Critical RCE Flaw Discovered in Blockchain-Based EOS Smart Contract System

in #eos6 years ago

Well this is pretty big. I just got this update from one of my security blogs HERE

In a nutshell, EOS is exploitable by allowing a remote attacker to take control of a node. If you can't picture how big of an issue this is, it's HUGE!!! Basically, this could discredit the network and anything built on/with it could fall victim to a 51% attack with relative ease.

Thankfully, this has been caught. However, I'd still anticipate some vulnerabilities with this. Industry standard is 5% of code has security vulnerabilities and flaws. EOS seems to be a HUGE project with a lot of code. So, as you can imagine, there's probably other existing flaws which will be discovered that hopefully won't impact the project and the usage.

Overall, I still think EOS is a great project and concept (even though I believe the EOS ERC20 token is garbage and y'all are crazy if you want to long term hold it). I'd love to see the improvements in EOS and the rest of the blockchain world.

Stay safe!

Sort:  

Hi, thank you for contributing to Steemit! I upvoted and followed you! Follow back and we can help each other succeed :) Check out My Latest Post

What's up spam!!

Long Term Ethereum Bag Holder here...

Hope people see the grass is not always greener on otherside!

Indeed!!! :)

Definitely something we need to be thinking about. It's funny how decentralization is supposed to make transactions safer and more secure yet there are significant vulnerabilities. I think it's just an aspect of brand new code in a trade new field.

Well, ultimately it just comes down to the complexity of the code. The more complex, the more vulnerabilities there will be. EOS does seem to be extremely complex. But yes, you are right! :)