Friday, July 21, 2017

Ethereum $30 million stolen - Why it really is a problem with Ethereum

"First, remember, this was not a flaw in Ethereum or in smart contracts in general. Rather, it was a developer error in a particular contract."
http://haseebq.com/a-hacker-stole-31m-of-ether/


Really?!   It's not a flaw in Ethereum?   Yes... it is!

Are Ethereum contracts are based on the premise that only foolproof software developers should be writing contracts?   No I don't think so.  We all know that no developer is foolproof.   I believe it is based on the premise that developers should not write contracts where the value of the contract exceeds the minimum resources needed by other developers to exploit said contracts.  Time for an analogy.





If I am looking for a way to protect money, I may buy a little plastic piggie safe for my son's change, a metal lock box for some spending cash and a fireproof solid steel safe bolted to the house for my gold and silver.  The contents of each can be stolen and each provides reasonable protection for the value being protected by the safe.

After 15 years of software development I do trust my code, but I'm pretty sure with enough resources and motivation you can exploit it.   It turns out that the expenditure of resources to break and exploit some Ethereum contracts has been well worth it.  

We love the idea of Ethereum contracts, now what?

First of all, it's too new for these massively valuable contracts.   It's like a hackers dream waiting for these contracts while the value of Etherium skyrockets.

In my view Etherium needs a gate before any funds can be transferred via smart contracts.  Developers are going to write buggy code.  Signaling fund transfer and waiting a few days for execution gives everyone enough time to say, "Holy Shit", someone is about to steal the money!

Now that leads to a second issue.  Ethereum needs a way to invalidate the smart contract when the above scenario is true.  

"Oh my, that violates the smart contract!"  Hey, this is ETH not ETC.   There is already a precedent for rolling back funds with ETH.  Time to bake it into the system since the creator of Ethereum already sanctioned the idea.

"Wait, You can just write that into your contract!"  I just told you that I didn't trust my code with that much money!

Ethereum is the problem and will continue to be a hackers paradise until the system is made safer.







Excel Sheets 4 quandrant / bubble chart / magic quandrant

After posting how to create a magic quadrant in Google sheets, I figured I might as well create a simple one in Excel as well.

For Google Sheets look here:
Google Sheets Magic Quandrant

Here is how the chart looks in Excel



The major difference between Excel and Google was that I could only get 4 dimensions into Excel while I was able to get 5 dimensions in the Google sheet chart.

Note here that the legend has the same values as the titles on each of the bubbles.   In Google Sheets I was able to add a category to group bubbles by color.

Download the Magic Quadrant Excel Template --> HERE

Thursday, July 20, 2017

Google Sheets 4 quandrant / bubble chart / magic quandrant

Here is a Magic Quadrant template in Google sheets.   If you have been looking for an easy way to create one of these bubble charts to pitch your great ideas to the execs, then look no further.  I found a few templates in Excel but they seemed overly complex.

Just give me the chart!  -->  HERE

2 sheets - one for data and one for the chart



The background of the chart is transparent so it is just using the background color of the cells to highlight the quadrants.   Use the cells to create boxes around key areas of the chart like the legend.

The data sheet is as follows:

Bubble Title:  Text highlighted over each bubble
Legend:  Defines the color of the bubble
x-Axis:  In my case I needed to add a couple values for the x Axis so you will see 2 of them and the x axis has a range of 0-10   (actually 0-11 defined on the chart to allow for padding)
y-Axis: Simple range from 0-5 (actually 0-6 defined on the chart to allow for padding)



Bubble TitleLegendX Axis PlusY AxisBubble SizeX Axis Plus
OK to changeOK to changeOK to changeOK to changeOK to change
IdeaTypeTraffic STMConfidence Impact
Idea 1Internal5555
Idea 2Internal2332
Idea 3External5444
Idea 4External2553
Idea 5External1442
Idea 6External2331
Idea 7External2222
Idea 8Exec5133
Idea 9Internal2244
Idea 10CX4115
Idea 11CX2214
Idea 12CX, SEO2113
Idea 13Internal2312


Hope this saves you some time!