Proposal To Make Steemit Safer

in #steemit7 years ago (edited)

Steemit security

More developers make off-site improvements to the steemit experience.

Examples of this being:

This is great; it's a very agile way of making improvements to the user experience while the core developers are focusing on the low-level blockchain, and therefore only rarely have time to peak out.

But it raises a problem.

How can we stay safe when using the steem platform away from steemit.com?

Steemit Security

For many of the apps, it's quite simple as they only use the information from the public blockchain, so you're no more at risk than when you're visiting other public websites.

But for apps that do require user authentication, how do we know which apps we can trust, and who we should give our posting, and active keys to?

This is a tricky question to answer, and the security measures available currently aren't optimal.

Outside Steemit, authentication is often handled by the OAuth protocol (what's seen as log in with Google/Facebook on other websites). This gives users control over what permissions an application has while also never trusting that the application stores their credentials in a responsible manner, but instead trusts only the OAuth provider.

This, however, doesn't exist for Steemit.

If a similar system could be implemented on Steemit, it could have the potential to make using off-site apps much safer.

Now, I'll be the first to admit that I don't have a lot of experience with blockchain technologies, and I frankly don't know how hard it's going to be, or even if it's at all possible (because we don't have a central authority on which OAuth often relies).

But as Steemit accounts are frequently worth tens of thousands of dollars, it's paramount to take any step to make sure the accounts more safe, and the current version of seperating keys into posting/active/owner, while a step in the right direction, is not enough, and users need more granular control over what permissions they give apps.


What can you do right now?

If you're not a programmer, and want to maximize your security, the best thing you can do right now is to never use your password. Instead, log into apps using posting/active keys depending on what permissions the app requires.

Also, look at what other users are saying about an app; preferably outside steemit, but also steemit.com; It's easy to be fooled by a nice looking UI, and well written copy. It's important, however, to realize that UI is just a skin, and can easily lie about what the underlying logic is actually doing. Furthermore, if the logic is kept on the server (which there are good reasons for doing), you have no way of verifying that the button actually does what it says. That's why it's important to see what other people are saying about it, and ideally on a platform that doesn't contain a bias toward the application.

If you're a programmer, and make steem-apps, make sure to give your users the ability to log-in using their keys. In fact, make it the default method, or better yet, disallow users to log in using their password, and keys that overstep the permissions your app requires.

Furthermore, try not to write credentials to disk, and keep it in memory as short as possible. Ideally, you should prompt the user to enter their key every time they want to broadcast something to the blockchain, or just keep all application logic on client side, so you never have to deal with authentication.

I realize that this is not possible for some automation services, but it's an ideal every every developer should strive for, and should make conscious steps toward.

Conclusion

Regardless whether the additional security is implemented, we owe it to ourselves, and the other users, to make an effort to make our apps safer, and discourage apps that practice unsafe handling of userdata.

Furthermore, we shall make sure that our apps are honest and transparent, and don't hide behind closed server-side logic.

Sort:  

I think there's a service offered by SteemConnect built by busy.org developers https://steemconnect.com

I see. It's an interesting project, but they still require me to trust steemconnect.
Screen Shot 2017-07-08 at 2.15.47 PM.png

As long as Steemit does not offer an authentication service, third-party server-side solutions which handle keys and/or passwords will definitely be a security problem. Also, determining which service is trustworthy simply is not possible.

I can think of a work-around, however.

Let's say a third party service shall be able to create posts. This service could just store new posts and flag them as unpublished.

Then you would have to tie this service to a pure frontend solution (for example a mobile app), that is a hundred percent open-source and works as a middleman.

This app should store the required keys on your device only, fetch the unpublished posts from the third party service and submit them to the blockchain.

If you do it this way, your keys would never be shared.

That is a good suggestion, but sadly not viable for all types of apps.
If the app, for example, requires a service worker to work in the background, and broadcast events to the blockchain, the service worker will need the user's key.

In this case, the only option would be a middleman frontend running 24/7, fetching all automatically generated events.

Of course, I see your point, since being online with your smartphone day in day out or having your workstation at home online all the time can not be considered a good solution for this type of problem.

I guess, in the case of pure user-triggered actions, the middleman approach would be adequate, since it could be done with a very tiny and straightforward app, which could handle multiple third-party services.

However, for sever-side solutions like service-workers, we would definitely need an authentification interface on Steemit, or have a lot of trust in the third party :)

Congratulations @kasperfred! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

Award for the number of comments received

Click on any badge to view your own Board of Honnor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

By upvoting this notification, you can help all Steemit users. Learn how here!