India’s Telecom Regulator to Curb Spam via Blockchain

The TRAI - Telecom Regulatory Authority of India, is interested in blockchain technology in order to curb telemarketing spam through phone calls and SMSs
30 May 2018   896

The first measure of such kind, watches the regulator draft guidelines on Tuesday in order to fight the prevalent issue of unsolicited calls and communication through a  mobile SMS, according to the report of Indian business daily Economic Times.  The regulator claims India’s telecom subscriber base achieved 1.19 billion users in December 2017.

TRAI is looking at blockchain technology as securing the contact information of hundreds of millions of users cryptographically to provide privacy. The information will only be acceptable to registered telemarketers under definite conditions.

TRAI chairman R.S. Sharma declared that the problem is widespread in the country, affirming that the officials had failed in their previous attempts to examine unsolicited telemarketing calls. The regulator is aimed to work with telecom operators and other stakeholders to solve the difficulties with a regulatory framework while involving the  blockchain technology.

Blockchain will ensure two things — non-repudiable[record keeping] and confidentiality. Only thoseauthorizedd to access details will be able to access subscriber details and only when they need to deliver service… TRAI will become the first organization to implement this kind of regulation. 
Ram Sewak Sharma
Chairman, TRAI

The blockchain ledger also will record all communication between subscribers and telecom firms to capture users’ consent for information. The ‘Telecom Commercial Customer Preference Regulation’ project will be available for comment till June 11.

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   964

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.