I will attempt to explain in laymen’s lingo how blockchains such as Steem which can store and serve media files, could potentially be used to **dramatically improve and decentralize web browser security**. This is illustrating by-example the revolutionary ecosystem applications of decentralized content storage and serving from blockchains such as Steem. ## Securing Money On The Web https://pixabay.com/static/uploads/photo/2016/02/15/23/40/security-1202344_960_720.png The security of our web browser is becoming critical for example when our monetarily valuable credentials (e.g. Steem or online banking passwords) are accessible to the scripts that run in the browser. Although the recent cracking of numerous Steem(it) private keys wasn’t due to a web browser vulnerability¹ (the attacker presumably partook the lowest hanging fruit first), web browser security will remain a threat since for example [the private key for posting to Steem(it) must be always accessible to the web browser](https://steemit.com/steem/@pharesim/bounty-for-completion-of-native-javascript-steem-signer#@theoretical/re-trogdor-re-pharesim-re-mrosenquist-re-pharesim-bounty-for-completion-of-native-javascript-steem-signer-20160802t003022609z) (unless the user will be prompted to type in their password every time they click anything on the site, which would be absurd). ## Centralized Web Security Browsers are vulnerable to XSS (Cross-Site Scripting) attacks which inject the attacker’s scripts inside the site’s scripts. The first line of defense is to employ [careful, tedious programming methods](https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)) to attempt to not commit mistakes which enable the attacker to inject scripts. However these mistakes can still occur, so the second line of defense² is to whitelist only trusted web addresses from which scripts can be loaded for the site; and [disable any other ways to load scripts](https://www.w3.org/TR/CSP2/#directive-script-src). However, this [Content Security Policy standard](https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy) **suffers from the weaknesses of centralization and centralized trust**, because it requires the site to [only load its scripts from a whitelist of web addresses](https://w3c.github.io/webappsec-csp/#fetch-integration) and to trust that the site is always in control over the files served from those web addresses (which can be compromised for example by a hacker or even hypothetically if the certificate authorities for those web addresses are compromised). ## Decentralized Content The aforementioned centralization requirement of browser Content Security Policy could be debilitating for one aspect of future Steemit improvements where we would really like for all the content (including the site’s scripts) to be loadable from any node on the Steem network, so as to squelch the distributed-denial-of-service (DDoS) attacks that had caused recent site outages, to make the system impervious to government take down orders, and other resiliency, censorship-resistance, and scaling benefits. But there is no way in current Content Security Policy to implement such decentralization and insure the scripts are the authentic ones, because current Content Security Policy whitelists only web addresses and doesn’t incorporate any cryptographic signatures. ## Decentralized Web Security The blockchain and cryptography can provide the solution. Since for example the author of Steemit can cryptographically sign the scripts that power the Steemit site and store them on the blockchain, then it should be possible to modify web browsers so they allow a whitelist of allowed scripts based on the public key of the signer of the scripts. Thus for example only the author of Steemit would be able to sign scripts which are permissioned to power the Steemit site and the web browser which loads the Steemit site (from any decentralized nodes of the blockchain) would know to only load resources signed by the author of Steemit. The epiphany is the authority for the scripts that power a site **shifts from a centralized, attackable resource (of web address, web server, and certificate authority) to a decentralized, cryptographically secure signature**. Anne van Kesteren who is the listed author of several web standards documents such as Fetch, [wrote about](https://annevankesteren.nl/2016/07/web-computing) the importance of decentralization in web computing security. > There are two computing models today that have mass-market appeal, are safe-by-default, are app-driven (no OS access), and provide some degree of sandboxing for their apps: Web and Store. The major difference is that Web computing has decentralized publishing (**it would be distributed if not for domain registrars and certificate authorities**) and Store computing is by definition centralized. Decentralizing Store computing is unlikely to ever succeed and I have argued before that such a system cannot reasonably exist as part of Web computing. (Arguably Web computing is a form of centralized computing. Certificate authorities are ultimately grounded in a list managed by the browser or the OS the browser runs in.) ... --------- ¹ The Steem private keys were cracked because the corresponding public keys were publicly accessible on the blockchain which enabled the attacker to run a high-speed dictionary attack, which was effective against users who had chosen a weak password since the entropy of the private keys were derived from the user chosen passwords. In other words, the attacker was able to repeatedly trial potential matches for the users’ password at perhaps millions or billions per second. Normally websites rate-limit login attempts to prevent dictionary attacks (since a human can’t sign-in millions of times per second), but this firewall isn’t possible when the public keys must be public. The only solution was to force users to use a strong password with sufficient randomized entropy. ² [HTTP access control (CORS)](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS) is third line of defense which enables web addresses to whitelist which sites may load their scripts, which seems to be mostly impotent, [complexity smell](https://fetch.spec.whatwg.org/#main-fetch) “security theater”.
post_id | 447,756 |
---|---|
author | anonymint |
permlink | improving-web-browser-security-with-a-steem-like-blockchain |
category | blockchain |
json_metadata | "{"image": ["https://pixabay.com/static/uploads/photo/2016/02/15/23/40/security-1202344_960_720.png"], "tags": ["blockchain", "security", "steem", "steemit", ""]}" |
created | 2016-08-04 16:40:36 |
last_update | 2016-08-04 17:07:51 |
depth | 0 |
children | 17 |
net_rshares | 98,072,153,908,011 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 1,980.832 SBD |
curator_payout_value | 618.466 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 6,347 |
author_reputation | 28,256,027,925,444 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
dantheman | 0 | 29,160,669,764,994 | 100% | ||
steempty | 0 | 7,495,694,547,528 | 100% | ||
smooth | 0 | 27,123,585,085,552 | 100% | ||
justin | 0 | 335,569,790,243 | 100% | ||
tombstone | 0 | 20,983,126,340,286 | 100% | ||
boy | 0 | 3,686,228,519 | 100% | ||
bue-witness | 0 | 4,472,926,044 | 100% | ||
bunny | 0 | 855,908,901 | 100% | ||
complexring | 0 | 2,145,089,033,973 | 100% | ||
bue | 0 | 60,817,686,241 | 100% | ||
chloe | 0 | 2,398,401,156 | 100% | ||
jen | 0 | 2,403,130,763 | 100% | ||
danknugs | 0 | 16,103,207,530 | 100% | ||
steemservices | 0 | 198,315,300,316 | 100% | ||
mini | 0 | 1,976,498,612 | 100% | ||
moon | 0 | 247,873,249 | 100% | ||
kelly | 0 | 50,700,159 | 100% | ||
bentley | 0 | 7,069,350,949 | 100% | ||
recursive | 0 | 2,873,220,296,070 | 100% | ||
smooth.witness | 0 | 4,365,366,416,411 | 100% | ||
pheonike | 0 | 251,904,022,786 | 100% | ||
proctologic | 0 | 18,475,870,803 | 100% | ||
healthcare | 0 | 733,637,503 | 100% | ||
daniel.pan | 0 | 1,055,695,985 | 100% | ||
sophia | 0 | 360,082,568 | 100% | ||
steemrollin | 0 | 696,545,760,380 | 100% | ||
helen.tan | 0 | 344,027,807 | 100% | ||
edgeland | 0 | 90,116,331,297 | 100% | ||
chryspano | 0 | 410,103,551,384 | 100% | ||
sandwich | 0 | 14,563,284,854 | 100% | ||
nastrom | 0 | 5,432,394,301 | 100% | ||
gregory60 | 0 | 9,657,678,604 | 100% | ||
jeff-anthony | 0 | 476,236,712 | 100% | ||
paco-steem | 0 | 409,702,544 | 100% | ||
spaninv | 0 | 4,826,033,916 | 100% | ||
gekko | 0 | 928,420,963 | 100% | ||
nanzo-scoop | 0 | 656,722,332,436 | 100% | ||
daycrypter | 0 | 2,963,585,590 | 100% | ||
cryptocreative | 0 | 1,423,820,333 | 100% | ||
murh | 0 | 1,046,570,959 | 11.33% | ||
viet-ngo | 0 | 405,288,154 | 100% | ||
bogdanberkut | 0 | 7,703,411,275 | 100% | ||
blakemiles84 | 0 | 339,907,329,360 | 100% | ||
johnerfx | 0 | 10,140,645,381 | 100% | ||
jessica-miller | 0 | 7,687,585,329 | 100% | ||
stiletto | 0 | 320,695,928 | 100% | ||
yonatann | 0 | 326,811,345 | 100% | ||
johnerminer | 0 | 768,999,573 | 100% | ||
hendra-khaidir | 0 | 325,111,627 | 100% | ||
bitcoinnational | 0 | 317,097,829 | 100% | ||
ethbull | 0 | 1,609,358,463 | 100% | ||
fuck.off | 0 | 891,181,159 | 100% | ||
iloveporn | 0 | 2,081,617,615 | 100% | ||
the.bot | 0 | 1,140,705,260 | 100% | ||
catchfire | 0 | 23,917,304,507 | 100% | ||
johnbradshaw | 0 | 2,145,660,461 | 100% | ||
the.whale | 0 | 1,765,571,227 | 100% | ||
bacchist | 0 | 34,820,211,952 | 100% | ||
dasha | 0 | 8,254,050,381 | 100% | ||
roelandp | 0 | 229,579,493,820 | 100% | ||
unicornfarts | 0 | 1,672,991,887 | 100% | ||
robrigo | 0 | 43,738,355,950 | 100% | ||
stealthtrader | 0 | 9,330,431,843 | 100% | ||
vote | 0 | 1,765,762,321 | 100% | ||
aidar88 | 0 | 144,060,297 | 100% | ||
jackkang | 0 | 8,330,900,177 | 100% | ||
kissmybutt | 0 | 1,208,231,644 | 100% | ||
lukmanreyes | 0 | 242,030,196 | 100% | ||
ghozia | 0 | 169,033,696 | 100% | ||
autosmile13 | 0 | 5,234,190,952 | 100% | ||
egjoshslim | 0 | 2,428,827,118 | 100% | ||
steemit-life | 0 | 3,078,667,480 | 100% | ||
nam89mir | 0 | 241,556,340 | 100% | ||
incomemonthly | 0 | 1,641,619,458 | 100% | ||
mihserf | 0 | 241,567,492 | 100% | ||
igster | 0 | 20,268,447,987 | 100% | ||
medvedja | 0 | 226,751,562 | 100% | ||
ntomaino | 0 | 32,469,166,345 | 100% | ||
pictorians | 0 | 1,825,385,705 | 100% | ||
gottod | 0 | 212,576,502 | 100% | ||
alexoz | 0 | 331,339,024 | 100% | ||
breathe3000 | 0 | 265,809,763 | 100% | ||
m34ndy0u | 0 | 231,415,584 | 100% | ||
manthostsakirid | 0 | 70,795,059,276 | 100% | ||
delik | 0 | 230,021,278 | 100% | ||
algimantas | 0 | 2,542,292,993 | 100% | ||
konti | 0 | 3,893,079,941 | 100% | ||
lenar79 | 0 | 238,867,644 | 100% | ||
geronimo | 0 | 6,649,282,680 | 100% | ||
firedesire | 0 | 72,224,424 | 100% | ||
elmusic | 0 | 113,844,682 | 100% | ||
frostwind | 0 | 31,774,271,040 | 100% | ||
jl777 | 0 | 100,830,691,863 | 100% | ||
meteor78 | 0 | 155,764,168 | 100% | ||
kakoywhich | 0 | 113,519,910 | 100% | ||
lexinferno | 0 | 122,781,043 | 100% | ||
alsprinting | 0 | 6,112,028,500 | 100% | ||
anonymint | 0 | 27,290,493,366 | 100% | ||
vadim | 0 | 356,384,393 | 100% | ||
ylalina | 0 | 106,540,796 | 100% | ||
passthepeas | 0 | 4,016,622,944 | 100% | ||
winterchan | 0 | 111,912,857 | 100% | ||
zviad | 0 | 101,949,522 | 100% | ||
metaflute | 0 | 811,466,069 | 100% | ||
thegodfather | 0 | 7,750,927 | 100% | ||
thedon | 0 | 308,679,964 | 100% | ||
djdma | 0 | 106,940,171 | 100% | ||
olga83 | 0 | 63,273,934 | 100% | ||
nurik | 0 | 37,127,881 | 100% | ||
mangous | 0 | 64,988,924 | 100% | ||
muizianer | 0 | 64,547,514 | 100% | ||
the-dog-lady | 0 | 163,660,345 | 100% | ||
money247 | 0 | 69,133,385 | 100% | ||
aiaconelli707 | 0 | 60,910,595 | 100% | ||
nonlinearone | 0 | 14,901,793,628 | 100% | ||
ciao | 0 | 13,929,767 | 100% | ||
thebotkiller | 0 | 3,452,994,141 | 100% | ||
steemo | 0 | 8,625,552 | 100% | ||
nixonnox | 0 | 7,040,869,615 | 100% | ||
veryscience | 0 | 5,277,148,267 | 100% | ||
steema | 0 | 1,229,043 | 100% | ||
evgenyche | 0 | 47,542,140 | 100% | ||
confucius | 0 | 11,331,734 | 100% | ||
loveangel | 0 | 1,560,879,719 | 100% | ||
bledarus | 0 | 858,100,902 | 100% | ||
feeltheblade | 0 | 1,229,136 | 0.1% | ||
redddet | 0 | 1,231,439 | 0.1% | ||
jarvis | 0 | 4,990,559 | 100% | ||
mounilos | 0 | 59,158,932 | 100% | ||
kyriacos | 0 | 1,282,774,181 | 100% | ||
thecurator | 0 | 42,124,421 | 100% | ||
andrey000 | 0 | 62,041,691 | 100% | ||
solarguy | 0 | 200,740,486 | 100% | ||
neglect | 0 | 59,480,365 | 100% | ||
alicegrooves | 0 | 78,319,230 | 100% | ||
legio | 0 | 59,419,427 | 100% | ||
bearing | 0 | 161,586,337 | 100% | ||
prophet | 0 | 79,827,907 | 100% | ||
rociorg | 0 | 54,022,549 | 100% | ||
violino | 0 | 34,527,281 | 100% | ||
jimmco | 0 | 3,877,136,425 | 100% | ||
wroman0207 | 0 | 1,029,034,400 | 100% | ||
andrewawerdna | 0 | 15,370,001,802 | 100% | ||
rittr | 0 | 37,161,570 | 100% | ||
traxo | 0 | 59,225,554 | 100% | ||
olegkorban | 0 | 38,250,357 | 100% | ||
brucy | 0 | 33,592,009 | 100% | ||
dragonanarchist | 0 | 53,194,328 | 100% | ||
brianmarriott | 0 | 54,323,739 | 100% | ||
buckshot | 0 | 57,783,809 | 100% | ||
makerblog | 0 | 56,586,467 | 100% | ||
dasfarm | 0 | 51,960,970 | 100% | ||
program3r | 0 | 58,839,722 | 100% | ||
smarit | 0 | 58,833,582 | 100% | ||
tcstix | 0 | 58,800,271 | 100% | ||
simo3222 | 0 | 56,486,699 | 100% | ||
jabongzki | 0 | 57,637,952 | 100% | ||
buzzinginfo | 0 | 57,634,468 | 100% | ||
ihazaname | 0 | 56,479,982 | 100% | ||
ponderingall | 0 | 74,133,237 | 100% | ||
lauraa | 0 | 0 | 100% | ||
anon.patriot | 0 | 0 | 100% | ||
marnee | 0 | 0 | 100% |
Keep up the great work @anonymint Upvoted
post_id | 447,769 |
---|---|
author | redddet |
permlink | improving-web-browser-security-with-a-steem-like-blockchain |
category | blockchain |
json_metadata | {} |
created | 2016-08-04 16:41:12 |
last_update | 2016-08-04 16:41:12 |
depth | 1 |
children | 0 |
net_rshares | 329,044,735 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 44 |
author_reputation | -747,021,898,927 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
soupernerd | 0 | 113,042,716 | 10% | ||
emilyelizabeth | 0 | 8,512,572 | 10% | ||
weenis | 0 | 110,943,408 | 10% | ||
steemitlove | 0 | 2,589,947 | 10% | ||
steemlove | 0 | 2,578,531 | 10% | ||
steemit.tips | 0 | 5,693,317 | 10% | ||
curls4life | 0 | 2,487,187 | 10% | ||
alniskobs | 0 | 2,535,475 | 10% | ||
amboyst | 0 | 2,487,215 | 10% | ||
cheremet | 0 | 2,499,212 | 10% | ||
anarchypory | 0 | 2,516,225 | 10% | ||
angevel | 0 | 2,503,157 | 10% | ||
backetri | 0 | 2,514,345 | 10% | ||
chonesta | 0 | 3,148,246 | 10% | ||
countrytalented | 0 | 2,563,195 | 10% | ||
cozyone123 | 0 | 2,484,323 | 10% | ||
crumaner | 0 | 2,515,361 | 10% | ||
daysaiyan | 0 | 2,497,804 | 10% | ||
daysmega | 0 | 2,497,657 | 10% | ||
daysmega1421 | 0 | 2,518,059 | 10% | ||
dotersvilic | 0 | 2,484,161 | 10% | ||
eternalabove | 0 | 2,468,146 | 10% | ||
antispam | 0 | -10,859,704 | -1% | ||
sugarfromhell | 0 | 2,467,013 | 10% | ||
gaspot | 0 | 2,551,506 | 10% | ||
forgetthefallen | 0 | 2,506,060 | 10% | ||
eleiminer | 0 | 2,494,169 | 10% | ||
etccrap | 0 | 2,460,604 | 10% | ||
abctrade | 0 | 3,282,521 | 10% | ||
yandra86 | 0 | 2,547,368 | 10% | ||
hxclife | 0 | 2,564,069 | 10% | ||
rottennasty | 0 | 2,480,906 | 10% | ||
feeltheblade | 0 | 2,458,272 | 10% | ||
silvesterstay | 0 | 2,444,676 | 10% | ||
joujou666 | 0 | 2,454,783 | 10% | ||
praisenoone | 0 | 2,636,774 | 10% | ||
rickydevil | 0 | 2,633,935 | 10% | ||
softpunk | 0 | 2,502,673 | 10% | ||
redddet | 0 | 2,462,879 | 10% | ||
catirabella | 0 | 2,496,518 | 10% | ||
redredwinewine | 0 | 2,515,375 | 10% | ||
koolaidssss | 0 | 4,891,736 | 10% | ||
jessejamesrock | 0 | 4,972,343 | 10% |
Thank you for the article. Everything is painted in detail!
post_id | 447,771 |
---|---|
author | aidar88 |
permlink | re-anonymint-improving-web-browser-security-with-a-steem-like-blockchain-20160804t164108380z |
category | blockchain |
json_metadata | "{"tags": ["blockchain"]}" |
created | 2016-08-04 16:41:15 |
last_update | 2016-08-04 16:41:15 |
depth | 1 |
children | 0 |
net_rshares | -3,705,983,799 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 59 |
author_reputation | 8,867,021,832 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
heimindanger | 0 | -3,705,983,799 | -100% |
Hi! I am a content-detection robot. This post is to help manual curators; I have NOT flagged you. Here is similar content: https://annevankesteren.nl/2016/07/web-computing
post_id | 447,792 |
---|---|
author | cheetah |
permlink | re-improving-web-browser-security-with-a-steem-like-blockchain-20160804t164233 |
category | blockchain |
json_metadata | {} |
created | 2016-08-04 16:42:36 |
last_update | 2016-08-04 16:42:36 |
depth | 1 |
children | 2 |
net_rshares | -279,892,262,575 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 171 |
author_reputation | 750,854,098,279,735 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
chryspano | 0 | -410,103,570,664 | -100% | ||
omarb | 0 | 117,051,347,306 | 100% | ||
cheetah | 0 | 13,405,541,839 | 30% | ||
cheetah17 | 0 | 81,696,747 | 100% | ||
kalimor | 0 | -338,137,507 | -100% | ||
antispam | 0 | 10,859,704 | 1% |
Looks like a false positive based on similar subject matter to me.
post_id | 451,261 |
---|---|
author | smooth |
permlink | re-cheetah-re-improving-web-browser-security-with-a-steem-like-blockchain-20160804t164233-20160804t203502200z |
category | blockchain |
json_metadata | "{"tags": ["blockchain"]}" |
created | 2016-08-04 20:35:03 |
last_update | 2016-08-04 20:35:03 |
depth | 2 |
children | 1 |
net_rshares | 0 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 66 |
author_reputation | 119,002,354,889,508 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
It seems the small quoted paragraph causes the bot to misbehave
post_id | 453,860 |
---|---|
author | chryspano |
permlink | re-smooth-re-cheetah-re-improving-web-browser-security-with-a-steem-like-blockchain-20160804t164233-20160804t234856903z |
category | blockchain |
json_metadata | "{"tags": ["blockchain"]}" |
created | 2016-08-04 23:48:57 |
last_update | 2016-08-04 23:48:57 |
depth | 3 |
children | 0 |
net_rshares | 0 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 63 |
author_reputation | 1,737,800,828,749 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
we need to fork Brave Browser to integrate Steem Blockchain tech ! latest news about Brave here -> [Forbes Article](http://www.forbes.com/sites/jonathanchester/2016/08/01/blockchain-powered-micropayment-browser-brave-raises-4-5m/#7beeafd27141) good post @anonymint 8]
post_id | 447,812 |
---|---|
author | gekko |
permlink | re-anonymint-improving-web-browser-security-with-a-steem-like-blockchain-20160804t164350413z |
category | blockchain |
json_metadata | "{"users": ["anonymint"], "links": ["http://www.forbes.com/sites/jonathanchester/2016/08/01/blockchain-powered-micropayment-browser-brave-raises-4-5m/#7beeafd27141"], "tags": ["blockchain"]}" |
created | 2016-08-04 16:43:51 |
last_update | 2016-08-04 16:44:39 |
depth | 1 |
children | 2 |
net_rshares | 2,963,801,090,846 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 4.048 SBD |
curator_payout_value | 1.346 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 268 |
author_reputation | 1,183,949,922,229 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
recursive | 0 | 2,873,220,296,070 | 100% | ||
robrigo | 0 | 43,738,355,950 | 100% | ||
claudiop63 | 0 | 36,453,745,848 | 100% | ||
matrixdweller | 0 | 10,388,692,978 | 100% |
What an intriguing, potentially excellent idea you have here! I'd be interested to read more about how that would work in terms of incentives. That would deserve its own post, page me here if you decide to go for it.
post_id | 456,019 |
---|---|
author | recursive |
permlink | re-gekko-re-anonymint-improving-web-browser-security-with-a-steem-like-blockchain-20160805t031145769z |
category | blockchain |
json_metadata | "{"tags": ["blockchain"]}" |
created | 2016-08-05 03:10:36 |
last_update | 2016-08-05 03:10:36 |
depth | 2 |
children | 1 |
net_rshares | 1,319,764,775 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 216 |
author_reputation | 14,565,766,155,244 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
gekko | 0 | 1,319,764,775 | 100% |
do the post @recursive no problem, i want to see what we get from all the community 8]
post_id | 465,626 |
---|---|
author | gekko |
permlink | re-recursive-re-gekko-re-anonymint-improving-web-browser-security-with-a-steem-like-blockchain-20160805t163023321z |
category | blockchain |
json_metadata | "{"users": ["recursive"], "tags": ["blockchain"]}" |
created | 2016-08-05 16:30:24 |
last_update | 2016-08-05 16:32:27 |
depth | 3 |
children | 0 |
net_rshares | 1,319,764,775 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 86 |
author_reputation | 1,183,949,922,229 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
gekko | 0 | 1,319,764,775 | 100% |
Keep up the great work @anonymint Upvoted
post_id | 448,170 |
---|---|
author | feeltheblade |
permlink | improving-web-browser-security-with-a-steem-like-blockchain |
category | blockchain |
json_metadata | {} |
created | 2016-08-04 17:08:39 |
last_update | 2016-08-04 17:08:39 |
depth | 1 |
children | 0 |
net_rshares | 342,470,442 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 44 |
author_reputation | -599,484,250,318 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
soupernerd | 0 | 113,042,716 | 10% | ||
emilyelizabeth | 0 | 8,512,572 | 10% | ||
weenis | 0 | 110,943,408 | 10% | ||
steemitlove | 0 | 2,589,947 | 10% | ||
steemlove | 0 | 2,578,531 | 10% | ||
steemit.tips | 0 | 5,693,317 | 10% | ||
curls4life | 0 | 2,487,187 | 10% | ||
alniskobs | 0 | 2,535,475 | 10% | ||
amboyst | 0 | 2,487,215 | 10% | ||
cheremet | 0 | 2,499,212 | 10% | ||
anarchypory | 0 | 2,516,225 | 10% | ||
angevel | 0 | 2,503,157 | 10% | ||
backetri | 0 | 2,514,345 | 10% | ||
chonesta | 0 | 3,148,246 | 10% | ||
countrytalented | 0 | 2,563,195 | 10% | ||
cozyone123 | 0 | 2,484,323 | 10% | ||
crumaner | 0 | 2,515,361 | 10% | ||
daysaiyan | 0 | 2,497,804 | 10% | ||
daysmega | 0 | 2,497,657 | 10% | ||
daysmega1421 | 0 | 2,518,059 | 10% | ||
dotersvilic | 0 | 2,484,161 | 10% | ||
eternalabove | 0 | 2,468,146 | 10% | ||
sugarfromhell | 0 | 2,467,013 | 10% | ||
gaspot | 0 | 2,551,506 | 10% | ||
forgetthefallen | 0 | 2,506,060 | 10% | ||
eleiminer | 0 | 2,494,169 | 10% | ||
etccrap | 0 | 2,460,604 | 10% | ||
abctrade | 0 | 3,282,521 | 10% | ||
yandra86 | 0 | 2,547,368 | 10% | ||
hxclife | 0 | 2,564,069 | 10% | ||
rottennasty | 0 | 2,480,906 | 10% | ||
feeltheblade | 0 | 2,458,272 | 10% | ||
silvesterstay | 0 | 2,444,676 | 10% | ||
joujou666 | 0 | 2,454,783 | 10% | ||
praisenoone | 0 | 2,636,774 | 10% | ||
rickydevil | 0 | 2,633,935 | 10% | ||
softpunk | 0 | 2,502,673 | 10% | ||
redddet | 0 | 2,462,879 | 10% | ||
catirabella | 0 | 2,496,518 | 10% | ||
redredwinewine | 0 | 2,515,375 | 10% | ||
younlong | 0 | 6,216,110 | 10% | ||
hasherfromhell | 0 | 6,213,972 | 10% |
I [elaborated on why](https://steemit.com/steem/@pharesim/bounty-for-completion-of-native-javascript-steem-signer#@anonymint/re-williambanks-re-williambanks-re-pharesim-bounty-for-completion-of-native-javascript-steem-signer-20160804t115927518z) the above blog may be very important to Steem(it).
post_id | 456,610 |
---|---|
author | anonymint |
permlink | re-anonymint-improving-web-browser-security-with-a-steem-like-blockchain-20160805t040917743z |
category | blockchain |
json_metadata | "{"links": ["https://steemit.com/steem/@pharesim/bounty-for-completion-of-native-javascript-steem-signer#@anonymint/re-williambanks-re-williambanks-re-pharesim-bounty-for-completion-of-native-javascript-steem-signer-20160804t115927518z"], "tags": ["blockchain"]}" |
created | 2016-08-05 04:09:18 |
last_update | 2016-08-05 04:09:18 |
depth | 1 |
children | 2 |
net_rshares | 26,755,385,653 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.026 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 296 |
author_reputation | 28,256,027,925,444 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
anonymint | 0 | 26,755,385,653 | 100% |
My blog post is a hypothetical proposed solution to [this](https://steemit.com/steem/@karnal/hackmoar-hindering-attackers-coming-and-kidnapping-my-outrageously-armored-resources): > The wallet code which underpins the whole security of your account is sent to you by the server(s) belonging to steemit. > If the server has been compromised, an attacker can modify the code said server is sending to your browser.
post_id | 480,823 |
---|---|
author | anonymint |
permlink | re-anonymint-re-anonymint-improving-web-browser-security-with-a-steem-like-blockchain-20160806t182702445z |
category | blockchain |
json_metadata | "{"links": ["https://steemit.com/steem/@karnal/hackmoar-hindering-attackers-coming-and-kidnapping-my-outrageously-armored-resources"], "tags": ["blockchain"]}" |
created | 2016-08-06 18:27:00 |
last_update | 2016-08-06 18:27:00 |
depth | 2 |
children | 1 |
net_rshares | 0 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 414 |
author_reputation | 28,256,027,925,444 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
And a follow-up to [a challenge](https://steemit.com/killer-app/@jimmco/what-can-be-the-next-blockchain-killer-app#@jimmco/re-anonymint-re-jimmco-what-can-be-the-next-blockchain-killer-app-20160806t194547790z) to my proposal: >> even distributed data can be compromised when keys are stolen. In general my impression is that we are still moving security rather than solving security > The [tree (chain) of trust](https://steemit.com/blockchain/@dan/steemit-releases-groundbreaking-account-recovery-solution#@anonymint/re-dan-steemit-releases-groundbreaking-account-recovery-solution-20160806t180656742z) can probably solve that.
post_id | 481,938 |
---|---|
author | anonymint |
permlink | re-anonymint-re-anonymint-re-anonymint-improving-web-browser-security-with-a-steem-like-blockchain-20160806t195614590z |
category | blockchain |
json_metadata | "{"links": ["https://steemit.com/killer-app/@jimmco/what-can-be-the-next-blockchain-killer-app#@jimmco/re-anonymint-re-jimmco-what-can-be-the-next-blockchain-killer-app-20160806t194547790z"], "tags": ["blockchain"]}" |
created | 2016-08-06 19:56:12 |
last_update | 2016-08-06 19:56:12 |
depth | 3 |
children | 0 |
net_rshares | 0 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 630 |
author_reputation | 28,256,027,925,444 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
@anonymint Is there any recommendations you have for client side protection? I'm talking besides the normal stuff; OS updates, patches, AV, client side FW, ect.
post_id | 457,159 |
---|---|
author | wroman0207 |
permlink | re-anonymint-improving-web-browser-security-with-a-steem-like-blockchain-20160805t051409115z |
category | blockchain |
json_metadata | "{"users": ["anonymint"], "tags": ["blockchain"]}" |
created | 2016-08-05 05:14:06 |
last_update | 2016-08-05 05:14:06 |
depth | 1 |
children | 1 |
net_rshares | 968,502,964 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 160 |
author_reputation | 683,037,337,302 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
wroman0207 | 0 | 968,502,964 | 100% |
Well without getting into general client-side precautions a user might do, and in addition to the points I've already made, I have another idea for what Steemit could do. That is make all interactions with the "owner" or master private key password take place on a different domain so Content Security Policy and the browser sandbox can protect those interactions against cracks due to user-generated content which [@dan mentions](https://bitcointalk.org/index.php?topic=1567519.msg15840117#msg15840117) as an additional current vulnerability of Steemit compared to Blockchain.info. Edit: this was [previously suggested](https://steemit.com/steem/@karnal/hackmoar-hindering-attackers-coming-and-kidnapping-my-outrageously-armored-resources) as a "standalone app".
post_id | 480,361 |
---|---|
author | anonymint |
permlink | re-wroman0207-re-anonymint-improving-web-browser-security-with-a-steem-like-blockchain-20160806t174441492z |
category | blockchain |
json_metadata | "{"links": ["https://bitcointalk.org/index.php?topic=1567519.msg15840117#msg15840117"], "tags": ["blockchain"]}" |
created | 2016-08-06 17:44:39 |
last_update | 2016-08-06 18:29:54 |
depth | 2 |
children | 0 |
net_rshares | 0 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 764 |
author_reputation | 28,256,027,925,444 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
👍nice post @anonymint
post_id | 460,842 |
---|---|
author | meteor78 |
permlink | re-anonymint-improving-web-browser-security-with-a-steem-like-blockchain-20160805t112932611z |
category | blockchain |
json_metadata | "{"users": ["anonymint"], "tags": ["blockchain"]}" |
created | 2016-08-05 11:29:36 |
last_update | 2016-08-05 11:29:36 |
depth | 1 |
children | 0 |
net_rshares | 0 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 21 |
author_reputation | 184,312,824,942 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
great job!
post_id | 462,449 |
---|---|
author | djdma |
permlink | re-anonymint-improving-web-browser-security-with-a-steem-like-blockchain-20160805t132540809z |
category | blockchain |
json_metadata | "{"tags": ["blockchain"]}" |
created | 2016-08-05 13:25:42 |
last_update | 2016-08-05 13:25:42 |
depth | 1 |
children | 0 |
net_rshares | 0 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 10 |
author_reputation | 5,813,590,592 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |
I feel safer after reading all this. Thx
post_id | 463,303 |
---|---|
author | paco |
permlink | re-anonymint-improving-web-browser-security-with-a-steem-like-blockchain-20160805t141804367z |
category | blockchain |
json_metadata | "{"tags": ["blockchain"]}" |
created | 2016-08-05 14:18:03 |
last_update | 2016-08-05 14:18:03 |
depth | 1 |
children | 0 |
net_rshares | 0 |
last_payout | 2016-09-04 14:23:54 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 SBD |
curator_payout_value | 0.000 SBD |
pending_payout_value | 0.000 SBD |
promoted | 0.000 SBD |
body_length | 40 |
author_reputation | 19,349,362,753,909 |
root_title | "Improving web browser security with a Steem-like blockchain" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 SBD |
percent_steem_dollars | 10,000 |