Anji Ismail is the CEO of Varanida, an innovative blockchain project, building a Fair & Transparent Digital Ecosystem to create a better Internet through a decentralized advertising and content solution. Anji will be sharing with us, his commentary on the recent Facebook’s breach and how it could have been avoided.
1) Please tell us your name, about yourself and your experience in the data industry?
Anji Ismail, CEO and Co-founder of Varanida. I’ve been involved for about 10 years in the Marketing & Advertising space, as a founder of DOZ.com, and advisors to several startups. Digital Advertising is all about Data.
2) What is Varanida and what services do you offer?
Varanida is a blockchain infrastructure made for the advertising and publishing industry; allowing:
- web-users to regain control of their private data and monetize their attention if they like to,
- Publishers to better monetize and engage with their audience
- Advertisers to avoid fraud and get better performance from their ads budget
3) Hackers obtained access token for 50 million user accounts on Facebook, how safe are the Facebook Users?
Unfortunately large-scale applications are very complex to maintain and according to Guy Rosen, Facebook’s Vice President of Product Management, hackers consecutively exploited three vulnerabilities that ultimately led to them finding a way of generating access tokens on behalf of other users. With these access tokens, someone could steal all of those users private messages and other sensitive information they provided to Facebook.
4) This seems to be the largest data breach in Facebook’s history, we will like your comment on this.
Absolutely, it’s far worse than their most recent controversy regarding Cambridge Analytica since this hack completely violated everyone’s privacy. While Facebook has been able to patch this issue and expire these stolen tokens, it’s important to understand that this token generation bug enabled these hackers to have unparalleled access to these 50 million accounts since July 2017 – more than enough time to steal all their data.
5) How can Blockchain technology solve this problem of data breach?
While the issuance of access tokens is what ultimately gave these hackers the ability to siphon everyone’s data, it’s important to note that this is a standard means of communicating with APIs and handling authentication on the web. Unfortunately, a series of complications led hackers to find a way of manipulating this mechanism – a result of Facebook’s flawed video uploader and view as feature which lets users see what their page looks like to another user after implementing various privacy rules. While blockchain may not have been able to directly solve this particular issue, as this seems to be a mix of client and server side vulnerabilities, the underlying protocols behind this technology would have enabled a far more secure means of transacting data in such a way that would have limited exposure to sensitive information and likely made it more difficult for hackers to steal.
6) Varanida is creating a whole encrypted and safe “data wallet” will this make it impossible to hack any data and avoid similar cases like Facebook?
There are many layers of communication between an end-user and service provider. It’s our goal to maximize the total security margin throughout the entire lifecycle of data being transacted between two or more parties. While blockchain provides an extremely secure means of storing data on a decentralized network, it’s vital to realize that security starts at the end-users computer and network. If their system is exposed to malware or if their network’s DNS is hijacked, there is very little that blockchain can do to prevent someone from stealing their data. The important takeaway is that blockchain is not the entire solution to preventing hacks like this – it’s simply one incremental improvement to a part of this entire process.
7) How Safe is the Varanida “data wallet” itself, would you like to discuss your security measures?
Varanida Data Wallet is encrypted using AES and the Ethereum wallet private key, which make it impossible to attack using brute force. Only the user can decrypt it and give access to the data it contains. Encryption happens directly in the extension, so the private key doesn’t leave the user’s computer.
8) Could you tell us about your team and customer support?
So far, the team is composed of 12 people. We will be scaling the team and especially pursue our focus on on-boarding people to blockchain technology with as less friction as possible. So designing a simple interface and having customer support service ready is key. For a lot of people this whole world is completely new, so it’s our job to make it easy and safe.
9) Do you have more information for our readers?
I encourage them to download our prototype on Chrome or Firefox (https://varanida.com/download); and if they feel like what we do is good they can support the project by acquiring VAD Tokens (https://varanida.com/vad-token-sale).