Most Institutional Investors Expect to Increase Crypto Exposure by 2023
Sunday, October 17, 2021
A survey found that 82% of institutional investors expect to increase their exposure to crypto and digital assets by 2023.
The study by Nickel Digital Asset Management surveyed institutional investors and wealth managers from the U.S, U.K., France, Germany and the UAE, Institutional Asset Manager reported. Nickel Digital Asset Management did not say how many institutional investors were surveyed. Additionally, four out of 10 respondents said they would increase their crypto holdings dramatically, with fewer than one in 10 saying they would reduce their exposure.
Among reasons for increasing exposure, 58% cited the long-term capital growth prospects of crypto and digital assets. Over a third of respondents said it was because of either feeling more comfortable with the asset class (38%) or the improving regulatory environment (34%).
A recent example of the latter was a new law in Germany permitting "special funds" – the dominant institutional investment vehicle in the country – to hold up to 20% of their portfolios in crypto. Some estimates suggested as much as $415 billion could flow into the space should every fund allocate their maximum quota to crypto.
Most Institutional Investors Expect to Increase Crypto Exposure by 2023
With so many people using the internet, it makes sense for a business to tap into digital. Find out what opportunities exist and how a website, videos or social media could help you reach your goals.
Saturday, October 9, 2021
Taking your business online offers a lot of opportunities, but with so many options, it's easy to spin your wheels and lose focus. Setting specific goals can help as you begin to navigate the digital world.
Let’s take a look at all the options for launching your business online:
- Local listings
- Social media and video
- Websites and mobile apps
There are many options when it comes to using digital tools, and technology is always changing. Websites and social media can be used to reach existing and potential customers. You can use these channels to get your messages to as many people as possible. Using emails and apps, you can choose who gets which message and when. So when you want to reward regular customers or gather feedback, an app or an email will do the job. A map could help new customers find your business.
Search engine marketing (SEM) is different to search engine optimisation (SEO). In SEM, the business pays to enter an auction. They then bid for advertising space on a website, and whoever wins gets to show their search ad. Tagging keywords within your content could increase the chance of your website appearing higher up in search engine rankings. This is called search engine optimisation (SEO) and is a free way for Hamish to reach more potential customers.
Analytics can tell you a lot of things about how people interact with his website, like which parts are popular and where the user is coming from. But without asking the user, analytics can't find out if there is anything specific they don't like.
Using this data, users can draw conclusions and then adapt his approach. For example, if lots of people access his site from a mobile device, he could make sure his website is responsive, or launch mobile-friendly display ads.
From websites to local listings, mobile apps to social media, there are lots of ways to be found online. If a website is the best fit for your goals, you'll need to have a basic grasp of how they work. Even more importantly, having design and usability best practices under your belt will help you build a website that tells your story well, and allow your customers to find what they need.
Find out what opportunities exist and how a website, videos or social media could help you reach your goals.
Let's celebrate 8 years of Creative Tim with our special Anniversary Bundle! Take advantage of 96 Front-end & Back-end Premium Products and save up to 80% OFF. Hurry up - Closes tomorrow ⏰
Saturday, September 25, 2021
Last Day of Anniversary Bundle!
Let's celebrate 8 years of Creative Tim with our special Anniversary Bundle! Take advantage of 96 Front-end & Back-end Premium Products and save up to 80% OFF. Hurry up - Closes tomorrow ⏰
React Bundle - $99
Develop faster and easier with our Premium UI Kits & Dashboards based on React, NextJS, and React Native.
https://www.creative-tim.com/product/buy/bundle/react-bundle
Angular Bundle - $99
Develop faster and easier with our Premium UI Kits & Dashboards based on Angular.
https://www.creative-tim.com/product/buy/bundle/angular-bundle
Vuejs Bundle - $99
Develop faster and easier with our Premium UI Kits & Dashboards based on Vue.js and Nuxt.js.
https://www.creative-tim.com/product/buy/bundle/vuejs-bundle
Bootstrap Bundle - $99
Develop faster and easier with our Premium UI Kits & Dashboards based on Bootstrap.
https://www.creative-tim.com/product/buy/bundle/bootstrap-bundle
Other Bundles
https://www.creative-tim.com/product/buy/bundle/mobile-bundle
https://www.creative-tim.com/product/buy/bundle/laravel-bundle
Let's celebrate 8 years of Creative Tim with our special Anniversary Bundle! Take advantage of 96 Front-end & Back-end Premium Products and save up to 80% OFF. Hurry up - Closes tomorrow ⏰
We'll share best practices and our vision for customer engagement in the years to come. And of course no Twilio keynote would be complete without big product announcements, cutting edge demos and a live coding experience
Friday, September 24, 2021
Join us (for free!) as CEO Jeff Lawson and a lineup of industry-leading brands including Peloton, Procter & Gamble, ServiceNow, Intuit, Allianz Direct, The Trevor Project, AXA, Electrolux, Catal, inc., and many more explore what it means to become a digital first company. This year’s keynote will focus on how businesses can connect with their customers on any channel, empower their sales and service employees, and personalize any customer experience at scale.
NEW SPEAKERS ANNOUNCED
Vipin Ravindran
VP of Engineering, Byjus FutureSchool (WhitehatJr)
Dara Treseder
SVP, Head of Global Marketing & Communications, Peloton
Yasuhiro Kunimoto
Product Manager, Developer, Uluru Co.Ltd
Heather McGhee
New York Times Best-Selling Author
David Ng
Chief Strategy, Digital and Data Officer at AXA
Masumi Kawasaki
CTO of Catal, inc.
Marianna Tessel
Executive Vice President & Chief Innovation Officer, Intuit
Amit Paley
CEO & Executive Director, The Trevor Project
Laura Malinsky
Global Head of Operations, Allianz Direct
Free & All-Access Tickets
It’s completely free to get a SIGNAL Explorer pass, which includes livestream access to the keynote and new product announcement sessions.
Or with an upgraded All-Access pass, you’ll get to stream all 75+ breakout sessions live and on-demand for a year, participate in Superclass Developer Training, connect one-on-one with Twilio product experts eager to answer all of your questions, and you’ll get a conference gift kit filled with Twilio swag delivered to your front door.
TWILIO SIGNAL Customer & Developer Conference
Socios
Friday, September 17, 2021
We love what we do
We work with some of the most prestigious sports teams in the world, and we act like one. We think, train and play to win, enjoying every second of the game.
Our values
Engage
Talking to fans is what we love to do - all day, everyday. After all Socios.com was born by the desire to engage fans from across the globe.
Transparent
The inspiration was blockchain technology and we ran with it. From our CEO, who loves social media, to club polls, we’re an open book.
Fast
Sports and Crypto move at lightning speed. And so do we. We constantly push ourselves and our partners for better, quicker results.
We’re fans too!
We are a bunch of sports mad and crypto nerds ourselves. That is why we love what we do so much. We owe it to ourselves too!
Work hard. Play hard(er).
It’s a lifestyle. Working at Chiliz & Socios.com is demanding, but incredibly rewarding and fun.
SOCIOS
DreamozTech Tokens
Brave Swap Rewards Program
Friday, September 17, 2021
With the upcoming release of the new Brave Wallet, we will be launching the Brave Swap Rewards Program, a new program that will allow swap users to recoup 20% of their swap fees. This post will describe this program, and the current plans for how we intend to implement it.
We recently announced the introduction of Brave Swap in the current Brave Crypto Wallet, an important milestone from the BAT Roadmap 2.0. The upcoming release of the new unified Brave Wallet for desktop and mobile will provide millions of people with an introduction and access to web3, emerging financial protocols, and new Brave Rewards.
Brave Rewards will be integrated into the Brave Wallet, providing users with options to modify their Rewards experience, new views into their earned and contributed BAT for the current month, and access to statements from previous months.
Program overview
Similar to MetaMask and other DEX swap service providers, Brave receives a small percentage of each Brave Swap as a fee for providing the service. We will allocate up to 20% of each month’s total Brave Swap fees to the Swap Rewards Program.
Brave Swap users who are opted into Brave Rewards will receive a monthly rebate for 20% of their Swap transaction fees, in the form of BAT.
Opting into Brave Rewards also enables Brave Ads by default, providing the ability to earn additional BAT while browsing the web.
Swap Rewards distribution
Brave will fund the Swap Rewards Program from up to 20% of the total monthly Brave Swap revenue. Brave will from time to time purchase BAT with USD equal to 20% of the swap fees from the many tokens and coins we receive each month for use in the program. The BAT purchases made by Brave will be added to a Swap Rewards section in the Brave Transparency Report.
Users participating in the Brave Swap Rewards program will receive a rebate equal to 20% of their fees collected from their Brave Swap transactions.
Swap Rewards users that have not verified their Rewards wallet with a partner wallet service (like Uphold, Gemini, etc.) will be eligible to claim virtual BAT for their monthly Swap Rewards to use within the Brave Rewards ecosystem.
Rebates for Swap Rewards users that have verified their Brave Rewards wallet will receive their BAT rebates as direct deposits into their verified Rewards wallet.
The Brave Swap Rewards Program will be subject to important terms and conditions that will be found in our terms of service on brave.com once the program launches.
Conclusion
Participants in the Swap Rewards Program earn BAT both from the Rewards private ads system and via the Swap Rewards rebate that effectively reduces swap fees.
We’re excited to introduce additional opportunities to earn BAT through the Brave Swap Rewards Program. We plan on providing further updates about the Program start date as we prepare the new Brave Wallet release, and appreciate and look forward to engaging and receiving feedback from the Brave and BAT Community.
Brave Rewards
DreamozTech Tokens
What it was like inside Microsoft during the worst cyberattack in history
Thursday, September 16, 2021
Microsoft president Brad Smith describes the chaos inside the tech giant during the SolarWinds hack.
While the KGB may have collapsed with the Soviet Union in 1991, its long shadow still quietly serves its homeland through new 21st-century digital forms and tactics, especially in cyberspace.
When the Communist Bloc splintered, so did the KGB. Two new agencies were born: the Foreign Intelligence Service of the Russian Federation (SVR), a spy agency tasked with gathering intelligence, and the enforcement arm, the Federal Security Service (FSB), which is charged with security. Both conduct espionage and counterintelligence.
In the waning months of 2020—a particularly arduous and painful year for the entire world—the SVR threw a wet blanket on an already dampened holiday. Headquartered in a sprawling office complex in southwest Moscow, its buildings from the outside look like a typical modern office park in the suburbs. A close equivalent to the U.S. Central Intelligence Agency (CIA) the SVR manages from these buildings its global espionage and external counterintelligence operations, including electronic surveillance in countries around the world. These days, this includes a wide variety of cyber activities. And not unlike the tech companies in similarly sprawling campuses across the United States that employ our best and brightest technology minds, the SVR has a large and experienced staff of talented cyber professionals.
Inside Microsoft we use obscure elements from the periodic table to classify and code-name different nation-state actors that are engaged in cyber activity. Within our own cybersecurity ranks, the SVR is called Yttrium, a metallic rare-earth and toxic mineral found in the Earth’s crust.
Yttrium is one of the most sophisticated cyberthreats for many of our customers, as well as for Microsoft itself. And instead of conducting its clandestine efforts in back rooms and through dead drops, this 21st-century successor to the KBG often does its work by penetrating computer networks owned by private enterprises and citizens around the world.
WHY THE SOLARWINDS ATTACK WAS SO DEVASTATING
Yttrium’s latest threat hit my radar in the form of an instant message on the last day of November 2020, asking if I had “five minutes for something kind of urgent.” The message came from Tom Burt, our vice president responsible for a wide range of cybersecurity issues. I knew from more than two decades of working with Tom that he was typically calm and understated, two key qualities when dealing with crises. I knew that Tom’s “kind of urgent” was likely an alarm bell.
I quickly ended a meeting to talk with Tom. He reported that we had been approached by FireEye, one of the leading cybersecurity firms, for help with what looked like a serious cybersecurity breach it had suffered. As Tom explained, the early indicators pointed to Yttrium, a finding later confirmed by the White House.
In the coming weeks, this initial report would lead cybersecurity experts to pursue a digital trail that uncovered the attempted hacking of dozens of sensitive computer networks around the world, including Microsoft itself. By January 2021, The New York Times reported that “the U.S. government was clearly the main focus of the attack, with the Treasury Department, the State Department, the Commerce Department, the Energy Department, and parts of the Pentagon among the agencies confirmed to have been infiltrated.” But those weren’t the only targets. At Microsoft we identified dozens of impacted organizations, including other tech companies, government contractors, think tanks, and a university. The impacted countries spilled beyond the United States to include Canada, the United Kingdom, Belgium, Spain, Israel, and the United Arab Emirates. In several instances, the network penetrations had lasted for several months.
The attack quickly became the broadest confirmed penetration of U.S. government and tech sector computer networks. While cybersecurity experts would give the attack a variety of names, including Solorigate and Sunburst, the public would mostly read about it with reference to the Texas company whose software was hijacked to stage the initial attacks—SolarWinds.
But what to make of all this? Was it, as some on Capitol Hill suggested, a Russian “act of war” or a “digital Pearl Harbor”? Or was it just “espionage as usual,” as some in the intelligence community countered. In my view, it was neither.
Its importance is difficult to overstate. The cyberattack provided a “moment of reckoning” that demonstrated technology’s inherent strengths and weaknesses and illustrated the degree to which it had become both a defensive tool and an offensive weapon. And perhaps more than anything, it showed the world how much work we must do to manage all the implications of inventions that are remaking the century in which we live.
But all this requires putting things in perspective. Even before the attacker’s identity was apparent, anything that potentially involved FireEye was a big deal. FireEye is one of the world’s most sophisticated cybersecurity firms. Its CEO, Kevin Mandia, is one of the country’s leading cybersecurity experts, having started his career as a computer security officer in the Air Force before founding his own security company that FireEye eventually acquired. If this leading security company had been penetrated, it almost certainly took an incredibly sophisticated attack. And if the SVR had made it through FireEye’s defenses, it likely was succeeding elsewhere.
RESPONDING TO THE ATTACK
Yttrium had long represented an important area of focus for the engineers at the Microsoft Threat Intelligence Center, which we call MSTIC (pronounced “mystic”). An elite unit itself, MSTIC constantly focuses on identifying and combating emerging cybersecurity threats. It relies on a combination of the world’s best technology and engineers to sift through the 6 trillion electronic signals that flow into our data centers every day. It’s a combination that places MSTIC in the top tier of a cybersecurity ecosystem responsible for protecting the security of not just Microsoft’s network but the company’s government and business customers and much of the world’s critical infrastructure.
For centuries, governments have engaged in espionage and counterintelligence operations. One of the unusual hallmarks of our digital era is that much of this daily fencing today also involves tech companies. It’s MSTIC’s job to hunt for new intrusions and cyberattacks from Yttrium and other nation-state actors. Yttrium also occupies a particularly significant position at the top of the cybersecurity arena. Long known not just for technical sophistication but operational persistence, Yttrium has succeeded in a way that few can match in penetrating sophisticated computer networks and operating undetected for prolonged periods of time.
One challenge was that Yttrium had become more difficult to track. As 2020 was winding down, however, it appeared that Yttrium had reemerged with renewed fervor. If Yttrium had broken into FireEye and elsewhere, it would be important to push the intruders out of the affected networks before they could extract more information. And we wanted MSTIC to learn as much as it could about Yttrium’s new methods before it covered its tracks. One of the ironies of this type of cyberattack was that it represented both a successful espionage coup for an attacker and, once identified, a new opportunity for a defender to spot tactics, techniques, and procedures that could help identify and thwart other ongoing or future attacks.
One key was to move fast and with as many responders as possible. Microsoft’s Security Response Center (MSRC) quickly activated its incident response plan. The MSRC is part of Microsoft’s Cyber Defense Operations Center, where a team works 24/7 and can call on security professionals, data scientists, product engineers, and customer support experts throughout the company to respond rapidly to security threats.
Once we started to work with FireEye, it was clear that this was not a typical case of a sophisticated attacker breaking into just a few computer networks. The attackers had installed a small piece of malware into the update code of a network management program called Orion, a product of SolarWinds. The Orion software was used by roughly 38,000 enterprise customers around the world. When customers installed the update on their on-premise servers, the malware installed as well. As FireEye reported, the malware would connect to what is known as a command-and-control (C2) server. The C2 server could then give the connected computer “jobs” that included the ability to transfer files, execute commands, profile a system, reboot a machine, and disable system services. This meant the attackers suddenly had a backdoor into the network of every customer that had updated the Orion program.
This approach put at risk the software supply chain across the economy and around the world. The immediate questions became: How many enterprises had installed the Orion update, and hence the malware, on their networks? And how quickly could this backdoor be closed?
At Microsoft we quickly mobilized more than 500 employees to work full time on every aspect of the attack. Other tech companies scrambled into action as well. Given the potential breadth of the incident, Microsoft CEO Satya Nadella convened a meeting each evening of our most senior security leaders to run through the day’s work, what we had learned, and what we needed to do next.
It didn’t take long to appreciate the importance of effective technical teamwork across the industry and with the U.S. government. Engineers at SolarWinds, FireEye, and Microsoft immediately began working together. The teams at FireEye and Microsoft knew each other well, but SolarWinds was a smaller company dealing with a huge crisis, and the teams had to build trust quickly if they were to be effective. The SolarWinds engineers shared the source code for their update with the security teams at the other two companies, which revealed the source code of the malware itself. The technical teams in the U.S. government swung into fast action, especially at the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security.
The digital nature of software and the global reach of the internet quickly came into play. Like a pendulum, they swing in both directions. The attackers had turned code into a weapon that was distributed globally through the internet via the SolarWinds update. But with the source code for the specific malware identified, we had a signature, like a digital fingerprint, that we could look for on desktop and server computers. FireEye published this signature for organizations around the world to access.
At Microsoft, we added this signature in an update to our Windows Defender Antivirus program, which customers use to monitor, identify, and remove malware across an organization’s network and computers.
Many customers also share their Defender data with us, which provides an ongoing picture of where specific malware is installed. Within 48 hours we created a map of the world that lit up every location where SolarWinds’ Orion program had been updated with the malware. The map revealed the broad vulnerability around the world and especially in the United States.
The teams at FireEye and Microsoft worked a bit like 21st-century counterparts to Sherlock Holmes. Each day they added digital clues that could be used to uncover Yttrium’s trail. And with each step they took, they picked up more information to uncover Yttrium’s bad acts and how we might thwart them.
Each evening, John Lambert, MSTIC’s leader, reported on the day’s findings. As he explained, the defensive response to a successful cyberattack always needs to answer two initial questions: How did the attacker gain entry, and what network credentials did the attacker obtain? Until we had the answers to both questions, there was no way we could push the attackers out of the affected networks.
THROUGH THE BACKDOOR
As the security teams studied the infection, they discovered that the malware in the Orion software initially created a backdoor in a company’s network but otherwise lay dormant for two weeks, so as not to create any network log entries that would call attention to itself. It then reported information about the network it had infected to a command-and-control server that the attackers had registered and was being hosted in the United States by the tech firm GoDaddy.
If a target network was of interest to Yttrium, the attackers then took a second step. They entered through the backdoor and installed additional code on the organization’s server, in effect opening a window to connect to a second command-and-control server. This second server, unique to each victim to help evade detection, was registered and hosted in a second data center, often on Amazon Web Services’ (AWS) cloud. As John Lambert explained, Yttrium carefully “cleaned up after itself,” closing the backdoor to GoDaddy and using the open window connecting to a service such as AWS instead. As we identified the customers impacted by these second-stage attacks, teams of specialized Microsoft engineers—our cybersecurity hunters—worked to help customers search for and close these windows.
As the security teams at FireEye and Microsoft studied the source code shared by SolarWinds, they discovered that the code installed on the initial command-and-control server at GoDaddy had a “kill switch” that would automatically shut off the malware on an organization’s server under specific conditions. Armed with this knowledge, the security teams worked together to transfer control of the C2 server from GoDaddy to Microsoft, activate the kill switch to turn off any ongoing or new uses of the malware, and identify any organizations that had computers that continued to ask the server for instructions.
This effectively stopped the attackers from using their malware to enter additional networks. While this type of action often marks the climax of cyber battles, in this case the attackers’ technical sophistication meant that it was just the start of some of the most frenetic work. Because Yttrium had already entered multiple networks and opened new windows, we still needed to identify additional impacted networks, learn what Yttrium was doing inside them, find and close the open windows, and force out the attackers.
As the hunting teams pursued Yttrium, they learned that the attackers typically looked for new ways to drill deeper into the impacted networks. Like intruders inside a house, they turned off the equivalent of any security cameras, such as event logging tools and in some cases antivirus software.
They then began scanning the network for the software keys that would give them access to the home’s most precious possessions. Most often, the attackers looked for the accounts of network administrators who had elevated privileges, meaning access to information across an organization’s network.
They then looked for the passwords for these accounts, which unfortunately some customers had stored in an insecure way that was easy for the attackers to find.
With password in hand, the attackers could move from a server located on premises, such as in an organization’s server room, to its other network assets, including in the cloud. Yttrium typically looked for information that would advance its espionage efforts, including an organization’s email, documents, and other digital assets such as source code or the tools that security experts use to identify and combat potential network intrusions. For some organizations, this included emails and documents in Microsoft’s Office 365 cloud service.
Once MSTIC identified the tactics, techniques, and procedures used by the attackers as they accessed Office 365, our threat hunters could scan our cloud services to identify the telltale patterns that a customer had been compromised. Using this method, we identified 60 customers that had been victimized by the attacks.
DIGITAL FIRST RESPONDERS
This led to the next phase of our response, as security experts worked as digital first responders to help the victims. Microsoft employees notified each of these 60 customers and offered information about the attack and the technical indicators we had identified that would help them start their own investigations.
Given the importance of the SolarWinds intrusions, the responsibility for our largest enterprise customer notifications fell on Ann Johnson, a longstanding cybersecurity leader who previously had led our Detection and Response Team (DART). We referred to DART as “the Microsoft cybersecurity team we hope you never meet” because it contacts customers if they have suffered a cyberattack. In this case, some of our smaller customers took that attitude to heart a bit too literally. After answering the phone and hearing someone explain they were from Microsoft calling about a cyberattack, some responded angrily to what they believed was a hoax.
Naturally, our engineers put an extremely high priority on investigating any potential intrusions into Microsoft’s own network. While at first there was no indication that we had been targeted, deeper digging by more people identified that Microsoft, too, had been a target.
This work revealed a limited presence of malicious SolarWinds code on Microsoft’s internal network, as well as other attempted activities. For example, we found unusual activity with a small number of internal accounts and we discovered one account had been used to view source code in a number of source code repositories. This did not enable the attackers to change any source code, and we found no evidence of access to production services or customer data. The investigation also found no indications that our systems were used to attack others. Ultimately, the implementation of cybersecurity best practices had limited the impact, but the intrusion was sobering nonetheless.
In many respects, Yttrium’s work represented one of the most sophisticated cyber intrusions we had ever seen. The attackers in many instances wrote customized code for a specific network and went to great lengths to cover their tracks. As our experts noted, the work reflected a high level of technical expertise and execution.
But equally notable was the operation’s scale. Yttrium had deployed large teams of engineers who acted with patience and persistence. In many instances, they recognized that the ultimate target, such as a U.S. agency, likely had strong security protection in place. So they began by targeting trusted third parties of these agencies, such as an IT service company that might have access to an agency’s network. Once inside this company’s network, they could seek to identify the account of an employee who had access to a government network and try to obtain that individual’s password. And once equipped with that password, they could then look to jump into a government network itself.
The attackers shrewdly used American data centers to help cloak the attacks. Because the NSA has the authority to scan only foreign activity but not computers in the U.S. itself, we surmised that Yttrium used U.S.-based servers at GoDaddy, AWS, and other smaller U.S. providers to host its command-and-control operations and evade detection.
Put together, all this illustrates the degree to which cyberthreats have intensified around the world. Ultimately, the new attack illustrated publicly what can be accomplished if a government builds a large organization that attracts top-tier technical talent and uses that capability to launch a sustained cyberattack. And it showed how much technology has changed not just the relations between nations but the nature of the tensions—and even hostilities— this can create.
THE HARD WORK AHEAD
As the digital trail led to more information about what had happened, even bigger questions emerged. What did the attack say about network vulnerabilities and the global state of cybersecurity protection? How could the tech sector and the government better protect the country and the world?
By February 2021, congressional committees had summoned witnesses to Washington, D.C., to answer these and similar questions. The Senate Intelligence Committee, led by Senators Mark Warner and Marco Rubio, led off with a lengthy Tuesday afternoon session, where I sat at the witness table next to FireEye’s Kevin Mandia and SolarWinds’ new CEO, Sudhakar Ramakrishna. (They also summoned Amazon, but it refused to participate.) The three of us took turns answering questions in person, an exercise we repeated three days later in a virtual joint hearing before the House Homeland Security and Oversight committees. Both hearings examined not only what had happened but also what steps needed to be taken to prevent such attacks in the future.
An initial conclusion is that the world needs to modernize technology infrastructure and broaden the use of cybersecurity best practices. This includes work by the companies that create software to better harden the software “build process” and every part of the software supply chain, to help prevent the insertion of malware into a software update.
The hearings on Capitol Hill hammered home that it will take governments and tech companies working together to secure the world’s digital infrastructure. While this can start with stronger protection for government networks themselves, it must reach well beyond the public sector. We need to broaden awareness and encourage expanded adoption of cybersecurity precautions, and tech companies like Microsoft must make it simpler and easier for customers to understand and use the security protections we create.
As we look to the future, it’s apparent that the next decade will be defined in part by issues like international norms for governments and practical steps to strengthen our cybersecurity defenses. Technology in some respects has created a more dangerous world. A country like the United States can no longer rely on large oceans to separate it from its rivals. The internet has made everyone each other’s next-door neighbor. And software that can be used for espionage can equally be used as ransomware or a weapon to disable a nation’s electrical grid or water supply. Ultimately, it’s easier to send code into battle than troops and missiles.
None of this changed overnight or because of a single development. But with successive changes over the past decade, two things have become clear: We live in a world remade by technology, and we must grapple with the consequences for the new world we have created.
Microsoft
DreamozTech Tokens
Brave Passes 36 Million Monthly Active Users | Brave Browser
Thursday, September 16, 2021
As users are increasingly adopting privacy-preserving tools to protect their Web usage, Brave now has 36.2 million monthly active users (MAU) and 12.5 million daily active users (DAU).
Brave has also passed 1.2 million Verified Creators as the Brave ecosystem continues to grow for all its participants: users, creators, and advertisers. Brave users have contributed over 39 million Basic Attention Tokens (BAT) to reward their favorite publishers and creators. Brave users can support websites, or creators on YouTube, Twitch, Twitter, GitHub and more, by activating Brave Rewards and its integrated Brave wallet on both desktop and Android. BAT utility has also increased with 7.8 million monthly transacting BAT users.
Brave’s ad platform, where users earn BAT by opting in to view privacy-preserving Brave Ads (70% of ad revenue share), has also greatly expanded as revenue has grown 14x over the past 18 months. Brave Ads campaigns are supported in nearly 200 countries with over 7.5 billion ad confirmation events to date. There have been over 4,540 campaigns from 795 advertisers, from mainstream brands such as PayPal, Toyota, Mastercard, Intel, Crocs, BMW, Keurig, American Express, Budweiser, Walmart, Amazon, and The Home Depot, as well as from the biggest crypto brands such as Binance, Coinbase, Crypto.com, eToro, Gemini, and Solana. The average click-through rate (CTR) for a Brave Ads campaign is 8%, well above the industry average of just 2%, with many brands observing even higher engagement.
Brave also launched a privacy-preserving news reader, Brave News, as well as privacy-preserving Brave Search, expanding its browser into a super app to give users a real alternative to Chrome and Google Search. For iOS devices, Brave also offers a Firewall+VPN service, as well as Brave Playlist to enable users to access their content in one list from the most popular platforms.
The Brave open source browser fundamentally shifts how users, publishers, and advertisers interact online by giving users a private, safer, and 3-6x faster browsing experience, while funding the Web through a new attention-based platform of privacy-preserving advertisements and rewards. Brave is available for download for Windows, macOS, Linux, Android, and iOS, in 80 languages. To download for free, visit brave.com/download, Google Play or the App Store.
Ready to Brave the new internet?
Brave is built by a team of privacy focused, performance oriented pioneers of the web. Help us fix browsing together.
Brave Browser
DreamozTech Tokens
Why Did Visa Buy a $150K NFT? Why Does Anyone?
Wednesday, September 15, 2021
There are some very good reasons, it turns out, rooted in our deep, totally irrational animal brains.
If you’re anything like me, you’ve been wishing for a quiet week in crypto news for a while now. Wouldn’t it be nice to sleep? But no, Visa decided to announce Monday morning that it paid $150,000 for a CryptoPunk NFT, a kind of blockchain art token, to add to its “collection of historic commerce artifacts.” In an accompanying blog post, Visa declared that “NFTs mark a new chapter for digital commerce.”
There are certain events and inflection points that mark the transition from fringe to something approaching mainstream, and crypto and blockchain have already had at least two of those in recent months. First we had a nation-state getting serious about bitcoin, then the entire U.S. Senate fought over whether wallet programmers are brokers.
Visa’s purchase of a CryptoPunk, I think, serves as a similar marker for the inevitable mainstreaming of non-fungible tokens. They’ve already featured on "Saturday Night Live" and drawn in celebrities from Tom Brady to Jay-Z, but the apparent stamp of approval from a major financial institution takes things to another level. Cynically, $150,000 is probably a steal for Visa considering the PR it’ll get (including this article). But the announcement set off a $20 million frenzy of CryptoPunk trading, and that hype train isn’t coming back to the station.
Visa’s move, though, also returns us to an inescapable question: Why in the name of all that is holy would anyone pay $150,000 for a 25x25 pixel image stored on an extremely expensive and slow database?
It’s impossible to wrap your head around this, I think, if you’re looking for a truly rational or utilitarian explanation. But there are some very good reasons, it turns out, rooted in our deep, totally irrational animal brains – the same strange forces that lead us to make other major purchases that seem completely loony if you think about them too long.
“You have this rock stuck on your finger,” points out William Quigley, co-founder of the NFT-focused WAX blockchain. “It doesn’t look like it does anything. It’ll never do anything. And you paid $10,000 or $20,000 for that.”
The transition to more and more online living, Quigley thinks, means physical status symbols like jewelry have new competition from similarly exclusive digital objects. Both Jay-Z and National Football League player Odell Beckham Jr. have recently bought CryptoPunks costing tens of thousands of dollars (at least) and made them their Twitter avatars. That's probably the biggest single use of NFTs right now. The uselessness, you might say, is the point.
To understand any of this, some basic knowledge about the technology is essential. NFT stands for non-fungible token, which basically means it’s unique. An NFT exists on a blockchain ledger just like a bitcoin or ETH token, but one bitcoin is basically the same as the other several million – they’re “fungible” (with an asterisk).
An NFT is just as immutable as a bitcoin, but there’s only one: There are 10,000 CryptoPunks, but each of them is unique, and that uniqueness creates a lot of variation in their value. Visa, for instance, bought one of about 3,800 female Punks. CryptoPunks are particularly attractive because they were issued in 2017, making them among the first NFTs ever created.
NFTs come in a lot of different forms – they can even be interactive objects programmed to change based on certain inputs – but the most common type right now are image NFTs. Many of these are still essentially links to JPEGs stored elsewhere, which is a genuine problem for trust in the assets. But just last week CryptoPunks announced it had moved all data onto the Ethereum blockchain itself. It seems likely that this move helped push Visa to finalize its decision, because the move makes the assets more robust. Expect more NFTs, especially 8-bit series like the Punks, to transition to on-chain storage rapidly and, if you’re an investor, maybe look for that as a feature.
All this adds up to something deliriously simple: An NFT is a unique digital object. It is exclusive in a way that even bitcoin can’t claim. In fact, not even most real-world status symbols have the capacity to be as unique.
When someone buys an NFT avatar, “they’re saying, this is who I am,” says Henry Love, a managing partner at the NFT-focused investing fund Fundamental Labs. “So it’s more like a custom Rolex with your name on it. It’s one of one.”
Another crucial thing to know is that despite Visa grabbing headlines and all the comparisons to Rolexes and diamond rings, the NFT craze seems to be truly broad and grassroots. Trading volumes on OpenSea, the dominant NFT trading platform, have exploded, recently hitting $1 billion in monthly trading volume for August. But even that’s just the 10,000-foot view: There’s a frenzy of collecting and creation going on across Twitter and Telegram. NFT drop schedules are being watched as closely as Yeezy or Supreme drops were a few years ago.
And while a lot of that is fueled by insider speculation, there’s also something that feels much more real and special about this than, say, debating whether you’re going to buy $100 worth of cardano or solana. Because they’re ultimately about identity and taste rather than just money, NFT shopping has a personal element that seems likely to draw a much broader user base.
However, there’s a major barrier, especially for Ethereum-based NFTs like CryptoPunks: Transaction fees on Ethereum make buying and selling less-expensive assets impractical. I was just about to buy a $60 avatar NFT (because I too am an ape afraid of being left behind by my tribe). But the transaction fee was $50, which is quite a psychological barrier.
That’s why low-fee standalone chains like WAX and Flow (which hosts NBA Top Shot), which are largely focused on less-pricey branded collectibles, are significant right now, and have a real opportunity to grow from a core value proposition. It also suggests the market for NFTs on Ethereum, which have a significant credibility premium, will get substantially more insane, particularly at the low end, when Ethereum completes its transition to a lower-fee, proof-of-stake system.
VISA
DreamozTech Tokens
Video game doors are hard to develop and design. Here’s why. - Vox
Wednesday, September 15, 2021
Why video game doors are so hard to get right
Doors are hard because all of game development is hard.
Doors are so common in the real world that you probably don’t stop to think about how to operate them.
But for video game designers, that’s not the case. For a video game door to feel real, it takes a ton of challenging work. Video game doors have to interact seamlessly with their surroundings, make logical sense, and look good too. They have to strike a delicate balance between real-world accuracy and playability. All these factors mean designing a door usually requires work from every department at a game company.
And different types of doors require different amounts of work.
Tier zero: No doors. This is the easiest way to go, and many games take this route. Even games that have doors often have many areas that eliminate doors entirely because they want to avoid the headache.
Tier one: Proximity doors. These are the types of doors you’ll find in a sci-fi game like Halo. They usually slide in on themselves, so they don’t interact with any other objects in the scene. These doors are basically doorways, but with the impediment that you can’t see what’s on the other side until you are nearby.
Tier two: Doors that look like real-world doors. The door has to swing forward and backward. How does the door react if there’s an object in its way? Can the door lock? Do enemy characters and companion characters know how to strategize around the door?
Game characters usually don’t physically touch the door, but they might perform an arm gesture that suggests they’re opening or closing it.
Tier three: Doors that look like real-world doors and characters interact with them. These doors have all the difficulties of tier-two doors plus the added challenge of perceived interactions.
To make interactions look realistic, animators have to painstakingly animate characters’ hands appearing as though they’re grasping and letting go of objects, like doorknobs. Once animated, developers have to figure out the best way to seamlessly transition between the preset animations and the human player’s control.
These same challenges crop up as you try to add almost any element to a game. Doors are hard because all of game development is hard.
Like any great piece of art, the blood, sweat, and tears that go into doors are often invisible. The best doors are the ones that work seamlessly and go unnoticed.
Video game
DreamozTech Tokens