BROADCASTS.com

Today on Liberty Entrepreneur Podcast: Michael Perklin: Head of Security and Investigative Services at Ledger Labs, President of C4, Board member of Bitcoin Foundation and Bitcoin Alliance of Canada, and pun lover\n\n@mperklin on Twitter\nEmail: michael@ledgerlabs.io\n\nhttps://cryptoconsortium.org/\nhttps://ledgerlabs.io/\nhttp://bitcoinalliance.ca/\t\nhttps://bitcoinfoundation.org/\n\nMichael tells about the ShapeShift hack story. Find the full story at http://moneyandstate.com/looting-of-the-fox/\n\t\nHow should entrepreneurs go about giving trust to employees?\n\nIn 12 or 13 years, Michael has never been involved in a situation where an emergency is publicized like this. \n\nWhat does Michael start looking at when he arrives at the scene of a crime? What should an entrepreneur do when they have a cyber event?\n\n1) For the entrepreneur: turn off all hardware involved \u2013 best way to do this is by turning power off, not by shutting down.\n2) For the investigator: get caught up \u2013 brain dump of all relevant info to event\n\nTo construct a time line of events, Michael must ask the same questions to everyone involved, even if this gets tedious. Minds are not like hard drives, where once the data is there, it stays there. There are 2 sides to every story. Person one's impression, person two's impression. There is sometimes a third side \u2013 a recording of what was actually said.\n\nWhat is the most important lesson other entrepreneurs can learn from the Shapeshift incident?\n\n\u201cThere always seems to be a reason to wait before you involve a security professional. Once I finish the code, then I'll get it security audited. Once we go online, then I'll have someone do a penetration test on it.\u201d \n\n\u201cThat's actually another thing I would recommend to your listeners: If any of them are like [Michael]: Enjoying your job is so much better than money.\u201d\n\nMichael tells about how he first became an entrepreneur, and how this shaped his forming C4, The CryptoCurrency Certification Consortium. \n\nC4 was born out of the need for companies that need to hire bitcoin expertise, but the hiring manager doesn't have bitcoin expertise themselves. https://cryptoconsortium.org/\n\nCBP: Certified Bitcoin Professional (akin to a driver's license) \u2013 Over 2000 registered users\nCBX: Certified Bitcoin Expert (akin to a mechanic's license) \u2013 being developed now\n\nCCSS: CryptoCurrency Security Standard \u2013 applies to information systems\n\nMovies and TV would imply that biometrics are the most secure security method. Michael believes this couldn't be further from the truth.\n\nBiometrics are definitely less secure than passwords and two factor authenticators. \n\nRegardless of the implementation, Michael strongly believe that 2 factor authentication will be the norm.\n\nWhat motivates Michael as an entrepreneur? Simple: Fun, and enjoyment. \n\n\u201cI became an entrepreneur because I wanted to enjoy my 9 to 5 a lot more than I was currently enjoying it. And I was successful in doing that.\u201d \n\n\u201cChose the thing that you love, and figure out a way to make that your 9 to 5.\u201d\n\n\n3 reasons why biometrics are inferior security to other methods:\n\n1) Required error thresholds\n2) Every biometric identifier is inherently public \u2013 the equivalent of having your password on a post-it note on your forehead\n3) There is no possibility for revocation... ever \u2013 this is the most important reason\n\nOn the importance of revocation and biometrics: \u201cIf I lose my key, I can change the lock. If I lose my password, I can change the password. But if I lose a biometric identify, like a fingerprint, I can't revoke my finger. That means for the rest of my life, I can never use that same finger for any authenticator ever again, because I know somebody and some point copied it at some time. \n\nLink to Liberty Entrepreneurs show with Brennan http://libertyentrepreneurs.com/2016/03/le23-b-byrne-security-in-a-world-of-innovation/ where we discussed security and biometrics as well