Iota time to get out


#1

Get out of iota quick, it’s a shitcoin,Cryptographers Urge People to Abandon IOTA After Leaked Emails
By Morgen Peck
Posted 27 Feb 2018 | 17:00 GMT
A series of blue lock on a computer screen with one read one unlocked
Photo: iStock Photo
This past weekend, multiple prominent security researchers and academic cryptographers took to Twitter to paint a big black mark on the cryptocurrency project, IOTA. The posts implore investors not to hold the currency and researchers not to collaborate on enhancing the security of the system.

An outcry was triggered shortly after a chain of private emails sent among the IOTA team and a group of external security researchers was made public, exposing the developers’ response to the disclosure of a critical flaw in one of their cryptographic building blocks. The correspondence, which ended with vague threats of legal action by IOTA founder, Sergey Ivancheglo, against a member of the Boston University security group, has prompted many academic researchers to deonunce the entire project.

Among those speaking out against the IOTA team is Matthew Green, an applied cryptographer at John’s Hopkins University, who is himself one of the original architects of a popular cryptocurrency, Zcash.

If you want a postcard summary of why you should avoid the Iota project — with your brains and your money — this conversation is it. pic.twitter.com/lc8pR41M2W

— Matthew Green (@matthew_d_green) February 23, 2018
At stake is one of the most sucessful cryptocurrencies in the blockchain space. IOTA has a market capitalization in excess of 5 billion US dollars, as measured by the website coinmarketcap.com, making it the tenth-largest cryptocurrency in existence, in terms of user investment.

The coin has been around since 2015. It has been marketed by its inventors as an improvement on blockchain architecture (in which there are, in fact, no blocks) that allows for free transactions at a larger scale than Bitcoin. Advocates for the technology have positioned it as a technological enhancement for the Internet of Things. They envision a future in which machines use the IOTA network to make microtransactions with one another.

However, there are many in the community who argue that the system, which today relies on the activities of a central operator called a “coordinator,” is not as decentralized as advertised. Those who adhere to this line of thinking—people like Rick Dudley, a blockchain architecture advisor and consultant in New York City—note that the team behind IOTA has made it especially difficult for outside researchers to evaluate the technology.

“Basically, what they have done is written some source and papers that only describe part of the system. The rest of the system is secret. Which is completely antithetical to blockchains,” says Dudley.

The most recent controversy seems to have begun with an honest attempt at transparency: Last summer, the IOTA team invited a group of security researchers from the Digital Currency Initiative at MIT to look for vulnerabilities in the system.

Upon inspection, the team, led initially by Ethan Heilman, a security researcher at Boston University, did indeed find a problem. The researchers disclosed to IOTA that the hash function they were using, which was an in-house concotion called Curl, was broken. Weeks later, the inspectors published their finding in an initial report.

Ultimately, IOTA developers took the advice of the academics by swapping out their own experimental cryptographic device for a vetted alternative.

However, the email chain among the IOTA team and the researchers at DCI reveal a tense and acrimnious unfolding of events behind the scenes. The upshot: IOTA disputed the researchers’ claims and ultimately suggested that their publication amounted to academic fraud.

Similar accusations have spilled out onto Twitter.

He should be scared, there are lawyers working on that already.

— Come-from-Beyond (@c___f___b) February 19, 2018
Since the emails were released, a debate has raged over social media about which side looks worse. Plenty of commenters are coming to the defense of IOTA, sometimes while fully acknowledging their positions as investors.

Regardless of which side wins in the court of public opinion, it is becoming clear that the IOTA team, by displaying antagonism to the process of responsible vulnerability disclosure, has lost the support of professional cryptographers and security analysts.

“I think the emails were extremely embarrassing for the IOTA project. They should convince anyone that IOTA lacks the technical leadership or, simply, the maturity to build their product,” says Dan Guido, the CEO of Trail of Bits, a security consulting firm with expertise in blockchain technology.

And this is not a great look for a cryptocurrency. The security of these systems depends at least in part, on participation by outside groups, who make an academic pursuit of finding vulnerabilities.

It would seem that IOTA will not be able to count on their help going forward. Several professional cryptographers, including Dionysis Zindros, a PhD candidtate at the University of Athens, have signaled their intention to stay away from the project entirely.

Given the shameful behavior of the IOTA organization against Matthew Green and Ethan Heilman threatening legal action against reputable researchers, I pledge not to responsibly disclose any security findings I’ve been looking into regarding IOTA and urge people to stop using it.

— Dionysis Zindros (@dionyziz) February 25, 2018
One lingering question is whether the hostility demonstrated by IOTA team members will cause security researchers to reassess the risk of working with companies in the blockchain space altogether.

Guido, from Trail of Bits, says security consultants are well acquainted with the legal risks that come with giving companies bad news.

“As security researchers, we’ve had to deal with far more hostile companies and projects in the past,” he says.

In the case at hand, there are things the researchers at DCI could have done better, however. According to Guido, the whole process may have gone more smoothly had they used a third party to communicate with IOTA.

“DCI made some rookie mistakes too, and this is generally why, in other industries, security researchers will hand off bugs to a vulnerability coordinator, like a CERT, to report on their behalf,” says Guido.

But will his company shy away from blockchain clients simply because one deal in that space went rotten?

“I saw the whole thing, and no this does not change how we approach working in the space,” he says.


#2

Does IOTA have any utility at the moment or is it just a speculator token?


#3

Link source instead of just copy/pasta :slight_smile:


#4

Hey dude I don’t care, copy/paste find original documents, source writer it’s not my problem, I don’t own any , but I don’t want to see hard working people like myself getting involved in a shitcoin and losing their hard earned money. Stay well away and find find something that will increase in value, like icx or eos or enj coin or loopring , but not iota xrp or dogecoin. Silmple, if you don’t believe me I don’t care , don’t say you weren’t warned…thank you


#5

Okay mister super cool :poop:


#6

Meh I’m no super cool, but I do actually research coins and find information, unlike others that just jump at green candles and follow like sheep at every comment or shill. Buy all the iota you can , get a house loan and buy more, even mortgage your car and all possessions, I don’t care less. I don’t own any and I recommend that nobody else does in the foreseeable future, but each to their own. Good luck with that…


#7

Wow that swagger of a 13yo CoD player must make you the talk of the playground!!

I never argued that anyone should keep or buy IOTA… I don’t even like IOTA and I never did…

I just asked for a link… Chill dude


#8

Why act weird when you just had to provide a simple link? Jesus…


#9

Look at his name. Dramu=Drama

@Dramu1 - Your comment here in regards to people asking you for a link to your source are out line. When ever you post information like this you should post a link to the source.

Your part comment about following green candles like sheep is just non-sense and hypocritical. Its hypocritical because your making fun of and telling people not to follow those that you consider shillers but yet you are asking anyone who reads your article to do the same.


#10

Clowns wear all types of uniforms. In his case he dresses like shit.


#11

I wonder why OP had to ruin such a nice well researched Thread with his dumb, immature, and salty replies.


#12

I agree 100% with you and @jtf7 we try to create a community that teaches and promotes information sharing and research and this is what we get.


#13

His profile picture matches his personality at least.


#14

When ppl were having trouble with iota’s wallet, I choose not to invest.


#15

Are you DOUG POLK? :see_no_evil:


#16

My friend … Whaaaat are you doing? Why you saying stuff like that, why you disrespect other people and their work? There is only one person who actually reveals and review coins and shows directions where we go and what we buy because He is the Capitan. I don’t know why you doing this, but for me is definitely too far, and you cross the borders.
If you would be a Patron you would know much more, some bits behind the scene of Iota.
True research starts from blank paper not with paradigmat which you confirm with FUD.
We all have bad days, and that could be yours, so I would recommend apologizing for that.


#17

Let’s not be too hard on the poster and give him the benefit of the doubt. It’s always good to alert people to red flags. Sure it could all be just FUD. Actually, that was my first reaction. After all iota is taken seriously by many important players in the IOT space, including Volkswagen and the city of Taipei (can’t remember for sure).
Their tangle tech is very intriguing and although I haven’t invested myself, I’ve been keeping a close eye on the project.
Let’s continue to observe what will develop. Controversies in the crypto space are nothing new.


#18

It was advised for everyone to read this article which shows the huge conflict of interest the members of the DCI have because of some of their own projects:

To be fair, I believe @Dramu1 posted the article in good faith…afterall…its from the ieee…the IEEE…THE I freaking triple E!!! :scream::star_struck:

Unfortunately the title was misleading and the article probably wasn’t checked out properly. Its definitely a one-sided “clickbait” article. Expected better from the I freaking triple E. Ah well…

I myself am thinking of investing in a little IOTA…should I?


#19

Fudsters typing it out…

When the FUD a flowing you know where she’s going 2 tha MOON!


#20

Let’s face it, the internet of things is going to be HUGE. I wouldn’t doubt that iota has a decent shot at being a major player. Personally, I’ve invested in Walton Coin. I really like this project. If interested, check out the 3 part youtube by Boxmining on this subject. I’ve also read their whitepaper and I’m a big fan.