Cryptocurrency Isn't Private -- But With Know-How, It Could Be
There’s probably no such thing as perfect privacy and security online. Hackers regularly breach corporate firewalls to gain customers’ private information, and scammers constantly strive to trick us into divulging our passwords. But existing tools can provide a high level of privacy—if we use them correctly, says Mashael Al Sabah, a cybersecurity researcher at the Qatar Computing Research Institute in Doha. The trick is understanding something about the weaknesses and limitations of technologies like blockchain or digital certificates, and not using them in ways that could play into the designs of fraudsters or malware-builders. Successful privacy is “a collaboration between the tool and the user,” Al Sabah says. It requires “using the right tool in the right way.” And testing new technology for privacy and security resilience requires what she calls a “security mindset.” Which, Al Sabah explains, is necessary when assessing new technology. “You think of the different attacks that happened before and that can happen in the future, and you try to identify the weaknesses, threats and the technology.” There is an urgency to better understanding how technology works with allegedly anonymous technology. “People cannot be free without their privacy,” Al Sabah argues. “Freedom’s important for the development of society.” And while that may be all well and good for folks in Silicon Valley obsessed with the latest cryptocurrency, the ability to build funding structures for all is part of her focus. Al Sabah explains, “Aside from privacy, cryptocurrency can also help societies, specifically the ones with under-developed financial infrastructure.” Which is important because, “There are societies that have no financial infrastructure.” Al Sabah made a splash in the media in 2018 by co-authoring a paper demonstrating that Bitcoin transactions are a lot less anonymous than most users assume. In the study, Al Sabah and her colleagues were able to trace purchases made on the black-market “dark web” site Silk Road back to users’ real identities simply by culling through the public Bitcoin blockchain and social media accounts for matching data. More recently, Al Sabah has also been studying phishing schemes and how to detect and avoid them. “There’s more awareness now among users of the importance of their privacy,” Al Sabah says. And that needs to now evolve into teaching security best practices. “So, while we cannot stop new attacks, we can make them less effective and harder to achieve by adhering to best practices.” Business Lab is hosted by Laurel Ruma, editorial director of Insights, the custom publishing division of MIT Technology Review. The show is a production of MIT Technology Review, with production help from Collective Next. This podcast was produced in association with the Qatar Foundation. Show notes and links UNICEF Crypto Fund “Google’s top security teams unilaterally shut down a counterterrorism operation,” MIT Technology Review, March 26, 2021 “Your Sloppy Bitcoin Drug Deals Will Haunt You For Years,” Wired, January 26, 2018 “Your early darknet drug buys are preserved forever in the blockchain, waiting to be connected to your real identity,” Boing Boing, January 26, 2018 “In the Middle East, Women Are Breaking Through the STEM Ceiling,” The New York Times, sponsored by the Qatar Foundation