The opinions expressed in this article are strictly David Moss’s own and not to be interpreted as speaking on the behalf of Block.one or any other entity.
As the planned June release of EOSIO 1.0 approaches, expectations and tensions are heating up.
Most recently, Monday’s news of possible security vulnerabilities detected by Chinese Internet security giant Qihoo 360 elicited strong responses from EOS supporters and opponents alike.
According to the Weibo post published by Qihoo 360 on Monday, high-risk security vulnerabilities in the EOS platform could enable remote attacks through the deployment of arbitrary code and insertion of malicious smart contracts into new blocks.
Such a security breach may give the attacker full control of the network’s nodes, affecting thousands of computers and accounts.
The discovery of the security issues was made by Qihoo 360’s Vulcan team, and the wording of the report seems to suggest close collaboration by the Chinese security company with EOS to resolve these issues ahead of the EOSIO launch, but this may not be the case.
David Moss, senior vice president of Tech Operations at Block.one, the open source software publisher responsible for the EOSIO launch, provided comment to CryptoComes on the Vulcan findings
“The allegations were greatly exaggerated by Vulcan 360, as was their involvement with Block.one. They are only to want publicity for themselves and to create the impression they are working with Block.one. They are not. They also have no documentation to back up any claim they made.”
As always, investors and developers are responsible for doing due diligence when it comes to platform security.
The crypto media environment is as susceptible as mainstream media, if not more, to conflicting reports, sensationalism and news cycles used as marketing tools.
The release of EOSIO software has been one of the most eagerly expected events in the crypto community and the next few weeks are certain to put increased pressure on the EOS team to provide commentary on arising questions.