Info security consultant here

Been doing infosec for twenty years, got into bitcoin late (last year of course when it went 20,000)

I've done some hardening for blockchain nodes and am looking at hardening ethereum nodes mainly for my own personal development / entertainment.

I'm just curious, what aspects of security matter to you? Have you got any questions about blockchain security that I might be able to answer?

Just general blockchain info security discussion I guess. Anyone else on this board in the security racket? ama etc.

Attached: 1551060094015.jpg (697x360, 85K)

Other urls found in this thread:

jpmorgan.com/country/US/en/Quorum
twitter.com/SFWRedditImages

do you test new blockchains for their bounty programs? seems like it'd be a goldmine if you new your stuff

I see a lot of people using hardware wallets now. Why is that superior to my method which I've been using since 2012: offline Linux laptop with cold wallet stored on paper?

Seems like these hardware wallets lead to a lot of SFYL while I've never lost a single satoshi. What's your take OP

>do you test new blockchains for their bounty programs? seems like it'd be a goldmine if you new your stuff

No, I'm not a vuln / bounty hunter. Most of my work is defensive - hardening, deploying intrusion detection, malware analysis / response, secure application development.

I'm not really a pen tester per se.

Also, most of the shitcoins - I doubt they have bounty programs. The one I hardened certainly didnt.

My experience is most alt-coins don't even want to think about security.

Money wise - ERC20 audits might be worth getting into, but I'm not sure ETH is going to actually make it right now, so I'm not going to study them.

BTC is my main HODL if thats instructive.

>I see a lot of people using hardware wallets now. Why is that superior to my method which I've been using since 2012: offline Linux laptop with cold wallet stored on paper?

I agree with you. In my book you're doing it right. Based on years of analysing systems / projects for security gaps I'm in no hurry to add another layer that could go tits up (the hardware, the firmware)

I think hardware wallets are a meme, but im no expert on them.

>cold wallet stored on paper?

of course, you have a fireproof safe user? If you have a decent amount thats what you should invest in.

Want to build a Ethereum private network (quorum based) between 5 separate companies. How does one organize/secure communication of eth nodes between the networks of those companies?

Another question if you'd allow.
Want to create a JPM Quorum based system inside a company. How does one deal with private keys, given the whole point is that employees use them to make transactions that are supremely auditable.

I can't rely on them remembering them. I don't want to rely on some centralized system that would be breachable by a single malicious actor breaking the auditability guarantees which are the main selling point.

Attached: 1548803400615.jpg (820x1024, 108K)

How math heavy is cybersec/info sec? Also how much comp sci would one need to know? I'm doing a commerce/info systems degree at uni and really interested in networking/cybersec, but i'm worried i'm aiming too high

OP might have departed. Oh no.
Please don't go OP.

Attached: 1548425788085.jpg (111x80, 3K)