Having done my research about IOTA (thank you for more than 100,000 views for my articles in the first three weeks of January by the way!) I think it is necessary to inform people out there about the FUD (Fear-Uncertainty-Doubt)-campaign against IOTA. In the following, I shall argue that the FUD against IOTA makes sense because IOTA itself is FUD!
IOTA is FUD because it causes
- FEAR among those who can grasp IOTA’s potential;
- UNCERTAINTY among those who worry that if only half of what IOTA promises becomes true, they might be in a really bad position without it;
- DOUBT among those who think they have a safe investment with their other coins and are now unsure whether these will be needed at all.
IOTA gives many people sleepless nights; of course, it makes sense for them to drag as much FUD as possible in IOTA’s way. Thankfully, many of these people have provided enough evidence for this daring statement. I would like to introduce you to the way these people try to stop IOTA from achieving its goals.
Example 1: The DCI-attack
- Assertions which went viral and caused a lot of FUD:
- IOTA partnerships are “nebulous”, especially Microsoft would not be a partner.
- IOTA is not tamper-proof because it relies on a centralized Coordinator
- IOTA is not feeless
- IOTA’s hash function is vulnerable to attacks
- Simple explanation:
ad 1.: The term “partner” (especially with regard to Microsoft) was hyped in the media. Microsoft even clarified that this was not IOTA’s mistake (see Dom’s quote here); they (!) used the term “partner” themselves:
ad 2.: IOTA Foundation’s answer:
The purpose of the Coordinator in the infancy stage of the IOTA network has been transparently communicated throughout the history of IOTA. As the team has explained at length, the Coordinator is a temporary measure to help bootstrap the network and protect it during its infancy. Once there are enough full nodes and transactions to secure and sustain the IOTA network, the Coordinator will be permanently removed from the network. (click)
ad 3.: purely semantic argument about the word “feeless” because of the Proof-of-Work needed. How would you call it if you send 1 cent around the world and the receiver gets 1 cent? This argument will probably lose its ground once the IOTA hardware microprocessor kicks in.
ad 4.: The hashfunction was never intended to be a cryptographic function. The alleged weak spot was implemented on purpose for copycat-protection (CfB, IOTA’s CTO, invented this protection already years ago with the NXT source code which he (aka BCNext) himself wrote back then).
Important update: 24hrs after releasing this article an important information has been released: MIT allegations as far as the vulnerability are concerned are debunked. Here is a simple explanation of the situation understandably explaining the flaw:
The allegations were debunked quite logically for the average layperson. Their attempt in creating a vulnerability is not possible, because the DCI group draws a situation where the victim is:
(a) BOTH naive enough to follow obviously malicious instructions from an unknown attacker AND capable enough of coding IOTA transactions by hand in a code editor,
OR (b) Naive enough to enter their seed into a malicious piece of software provided by the attacker, at which point the attack as originally described no longer exists because the attacker now has the seed directly (and access to funds on ALL addresses).
When confronted about the practicality of the attack, rather than address these issues, DCI misled the public into believing the IOTA network had a vulnerability.
More detail: Here are the steps require in scenarios A and B 1. Attacker asks victim: “May I please have an unused address to send you money?” or “Would you please send me a transaction that uses an address generated from your seed?” 2. Attacker generates a new bundle (transaction), and sends it to the victim Scenario A 3. Victim opens up their code editor, downloads the IOTA libraries, enters their seed and the transaction information from the attacker, signs the transaction IN CODE, and sends the signed info back to the attacker.
Scenario B 3. Attacker also sends the victim or convinces him to download “IOTA Transaction Booster.exe”, which prompts the user to enter their seed (ie phishing attack), at which point the rest of the attack is pointless as the seed has already been compromised. And funds from ALL addresses on the seed are compromised.
(This is what led to this debunking: click)
Any honest reporter who has spread these wrong news should write a public apology; MIT-Team included!
- Who is behind it?
- DCI Director
- active role in supporting Bitcoin’s development of the Lightning Network, a proposed / experimental solution for fast and inexpensive off-chain transactions to solve Bitcoin’s problem of slow and costly on-chain transactions.
- DCI researcher and co-author of the IOTA vulnerability report
- co-author of the Zerocash white paper
- part of the leadership behind the cryptocurrency protocol Zcash, a cryptocurrency with a $1.5 Billion market cap at the time of this writing. Zcash, through zero-knowledge proofs, claims to solve problems of true anonymity in Bitcoin.
- Partner at DCI and lead author of the IOTA vulnerability report
- part of the leadership at DAGLabs, a for-profit company based in California that is working to build their own DAG-based protocol based on the SPECTRE white paper. (SPECTRE also claims to enable unlimited transaction scalability)
- Director of the MIT Media Lab (of which DCI is a tiny subdivison)
- authored the most recent critical article on IOTA published by DCI.
- Curiously, Joichi’s personal COI disclosure page was updated immediately following publication of his article removing a for-proft board position at Helium Systems whose website states that it “provides robust and secure IoT device connectivity for a fraction of the cost of our competitors.”
You may draw your own conclusions from these backgrounds and the link to such an unsubstantiated article against IOTA; some people might call it a severe conflict of interest... Add to this that there has never been an official answer neither to IOTA’s official response nor to David Sonstebo’s offer to have an open/public discussion about it (which was even supported by Amazon’s Joanna Bickley who herself almost fell victim to the FUD). Evil to him who evil thinks . . .
Example 2: “The Foundation has stolen our funds”
On the 20th of October, the Coordinator was shut down because of a serious attack and consequently transactions could not be processed anymore. Moreover, users’ funds had to be “frozen” because they were at risk of being stolen due to an attack on the network. IOTA Foundation’s words were clear from the beginning:
[…] the main reason for the shutdown was to protect our users from an ongoing attack on the network which could have had more serious consequences due to a bug that was swiftly dealt with. (click)
As a consequence of this protection people with funds at risk could only see a 0-balance when opening their wallets/balances. As promised by the Foundation people received their funds back — even if it was a bit later (January) than anticipated but in the months between the attack and the payback IOTA’s value rose from $0,42 to roughly $4 so even though some people could not claim their IOTAs in the meantime all of those people affected were compensated in a way.
Despite all this a huge FUD storm evolved which caused a dip in the short term:
Moreover, “IOTA foundation has stolen our funds” has survived as an argument until the time of writing — despite the fact that funds have long been paid back.
Example 3: “News” at Bitcoin.com
- Assertion which caused a lot of FUD: IOTA’s wallet is insecure which is why people lost more than $4 million.
- Simple explanation: Neither wallet nor the Tangle (IOTA’s ledger) are in any way at risk — people lost their money because they used phishy internetpages to create their seed for the wallet. Fore more information please click.
- Who is behind it?
- Journalist at bitcoin.com
- has been covering Bitcoin since 2013
- has spoken about the promise of cryptocurrency and blockchain technology at numerous financial conferences around the world, from London to Hong-Kong. (Note that IOTA is not a blockchain but DLT)
The problem does not lie in Mizrahi’s 875 followers on Twitter, but that he spread such false FUD on one of the biggest websites for cryptocurrencies (231,000 Twitter followers). People trust such big websites:
It is a shame that such “journalists” can spread their unfounded accusations on such a highly-esteemed website.
Of course, Bitcoin.com is also not unhappy about such news for IOTA which is one of its biggest competitors. And by the way: This is the only article on bitcoin.com dealing with IOTA so far (as if there had only been such “negative news”). . .
Example 4: Coinmarketcap.com
Some days ago, coinmarketcap.com’s decision to exclude Korean prices from the currencies’ markets sparked a world-wide sell-off, because suddenly the prices changed and people thought the end is near.
However, IOTA had been victim to this policy for months. IOTA’s price was kept lower than others artificially because the (higher) Korean prices were excluded thus causing a lower marketcap for IOTA which led to the question why they would do that; I myself told CMC about it before the above-mentioned world-wide price effects:
IOTA’s marketcap would have been siginficantly higher if Coinone’s prices had been considered…
Example 5: Reddit
Reddit is one of the — if not THE- most important information services in the internet. People can post (links to) news there which in turn can be upvoted to reach a broader audience. All of the cryptocurrencies make use of this service in order to drag people’s attention to great news.
However, when it comes to IOTA on the /CryptoCurrency subreddit, reddit users seem to be really strict in terms of censorship (to say the least): Comments get locked immediately which chokes any discussion off right away (just some recent examples 1, 2, 3).
Apparently, people report IOTA news as “spam” so the automod locks the comment section until a human mod opens it again. Or (which is likely more often the case) there are several people reporting about a new topic which causes the automod to flag the topic as “controversial” and disable the comment section. As a consequence, IOTA topics were flagged “controversial” or were even shut down completely — either way people could not really inform themselves about the good news.
This is, of course, not Reddit’s fault (although more staff members would certainly help) but it shows that many people out there do what they can to stop spreading IOTA’s good news.
You might think that this sounds like a conspiracy theory and I must admit, it does. The devs have more than often expressed that they were totally surprised that IOTA has met such a lot of resistance. What could be reasons for this?
- As could be seen, many coins (or rather their dev teams) have reason to consider IOTA a real threat to their own field of application (why else would a BTC developer or LTC founder post such tweets?)— FUD is a powerful means to cast doubt among interested parties.
- People see IOTA’s potential and want to buy as cheap as possible. In order to do so they help to drag down the price by all means — including FUD.
Either way, fudding IOTA makes sense.
The good news is that IOTA is only learning to walk so guess what happens to all the FUD once the product is production ready (which is the goal for 2018) equipped with the latest technology to keep funds safe and audited by the world leading lightweight cryptography and security company?
We will see this soon — until then everyone should dig a bit deeper than reading a random tweet or believing a reddit flag in order to challenge its truth and trustworthiness.
If you liked this article or my other articles, I would be happy about a little donation ;-):
Important note: There is no such thing as intrinsic hatred among the IOTA movement directed against other coins, people, banks or whatsoever! Instead, one of IOTA’s main focuses is its interoperability with other projects and technologies. This article was written because a point has been reached at which you simply have to defend “your” project against unsubstantiated claims.