Trustworthy vs Trustless Apps

https://whyy.org/episodes/in-science-we-trust/

In the wake of the hearings about Facebook’s new Libra blockchain, it is more important than ever that we all understand the difference between trustworthy and trustless apps. A trustworthy app is an app whose developers are known and trusted by the community. The developer’s reputations and businesses are on the line, so it motivates …

Read more

Snyk Security Review

snyk logo

We recently integrated Snyk into Qvault as a way to get more visibility into known vulnerabilities in Qvault’s codebase. Snyk has already patched a critical vulnerability in lodash for us. This allowed us to continue releasing new versions before the official fix for lodash was published a few days ago. We can’t speak to whether …

Read more

Secure Random Numbers in Node JS

http://thehobbyts.com/fun-dice-games-ultimate-list/

Randomness is a hard problem for computers. Most functions that generate randomness are not considered cryptographically secure. What this means is that it’s possible for attackers to take a good guess at what number a non-secure randomness generator generated. In the case of guessing a randomly generated private key, for example, this can be catastrophic. …

Read more