Skip to main content

Featured

Binance joins Neo Council, 2.1 million NEO used to secure two Top 21 positions

Binance Staking has secured two positions on the Neo Council. At the time of press, Binance has voted with approximately 2.1 million NEO to secure its places in the Top 21. Binance is the world's largest custodial exchange with nearly US $9.07 billion in 24-hour volume, according to CoinCap.io. Binance Staking is a service that allows users to earn distributions offered on proof-of-stake or other networks that distribute rewards to participants. The platform provides two types of staking: flexible and locked. Flexible staking offers fewer rewards but allows users to move the underlying assets at any time. Locked staking requires users to deposit a token for a specific time frame but provides higher yields. For example, a minimum of 0.01 NEO locked for 15, 30, 60, or 120 days will earn increasing yields of 5.79%, 7.49%, 8.79%, and 13.56% (made in GAS distributions), respectively. In the announcement post, Neo Global Development said "Binance Staking's new membership in the ...
Post a Comment
Read more

Bitstamp Needs To Start Encrypting Emails


Although bitcoin exchanges are doing what they can to ensure customer data and funds are being kept safe at all times, the same cannot be said for the way they communicate. Emails sent by Bitstamp are not subject to encryption, neither by the exchange owners themselves nor when the email is in transit. Kraken, on the other hand, uses GPG to encrypt all of their email communication. Is this is a situation Bitcoin exchanges will need to address in the future?

Encryption is Important, Bitstamp!
Every time someone receives an email from Bitstamp, the information contained in this message is not encrypted. While this may not be much of an issue for confirmations regarding deposits, it could prove to be a major problem when withdrawing funds from the Bitcoin exchange.

Similar to how most exchange platform in the world, users who withdraw funds will receive a confirmation via email regarding this action. Bitstamp asks users to click a particular link to confirm withdrawal requests. And having this information unencrypted could allow hackers to gain more information about the account holder’s balance and Bitcoin address on Bitstamp. Not the kind of information users wants out in the open.

But there is an even bigger worry regarding this scenario, as this also means password reset emails aren’t encrypted by Bitstamp either. This would allow hackers to use a man-in-the-middle attack and intercept the email. Or if they prefer to do so, they could send fake emails to the account holder redirecting them to an entirely different site in hopes of obtaining account information.

None of these scenarios might take place in the near future, but Bitcoin exchanges will need to step up their communication encryption game sooner rather than later. Not encrypting the information related to one’s account is not acceptable in this day and age, and should be resolved quickly.

Not setting up encryption for emails on behalf of Bitstamp is a threat when sending documents to the company as well. Submitting a scan of an ID or utility bill to the company will have to be unencrypted as well, allowing assailants to intercept this data without spending much effort to see the information contained in the message or its attachments.

Comments

Post a Comment