Category Archives: Cyber Security

Brave Integrates IPFS to Enable Users to Seamlessly Browse The Decentralized Web

Advancing the transition to a decentralized Web, IPFS integration on Brave’s desktop browser increases content availability and Internet resilience 

IPFS, the peer-to-peer hypermedia protocol designed to make the Web faster, safer, and more open, has been integrated into Brave, the fast, privacy-oriented browser, reinventing the Web for users, publishers and advertisers. 

Incorporated into today’s Brave desktop browser update (version 1.19), Brave’s 24 million monthly active users can now access content directly from IPFS by resolving ipfs:// URIs via a gateway or installing a full IPFS node in one click. When installing a full node, this will allow Brave users to load content over IPFS’ p2p network, hosted on their own node.  Integrating IPFS provides Brave users with a significantly enhanced browsing experience, increasing the availability of content, offloading server costs from the content publisher, and improving the overall resilience of the Internet.

Molly Mackinlay, Project Lead at IPFS said, Bringing the benefits of the dWeb to Brave users, IPFS’ efforts to remove systemic data censorship by corporations and nation-states are now strengthened through the integration with Brave. Today, Web users across the world are unable to access restricted content, including, for example, parts of Wikipedia in Thailand, over 100,000 blocked websites in Turkey, and critical access to COVID-19 information in China. Now anyone with an internet connection can access this critical information through IPFS on the Brave browser.”

In a further aspect of the integration, projects building on IPFS such as app development platforms, Textile, and Fleek, will automatically enable anyone to deploy a website or dApp accessible on Brave.

Brian Bondy, CTO and co-founder of Brave, said, “We’re thrilled to be the first browser to offer a native IPFS integration with today’s Brave desktop browser release. Providing Brave’s 1 million+ verified content creators with the power to seamlessly serve content to millions of new users across the globe via a new and secure protocol, IPFS gives users a solution to the problem of centralized servers creating a central point of failure for content access. IPFS’ innovative content addressing uses Content Identifiers (CIDs) to form an address based on the content itself as opposed to locating data based on the address of a server. Integrating the IPFS open-source network is a key milestone in making the Web more transparent, decentralized, and resilient.” 

With a budding community of over four thousand IPFS contributors around the world, this is the initial implementation of IPFS on Brave. Striving to give users full control of their online experience, future collaborations will facilitate automatic redirects from DNSLink websites to the native IPFS version, the ability to “co-host” a website, features to easily publish to IPFS, and much more.

About IPFS

IPFS is a peer-to-peer network and protocol designed to make the web faster, safer, and more open. IPFS upgrades the web to work peer to peer, addressing data by what it is instead of where it’s located on the network, or who is hosting it.

About Brave

Brave Software’s fast, privacy-oriented browser, combined with its blockchain-based digital advertising platform, is reinventing the Web for users, publishers, and advertisers. Users get a private, speedier web experience with much longer battery life, publishers increase their revenue share, and advertisers achieve better conversion. Users can opt into privacy-respecting ads that reward them with a frequent flyer-like token they can redeem or use to tip or contribute to publishers and other content creators. The Brave solution is a win-win for everyone who has a stake in the open Web and who is weary of giving up privacy and revenue to the ad-tech intermediaries. Brave currently has over 24 million monthly active users and over 1 million Verified Publishers. Brave Software was co-founded by Brendan Eich, creator of JavaScript and co-founder of Mozilla (Firefox), and Brian Bondy, formerly of Khan Academy and Mozilla.

MAS Enhances Guidelines to Combat Heightened Cyber Risks

The Monetary Authority of Singapore (MAS) today issued revised Technology Risk Management Guidelines  (578.7 KB) (Guidelines) to keep pace with emerging technologies and shifts in the cyber threat landscape.

2     The revised Guidelines focus on addressing technology and cyber risks in an environment of growing use by financial institutions (FIs) of cloud technologies, application programming interfaces, and rapid software development. The Guidelines reinforce the importance of incorporating security controls as part of FIs’ technology development and delivery lifecycle, as well as in the deployment of emerging technologies. 

3     The recent spate of cyber attacks on supply chains, which targeted multiple IT service providers through the exploitation of widely-used network management software, is a clear indication of a worsening cyber threat environment. The revised Guidelines set out the following enhanced risk mitigation strategies for FIs –

  • to establish a robust process for the timely analysis and sharing of cyber threat intelligence within the financial ecosystem; and
  • to conduct cyber exercises to allow FIs to stress test their cyber defences by simulating the attack tactics, techniques, and procedures used by real-world attackers.

4     In light of FIs’ growing reliance on third party service providers, the revised Guidelines set out the expectation for FIs to exercise strong oversight of arrangements with third party service providers, to ensure system resilience as well as maintain data confidentiality and integrity.

5     The revised Guidelines provide additional guidance on the roles and responsibilities of the board of directors and senior management –

  • the board and senior management should ensure that a Chief Information Officer and a Chief Information Security Officer, with the requisite experience and expertise, are appointed and accountable for managing technology and cyber risks; and
  • the board should include members with the relevant knowledge to provide effective oversight of technology and cyber risks.

6     The revised Guidelines have incorporated feedback received from the public consultation  (728.4 KB) conducted in 2019, MAS’ engagement with the industry, and MAS’ Cyber Security Advisory Panel (CSAP). [1]  MAS thanks all respondents for the invaluable suggestions in shaping the Guidelines.

7     Mr Tan Yeow Seng, Chief Cyber Security Officer, MAS, said, “Technology now underpins most aspects of financial services. Not only are financial institutions adopting new technologies, they are also increasingly reliant on third party service providers. The revised Guidelines set out MAS’ higher expectations in the areas of technology risk governance and security controls in financial institutions.”

***

Additional information

The Technology Risk Management Guidelines are a set of best practices that provide FIs with guidance on the oversight of technology risk management, practices and controls to address technology and cyber risks. MAS expects FIs to observe the guidelines as this will be considered in MAS’ risk assessment of the FIs.

The Guidelines should be read with the Notice on Technology Risk Management and Notice on Cyber Hygiene.

  1. [1] The CSAP, which was formed in 2017, comprises leading cyber security experts and thought leaders from around the world. The panel advises MAS on strategies to enhance cyber resilience in the financial system.