3JzH pic.twitter.com/SPeZfBpckm

May 12, 2017

The malware was made available online on 14 April through a dump by a group called Shadow Brokers, which claimed last year to have stolen a cache of cyber weapons from the National Security Agency (NSA). At the time, there was skepticism about whether the group was exaggerating the scale of its hack.

On Twitter, whistleblower Edward Snowden blamed the NSA.

If @NSAGov had privately disclosed the flaw used to attack hospitals when they *found* it, not when they lost it, this may not have happened, he said.

Its very easy for someone to say that, but the reality is the US government isnt the only one that has a stockpile of exploits they are leveraging to protect the nation, said Jay Kaplan, CEO of Synack, who formerly worked at the NSA.

Its this constant tug of war. Do you let intelligence agencies continue to take advantage of vulnerabilities to fight terrorists or do you give it to the vendors and fix them?

The NSA is among many government agencies around the world to collect cyber weapons and vulnerabilities in popular operating systems and software so they can use them to carry out intelligence gathering or engage in cyberwarfare. The agency did not immediately respond to a request for comment.

Ransomware is a type of malware that encrypts a users data, then demands payment in exchange for unlocking the data. This attack used malicious software called WanaCrypt0r 2.0 or WannaCry, that exploits a vulnerability in Windows. Microsoft released a patch (a software update that fixes the problem) for the flaw in March, but computers that have not installed the security update remain vulnerable.

This was eminently predictable in lots of ways, said Ryan Kalember from cybersecurity firm Proofpoint. As soon as the Shadow Brokers dump came out everyone [in the security industry] realized that a lot of people wouldnt be able to install a patch, especially if they used an operating system like Windows XP [which many NHS computers still use], for which there is no patch.

The ransomware demands users pay $300 worth of cryptocurrency Bitcoin to retrieve their files, though it warns that the payment will be raised after a certain amount of time. Translations of the ransom message in 28 languages are included. The malware spreads through email.

Attacks with language support show a progressive increase of the threat level, Jakobsson said.

The attack hit Englands National Health Service (NHS) on Friday, locking staff out of their computers and forcing some hospitals to divert patients.

The attack against the NHS demonstrates that cyber-attacks can quite literally have life and death consequences, said Mike Viscuso, chief techology officer of security firm Carbon Black. When patients lives are at stake, there is no time for finger pointing but this attack serves as an additional clarion call that healthcare organizations must make cybersecurity a priority, lest they encounter a scenario where lives are risked.

Ransomware attacks are on the rise. Security company SonicWall, which studies cyberthreats, saw ransomware attacks rise 167 times in 2016 compared to 2015.

Ransomware attacks everyone, but industry verticals that rely on legacy systems are especially vulnerable, said Dmitriy Ayrapetov, executive director at SonicWall.

A Los Angeles hospital paid $17,000 in bitcoin to ransomware hackers last year, after a cyber-attack locked doctors and nurses out of their computer system for days.

Jakub Kroustek (@JakubKroustek)

36,000 detections of #WannaCry (aka #WanaCypt0r aka #WCry) #ransomware so far. Russia, Ukraine, and Taiwan leading. This is huge. pic.twitter.com/EaZcaxPta4

May 12, 2017

Jakobsson said that the concentration of the attack in Russia suggested that the attack originated in Russia. Since the malware spreads by email, the level of penetration in Russia could be a sign that the criminals had access to a large database of Russian email addresses.

However, Jakobsson warned that the origin of the attack remains unconfirmed.

Read more: www.theguardian.com

Bitcoin price soars above $5,000 to record high

Rising price of the cryptocurrency, now worth four times as much as an ounce of gold, has led to warnings of a bubble

The price of bitcoin has smashed through $5,000 to an all-time high.

The cryptocurrency rose by more than 8% to $5,243 having started the year at $966. Bitcoin has soared by more than 750% in the past year and is worth four times as much as an ounce of gold.

But the price has been volatile. The digital currency plunged below $3,000 in mid-September after the Chinese authorities announced a crackdown. Beijing ordered cryptocurrency exchanges to stop trading and block new registrations, due to fears that increasing numbers of consumers piling into the bitcoin market could prompt wider financial problems.

Price of bitcoin

Jordan Hiscott, the chief trader at Ayondo Markets, said: “The returns are truly remarkable, especially given the recent ban on bitcoin trading in China, where demand had previously accounted for at least 10% of all global volumes.”

Vladimir Putin, the Russian president, called this week for regulation of cryptocurrencies, saying their use “bears serious risks” such as money laundering, tax evasion and funding for terrorism. But he also warned against imposing “too many barriers,” which appears to have given bitcoin a boost.

Despite warnings over a bubble, bitcoin is gaining in acceptance. Last month, a London property developer, The Collective, said it would allow its tenants to pay their deposits in bitcoin and accept rent payments in the cryptocurrency by the end of the year.

Two weeks ago, Japan’s government implemented rules that recognise bitcoin as a payment method. Celebrities have also got involved, with the boxer Floyd Mayweather, the socialite Paris Hilton and the actor Jamie Foxx promoting coin offerings.

Using bitcoin allows people to bypass banks and traditional payment processes to pay for goods and services directly. Banks and other financial institutions have been concerned about bitcoin’s associations with money laundering and online crime because transactions take place anonymously.

The soaring value of bitcoin and other cryptocurrencies comes despite growing warnings over a price bubble.

The starkest warning came from the JP Morgan chief executive, Jamie Dimon, who said bitcoin was a fraud that would ultimately blow up. Speaking last month, he said there was a limited market for the digital currency, arguing that it was only fit for use by drug dealers, murderers and people living in countries such as North Korea. He pledged to sack any JP Morgan trader investing in Bitcoin, but also admitted he had not been able to dissuade his daughter from investing.

Dimon declined to comment on the surge in bitcoin during an earnings call on Thursday. “I’m not going to talk about bitcoin any more,” he said.

Kenneth Rogoff, a professor of economics and public policy at Harvard University and a former IMF chief economist, has predicted that the technology behind cryptocurrencies will thrive, but the price of bitcoin will collapse.

“It is folly to think that bitcoin will ever be allowed to supplant central bank-issued money,” he wrote in the Guardian this week.

“It is one thing for governments to allow small anonymous transactions with virtual currencies; indeed, this would be desirable. But it is an entirely different matter for governments to allow large-scale anonymous payments, which would make it extremely difficult to collect taxes or counter criminal activity.”

Daniel Murray, global head of research at EFG Asset Management, noted that in 2013, bitcoin soared twelvefold in just four months but within a month had lost a third of its value and four months after its peak had lost 60% of its value.

“Investors buy [an] asset because they are seduced by the prospect of further rapid gains without necessarily thinking about intrinsic value,” he said. He noted that historically currencies were backed by precious metals, and these days most currencies were based on macroeconomic fundamentals such as inflation, interest rates and growth, and were backed by a central bank and government. None of this applied to bitcoin, although the supply is carefully controlled.

“It is hard to argue that bitcoin does anything better than existing currency arrangements whilst it does some things to a lower standard,” Murray added. “Individuals are already able to transact electronically using a plastic card.”

Read more: www.theguardian.com

From hope to hate: how the early internet fed the far right

The early days of the internet were full of hope: limitless information would make us wiser, kinder, less bigoted. So when did hate get a foothold?

Back in 1990, the American lawyer and author Mike Godwin proposed a law of early internet behaviour: “As an online discussion grows longer, the probability of a comparison involving the Nazis or Hitler approaches 1.”

In short, the more you talk online, the more likely you’ll be nasty. Godwin’s Law was in fact only half the story: it turns out talking online didn’t only make people think their opponents were Nazis. Some of them actually had become Nazis.

The apparent success of the “alt-right” and broader radical right movements in Europe and the US has plenty of analysts baffled. An incredulity that these nationalists are using the internet – supposedly the very essence of openness, progress and tolerance – to promote an agenda which agitates for the precise opposite. But the radical right has frequently been the most avid and enthusiastic adopters of shiny new technology, and have long found the internet a uniquely useful place.

Quick Guide

What is the ‘alt-right’?

Guide

Who coined the term ‘alt-right’?

The white supremacist Richard Spencer devised the term in 2010. He has described the movement as “identity politics for white Americans and for Europeans around the world”. 

What does it stand for?

The movement supports extreme rightwing ideologies, including white nationalism – used interchangeably with white supremacism – and antisemitism. It positions itself broadly against egalitarianism, democracy, universalism and multiculturalism.

Some “alt-right” supporters have argued that their hardline, extremist positions are not truly meant, but are a way to disrupt conventional and accepted thinking. Memes, irony and ambiguity are sometimes used in an attempt to wrongfoot critics.

How does the ‘alt-right’ relate to the Trump administration?

The Trump administration includes figures who are associated with the “alt-right”, including the former Breitbart News executive chairman Steve Bannon, now the White House chief strategist. Many of Trump’s policy positions have won favour with the movement.

Thank you for your feedback.

It all started with the Italian Futurists, who were proto-fascists at the turn of the 20th century. They dreamed of tearing up tradition and history so to better rush headlong into a future of technology, violence and masculinity. The technologies of their day were weapons, cars and radios, but the same dynamic holds true with digital technology today. As long ago as 1990 – before you were online – the white supremacist movement Stormfront spotted that networked computing would be a boon for their movement. They were perhaps the first political movement in the US to set up a bulletin board system (BBS) (they were a cross between a forum and a website, and were the main way people got online in the 80s). By 1995 Stormfront had turned their BBS into a proper website. In a now familiar flourish Don Black, the former KKK leader who ran the site, said it was to “provide an alternative news media” and create a virtual community for the fragmented white nationalist movement.

“Is hate young and new on the web?” asked one slightly stunned article back in 1998.

That question has been asked almost every year since. But the answer was and remains no. Stormfront is the rule rather than the exception. For most of the 2000s, the far-right British National Party had the most active and best designed website in UK politics. (Back in 2013 they were the first party to gamify their website – offering prizes for mentioning keywords in posts in order to drive up engagement).

In the years leading up to his murderous attacks in 2011, Norwegian terrorist Anders Breivik wrote a 1,516-page manifesto titled 2083: A European Declaration of Independence. In it he makes clear his belief that social media – especially Facebook – would help the white “resistance movements” fight back against multiculturalism, because it offered new opportunities to push propaganda and connect with like-minded individuals around the world. He even made a plea to all patriots to “create a nice website, a blog and establish a nice-looking Facebook page … to market the organization”.

This is precisely what all “patriots” – whether mild or radical – have done. If you look in almost any western democracy, typically the most active political movement online is the radical right: posting manically, creating new groups, and messaging with the newest encrypted apps. I’m not suggesting a moral equivalence between all these groups. The British National Party doesn’t advocate Breivik-style murder. The point is this: radical groups, especially those on the radical right who dislike openness and worry about diversity are extremely comfortable on the platforms that are meant to promote exactly that.

A
A march against white supremacy in Atlanta, Georgia. Photograph: Erik S. Lesser/EPA

According to Dr Maura Conway, a specialist at Dublin City University, last year saw a significant uptick in radical right activity online. And why not? Many of them believe – as Trump does – that the internet is a revolutionary way to tap into the voice of the people, that mythical “general will” that all tyrants purport to represent. If Mussolini were alive today, he would be an avid cheerleader for social media. He would say it was a route around the crooked media, a way to rise above narrow straight-jackets of left/right politics and connect with the common man.

It wasn’t meant to be like this. Back in the 90s, when the internet was tiny, the digital prophets confidently informed us that limitless information and total connectivity would make us wiser, less bigoted and kinder. Harley Hahn, an influential technology expert of the time, predicted in 1993 that we were about to evolve “a wonderful human culture that is really our birthright”. Nicholas Negroponte – former Director of the illustrious MIT Media Lab – declared in 1997 that the internet would bring about world peace, and the end of nationalism. John Perry Barlow, author of the “Declaration of the Independence of Cyberspace”, thought “just, humane and liberal” societies were finally coming into view, far superior to the “weary giants of flesh and steel”. It was all based on the incorrect, arrogant, and professorial assumption that more information and more connectedness would somehow banish all misunderstanding and bigotry, rather than fuel it by playing to base instincts.

We’re still wedded to this optimism because all new technology is naturally imbued with the exciting spirit of progress. That’s why the latest iteration – alternative facts, fake news, TrumpTwitter, the “alt-right”, Brietbart – has taken people by surprise, despite being utterly predictable.

Nothing represents the predictable blend of internet subculture and radical right thinking more exactly than the “alt-right”, the loose movement which includes streaks of free-speech fundamentalism, trolling, misogyny and white supremacy.

Quick Guide

What happened at the Charlottesville protests?

Guide

What happened in Charlottesville on 12 August?

White nationalists gathered in Charlottesville, Virginia, to protest against a plan to remove a statue of Robert E. Lee, the Confederacy’s top general in the American civil war.

Demonstrators chanted racist statements, carried antisemitic placards and held torches during the  “Unite the Right” rally, which was organised by white nationalist Jason Kessler.

The march was met by anti-fascist demonstrators, and some skirmishes broke out before James Fields, 20, allegedly ploughed a car into a group of counter-demonstrators. 

Civil rights activist Heather Heyer, 32, died and others were injured. Fields has been charged with murder. 

Thank you for your feedback.

And yet. Although only a small wedge of the broader radical right in the US, the “alt-right” has had influence beyond its size. Sprinkling KKK crackpots with some useful subversive digital counterculture, has given white supremacy a new lease of life. And because the “alt-right” is so nebulous and policy-lite, the more hardline groups are starting to fill the vacuum: witness Charlottesville. “What will be the real-world consequences,” wondered author Angela Nagle in a recent article, “of forcing such figures out of their semi-ironic anonymous online fantasy land, and potentially thrusting them into a toxic flirtation with violent offline tactics?” This is an excellent question, and one which all internet-based movements eventually ask.

White
White nationalist demonstrators use shields as they guard the entrance to Lee Park in Charlottesville, Virginia. Photograph: Steve Helber/AP

All this offers good and bad news for those worried by the current iteration of radical-right politics. They are presently emboldened, but suffer from the same characteristics that blight most internet heavy movements: poor long-term organising, a drifting and listless support base, and lack of clear leadership. This is a recipe for in-fighting, which is already happening. Moderate and extreme branches are already at each other’s throats. According to Nagle, Charlottesville, far from uniting the right, might spell the end of the uneasy alliance of in its current messy form.

But never forget that the internet is as much the friend of the radical right as self-styled progressives. To embrace the new is natural to a movement that wishes to overthrow the established order. Where better than cyberspace to build the new utopia? They will grab on to whatever dazzling new technology Silicon Valley throws up next and run with it.

There has been a recent push against the radical right from social network companies who’ve been accused of giving a them a platform – they build or find alternatives. Several internet companies have banned users, shut down sites or blocked access. Perhaps this will limit their influence. But history suggests the internet is part of the radical right DNA and they will morph and reconfigure quickly enough.

Already there is Gab, a social network for “alt-right” types, set up as an alternative to “entirely left-leaning Big Social monopoloy” by Andrew Torba, an alumni of the Silicon Valley startup incubator Y Combinator. Crowdfunding site Patreon recently started kicking off white supremacists, but now there’s Hatreon, founded as an alternative. (The site was created by Cody Wilson, a self-described “internet anarchist” who was involved in building an anonymous bitcoin wallet and 3D printed guns). Then there’s WeSearchr, which helped Daily Stormer founder Andrew Anglin raise more than $150,000 for a legal defense fund against the Southern Poverty Law Center. When Daily Stormer was closed down on the clearnet, it reappeared on the darknet (it’s now using the name “Punished Stormer”).

And just when you think that maybe, just maybe, the internet is becoming a hostile place for these groups, some new forces of reaction will be mutating, evolving and planning in a subversive obscure forum that you’ve not even heard of yet.

Radicals chasing Utopia by Jamie Bartlett is out now.

Read more: www.theguardian.com

Wikipedia founder to fight fake news with new Wikitribune site

Crowdfunded online publication from Jimmy Wales will pair paid journalists with army of volunteer contributors

Jimmy Wales, the co-founder of Wikipedia, is launching a new online publication which will aim to fight fake news by pairing professional journalists with an army of volunteer community contributors.

Wikitribune plans to pay for the reporters by raising money from a crowdfunding campaign.

Wales intends to cover general issues, such as US and UK politics, through to specialist science and technology.

Those who donate will become supporters, who in turn will have a say in which subjects and story threads the site focuses on. And Wales intends that the community of readers will fact-check and subedit published articles.

Describing Wikitribune as news by the people and for the people, Wales said: This will be the first time that professional journalists and citizen journalists will work side-by-side as equals writing stories as they happen, editing them live as they develop, and at all times backed by a community checking and rechecking all facts.

Although the site is launching at the beginning of the UK general election campaign, Wales said the impetus for the project came from the US.

Someone I know convinced me to give Trump 100 days before making my mind up, he said, but then on day one Kellyanne Conway came out and said her alternative facts line. That was when I really decided to move forward.

If the fundraising campaign goes well, Wales hopes to be able to hire the sites first journalists as soon as possible perhaps before 8 June, when Britons vote in the general election called by prime minister Theresa May.

Like Wikipedia, Waless new project will be free to access. The publication is launching on Tuesday 25 April with a crowdfunding campaign pre-selling monthly support packages to fund the initial journalists. The first issue will follow soon after.

The community contributors will play a key part in the new site, ensuring that the contents of the articles are always supported by as much extra information shared with the readers as possible.

They will be backed up by a presumption of transparency in the sites reporting, with journalists sharing full transcripts, video and audio of interviews.

He hopes that a combination of the distributed intelligence of Wikipedia and measured professional journalism driven by a business model thats not about chasing clicks will lead to a news organisation built from the ground up to combat fake news and political rabble-rousing.

There is a third way, he said, between the two models of he said, she said faux neutrality, or having a Paul Dacre [editor of the Daily Mail] agenda and ramming things down our throats.

He added: If you take a look at Wikipedia, its noisy and not a perfect place, but for true fake news, theres been almost no impact on the Wikipedia community.

The volunteers are experienced enough to know its nonsense, and have an ethos saying: No, were here for neutral facts: that community knows it from the ground up.

Those contributors who also support the site financially will eventually be able to advise on the topics they want Wikitribune to explore, Wales said.

If you take as an example the bitcoin community, theyre a very active and obsessed community.

Theres a lot of news that comes out in the field, and I think theyd love to be able to raise money to hire a journalist and put them on the bitcoin/blockchain beat.

The ideas behind Wikitribune are similar to other experiments with sustainable community journalism.

Dutch news website De Correspondent, for instance, was launched in 2013 after a 1m (850,000) crowdfunding campaign, with a goal of focusing on reporter-led in-depth coverage of a select few topics backed up by strong involvement from a community of financial backers.

In March, the site announced a push into the US market, funded by a $515,000 (400,000) grant from a number of digital news charities.

But Wales thinks that such comparisons do Wikitribune down. Im not sure that anyones ever been as radical as I am, he said.

Realistically, in terms of saying the community can really have control, a lot of people from traditional newsrooms have really had trouble getting their head around that.

Wales, who sits on the board of Guardian Media Group, the Guardians parent company, founded Wikipedia with Larry Sanger in 2001, before donating the entire project to a non-profit organisation, the Wikimedia Foundation, that he set up in 2003.

He remains a board member of the Wikimedia Foundation, and is the president of Wikia, a Wikipedia spin-off that allows communities to make their own collaboratively-edited encyclopaedias on topics ranging from Top Gear to Harry Potter.

Read more: www.theguardian.com

‘$300m in cryptocurrency’ accidentally lost forever due to bug

User mistakenly takes control of hundreds of wallets containing cryptocurrency Ether, destroying them in a panic while trying to give them back

More than $300m of cryptocurrency has been lost after a series of bugs in a popular digital wallet service led one curious developer to accidentally take control of and then lock up the funds, according to reports.

Unlike most cryptocurrency hacks, however, the money wasnt deliberately taken: it was effectively destroyed by accident. The lost money was in the form of Ether, the tradable currency that fuels the Ethereum distributed app platform, and was kept in digital multi-signature wallets built by a developer called Parity. These wallets require more than one user to enter their key before funds can be transferred.

On Tuesday Parity revealed that, while fixing a bug that let hackers steal $32m out of few multi-signature wallets, it had inadvertently left a second flaw in its systems that allowed one user to become the sole owner of every single multi-signature wallet.

Q&A

What is cryptocurrency?

A cryptocurrency is a form of digital asset, created through a canny combination of encryption and peer-to-peer networking.

Bitcoin, the first and biggest cryptocurrency, is part of a decentralised payment network. If you own a bitcoin, you control a secret digital key which you can use to prove to anyone on the network that a certain amount of bitcoin is yours.

If you spend that bitcoin, you tell the entire network that you’ve transferred ownership of it, and use the same key to prove that you’re telling the truth. Over time, the history of all those transactions becomes a lasting record of who owns what: that record is called the blockchain.

After bitcoin’s creation in 2009, a number of other cryptocurrencies sought to replicate its success but taking its free, public code and tweaking it for different purposes.

Some, such as Filecoin, have a very defined goal. It aims to produce a sort of decentralised file storage system: as well as simply telling the network that you have some Filecoins, you can tell the network to store some encrypted data and pay Filecoins to whoever stores it on their computer.

Others are more nebulous. Ethereum, using the Ether token, is now the second biggest cryptocurrency after bitcoin and essentially a cryptocurrency for making cryptocurrencies. Users can write “smart contracts”, which are effectively programs that can be run on the computer of any user of the network if they’re paid enough Ether.

Of course, to many, the purpose is secondary. The only really important thing is that the value of an Ether token increased 2,500% over 2017, meaning some are hoping to jump on the bandwagon and get rich. Bubble or boom? That’s the $28bn question.

The user, devops199, triggered the flaw apparently by accident. When they realised what they had done, they attempted to undo the damage by deleting the code which had transferred ownership of the funds. Rather than returning the money, however, that simply locked all the funds in those multisignature wallets permanently, with no way to access them.

This means that currently no funds can be moved out of the multi-sig wallets, Parity says in a security advisory.

Effectively, a user accidentally stole hundreds of wallets simultaneously, and then set them on fire in a panic while trying to give them back.

We are analysing the situation and will release an update with further details shortly, Parity told users.

Hard fork

Some are pushing for a hard fork of Ethereum, which would undo the damage by effectively asking 51% of the currencys users to agree to pretend that it had never happened in the first place. That would require a change to the code that controls ethereum, and then that change to be adopted by the majority of the user base. The risk is that some of the community refuses to accept the change, resulting in a split into two parallel groups.

Such an act isnt unheard of: another hack, two years ago, of an Ethereum app called the DAO resulted in $150m being stolen. The hard fork was successful then, but the money stolen represented a much larger portion of the entire Ethereum market than the $300m lost to Parity.

The lost $300m follows the discovery of bug in July that led to the theft of $32m in ether from just three multisignature wallets. A marathon coding and hacking effort was required to secure another $208m against theft. Patching that bug led to the flaw in Paritys system that devops199 triggered by accident.

Parity says that it is unable to confirm the actual amount lost, but that the $300m figure is purely speculative. The company also disputes that the currency is lost, arguing that frozen is more accurate. But if it is frozen, it appears that no-one has the ability to unfreeze the funds.

The Parity vulnerability was the result of an incorrectly coded smart contract used by the Parity wallet to store tokens on the Ethereum network, said Dominic Williams, founder of blockchain firm DFINITY. The vulnerability made it possible for anyone to freeze the tokens held by that smart contract, making them immovable. At this time, the only method we are aware of to unfreeze tokens held by the vulnerable smart contract would be to create a new hard fork Ethereum client that deploys a fix. This would require every full node on the Ethereum network to upgrade by the date of the hard fork to stay in sync, including all miners, wallets, exchanges, etc.

Ethereum has rapidly become the second most important cryptocurrency, after Bitcoin, with its price increasing more than 2,500% over the past year. One token of Ether is now worth a little over $285, up from $8 in January.

Read more: https://www.theguardian.com/technology/2017/nov/08/cryptocurrency-300m-dollars-stolen-bug-ether