A SERIES OF VULNERABILITIES FOUND ON EOS!!

I don't know their motivation for publishing the vulnerability. also, the account in OP's pic/link may have NOTHING to do with the authors.
if the vulnerability is confirmed, then the ones who bought EOS are fucked anyway.

Yeah thank his ETH adding have any glaring bugs that cost a bunch of people tons of money and necessitated a hard fork. That’d be embarrassing.

> The DAO was never hacked, EOS was a success right from the start.

i've been saying... they make lots of claims but it's main net is not even out.
ETH has had several years of running main net to work out the bugs
DAO hack was a poorly written smart contract, not a security flaw in ETH's code

no, this is not what a testnet is for. this is what appropriate dev process is for - cardano has it, eos does not

So taking a look at one of the reddit posts. Does anyone know.

> In an attack, an attacker constructs and publishes a smart contract containing malicious code. The EOS super node will execute this malicious contract and trigger a security hole. The attacker then re-uses the super node to package the malicious contract into a new block, which in turn causes all full nodes in the network (alternate super node, exchange reload point, digital currency wallet server node, etc.) to be controlled remotely.

Can anyone confirm if EOS has a wallet server node?
And also does this even make sense?

> What's more, the attacker can turn a node in the EOS network into a member of a botnet, launch a cyber attack or become a free "miner" and dig up other digital currencies.

This seems weird. How do you dig up other currencies? This seems really weird like how is this even possible given the tech?

> Since the system of the node is completely controlled, the attacker can "do whatever it wants", such as stealing the key of the EOS super node, controlling the virtual currency transaction of the EOS network; acquiring other financial and privacy data in the EOS network participating node system, such as an exchange Digital currency, the user's key stored in the wallet, key user profiles, privacy data, and more.

User profiles and privacy data? Is anything ever going to be private on the blockchain? Didn't Larimer claim this would never be possible so why bother?

User profiles and privacy data???

I guess "privacy data" is usually stuff like credit card info and your address ect. Is EOS going to be KYC compliant? Did they just leak this info?

ETH going up boys!

everything is going up.

Holy shit you are technically retarded. All of this stuff is possible if you have a remote code execution exploit. Remote code execution exploit means an attacker can completely take over the machine remotely and make it do whatever it wants. It basically means you can write a virus onto the EOS blockchain that will literally spread through the blockchain and take over any computer running an EOS node that downloads the block. The only thing that may not be possible is stealing customer keys (if the node is from an exchange) because they may not be colocated with the node. They probably will be though.

If I had more time and more desire I would take a wack at writing one that takes over the hashing power of the nodes and uses it to perform a 51% attack against another crypto.