Why blockchains are not anonymous and how to get more women in cybersecurity
Cyberinsights Weekly #39
She leads tech, but what about infosec?
Everyone in tech knows that there is a skew towards male tech professionals. Efforts are made to include more women by campaigns such as “She Leads Tech” by ISACA. You might have seen those posters in large tech companies.
But what about women in cybersecurity? There are no large scale initiatives to include more women in cybersecurity. There is, in fact, a funded organisation: Women In CyberSecurity (WiCys) that has been in existence for 10 years, trying to get more women in cybersecurity. It is based in the US and not very much is known outside of the US.
It is time every one of us cybersecurity professionals made an effort to be more gender inclusive. And frankly, given the resource crunch, can we even afford to be anything else?
Share this with someone you know will like this and discuss it with you…
Yo blockchain so public…
Of late, I have been reading a lot about de-anonymisation of blockchain.
Most of us have an inherent belief that blockchains are anonymous. Everyone is just a hexadecimal wallet ID on the blockchain. No one knows who owns that wallet. We even generate IDs for individual transactions, so as not to link transactions to one wallet!
It’s easy to believe this. See this sample transaction from Blockchain.com. It is just one hex number transferring BTC to another hex number!
This article on Wired about bringing down the world’s biggest child abuse site is an eye opener, not just about the horrible things that happen on the dark web, but also about busting the myth that blockchain transactions are private.
After this article, everyone is talking about de-anonymous blockchains. Bruce Schneier referred to it in his blog.
Companies like Chainalysis and elliptic conduct analysis of blockchains and provide data about ownership of blockchain wallets.
And come to think of it, once a wallet ID is linked to a physical person, nothing can erase that connection! This requires a lot of thought leadership from us, cybersecurity professionals. For example, how does it connect with the right to be forgotten? If I had conducted a dubious transaction on the blockchain when I was young and foolish, how can I prevent it from coming back and haunting me?
We need more thought leadership and published articles from cybersecurity professionals and policy makers alike!
If you want to get out of the routine and think about cybersecurity in depth every week, subscribe to CyberInsights. We publish only once a week and only two distilled topics.