Featured Story THE METAVERSE’S SECURITY DILEMMA: DECENTRALIZED OWNERSHIP VS. CENTRALIZED PROTECTION As Web3 evolves to eliminate centralized control and give users ownership of their data and assets, organizations must adopt a comprehensive security strategy to address the various points of vulnerability in blockchain networks and empower users to take control of their security.
Web3 is the evolution of the internet, where the centralized control mechanism is eliminated, and data ownership is given back to the users. The technology that underpins Web3 is blockchain, which is a distributed ledger
that provides secure and immutable data storage. Web3 has been touted for its decentralization and user-centricity. However, when it comes to security and threat detection, Web3 is outgunned. Web3 has five main blockchain security threat vectors, including user vulnerabilities, API and Oracle vulnerabilities, off- and on-chain data vulnerabilities, smart contract vulnerabilities, and node vulnerabilities. Therefore, organizations must consider post-deployment security. They must ask themselves, for example: “What happens when their protocol gets attacked due to an unknown vulnerability? Who gets notified? How are those attacks mitigated?” Moreover, end-users have been mostly left unsupported, and phishing and digital asset theft are prominent. In this article, we will explore what security in the metaverse may look like. Web3 is considered the internet of value because it allows for the exchange of value, with users having ownership of their data and assets. This shift in ownership will change the way security is implemented in the future. For example, in the current Web2 environment, organizations are responsible for securing user data, while in Web3,
users will have to take responsibility for their security. Therefore, the key to security in the metaverse is to empower users to take control of their data and assets. One of the ways to empower users is through decentralized identity constructs (DCI), which can be implemented using tokenization and self-hosted wallets. Decentralized systems remove the need for repeated identity proofing
across services and support common authentication services by removing the need for multiple credentials. Avivah Litan, a Gartner distinguished VP analyst, predicts that by 2025, at least 10% of users under 20 years old will have a decentralized identity wallet on their mobile device for managing their identity attributes and making verifiable claims. The use of blockchain technology in Web3
means that the data is cryptographically secured, but it does not mean that the data is always legitimate. There are several points of vulnerability in blockchain networks, including user vulnerabilities, API and Oracle vulnerabilities, off- and on-chain data vulnerabilities, smart contract vulnerabilities, and node vulnerabilities. To address these vulnerabilities, potential solutions
include identity proofing, endpoint protection, user authentication, decentralized consensus of data reads and writes, cross-checks on data validity, storing data off-chain, privacy-preserving protocols, user access control, code reviews, baseline smart contract execution, fine-grained smart contract access control, behavior anomaly detection, dynamic execution analysis during runtime, vulnerability scans, and forensic analysis. Currently, protocols primarily rely on smart contract audits for their security. According to Forta research, funds lost in smart contract exploits rose from $215 million in 2020 to $2.7 billion in 2022. Therefore, organizations must consider post-deployment security. They must ask themselves, for example: “What happens when their protocol gets attacked due to an unknown vulnerability? Who gets notified? How are those attacks mitigated?” Moreover,
end-users have been mostly left unsupported, and phishing and digital asset theft are prominent. Web3’s decentralized structure means that traditional security measures such as firewalls and intrusion detection systems (IDS) may not be effective. Instead, security measures will have to be implemented at the application level. The application itself must be secured, and the data transmitted between the application and the user must also be secured. This means that the security of Web3 applications will have to be built into the development process from the ground up. One of the ways to implement security at the application level is through secure coding practices. Secure
coding practices should be an essential component of the development process for any Web3 application. It involves following a set of guidelines and best practices to ensure that the code is free from vulnerabilities and that it adheres to industry-standard security practices. This includes using secure coding frameworks, performing static code analysis, performing dynamic testing, and implementing code review processes. Another crucial component of Web3 security is the need for decentralized consensus. Web3 networks are built on a decentralized model, which means that there is no central authority to verify the accuracy of data. This is where decentralized consensus comes in. It involves multiple nodes on the network coming to a consensus on the accuracy of data through a process called mining. This process ensures that data on the network is verified by multiple nodes,
making it difficult for attackers to manipulate the data. Additionally, Web3 applications must implement user access control measures. This involves ensuring that only authorized users can access the application’s features and functionality. This can be achieved through the use of multi-factor authentication, biometric authentication, and other secure authentication methods. Finally, organizations must consider post-deployment security measures, such as vulnerability scans and forensic analysis. These measures involve scanning the application for vulnerabilities and weaknesses regularly, and conducting forensic analysis to determine the root cause of any security incidents that occur. This can help organizations quickly identify and mitigate security threats before they
become major issues. Web3 represents a significant shift in the way we interact with the internet, enabling users to have more control over their data and assets. However, this decentralization also presents significant security challenges, with various points of vulnerability in blockchain networks. To address these challenges, organizations must adopt a comprehensive security strategy that
includes empowering users through decentralized identity constructs, implementing secure coding practices, ensuring decentralized consensus, implementing user access control measures, and conducting regular vulnerability scans and forensic analysis. As the metaverse becomes more integrated into our daily lives, it is crucial that we prioritize security to ensure that users can enjoy the
benefits of Web3 without compromising their data and assets. |
All the news you need today, in a format that isn't TL:DR, summarized for the busy executive.
Google has introduced new AI-powered features to help advertisers create search ads quickly and effectively. The new features include AI-generated creative assets that can be automatically created in campaign-level settings, generating ads based on the unique context of the ad, including the landing page.
Another feature is the new customer acquisition goal, powered by Smart Bidding and first-party data, allowing advertisers to prioritize bidding for new customers or bid for new customers only. The new customer acquisition goal is already available, while AI-generated assets are available in English and will be rolled out in other languages later this year. Google is focusing on automation, machine learning, and first-party data in anticipation of the expiration of cookies, and advertisers are
encouraged to start implementing these changes. The three largest advertising companies in Japan, Dentsu, Hakuhodo, ADK, along with two other firms and seven individuals, have been indicted in connection with the bid-rigging scandal that has tarnished the 2020 Tokyo Olympics. The Tokyo District Public Prosecutors Office
has filed criminal charges against the accused for violating antitrust and anti-monopoly laws. Dentsu Group's president and CEO, Hiroshi Igarashi, admitted the company's involvement in planning and fixing pre-Games test events and main competitions at the Tokyo 2020 Olympics and Paralympics. Another individual, former ADK Holdings president Shinichi Ueno, admitted to bribery charges. The charges also include illegally awarding bids to former organizing committee official Yasuo Mori, former
assistant head of the sports department of Dentsu Inc. Koji Henmi, and five others. Amazon.com is reportedly expanding its ultrafast delivery options and devoting more resources to facilities and services designed to deliver packages to customers in less than a day. This expansion comes at a crucial point for Amazon, which faces
competition for fast delivery options while CEO Andy Jassy puts a renewed focus on profits. A key part of Amazon's new strategy is an increased focus on its network of "same-day site" warehouses that are a combination of mini-fulfillment centers and delivery stations under one roof, offering a five-hour service level. The new locations include Los Angeles, San Francisco, and Phoenix. Amazon has opened 45 of these sites in the last four years, and this number could expand to at least 150 in the
next several years. Amazon may charge additional fees for the sped-up option. Media mix modeling (MMM) is emerging as a viable alternative to multitouch attribution (MTA) for performance marketing, given the challenges posed by the death of cookies and privacy regulations. MMM is an analytical system that ingests all kinds of online and
offline marketing data, including campaign performance, sales or promotions, performance history, and seasonality, to produce insights on how specific marketing campaigns affected KPIs. Unlike MTA, MMM doesn't rely on cookies or unique identifiers to be accurate and works at scale, not on a user level. Brands that remain stuck in the analytics front will resign themselves to a fate of inflated CPAs and investment over-indexing, which could lead to huge challenges with the parameters of future
privacy regulations. Testing the waters of MMM is recommended, and brands need at least one to two analytics resources and a full creative team to create and adapt multimedia assets for their evolving mix of channels. Coinbase has announced that it will no longer allow trading of the Binance USD stablecoin on its exchange from March 13th due to
it not meeting Coinbase's listing standards. This follows New York regulators telling Paxos, the company issuing the stablecoin, to stop issuing new tokens due to unresolved issues surrounding its relationship with Binance, and after the SEC sent Paxos a letter stating that BUSD is an unregistered security. In addition, Forbes reported that Binance transferred around $1.8bn of BUSD collateral to trading firms, including now-bankrupt Alameda Research, though Binance denies commingling
customer assets. GumGum, a contextual-first digital advertising platform, has hired Kalina Kehayova as Digital Executive and Larissa Jürges as Programmatic Solutions Manager in Germany. Larissa, who previously worked at Teads, will provide support to clients and agencies in running successful campaigns using GumGum's innovative
technology. Kalina, who previously worked at OMD, will focus on new client acquisition, establishing partnerships with existing clients, and developing long-term collaborations. Simon Tritsch, Commercial Director, DACH, said that both Larissa and Kalina are committed to building transparent and trustworthy solutions that will guide advertisers into the future. Elon Musk has been in talks with artificial intelligence researchers about forming a new research lab to develop an alternative to OpenAI's high-profile chatbot, ChatGPT, according to sources. Musk has been critical of OpenAI's safeguards to prevent ChatGPT from producing offensive text and has suggested a rival chatbot would have fewer restrictions on divisive subjects. To lead the effort, Musk has been recruiting Igor Babuschkin, a researcher who specializes in
machine-learning models that power chatbots. However, Babuschkin said that building a chatbot with fewer content safeguards is not Musk's objective. A new report by Pew Research Center has found that 56% of experts surveyed do not believe humans will be in control of key decision-making by 2030, with smart machines, bots and AI-powered devices
expected to take over. The report on "The Future of Human Agency" raises concerns about the loss of agency among humans and the implications for media and advertising. The report notes that most media and technological advances exist due to economics, with advertising being one of the most important economic drivers for technologies that experts believe will replace human free will within a dozen years. Twitter has laid off dozens of employees, including senior leaders in the engineering and product divisions, in one of the largest rounds of cuts since Elon Musk took over the company last October. Advertisers have left the platform in droves in response to Musk's erratic response to content moderation, and new products like Twitter Blue have so far failed to generate meaningful revenue. Esther Crawford, a product
manager who led Twitter Blue and its unlaunched payments initiative, was among the executives cut. The extent of the cuts, at least 200 employees or around 10% of the remaining workforce, suggests that Musk has failed to reverse the steep decline in revenue that has occurred since his takeover. Apple has hired Lauren Fry, a digital video and TV
advertising executive, to build advertising for its streaming service Apple TV+. Fry's specific position at Apple is not yet known. The company has been building a demand-side platform to control ad buys across its portfolio of services and products. Although Apple TV+ currently has no ad-supported tier, there has been long-standing speculation about the company introducing one to subsidise increasingly costly content that drives subscriptions and engagement. Apple is keen to expand its
ad business to $10bn, up from its current estimated $4bn. |
You're looking for an edge in your online marketing. Interest: ADOTAT.com is the answer. Our library of resources has been compiled by some
of the world's top internet marketing experts, and it's constantly updated with new information, case studies, and strategies. We want to help you succeed online - that's why we offer this information for free. It's our way of giving back to the community and helping people achieve their business goals.
Sign up now and gain access to our entire library of resources!
Want to advertise? Contact pesach@lattin.us |
|
|
FROM SNOW CRASH TO THE METAVERSE: NEAL STEPHENSON’S VISION FOR THE FUTURE. Neal Stephenson, a renowned science-fiction author and co-founder of Lamina1, a blockchain-based start-up that aims to build an expansive metaverse, recently discussed his views on the metaverse with Tim Bradshaw, the FT’s global technology correspondent. Stephenson’s breakthrough 1992 novel Snow Crash predicted many technological advancements, such as cryptocurrency, Alexa, avatars, virtual-reality goggles, multiplayer online games, and destructive
computer viruses, that are now part of our everyday experiences. The concept of the metaverse, which is a virtual universe where people interact with each other through audiovisual bodies called avatars, was also first introduced in his book. READ MORE
NOW
THE METAVERSE’S SECURITY DILEMMA: DECENTRALIZED OWNERSHIP VS. CENTRALIZED
PROTECTION. Web3 is the evolution of the internet, where the centralized control mechanism is eliminated, and data ownership is given back to the users. The technology that underpins Web3 is blockchain, which is a distributed ledger that provides secure and immutable data storage. Web3 has been touted for its decentralization and user-centricity. However, when it comes to security and threat detection, Web3 is outgunned. Web3 has
five main blockchain security threat vectors, including user vulnerabilities, API and Oracle vulnerabilities, off- and on-chain data vulnerabilities, smart contract vulnerabilities, and node vulnerabilities. READ MORE ABOUT THIS
FTC CHARGES COMPANY FOR REVIEW HIJACKING ON
AMAZON Online shopping has become a common practice in recent years, and it has become increasingly important for customers to rely on product reviews to make informed decisions. As a result, online marketplaces like Amazon have created features that allow customers to rate and review products. However, it has become a growing concern that some companies are manipulating these features to deceive
customers. For the first time, the Federal Trade Commission (FTC) has filed charges against a company for “review hijacking.” READ MORE
WHAT IS THE FUTURE OF IN-GAME ADVERTISING? Intrinsic in-game
advertising and measurement may be the future of marketing and advertising. Cary Tilds, Chief Strategy and Operations Officer at Frameplay, believes that the power of immersive and interactive content will drive significant engagement for all brands, big and small. This concept applies not only to gaming and the Metaverse, but to all content and media channels. READ MORE NOW
YES, BLACK INFLUENCERS ARE TREATED DIFFERENTLY AND PAID LESS. Black influencers are treated differently, paid less, and seen as less serious than their white counterparts. This is a problem that has persisted in the influencer marketing industry, even with the increased focus on diversity, equity, and inclusion (DE&I) in marketing. Black influencers face significant challenges, such as pay inequity and a lack of brand partnerships, that make it difficult for them to succeed in the industry. READ MORE |
|