The solution to the certificate authority problem is a complex issue.  Blockchain solutions provide a promising approach to new TLDs.  Existing TLDs may have to endure the existing CA system for many more years.  So it’s important that new blockchain solutions be developed for high trust needs as well as existing CA infrastructure be improved to maintain the existing infrastructure as well as possible.

In the last video I get the number of CAs wrong.  So I created this update video which corrects that and also adds some additional points.

The certificate authority system is broken.  It has grown too large and involves too many people and organizations to provide real security.  While it’s still better than not having it all, the amount of security it really provides is diminishing every day.

Where are these 3000 CA keys?

source: https://jhalderm.com/pub/papers/https-imc13.pdf

“We observed 3,788 browser-trusted signing certificates between April 2012 and August 2013 of which 1,832 were valid on March 22, 2013. All but seven of these signing certificates can sign a valid browser-trusted certificate for any domain.”

“These 1,832 signing certificates belong to 683 organizations and are located in 57 countries.”

“We were surprised to find that religious institutions, museums, libraries, and more than 130 corporations and financial institutions currently control an unrestricted CA certificate. Only 20% of organizations that control signing certificates are commercial CAs. “

In the video I am talking about 3000 CA keys, most organizations have multiple keys and 683 different organizations control the 3000+ keys.  But out of that 683 organizations most of them are not well equipped to secure the information they hold.

[Updated 8/29/2014]

Further proof CA’s are not doing their jobs: http://news-beta.slashdot.org/story/14/08/29/2019251/mozilla-to-support-public-key-pinning-in-firefox-32

Further Reading:

• http://arstechnica.com/security/2011/09/comodo-hacker-i-hacked-diginotar-too-other-cas-breached/
• http://en.wikipedia.org/wiki/Certificate_authority
• https://konklone.com/post/certificate-authorities-are-actually-a-tremendous-problem

Installation, getting started, and usage of Bitshares X.  Review of the technology and what makes BitsharesX different.

I talk about the history and the technology behind BitsharesX.  The fastest growing cyrptocurrency I’ve seen to date.  DPOS, BitAssets, TITAN, etc.

Further Reading:

• Bitshares Wiki
• BitsharesX Wiki

After holding Litecoin for several years and actively supporting the community I discovered the promise of Bitcoin 2.0.

Multigateway allows Bitcoin, Litecoin, and other crypto currencies to be transfered into the NXT Blockchain without using an exchange.  I talk about the technology and walkthrough installing and using the multigateway.

In this video I talk about how bad of an idea it is to use Brianwallets.  I also share the 1 and only 1 way to safely use a brainwallet.

NXT community website: http://www.nxtcommunity.org/

NXT Asset Information:  https://nxtblocks.info/

NXT Wiki: http://wiki.nxtcrypto.org/

I’m creating a new blog / Youtube channel to discuss crypto currency, computer security, electronics, etc or whatever I think is cool at the time.  The last 2 years or so i’ve been obsessed with Bitcoin and and other crypto currencies.  With all the reading and searching I do I thought I could share my thoughts and knowledge with others through this blog.  I wouldn’t call myself an expert as there are plenty of people who know more than I but think I do have some good ideas to share.  I’ll give a little shoutout to Dave Jones over at the EEV Blog as his constant recommendation to just put something out there is a big reason i’m doing this.   I’m going to just put out some videos / blog posts and see if anyone is interested.