Ethereum VM May Have Vulnerability

The vulnerability is reported by NettaLab Twitter account
12 November 2018   620

On November 9, a statement appeared in Netta Lab’s Twitter account that the organization discovered a vulnerability in the Ethereum virtual machine that allows to execute smart contracts endlessly without paying for gas online. The researchers also allegedly turned to the operator of the American database of vulnerabilities, where they registered the corresponding discovery.

Netta Labs discovered an Ethereum EVM vulnerability, which could be exploited by hackers. The vulnerability can cause smart contracts can be executed indefinitely without gas being paied.
 

Netta Lab's Twitter

At Netta Lab's request, Google demonstrates the site of the netto.io project, which specializes in auditing smart contracts under the Netta Lab brand, but the Twitter accounts of the projects do not match. Note that the profile that reported the vulnerability was registered in November.

Many users expressed doubts about the authenticity of the information that appeared, but then the creator of the NEO project Da Hongwei said that he spoke with the CEO of Netta Labs and asked the researchers to audit the NEO virtual machine.

Nevertheless, Vitalik Buterin wrote on Reddit that this is a vulnerability in the Python-implementation of the virtual machine, which was first reported on GitHub 9 days ago. This means that the main clients (go-ethereum; parity and cpp-ethereum) are not affected.

OpenAI to Create Fake News Creating Algorithm

On the basis of one or two phrases that set the theme, it is able to “write” a fairly plausible story
18 February 2019   165

The GPT-2 algorithm, created by OpenAI for working with language and texts, turned out to be a master in creating fake news. On the basis of one or two phrases that set the theme, it is able to “compose” a fairly plausible story. For example:

  • an article about scientists who have found a herd of unicorns in the Andes;
  • news about pop star Miley Cyrus caught on shoplifting;
  • artistic text about Legolas and Gimli attacking the orcs;
  • an essay on how waste recycling harms the economy, nature, and human health.

The developers did not publish the source code of the model entirely, fearing abuse by unscrupulous users. For fellow researchers, they posted on GitHub a simplified version of the algorithm and gave a link to the preprint of the scientific article. The overall results are published on the OpenAI blog.

GPT-2 is a general purpose algorithm. The developers taught it to answer questions, “understand” the logic of a text, a sentence, finish building phrases. In this case, the algorithm worked worse than the model of a specific purpose. Researchers suggest that the indicators can be improved by expanding the training datasets and choosing computers more efficiently.