http://codesuppository.blogspot.nl/2017/12/iota-tangled-mess...
Next to that I found this great article in the comments:
https://medium.com/@neha/cryptographic-vulnerabilities-in-io...
- Use of ternary logic [1]
- Writing their own hash function [1]
- Claiming that the flaws in the hash function were 'copy protection' [2]
- The Github issues page for their wallet client [3]
I've heard that the DAG approach has merit, but from what I've seen I would not trust this team to execute on it.
[EDIT]: Almost forgot the black-box closed source 'central coordinator' [4]
[1]: https://medium.com/@neha/cryptographic-vulnerabilities-in-io...
[2]: https://gist.githubusercontent.com/Come-from-Beyond/a84ab861...
[3]: https://github.com/iotaledger/wallet/issues
[4]: https://www.reddit.com/r/Iota/comments/7c3qu8/coordinator_ex...
2: Why is explained here: https://blog.iota.org/the-transparency-compendium-26aa5bb8e2... - CyberCrypt is hired to review and audit it.
3: The wallet is secure and does what it needs to do, no, it's not very pretty or user friendly but it works. A new wallet (Trinity wallet) will be released very soon.
-Can you explain why the use of ternary logic is red flag? I can explain why it is not but you have to justify your statement first. You calling the use of ternary logic a red flag must be based off of something I assume.
-They used a custom Hash functio called "Curl". But they now replaced it with KECCAK-384. Curl is now being reviewed by a third party.
-For this, I will let CFB (one of the devs) to explain. https://medium.com/@comefrombeyond/cfbs-comments-on-https-ww...
-wallet is a nuisance for some users I agree. But majority of users are fine with the wallet. Of course you can only hear those who had problems.
The above is a proper paper on how to do math for a DAG based protocol.
Serguei Popov, the research mathematician behind IOTA DAG based protocol, claims that it is impossible to make proofs behind the tech. [1]
[1]: https://medium.com/@johndom/iota-and-spectre-64ee12d9b1a8
Before I bought a single IOTA, I read this whitepaper and it's pretty indecipherable. I'm a pretty technical person myself, but this paper was not written in a way that anyone can easily understand.
That Code Suppository "article" (blog post) is complete rubbish.
The issues in 2nd article have been fixed.
At least please read up and educate yourself before conditioning others into your opinion.
> Also he claims have been debunked by the IOTA team
only that they haven't been debunked[1].
Curl/Kerl should be reason enough for anyone to run away screaming. If somebody peddles a secure e2e encrypted messaging app based on an untested freshly invented hashing or encryption algorithm everyone would agree it's wrong. Why should the behavior displayed by IOTA team / management be treated with silk gloves? Whenever I see somebody vouching for IOTA I can only imagine 2 reasons:
1) person doesn't have a clue about basic engineering / security principles
2) person owns IOTA ans hence is personally too deep invested to be unbiased
There's a pretty complete thread on reddit with most FUD in it and why it's not valid:
https://www.reddit.com/r/Iota/comments/7j81tq/fud_copy_pasta...
Here's an article by one of the IOTA founders addressing your second article:
https://blog.iota.org/curl-disclosure-beyond-the-headline-18...
The nonsense about the 'vulnerability' neha found got destroyed in multiple answers. either directly from the devs or from independent sources.
Just yesterday one of the core devs answered (again) to the claim by narula: https://medium.com/@comefrombeyond/cfbs-comments-on-https-ww...
Your post shows the classical signs of a FUD-Attack. Excellent explained in this article: https://www.psychologytoday.com/blog/mind-in-the-machine/201.... Here is IOTA as Victim of ongoing targeted FUD-Campains identified.
here you have a couple more:
1) https://pbs.twimg.com/media/DQcxVVhUIAAVAY0.jpg:large
2) https://pbs.twimg.com/media/DQQKnDiU8AAQJRW.jpg
3) https://hackernoon.com/why-i-find-iota-deeply-alarming-934f1...
I have plenty of private email discussions and transcripts from calls with 2 of the IOTA guys from when they started out. All I say at this stage is that they have been engaging in pump+dump. The situation with their "fake" partners was carefully designed to help with that.
bad idea to come in here guns blazing ... what usually works very well on the Internet as a newcomer to any site is to lurk a little. get a feel for the vibe and the people, then decide if you fit-in and comment.
We've had Perl people, Python people, Ruby people and their arguments but none of those invested their money in languages' success. This blockchain programming zeal mixed with investors trying to hype their currency is annoying and mildly scary.
And then there is the fanboys / evangelists who sign up to forums like this just for spreading their belief. Like mindless bots. The whole technology is fascinating but it's a pain for researching facts when half the community is biased the other half are morons.
In 24 hours, the price of IOTA tanked from a high of $5.50 to a low of around $3, beginning just after a vitriolic tweet brought up an old security vulnerability in the Tangle network that was discovered by an MIT lab. Of course, the tweet conveniently failed to mention that the vulnerability had since been removed and confirmed as such by the same lab.
https://www.psychologytoday.com/blog/mind-in-the-machine/201...
How has your experience of building with IOTA been? Is there a good SDK / documentation somewhere? I've just started digging into Ethereum and so far I've been a bit disappointed by the standard of the tooling... :/
Fog CMS helps with the content publishing and is one of the ways on how to read and display the content from the Tangle.
