Presentation is loading. Please wait.

Presentation is loading. Please wait.

Rubidex versus Corda Why the Rubidex Blockchain System is the better solution for businesses.

Published byPhyllis Pierce Modified over 5 years ago

Similar presentations

Presentation on theme: "Rubidex versus Corda Why the Rubidex Blockchain System is the better solution for businesses."— Presentation transcript:

1 Rubidex versus Corda Why the Rubidex Blockchain System is the better solution for businesses

2 Corda’s Problematic Features
Open source Corda runs on the Java Virtual machine (JVM) JVM was created for developing programs in a heterogeneous network- wide environment. It was developed to be used in embedded systems equipped with a minimum amount of memory. Has been open to attacks and exploits since day one. Successful attacks against the Java Virtual Machine circumvents Java language security or invokes potentially harmful operation (for applets).

3 Corda’s Problematic Features
JVM is prone to outside attacks: There are three main attack techniques: through type confusion, through class spoofing, through bad implementation of system classes. Type Confusion (gets rid of security measures): In a result of type confusion attack, Java language security can be circumvented - private, public and protected access is no more important. Type confusion attacks are possible since there are no runtime checks done for getfield/putfield instructions with regard to the types of their arguments.

4 Corda’s Problematic Features
JBM has poor implementation of class structure: bad definition of access to classes, methods or variables, the possibility to extend some security relevant classes or methods, depends on proper object initialization, the possibility to create partially uninitialized instances of objects (for example, through cloning), no protection against serialization/deserialization, use of inner classes. storing secrets in code, returning references to internal objects containing some sensitive data, instead of the copy, internally storing the original contents of user data instead of the copy, comparing classes by names instead of class objects, too complex implementation.

5 Corda’s Problematic Features
Privilege elevation techniques: Privilege elevation techniques are applied after conducting successful attack on JVM Their goal is to bypass applet sandbox restrictions Type confusion condition is usually required to elevate privileges of the applet code Privilege elevation is accomplished by modifying system objects holding privilege information As a result, the code of the user applet class can be seen as fully trusted by the applet Security Manager

6 Corda’s Problematic Features
Unpublished history of problems with JVM: About 20+ security vulnerabilities in JVM implementations since 1996 Most of them affected web browsers Details of the most serious ones have never been published, so far... Bytecode Verifier vulnerabilities that lead to type confusion attack

7 Corda’s Problematic Features
Long published history of problems with JVM: Java Primary Cause of 91 Percent of Attacks: Cisco - Cisco's Annual Security Report points the blame at Oracle's Java for being a leading cause of security woes. Computerworld reports that [Java contains a vulnerability that] allow attackers to bypass the software's security sandbox and execute arbitrary code on the underlying system. Heimdal Security quotes: “Why Java Vulnerabilities Are One of Your Biggest Security Problems (This software used by millions is one of the key targets for cyber criminals)” Kaspersky Labs quotes: “the development of Java began when malicious attacks through vulnerabilities were virtually non-existent. As a result, software developers in general – not just those working on Java – could not anticipate this potential security risk, and the software was not built with security in mind.”

8 Corda’s Problematic Features
Result: Problems with necessary code classes allow Java and therefore Java Virtual Machine to be open to exploits, hacks and problems. Choosing any form of Java as a basis for blockchain is a security nightmare from the first minute and cannot be fixed because the security vulnerabilities are built into the code classes of a very old and outdated language. Features of the blockchain don’t matter if the underlying system is completely flawed at the code level.

9 Why Rubidex is Better Closed Source
No one has access to the code so no one can change it but us. The code is heavily encrypted, so it is virtually unreadable. Changes can be made near instantly and does not rely on a committee to decide or unpaid developers to make said changes ‘whenever’. Total control over the security of the entire blockchain system.

10 Why Rubidex is Better As secure as we can possibly make it
While no language is safe from outside attacks, we have taken every possible measure to secure the blockchain from any outside attacks: Encrypted server (256-bit level encryption). Hardened server with no access to directories and outside ddos (distributed denial of service) attacks. Encrypted front end and sync system. End-to-end encrypted tunnel between blockchain and front end nodes. No access to any part of our code - totally unreadable even in hex editors and decompilers.

11 Why Rubidex is Better Customizable for any use case
RubiPrime can be configured for any possible use case, such as: Automotive Hospitality Medical Restaurants Supply Chains Insurance Financial etc...

12 Why Rubidex is Better 100% scalable
The Rubidex Blockchain System writes very small files (depending on data) and can span across hard drives. Average size of file is 3kb-128kb Limited only by hard drive space Can span across multiple drives as they become filled with blocks

13 Why Rubidex is Better Sync’s faster than any other blockchain
No wait to get started No large downloading of blocks to fill up your hard drives Patent-Pending Instaload technology Average wait time is under 10 seconds - in most cases it’s pretty much instant Hyper aware of last block through the entire blockchain system. RubiSync keeps blockchain synced, re-orders blocks when necessary and ensures all nodes have all blocks. It also self-heals in case of deleted blocks.

14 Why Rubidex is Better Permissions-based
Size of business does not matter - nodes can be a few or many. User-group based paradigm for multiple permissions across the blockchain Admin Human Resources Sales etc... Geography does not matter - different departments across different locations can utilize the same blockchain Manufacturing Distribution Logistics

15 Next Steps What can Rubidex create for you?
RubiStorm - our very smart people brainstorm with you to create whatever you require. Solutions - we implement our plan to make your custom blockchain system a reality Outstanding customer support - we have an attitude of gratitude and care for every customer equally.

Download ppt "Rubidex versus Corda Why the Rubidex Blockchain System is the better solution for businesses."

Similar presentations

Access Control 1. Given Credit Where It Is Due Most of the lecture notes are based on slides by Dr. Daniel M. Zimmerman at CALTECH Some slides are from.

Access Control 1. Given Credit Where It Is Due Most of the lecture notes are based on slides by Dr. Daniel M. Zimmerman at CALTECH Some slides are from.
Mobile Code Security Yurii Kuzmin. What is Mobile Code? Term used to describe general-purpose executables that run in remote locations. Web browsers come.

Mobile Code Security Yurii Kuzmin. What is Mobile Code? Term used to describe general-purpose executables that run in remote locations. Web browsers come.
University of Southampton Electronics and Computer Science M-grid: Using Ubiquitous Web Technologies to create a Computational Grid Robert John Walters.

University of Southampton Electronics and Computer Science M-grid: Using Ubiquitous Web Technologies to create a Computational Grid Robert John Walters.
Java Applet Security Diana Dong CS 265 Spring 2004.

Java Applet Security Diana Dong CS 265 Spring 2004.
Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise.

Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & ) Java Security on the Browser Java Security in the Enterprise.
Java.  Java is an object-oriented programming language.  Java is important to us because Android programming uses Java.  However, Java is much more.

Java.  Java is an object-oriented programming language.  Java is important to us because Android programming uses Java.  However, Java is much more.
Object Orientated Programming

Object Orientated Programming
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.

It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
Lecture 2: Do you speak Java?. From Problem to Program Last Lecture we looked at modeling with objects! Steps to solving a business problem –Investigate.

Lecture 2: Do you speak Java?. From Problem to Program Last Lecture we looked at modeling with objects! Steps to solving a business problem –Investigate.
Web Security A how to guide on Keeping your Website Safe. By: Robert Black.

Web Security A how to guide on Keeping your Website Safe. By: Robert Black.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Building Secure Software Chapter 9 Race Conditions.

Building Secure Software Chapter 9 Race Conditions.
Mobile Code and Worms By Mitun Sinha Pandurang Kamat 04/16/2003.

Mobile Code and Worms By Mitun Sinha Pandurang Kamat 04/16/2003.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Java Security Updated May 2007. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security.

Java Security Updated May Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Introduction to Java CSIS 3701: Advanced Object Oriented Programming.

Introduction to Java CSIS 3701: Advanced Object Oriented Programming.
Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.

Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.
5 Chapter Five Web Servers. 5 Chapter Objectives Learn about the Microsoft Personal Web Server Software Learn how to improve Web site performance Learn.

5 Chapter Five Web Servers. 5 Chapter Objectives Learn about the Microsoft Personal Web Server Software Learn how to improve Web site performance Learn.

Similar presentations

Ads by Google