Proof of work protocols have been applied in cryptography and security literature to a variety of settings, but its most impactful application has been its role in the design of blockchain protocols.

Getty Images

The advent of blockchains has ignited much excitement, not only for their realization of novel financial instruments, but also for offering alternative solutions to classical problems in fault-tolerant distributed computing and cryptographic protocols. Blockchains are managed and built by miners and are used in various settings, the best known being a distributed ledger that keeps a record of all transactions between users in cryptocurrency systems such as bitcoin.

Underlying many such protocols is a primitive known as a proof of work (PoW), which for over 20 years has been liberally applied in cryptography and security literature to a variety of settings, including spam mitigation, sybil attacks and denial-of-service protection. Its role in the design of blockchain protocols, however, is arguably its most impactful application.

As miners receive new transactions, the data are entered into a new block, but a PoW must be solved to add new blocks to the chain. PoW is an algorithm used to validate bitcoin transactions. It is generated by bitcoin miners competing to create new bitcoin by being the first to solve a complex mathematical puzzle, which requires expensive computers and a lot of electricity. Once a miner finds a solution to a puzzle, they broadcast the block to the network so that other miners can verify that its correct. Miners who succeed are then given a fixed amount of bitcoin as a reward.

However, despite the evolution of our understanding of the PoW primitive, pinning down the exact properties sufficient to prove the security of bitcoin and related protocols has been elusive. In fact, all existing instances of the primitive have relied on idealized assumptions.

A team led by Juan Garay has identified and proven the concrete properties either number-theoretic or pertaining to hash functions. They were then used to construct blockchain protocols that are secure and safe to use. With their new algorithms, the researchers demonstrated that such PoWs can thwart adversaries and environments, collectively owning less than half of the computational power in the network.

Garays early work on cryptography in blockchain was first published in the proceedings of Eurocrypt 2015, a top venue for the dissemination of cryptography research.

The techniques underlying PoWs transcend the blockchain context. They can, in fact, be applied to other important problems in the area of cryptographic protocols, thus circumventing well-known impossibility results, a new paradigm that Garay calls Resource-Restricted Cryptography.

Its a new way of thinking about cryptography in the sense that things do not have to be extremely difficult, only moderately difficult, said Garay. And then you can still do meaningful things like blockchains. Cryptocurrencies are just one example. My work, in general, is understanding this landscape and coming up with the mathematics that explain it and make it work.

Excerpt from:
Cryptography In The Blockchain Era - Texas A&M University Today

Open source is becoming mainstream technology, and thats reshaping how it will affect daily life.

An example of this trend can be found in Mays announcement by Red Hat Inc. of an In-Vehicle Operating System in partnership with General Motors Co. While the GM news attracted a great deal of attention, Red Hat also generated buzz during its recent annual Summit event in Boston with the release of RHEL 9 after a three-year wait, deployment of new solutions for securing the software supply chain, and the delivery of managed Ansible Automation for Microsoft Azure.

TheCUBE, SiliconANGLE Medias livestreaming studio, covered the Red Hat Summit event through exclusive interviews with company executives and partners. (* Disclosure below.)

Here are three additional insights you might have missed:

There was a time when computer processing was all about the CPU. Not anymore. This has become the era of the GPU, NPU, DPU and assorted alternative processors to power applications in the modern infrastructure. Edge computing was a significant topic of discussion at this months Summit, and Red Hat has positioned its portfolio to capitalize on this growing space through partnerships with Arm, Nvidia and Intel.

Edge to me is the epitome of a white-space opportunity where ecosystem is essential, said Stefanie Chiras(pictured), senior vice president of partner ecosystem success at Red Hat, during an interview with theCUBE. Edge is pulling together unique hardware capabilities from an accelerator all the way out to new network capabilities and then to AI applications. The number of ISVs building AI applications is just expanding.

An example of this evolution can be seen in the use of the DPU, or data processing unit. Where the CPU handled general-purpose computing, and the GPU accelerated compute, the DPU will play a central role in moving data.

Tushar Katarki, director of product management for OpenShift at Red Hat, envisions a growing role in importance for the DPU, especially as cryptography becomes more essential in network security.

Cryptography is going to take off to new levels, Katarki said in a discussion with theCUBE during the Summit. The DPU can be used to offload your encryption and firewalling. There are a lot of opportunities from an application point of view to take advantage of this capacity.

When Red Hat unveiled RHEL 9 during the Summit, the company noted that it was the first production release built from CentOS Stream. The back story on this was that CentOS Stream replaced the Community Enterprise Linux Operating System acquired by Red Hat in 2014 and discontinued in 2020, a move that was not positively received by CentOS users.

The friction over this issue stems from the fact that CentOS was widely used in the enterprise world. An executive from MongoDB Inc. claims that CentOS runs most of the telecom infrastructure in China. A significant portion of Facebooks operation is CentOS-based as well. Over a decade ago, open-source CentOS was the most popular Linux distribution for web servers.

Red Hat made it clear in 2020 that it would cease supporting CentOS starting from 2022 and would focus its efforts on the new upstream RHEL version, called CentOS Stream. The problem for some in the open-source community was a belief that the newer version lacked the stability of the original CentOS offering.

In theCUBEs Summit interview with Gunnar Hellekson, general manager of the Enterprise Linux Business Unit, the Red Hat executive explained the companys rationale for the switch from CentOS to CentOS Stream with the latest RHEL release.

We need a better way to allow partners to work together with us further upstream from the actual product development, Hellekson said. Thats why we created CentOS Stream the place where we host the party and people can watch the next version of Red Hat Enterprise get developed in real time. Partners can come in and help; customers can come in and help.

In his keynote address during the Summit this month, Red Hat Senior Vice President and CTO Chris Wright described how the placement of processors in his ski boots made him a better skier.Wrights example can be extrapolated to use cases where compute and hardware combine to create a better outcome. Chips help make driving an automobile safer today and improve the ability of diagnostic devices to provide critical information for heart patients.

The edge revolution is doing more than creating compute processing in standalone devices. It is reshaping the meaning of the hybrid world to include the melding of physical and virtual. This will be a key part of Red Hats strategy in the future.

Because of the compute capabilities that we have in hardware, hardware gets more capable with lower power that can bring certain types of accelerators into the mix, said Wright, during his appearance on theCUBE. You create this world where whats happening in a virtual context and whats happening in a physical context can come together through this distributed computing system. Our view is: Thats hybrid. Thats what weve been working on for years.

You can catch up on SiliconANGLEs and theCUBEs complete coverage of the Red Hat Summit event on theCUBEsdedicated event channel.

(* Disclosure: TheCUBE is a paid media partner for Red Hat Summit. Neither Red Hat, the sponsor of theCUBEs event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Go here to see the original:
Three insights you might have missed from the Red Hat Summit event - SiliconANGLE News

Ransomware has grown to become a potential threat for all organizations, sparing no industry or size bracket in its goal to capture files and other company assets. Where theres data, theres an opening for threat actors to hold this sensitive information ransom and demand payment for its release.

Its imperative for all organizations to have a plan for how to prevent and respond to ransomware attacks. But in order to understand how to prepare today, its also necessary to understand how ransomware has evolved to reach its current state.

The first ransomware attack is generally regarded as the AIDS trojan. It is named for the 1989 World Health Organization (WHO) AIDS conference, at which biologist Joseph Popp handed out 20,000 infected floppy discs to event participants. After a user had booted up ninety times, the names of the users files would be encrypted and the below message would appear, asking victims to send US$189 to a PO box in Panama. The ransomware was relatively easy to remove using online decryptor tools.

After this first event, no notable developments in the field of ransomware took place until 2005, when ransomware reemergedthis time using secure asymmetric encryption. The Archiveus trojan and GPcode were the most notable of these early ransomwares. GPcode attacked Windows operating systems, first using symmetric encryption and later, in 2010, using the more secure RSA-1024 to encrypt documents with specific file extensions.

The Archiveus trojan, the first ransomware to use RSA, encrypted all files in the My Documents folder. They could be decrypted with a thirty-digit password provided by the threat actor after the ransom was paid.

Despite the effectiveness of these encryption algorithms, early ransomware variants had relatively simple code, which allowed antivirus companies to identify and analyze them. The Archiveus password was cracked in May 2006, when it was found in the source code of the virus. Similarly, until GPcode switched to RSA, file recovery was often possible without a password, leading cybercriminals to prefer hacking, phishing, and other threat vectors.

In 2009, the Vundo virus emerged, which encrypted computers and sold decryptors. Vundo exploited vulnerabilities in browser plugins written in Java, or downloaded itself when users clicked on malicious email attachments. Once installed, Vundo attacked or suppressed antimalware programs such as Windows Defender and Malwarebytes.

Shortly after, in 2010, the WinLock trojan emerged. Ten cybercriminals in Moscow used the software to lock victims computers and to display pornography until the victims sent them roughly $10 in rubles. The group was arrested in August the same yearthough the scheme first garnered US$16 million.

In 2011, the software was upgraded to pretend to be the Windows Product Activation system. The malware seemed to be requiring a reinstall of the software due to fraudulent use, and ultimately extorted data from victims.

Reveton ransomware, which emerged in 2012, was a type of scareware that displayed messages to its victims claiming that it was US law enforcement and that the user had been detected viewing illegal pornography. In some cases, it activated the users camera to imply that the user had been recorded. It also demanded that the victim pay in order to avoid prosecution.

A variant of this ransomware also emerged for Mac, although it was not cryptographic. It was made up of 150 identical iframes that each had to be closed, so the browser appeared to be locked.

As more ransomware variants emerged, the number of recorded ransomware attacks increased nearly fourfold from 2011 to 2012.

In the second half of 2013, CryptoLocker emerged. CryptoLocker was a pioneer in several ways: It was the first ransomware to be spread by botnetin this case the Gameover Zeus botnetthough it also used more traditional tactics, such as phishing. Also notable was that CryptoLocker used 2048-bit RSA public and private key encryptions, rendering it especially difficult to crack. CryptoLocker was not stopped until its associated botnet, Gameover Zeus, was taken down in 2014.

The first true ransomware for Mac, FileCoder, was also discovered in 2014, although it was later found to have originated as early as 2012. The malware was never finished, as, although it encrypted files and demanded payment, the only files it encrypted were its own.

Other noncryptographic attacks on Mac infrastructure were more successful that year. 2014 also saw the Oleg Pliss attack, in which a threat actor used stolen Apple account credentials to log in to accounts and then used those accounts to remotely lock iPhones, using the find my iPhone feature. They then demanded a ransom for the phone to be unlocked.

Just as Oleg Pliss targeted iPhones, 2014 also saw the first cryptographic attack on mobile devices, with Spyeng targeting Android. Spyeng also sent messages to everyone in the victims contacts list with a download link to the ransomware.

The first successful cryptographic ransomware attack on Mac was in 2016, and was known as KeRanger. Tied to version 2.90 of the torrenting client Transmission, the ransomware locked a victims computer until 1 bitcoin (US$400 at the time) was paid to threat actors.

Another ransomware for Mac, Patcher, aka filezip, emerged in February 2017. It also infected users via torrenting, in this case by pretending to be a cracker for popular software programs such as Office 2016 or Adobe Premiere CC 2017. Notably, due to flaws in its design, Patcher could not be decrypted, whether the ransom was paid or not.

The success of CryptoLocker led to a significant increase in ransomware varieties. CryptoWall emerged as a successor to CryptoLocker, becoming known in 2014, although it had actually been circulating since at least November 2013. Spread largely through spam phishing emails, by March 2014 CryptoWall had become the leading ransomware threat. CryptoWall proved especially tenacious, and some reports suggest that by 2018 it had caused US$325 million of damage.

By 2016 ransomware variants were becoming increasingly frequent. The first ransomware- as-a-service (RaaS) variants emergedpartnerships in which one group writes the ransomware code and collaborates with hackers, who find vulnerabilities in systems. Some of the better-known were Ransom32 (the first ransomware to be written in JavaScript), shark (which was hosted on a public WordPress site and made available on the basis of an 80/20 split, distributors favor), and Stampado (which was available for just $39).

2016 also saw the emergence of the well-known Petya ransomware. Initially the ransomware was less successful than CryptoWall, but on June 17, 2017, a new variant emerged, dubbed notPetya by Kaspersky to differentiate it from the original version. It began in Ukraine and quickly spread worldwide via the EternalBlue Windows vulnerability discovered by the NSA. According to the White House, NotPetya was responsible for US$10 billion in damage. The governments of the United States, United Kingdom, and Australia blame Russia for the malware.

LeakerLocker, a mobile ransomware for Android, also emerged in 2017. Unlike more traditional ransomware, LeakerLocker did not actually encrypt any files. Embedded in malicious applications on the Play Store that requested elevated permissions, LeakerLocker displayed sample data from the users phone and claimed it would send the users entire phone contents to every person in their contacts list if a ransom was not paid.

WannaCry ransomware, one of the best-known crypto ransomwares, also emerged in 2017. Like notPetya, WannaCry spread via the EternalBlue exploit. After emerging in May 2017 it infected about 230,000 computers in 150 countries, causing $4 billion in damage. Although Microsoft had already released a patch for this exploit two months before the emergence of WannaCry, many users had not updated their systems, so the ransomware was able to spread.

Related Reading: Linguistic Analysis of WannaCry Ransomware Messages Suggests Chinese-Speaking Authors

The ransomware would likely have been far more damaging had it not been halted a few days after the attack began by the efforts of Marcus Hutchins, who discovered that the ransomware had a built-in kill switch that could be activated. Despite Hutchins role in stopping the global outbreak of WannaCry, he was subsequently arrested and imprisoned by the FBI for unrelated hacking charges. Several major governments attributed WannaCry to North Korea.

January 2018 was a watershed moment for ransomware, marking the emergence of GandCrab. Although GandCrab by itself was not particularly unusual, the developers continued to release more and more advanced versions and eventually integrated it with the Vidar information-stealing malware, producing a ransomware that both stole and locked a victims files. GandCrab quickly became the most popular RaaS, and the most active strain of ransomware between 2018 and 2019.

Team Snatch, a team of threat actors that emerged in 2018, was a partner of GandCrab, and ushered in the new trend of publishing victim data in order to extort payment. Team Snatch began to publish victim data in April 2019. Snatch was formed by threat actor Truniger, who operated on Exploit. On April 28, 2019, Truniger posted on Exploit that Citycomp, one of their victims, had refused to pay a ransom and would therefore have their data publicly posted.

However, GandCrab ransomware is now no longer used after the developers announced they would be retiring on June 1, 2019, and the FBI released decryption keys for the ransomware in July 2019.

Although Team Snatch disappeared in 2019 following a dispute on the Exploit forum, their actions set the stage for Maze ransomware and the rise of the leaks sites.

In November 2019, the Maze ransomware group leaked 700 MB worth of documents stolen from Allied Universal in an attempt to pressure them and future victims into paying the ransom. This set off a trend of ransomware groups establishing leaks sites to pressure their victims. By publishing stolen data, ransomware operators expose a victim to additional financial loss if, for example, sensitive financial data, customer personally identifiable information (PII), or trade secrets are exposed.

This additional leverage can be especially effective if a victim has backed up their dataand therefore lacks an incentive to pay extortionists for a decryption key alone. The new technique ultimately means that backing up data no longer mitigates the threat of ransomware attacks.

This new technique has vastly increased the visibility of ransomware, and appears to have increased its popularity as well. In 2020 the NetWalker group alone made over $25 million.

Since Maze ransomware began posting victim data, other ransomware groups have posted their own sites. Several of these ransomware families emerged out of prior partnerships, with adverts gaining experience collaborating with a ransomware group before setting up their own. The increased visibility has also led to cooperation between the ransomware groups, with Maze forming a cartel of ransomware groups that share tactics, techniques, and procedures (TTPs) and resources.The Sodinokibi ransomware family has been another notable actor in this space. Sodinokibi emerged to fill the space that was left when the GandCrab threat actors retired. Run by the REvil collective, it has become one of the most damaging ransomware groups, with more victims posted than any provider other than Maze.

Today, ransomware continues to threaten organizations and accounted for over $42.9 million in losses in 2021 according to the FBIs 2021 Internet Crime Report. Beyond the headlines, it is something companies of every size and in every sector must be aware ofdedicated and well-researched protocols for what to do in the event of an attack have become a mission part of every organizations security and defense arsenal.

Recommended Reading: Top 10 Ransomware Trends: Board Responsibilities, Tracking Ransomware, and Mitigating Risk in 2022

The rise of ransomware was a gradual process spanning more than thirty years. Its popularity was influenced both by the technologies supporting it, such as encryption methodologies and malware integration, and the technologies around it, such as Bitcoin and the anonymous Tor network, that allowed it to grow from a tool used by a single hacker or group into one run by a collective.

Although ransomware has not replaced other forms of malware per se, it has become an increasingly popular choice for threat actors as the barrier to entry becomes lower. Whereas a ransomware attack used to require years of development, cryptography, and penetration testing experience to execute, and would yield only a moderate profit, RaaS programs now proliferate on illicit and underground web forums, allowing threat actors to partner with ransomware authors easily and cheaply. Furthermore, these RaaS programs are highly developed, with user dashboards, guides, and technical support.

Finally, the payoff is getting bigger. As tools such as Cobalt Strike and Metasploit automate advanced penetration testing, and illicit communities such as Genesis Market offer increasingly advanced access to corporate networks, access to corporations is becoming more available, and ransomware demands bigger and more profitable. The integration of ransomware with data exfiltration allows for even higher ransoms, by threatening legal action for the victim corporation. For all these reasons, ransomware continues to grow in both its influence and destructive capacity.

Your organizations data, infrastructure, and personnel are valuabledont let threat actors take advantage of them. Sign up for a free trial and see firsthand how Flashpoint cybersecurity technology can help your organization access critical information and insight into ransomware actors and their tactics, techniques, and procedures (TTPs).

Original post:
The Evolution of Ransomware: Understanding Its Past, Present, and Future - Security Boulevard

A March 2022 Wunderman Thompson Intelligence survey of more than 3,000 people between the ages of 16 and 65 in China, the United States and the United Kingdom found that while three-quarters to them had heard of the metaverse, only 15% said they could explain the concept of the metaverse to another person (and half of them were probably wrong). Those same people, when asked about their main concerns about this metaverse that they didnt understand were, put children's privacy first and highlighted a number of other data protection, privacy and safety issues.

It seems that their answers illustrate a challenge to us (ie, the digital financial services industry): how can we explain what the metaverse is and how can we give confidence in our approach to privacy and security. So let me try to rise to that challenge and tackle both of these complex issues head on.

ADVERTISEMENT

First, what exactly is the metaverse? I've seen so many different descriptions of the new cyberspace for work, rest and play over the last few months that it's really unclear what most people mean by it. In fact, despite Gartner's IT prediction that by 2026 a quarter of the population will spend at least one hour a day in the metaverse "for work, shopping, education, social and/or entertainment", I doubt that many in the financial services industry can give any more of a cogent and concise description of what that metaverse itself will be than the people interviewed for the survey mentioned above, other than it will be a bit like "Call of Duty" with Mark Zuckerberg dressed as a skeleton in it and there will be a tiger wandering around in a JP Morgan branch in Minecraft.

Virtual dating.

Rather than complain about the imprecision of the vision, I thought it might be a good approach to think from first principles what the metaverse is and what corporate strategies around it will be important. But where to begin?

ADVERTISEMENT

The obvious starting point is virtual worlds. These have been around for many years, so therefore it is reasonable to wonder what it is that will now transform these virtual worlds into a metaverse. It is not, I suspect, Mr. Zuckerberg's virtual reality headsets. I could use one of them right now to play 3D World of Warcraft or whatever and it would be a lot of fun, but it would still be a virtual world. A metaverse is surely more than Second Life UHD.

The Financial Times defined the metaverse as a collection of shared virtual worlds which are interoperable in the sense that people can navigate them while taking with them their digital identity and their digital assets. Now this strikes me as a very straightforward and practical description and I like it very much. This is a world where transactions take place between what Jaron Lanier called "economic avatars" (that is, virtual identities that can own property).

We have good starting point then. The metaverse is virtual worlds with digital assets and digital identity. But what exactly are these digital assets?

Well, that is quite easy to answer: digital assets are tokens and the protocols for moving these tokens around is what is known as decentralised finance (or defi). Digital assets and decentralised finance are together loosely known as web3. Frances Zelazny of Anonybit set out the relationship between the two plainly when she wrote "the metaverse is dependent on [web3]", going on to say that users can expect "increased democratisation, inclusion and user control, instead of having big tech and centralized gatekeepers".

ADVERTISEMENT

So you might say that the metaverse is made up of virtual worlds with web3 transactions in them. Now we are getting somewhere.

A check back to that Financial Times definition. The metaverse is virtual worlds plus digital assets (ie, web3) plus digital identity. Now that latter clause is where we need some new thinking. Tokens and defi are not a good way to implement identity and without identity we cannot complete the metaverse. We need identity to make our metaverse work.

Professor Bill Buchanan OBE from the School of Computing at Edinburgh Napier University is leading expert on cryptography and cyber security (and also an excellent speaker, by the way). I always take what he has to say about things very seriously and I couldn't agree more with him on his comments about the nature of the infrastructure that we need for the online economy.

Bill writes that we joined together a set of interweb tubes with very little trust built in to them and then we patched them up with what he calls simple methods (but what I might call string and sealing wax). He says that "our digital future must be towards an infrastructure that properly integrates trust" and that when it comes down to it, web3 means the digital signing of transactions to support the true integration of the digital identity of the citizen into the digital world.

ADVERTISEMENT

We already have the tools and techniques needed to implement these citizen digital identities. We have private keys and digital signatures and computers and all of the other components. We already have smartphones that contain Trusted Execution Environments (TEEs) capable of handling advanced cryptography (yet we send them completely insecure text messages and call that "security). What we need is a way of using them in a truly secure manner and this where credentials come into play.

Why do I focus on credentials? Well, in a recent paper on the topic Vitalik Buterin (the genius creator of Ether ETH eum) and his co-authors write the economic value finance trades on is generated by humans and their relationships and go on to say that because web3 lacks primitives to represent such social identity, it has become fundamentally dependent on the very centralised web2 structures it aims to transcend, replicating their limitations.

That is the missing piece of our jigsaw. Relationships that enable transactions, or what I might paraphrase as "the reputation economy". This is an economy where the fundamental enabler of economic activity is not the identity of counterparties but their credentials, not who they are but what they are: a regulated financial institution, a rideshare driver with five stars or a person.

ADVERTISEMENT

Credentials, and more specifically verifiable credentials (that is, if you present your driving licence to me, I can cryptographically verify that it is not a fake and that it really does belong to you) are the way forward.

Such verifiable credentials (VCs) have a crucial role in resolving the "clash of the titans" between the emerging metaverse and the growing demands for data privacy. The metaverse wants to harvest new, uncharted personal information, even to the point of noting and analysing where your eyes go on a screen and how long you gaze at certain products. Data privacy, on the other hand, wants to protect consumers from this incessant cherry-picking.

As David Blonder (legal counsel, and data protection officer at BlackBerry) notes, since people will always trade security for convenience and since the metaverse mean far more user interaction than, for example, a mobile phone we (ie, the industry) must assemble an infrastructure that is robust without negatively impacting user convenience.

ADVERTISEMENT

(My view is that this will be achieved through the use of smart wallets, but thats a topic for another day.)

There you have it then. A good working definition is that the metaverse is virtual worlds plus web3 plus verifiable credentials.

What I think is one thing, but what people who actually know about virtual worlds think should have priority. The CEO of Epic Games, Tom Sweeney, is one such person and his views not the topic are fascinating. He, for example, points toward the field of zero-knowledge proofs (the idea that you can verify that something happened without receiving any private details about it), which are a powerful technique for delivering both privacy and security in a decentralised system and he is absolutely right. There is groundbreaking work going on right now to bring zero-knowledge proofs and verifiable credentials together, so when Tim says I think that's going to be the backbone of a large part of the next century in technology he's almost certainly correct.

Another visionary in the field is Philip Rosedale, the chap who founded Linden Lab (the home of Second Life) a generation back and has therefore spent more time in the metaverse, or at least the proto-metaverse, than pretty much anyone else on the planet. Hence his views on the topic are of signal importance. After Linden Lab he went on to launch a VR startup that later pivoted to spatial audio (so perhaps Scott Galloway's insistence that the metaverse will come in via AirPods rather than headsets is more considered than I thought).

ADVERTISEMENT

In an interesting twist, that startup is now investing in Linden Lab and Mr. Rosedale is returning as a strategic advisor. There was a very interesting piece on his perspectives on the metaverse in "The Information". What particularly caught my eye, given my obsession with digital identity as a fundamental platform for the new economy, was his view on "true" names. He says that persistent pseudonyms are at the heart of the metaverse and that true names, for so many reasons, are not what we want to go toward, because not everybody wants to use their true name or true face.

When you put all this together virtual worlds where people want to do business, decentralised finance moving tokens around and persistent pseudonymous identifiers with verifiable credentials as the token owners I think you can see a clear and consistent definition of the metaverse as well as the strategic outline for the financial services sectors response: managing the customers digital assets and digital identities to keep them safe in this new world.

View post:
The Metaverse: Virtual Worlds But Real Opportunities - Forbes

New Delhi | Jagran Business Desk: Cryptocurrencies have been around for nearly a decade, but they have gained more popularity in recent times. Similarly, non-fungible tokens (NFTs) have also exploded on the internet over the last couple of years. However, with the emergence of the metaverse, many of us are curious about the future of cryptocurrencies and NFTs and what they will have in the future.

Let us try to understand these terms first:

Cryptocurrency:

Also known as crypto, a cryptocurrency is a digital or virtual currency that acts as a medium of exchange through a computer network. A cryptocurrency can't be touched and is secured by cryptography. Cryptocurrencies are not dependent on a bank or a government of a country and are stored in an online wallet, which is based on computer algorithms.

NFT:

NFTs are digital items that can be bought and sold with help of the blockchain technology. A photo, video, GIF, any form of art or even a tweet can be stored as an NFT. They are stored in blockchain, a digital ledger. NFTs' ownerships are also recorded in a blockchain, which can be transferred from one owner to another.

Metaverse:

A metaverse is an online three-dimensional universe in which virtual and augmented realities are mixed "to create a simulated digital environment at its most basic level". The term metaverse was first coined in 1992 by Neal Stephenson in his sci-fi novel Snow Crash.

Cryptocurrencies and Metaverse:

For most users, the concepts of cryptocurrencies and metaverse seem to go hand-in-hand. However, by now, you might have understood that these two terms are quite different.

However, that doesn't mean that cryptocurrencies and metaverse aren't related. Cryptocurrencies, which are currently used by most of us for investments, can be used for making payments in the metaverse. According to experts, a metaverse will have its own cryptocurrency that will be used by people for shopping, trading, and other marketing activities in that augmented reality.

Metaverse and NFT:

Experts believe that NFTs are crucial for the metaverse and will allow people in augmented reality to buy virtual goods and make an investment. They can invest in real estate and buy regular essentials in the metaverse using the NFTs, feel experts.

"NFTs are built on blockchain technology that gives rightful ownership to the NFT holders. So for instance, if you own a land in the metaverse (which is quite possible), you get an NFT as deed to the virtual property," Lokesh Rao, co-founder of Trace Network Labs, said while writing for The Financial Express.

"This means you are the rightful owner and only you have exclusive access to enter the location in metaverse alongside allowing access to others. NFT-controlled access could also help in ensuring VIP access to the events in metaverse," Rao added.

Posted By: Aalok Sen Sharma

See original here:
Jagran Trending: How cryptocurrencies and NFTs are related to metaverse? - Jagran English