Kudelski Security Announces New Insecure Blockchain ‘FumbleChain’ to Teach Hackers About DLT
It is a pretty commonplace idea to think that blockchain technology means protection. Unfortunately, this idea could not be further apart from the truth. Despite the supposition of security, blockchains with exploits can be dangerous for everyone involved.
This is why Kudelski Security has recently announced that it will launch a new blockchain without deliberate flaws. The new project is set to be launched during the Black Hat USA infosec, according to The Next Web’s Hard Fork.
The convention, which is set to happen in Las Vegas, will see the launch of FumbleChain. The whole idea is that the network will be easy to exploit so that hackers can play and try to destroy it.
FumbleChain will have its own “e-commerce” app, FumbleStore, which will serve as a “capture the flag” game. These are games in which hackers compete to try to break into something.
Don’t mistake this idea for actual support for criminals, though. The idea is to educate the “good hackers” on how to exploit decentralized systems in order to find flaws in an easier way and fix them quickly before the “bad hackers” get at it and steal people’s money or information.
According to Nathan Hamiel, the head of cybersecurity at the company, there is a common error in which people think that blockchains are inherently safe when they are not. The technology, in his opinion, is very nuanced and complex, and it is quite easy to create breaches if you are not careful. Because of this, you simply can’t blindly trust it.
While it may seem strange to non-hackers, this kind of approach is actually very common. Many broken apps are released in competitions so that people can try out their skills.
The blockchain will be created using Python as the programming language, mostly because it is considered very easy to manipulate and this will make it easier for the participants to break in and modify the source code of the blockchain.
As soon as some of the hacking challenges proposed by the company are done, more will be added. This will keep the blockchain live for some time while people are trying out their skills.
Kudelski Security has affirmed that the app will also be available as a code repository on GitHub in case someone wants to download and check out the code.
There is only warning, though. According to Kudelski, if you run the program, you might end up putting your own computer at risk. This happens because the software is notoriously broken, so you really should know what you are doing if you want to be a part of this initiative.