Concise and informative. Currently if someone steals your house key they can pinch a few items from your home. What you describe represents the thief's possession of your key giving them complete ownership of your house and all its contents with little remit for recovery.
And that the legal greyzone it is all in. Obviously it is some form of stealing, but is it? The law hasn't yet been applied fully to the whole Web 3.0 so.
Also seems like a good way to get framed by another hacker for their misdeeds and considering powerful organizations tend to delete their mistakes and put it on others, IE buy/sell things under your identity and/or use it as a mule/intermediary for their own finances.
@@MalwareTechBlog no worries....my dumbass had a trezor and everything. I put my private key in a text field anyway lol... It was an erc20 token that like 10x'ed in a few weeks after launch. I got the tokens from an ICO with about 3 ETH($900 in value at the time) that I bought for like $11 a ETH in january '17, so technically I only lost like $35 lol.....it wasn't all my holdings so 2017 was still a great year for me 😆
Blockchains are cool in some ways, and they might end up proving to be useful, but I am almost certain its usefulness is still going to depend on centralized trust. I know a lot of people really want decentralization...but I'm pretty sure it's literally impossible to build a system that is both decentralized AND safe/secure/reliable/efficient.
Bro you are so soft spoken! EDIT: I think the only thing you can do about this is give people the CHOICE to use a specific-service based, centralized wallet (with the benefits of the humans to support you in fraud etc) or self-custody (minimal fraud support).
Been in crypto for about 2 or so years in the DeFi (Decentralized Finance) space, and I agree. Just the sheer amounts of hack thats taken place with multi million dollars worth of money lost at this point. A question I have is how exactly do you fix this web3 thing? I agree with your last point that's right now, there's no real way of it to be secure, but it's definently an interesting question to think about.
5:20 Re: IoT: it also does not help that in many cases industrial HW engineers were in charge, and because "security is easy, we don't need anyone extra for it". We've seen what security HW engineering (or basically anyone NOT in security) results in: WEP. And all the factory/etc industrial compromises.
One thing to consider is the approach society has set up for physical theft. Especially something like gold. This is where insurance, minting, storage and limits on movement have helped. Gold still gets stolen, melted and sold on but there’s still measures we as a society have taken to reduce the likelihood, not eliminate it entirely. With that said, I completely agree with your adoption point. Web3 is nowhere near technology for the masses and a ‘normal’ person should stay clear for a while.
I agree with you. And your explenations are prefect! You deserve more views and subs, especially for your fame in the cybersec area. I feel like nobody knows you are a content creator!
The information was good and very informative. However, I never saw a video in RU-vid with so much ads as this one, for 11 mins of video at least 15 ads...🤔
Amazing video, keep them coming. Constructive feedback: While the information delivered is great, the production could go up. The video ends in three dots, I checked my browser to make sure it didn't bugged. Don't know if you are interested in making RU-vid a job, however if you do, you should pay more attention on some of these minor details, because damn, you do have a lot to offer and you are worth watching.
Glad to see someone else sharing the same ideas about web3. Cheers on the video. Tried to argue something similar last year and been shutdown immediately... especially on the security layers for transactions and money.
IoT security is a dumpster fire. The majority of IoT device manafacturers are trying to make devices as cheaply as possible. Security is a cost so it gets ignored.
Another horrible thing that's even worse than losing a few crappy shitcoins is losing your KYC ( your proof of identity) to hackers because the exchange that you went through was insecure or reselling customer data.
Something else to note is that even though exchanges may hold on to tokens if they end up getting hacked or just want to steal your coins there's nothing stopping them from not having to pay you back.
just thinking of the top of my head u could enforce a sort of insurance like policy where if your key gets stolen and your money gets taken then its your fault and nothng can be done but what if simiilar to insurance they said u have to have a hardware wallet and register it or something and if your money still gets stolen or whatever then they will assist u which then puts the security onto the user themselves aswell. how they would help u idk cus like id imagine yur the only person with the key and its a peer to peer thing but idk just a thought
Thank you for the is video, love your channel. I have some different idea to share regarding web3, mainly about the weakness of “not your key not your money” that you referred. It’s true in bitcoin, but in some other newer innovations, there are well written smart contracts can deal with this type of problems. For example, you can pre-define a set of wallets your friends or family or whatever you trust, they can be a pool of people vote on approving a transaction on your wallet when you lost your private key. There is also time delay build in so you can vital the transaction if it’s invalid or vesversa. I am just hoping these type of innovation can be widely adopted by mainstream, vs all the ico and nft hypes.
Decentralized ID tackles the security problem within web3 technology. thanks to DID only the person can decide what information he or she wanna share. And the problem of tracking and selling personal data (what corporations do!) disappears! Fractal ID is a great player in this market, for example. Here the user dispose of his info. And it should be so - this IS security
I'm kinda going through a faze where I live just because of my online purchases. It is akin to Stock Market Candles and the tranaction speed or just outright misuse of company info about me. Terrible when my card is locked and it is a weekend.
I convinced my mom to invest a thousand dollars into crypto. Overnight the money in her wallet disappeared. I keep blaming myself for it because she was very skeptical about it and the money was kinda hard to come by tbh at the time. It's scary in the crypto space
Do you think that the limitations proposed by Web3 will spark things like crypto phishing insurance for consumers? Web3 is pushing for a more wild wild west culture like Web1. But the problem is that from our history, this has led to bad results.
It's possible that security could be enforced through the insurance side, but that depends on whether insurance companies are willing to take on the huge risk required to insure high value assets that aren't recoverable.
@@MalwareTechBlog Also adding real world asset insurance into Web3 would create a offramp from inflated Web3 asset prices, so the ones doing it would probably not be in the game for long.
Woah, These are some genune concerns here! and ummm I never thought of them... Cause all these Defi protocols seems quite secure. For example , D/Bond(Debond), Its an amazing platform for trading and they developed ERC 3475 protocol which is the most secure Defi protocol. Maybe you could tell me more about it??
I have a fair few counter arguments to play devil advocate (because you make so great points), but main point is that if we implement web3 and provide resources to people on sec, we will build a stronger level of sec at the user level. The human is usually the weakest link, but they can also be the strongest link. Give people the right training and they will pick up on oddities and possible hacks that computers might miss. Bringing that to web3, if we help users to be trained in sec, then we can have a much stronger user level and controlled sec. Humanity grows with technology, we've seen it before many times. There will always be teething problems with new tech, but we always eventually adjust.
In the case of the recent Solana wallet hack the back end of a wallet was hosting an unencrypted /unsalted json file with over 8,000 WIF keys. 😂 Imagine.
It's also extremely bad for the environment, crypto transactions require a lot of energy. and don't call me uncool because I said that, I am just concerned about the future. I also don't like the idea of the Metaverse, think about it: What a poor society do we have to be to create another world just to escape from reality, instead of solving the problems we really have.
You are seeing this from a very privileged point of view. Sure banks in the developed world can do lots of good things. But crypto allows people who migrate to keep the funds safer than a pouch on the balls, or being able to buy digital dollars where its illegal to do so. Also sending remittances to family instantly and virtually free compared to existing options. When there is a war, the first thing that happens is banks disabling withdraws. There are lots of good things in web3, but I agree that we must improve the UX and safety. Also using crypto is not exclusive. You can keep using your banks. Diversify your finance is key.
While a lot of those things are true this video was focused on the security of web3 and why it's a farce. Not that the actual protocols that run on it are useless themselves.