416-479-0074

Best Laid Plans: Security and Cryptocurrency

Best Laid Plans: Security and Cryptocurrency

cryptocurrency illustrated

Even though it’s comparatively old news I still remain utterly fascinated by cryptocurrency. Thinking about the concept and its mechanics never fails to be a mind-expanding exercise. But recent events have shown that, no matter how pie-in-the-sky the new economy and its currency gets, it can still be brought down by something quotidian: security.
 
In this case, too much of it. Quadriga, a cryptocurrency trading platform based in Vancouver, collapsed in late January, due to the company’s inability to access its investors’ funds. To summarize how that works, very loosely: In order to reduce the prospective damage from being hacked or otherwise compromised, cryptocurrency exchanges frequently keep the majority of their investors’ funds in “cold storage” — a heavily protected, offline, virtual holding pen. When trades are scheduled, the funds are moved into a “hot” (i.e. internet-connected) “wallet”; once the trade is complete, the new total is moved back into cold storage. 
 
As part of Quadriga’s security measures, only one employee knew the password to unlock cold storage: founder Gerald Cotten. This worked well enough for the company until the 30-year-old director died unexpectedly while on holiday in India on Dec. 9. Quadriga held back the news for a month while they tried to extract $190 million CAD of its increasingly impatient investors’ money from the clutches of their own security measures. Cotten’s widow ransacked his devices for anything that might look like a password. An RCMP I.T. specialist was put on the case. And then, it gets complicated.
 
“A report released late Friday by court-appointed monitor Ernst and Young […] indicated six so-called cold wallets used to store digital assets offline have been found, but all of them are empty. […]
The monitor also found 14 user accounts on the QuadrigaCX platform that were “created outside the normal process,” using a number of aliases.

More important, the accounts were created internally “without a corresponding customer and used to trade on the Quadriga platform,” the monitor reported. […]

Transaction data indicates there was a significant volume of activity associated with these accounts, including withdrawals of cryptocurrency to wallet addresses not associated with Quadriga, the report says.

The monitor said it remains unclear how the accounts were used and whether the recipients of the withdrawals can be identified.”
 
Nova Scotia (the case’s jurisdiction) has gotten the Supreme Court involved, and between that body and Ernst & Young, have managed to trace and extract around $30 million so far from a handful of other exchanges that have been found to be holding transactions on behalf of Quadriga. But an untold amount of investors’ money may just be gone.
It’s hard to tell how much of this is actually hinky, versus the standard murkiness of trying to deal with crypto. As time passes, things do seem to be getting clearer: I’m glad the unpleasant rumour that Cotten faked his death to escape creditors has now been disproven. The unprecedented nature of not only the company itself but its current troubles means that it’ll likely be slow, careful going for a while. A lesson we regular-type investors can draw from this? A (block) chain is as strong as its weakest link. If that link is impenetrable… the blockchain is out of luck.

Bias and Animal Behaviour, Or: Your Cat May Not Be a Psycho

bias towards cat behaviour

I found myself the in the GTA a couple of weeks ago, talking up our David & Sons barbecue sauce at local heroes Seed to Sausage’s new location. After a long day’s work meeting, greeting, and (facilitating) eating, I decided against the long drive back to the DFC ranch. Instead, I stayed overnight at my middle son, Ben’s, apartment. He and my daughter-in-law are cat people, and they have a beautiful, friendly calico kitty named Margaret — or so they insist. I couldn’t tell because she manifested to me as a white, black, and orange streak that went under the bed at warp speed. We figured she smelled Samson and Jill on me or otherwise knew I was a friend of canines and traitor to cat-dom.
 
I was struck by how little I know about cats in relation to dogs, simply because I live day-in-day-out with the latter. Indeed, I might even have been tempted to call Margaret a psychopath due to her behaviour. Erroneously, it turns out: Sarah Zhang over at The Atlantic has an interesting take on why that might be the case. And it has a lot to do with our human priorities.
 
“There’s always an implicit comparison when we talk about cats as aloof little jerks, says Mikel Maria Delgado, a postdoctoral researcher on cat behavior at the University of California at Davis. And that comparison is with dogs, which humans have spent thousands of more years domesticating and molding in our image.

‘We like things that remind us of us,’ Delgado told me. ‘We like smiling. We like dogs doing what we tell them. We like that they attend to us very quickly. They make a lot of eye contact.’

Cats, she pointed out, simply don’t have the facial muscles to make the variety of expressions a dog (or human) can. So when we look at a cat staring at us impassively, it looks like a psychopath who cannot feel or show emotion. But that’s just its face. Cats communicate not with facial expressions but through the positions of their ears and tails. Their emotional lives can seem inscrutable — and even nonexistent — until you spend a lot of time getting to know one.”
 
Additionally, some have argued that, where dogs are attached to people, cats are attached to places. What we humans see as another check mark in the They-Secretly-Hate-Me-And-Want-Me-Dead category, is simply a result of how cats socialize — and really just serves to uncover our bias as pack animals (like dogs!).
 
Though I have a newfound empathy for cats, having spent the night as the target of Margaret’s Eye Beams of Discomfort, I’m still resolutely Camp Dog. Though, in the long run, it may come back to, um, bite me. Where do your loyalties lie, dear readers? Dog, cat, or fabulously Other?

HP and the Ink-based Shenanigans

ink and ink based drawing

Here’s some fun, dystopic-sounding news from the realm of the Internet of Things. HP, a printer manufacturer that DFC frequently encounters in the offices we service, has been sliding alarmingly towards 1984-type control over inkjet printers and components used by its consumers. (For example, in March of 2016, HP pushed a seemingly harmless security update to users of their OfficeJet and OfficeJet Pro printers. Hidden within that update was a timed code that went off six months later, that caused printers with the security update to stop recognizing non-HP ink cartridges. And then, after being found out, they did it again!)
 
This time, HP has hidden sneaky-sneaky DRM in its Instant Ink subscription packages. Instant Ink involves “renting” ink cartridges to a user for less than what it would cost to buy — unless (here’s the catch) the user goes over a monthly page limit, which is when they get hit with substantial fees.
 
Josh Hendrikson wrote about his experience with his Instant Ink subscription over at How To Geek, and underscored how weird and predatory the whole thing feels.
 
“According to the math, I’m the type of person who can benefit the most from HP’s Instant Ink program. I’m getting more ink for less money than if I had gone a traditional route […] But there’s a secondary cost. I’m left afraid to use my printer for the one reason I have it — printing. It’s a strange proposition that every time I go to print, I now feel the need first to check if I have enough pages left in my plan. It’s like asking HP for permission to use my printer. And if I don’t ask nicely enough, I’ll pay extra or, worse, they’ll take my ink away. And it’s not actually my ink: HP’s instant ink recycling page spell this out clearly […]

I can’t think of anything else in my house that works this way. My couches don’t have an allotment for sitting time, and I don’t need to continually pay the furniture store a fee for the right to use their cushions. I don’t fear that if I fail to pay my cushion subscription the store will take them away, leaving me with a cushionless couch.”
 
While I recognize the need for a company to preserve the way that it actually makes its money, I don’t like these underhanded tactics. As Hendrikson writes, there’s a very specific consumer this program should work for: a person who, a) when they print hard copies period, b) does so to an inkjet printer. (I myself print rarely, and it’s been years since we had an inkjet on the premises.) To me, this smacks of a company realizing their product is rapidly becoming obsolete, and grasping at anything that will keep the relationship monetized — no matter if it hurts the consumer in the long run. We at DFC strive to avoid that kind of relationship with our partners, the clients. It makes far more sense to look to the future with our clients’ needs!

Pasta Patents: Technology on your Plate

patents for pasta

Theoretically, spring is supposed to arrive this month, but in DFC’s snowy neck of the woods, winter continues to close its icy grip. I’ve been fighting back with the most powerful weapon we cold-climate-dwellers have: comfort food!
 
Chilis and soups are high on my list, but in this nastiest of months,  nothing beats the world’s most perfect starch: pasta.
 
As an enthusiast of both pasta and technology, I was fascinated by a recent collaborator article on Smithsonian.com (via the always amazing BoingBoing). The profile, by Elizabeth Chu and D. Lawrence Tarazano of the U.S. Patent and Trademark Office, outlines the impressive history of machine-made pasta shapes.
 
Traditional Italian culture has developed more than 1,300 (!) different shapes of pasta. A similarly staggering number of patents have been required to replicate — and surpass — some of the most popular shapes. And it’s been a complicated process.
 
Pastas formed by hand have been the most difficult to replicate by machine because of the complexity of the actions done by hand. Cavatelli, gnocchi and orecchiette, for example, are made by rolling pasta dough by hand into a long snake shape, cutting it into equal sized dough pieces, and dragging the dough to form a cup-like shape. […]

Italian inventors Franco Annicchiarico and Adima Pilari, who received U.S. patent no. 4,822,271 on April 18,1989 for ‘an improved machine for manufacturing short cut varieties of Italian pasta (orecchiette, etc.),’ developed a machine for making these cupped pastas. Comprised of three units, this patented invention allows users to feed the machine with pasta mix that later extrudes into sticks of pasta. Those sticks are then ‘cut into cylindrical pellets,’ and finally, three rollers flatten, curl, rotate and form the pasta into a cup shape.”
 
Other noodles (like those for lasagna or ravioli), are subjects of patents for rolling and folding machines, and still others (like spaghetti or macaroni), for extruding machines.
 
It’s staggering to think of such a simple, handmade food being taken into the future on the wings of the most technical of documents. (Indeed, the far future: pasta company Barilla has a roster of 3D printed pastas of which they’ve staked intellectual ownership!) But however many heights they scale, all fanciful kinds of pasta will end up the same: inside the human stomach, converted to human energy. My favourite comfort food remains humble, even on the cutting edge of tech!