'It's About Taking Responsibility of Our Lives' — Interview With Crown's Artem Brazhnikov

'It's About Taking Responsibility of Our Lives' — Interview With Crown's Artem Brazhnikov

blockchain

How hard is it to develop blockchain solutions, which development skills are transferable, and how much time is necessary to get started? These are the questions that we set out to answer with the help of Mr. Artem Brazhnikov, a lead developer for a decentralized project called Crown. 

Hey Artem, thank you for joining us. Would you mind giving us and the readers a short introduction of who you are, sort of a timeline of what it took to get here?

First of all, it’s a pleasure to be here with you today! My name is Artem Brazhnikov and I have been a software engineer for more than eight years now. Getting started with programming was incredibly difficult as I didn’t have a computer growing up, but thanks to the school and teachers where I was studying I had the ability to use the Pentium computer at the lab and learn these skills. After investing a significant amount of time earning my master degree in computer science, I then spent five years working with corporate security, forensic, and cryptography systems.

smart-contract

How did you first get involved with Bitcoin and blockchain?

At some point in 2014-2015, I discovered Satoshi’s Bitcoin whitepaper and I was instantly hooked. The technology fascinated me, but I didn’t have enough time to dive deep because I was still working with companies in other fields. Finding whatever time and energy I could, I started to explore and educate myself about blockchain technology and strived to understand how the consensus systems worked.

After the market started to pick up the pace I was reached out on Upwork by a person from Crown. They were looking for developers and that’s how I got involved in my first blockchain project. I was the lead developer for the Crown Platform API, but eventually, the lead project developer had to leave and I was proposed to become the lead developer of the project.

Would you say it was easier for you to get into blockchain because of your experience with cryptography?

It definitely contributed to my ability to adapt and understand quickly. Beyond cryptography, the general industrial experience of working in software development was of extreme importance. During my journey, I’ve met many developers that have struggled, simply because of the lack of experience in the industry. The fundamentals are extremely important, as no matter how much time you spend analyzing the Bitcoin code and blockchain operations, you still need the core skill set to be able to use all of that.

Even if you are quite experienced, it still takes a lot of time. Especially if you want to create good, resilient systems. They require understanding all of the various distributed systems, the mathematical reasoning, and it can be quite intimidating at first.

What are the biggest challenges that you have experienced as a part of a decentralized project?

Before getting hands-on involvement I had an idea that things would work pretty much the same as they did when developing software for other companies. I would have a product manager and a team to collaborate in order to deliver on items in the pipeline.

Working for a decentralized project is definitely not the same kind of experience. At least in terms of an organization, decentralization proved to be a double-edged sword. Anybody can join the project, but it’s incredibly difficult to turn the team’s energy in the same direction, as there is no company, no employment contracts, no concrete goals, and no product manager.

By far, creating a stable team of developers is the biggest challenge.

Being at the mercy of the markets is also frustrating at times, as more often than not it means that you are working with limited resources, which means that bug fixes and other side projects often take too much time from the main development goals.

However, these are primarily business challenges. As a developer, you are mostly focused on the technical side of things.

Tell us a little bit more about the technical challenges. What can other developers expect to face when getting started?

Almost nobody talks about the unintentional hard forks that are created as a result of updating the software. Bitcoin has a history of many successful updates, but this is not always the case. Communication is very important for all decentralized blockchain projects as everybody needs to be on the same page when pushing new versions.

Then the most important challenges come from achieving a great level of security for your project. The API needs to be secure and continually tested for vulnerabilities. Especially with crypto assets, it is incredibly important (and stressful) to have the responsibility of securing the funds and investments in the project. Just have a look at what happened to the DAO, the vulnerability that caused the hard fork of ETH and ETC in 2016.

Most of the blockchain technology is extremely experimental, and the lack of development standards only add to the challenges we face on a daily basis. For example, DASH master nodes use some very strong math at their core, but the implementation of the code limits us as developers to provide support or expand the system. Trying to change such a system often leads to bugs appearing in other parts of the project creating more technical problems to solve.

What would be your advice for people that are not currently blockchain developers, but are looking to get into blockchain development? How do they get started?

The best starting point would be to get a basic understanding of how blockchain technology works inside, and if you want to build blockchains on C++, you need to go more into math details and understand the cryptography by reading mathematical papers. For example, with Crown, we are working on building an actual blockchain system and we use the C++ language for this.

If you are talking about dApp development, that’s a completely different beast, as you are building smart contracts on existing platforms. That would be Solidity for ETH, and for EOS it’s C++, but there are other languages as well. The best advice would be to reach out to the development team, get their advice, and have a look at their documentation for more information.

If you are a good developer you can just start writing code, of course not in the production version but rather on a test network, just trying to use experimentation to get a good grasp of how the code works, or rather how you can get it to work for you.

Which skills do you think are transferable for upcoming blockchain developers?

Every developer that uses classic applications will have an easier time. If you think about Solidity, for example, it uses similar features that are found in JavaScript, Java, and C++. If you are already experienced as a developer it doesn’t take a lot of time for you to understand the basics.

There are some specific details of the language that are connected to you know blockchain development, calculating gas costs, using the limited blockchain storage and they might prove to be tricky at first. Being a good developer is more than enough, and the next step is a basic understanding of public-key cryptography, algorithms, hashing functions and stuff like that.

If you are familiar with distributed systems, and you know how they work you will also have an easier time, for example, the TOR network. In general, distributed systems are important for nodes to reach consensus, it’s an underestimated part of blockchains, as they play a major role in the whole.

Anybody that wants to start with this they don’t really have to have too much knowledge, as most of the code is open-sourced and it’s available for analysis.

Blockchain technology is rapidly developing and it’s only going to become easier for developers to join in. But if you want to be a great developer and deliver the amazing quality you still need to spend some time understanding how it works inside, you can’t rely on other people’s code without being able to understand it. How are the blocks connected, how are transactions added, what’s the structure of transactions of a block, all of these questions are important.

I would recommend starting reading original papers, and also there are interesting courses available online. There is a great course from Princeton University on Coursera. Last time I checked it was a little bit outdated as it was published in 2014, but it should still serve as a great resource for foundational knowledge especially about Bitcoin.

You can reach a good level of understanding in about four or five weeks.

What are your predictions about the future of blockchain technology?

For one, think that one way or another blockchain will be used in many applications and maybe it’s going to be integrated more seamlessly in the future. This will help adoption and also lower the entry barriers for developers.

There are ongoing research and experimentation with consensus protocols, and I do believe this is one of the most amazing parts of blockchain and decentralized ledger technology. Bitcoin and later inventions have forced us to deal with consensus systems, to build decentralized software and has increased the level of public-key cryptography usage. The blockchain is inevitably going to be mainstream, but its usage will be more seamless for ordinary users.

Apart from the technical side of things, blockchain will provide a way to restructure industries, similar to how the technology is already being implemented for supply chains. My personal hope is that blockchain will be used to improve and restructure government systems, voting, and public spending.

And lastly, there will be a wave of new platforms that will make it easier to create dApps leading to a rise in understanding and adoption of blockchain technology. Security challenges will be solved, new consensus algorithms will appear and more and more people will focus on building a good and functional infrastructure layer.

Thank you very much for your time Artem, we appreciate the time and energy you have invested with us in this interview and we hope to see you again in the future. Are there any parting words you would like to share with our readers? 

I hope that in the near future more and more engineers, researchers and entrepreneurs will join this industry and start building new exciting decentralized applications and systems. I also wish more people will start using software based on blockchain and educate themselves on how to do that.

At the end of the day, it’s not only about tech, but it’s also a switch in how we perceive and use the technology. It’s about taking responsibility for the assets we own instead of giving away the control, and eventually, taking responsibility for our lives.

What do you think of Artem Brazhnikov’s thoughts? Let us know in the comments below!

Start learning for free

Measure

Measure

How to Root Android Mobile

How to Root Android with KingoRoot (PC Version)

---

KingoRoot Android(PC Version) offers every Android user the easiest one-click method to root any Android devices. How to use this universal Android root software to root your Android device? Here we go.

Root your Android via KingoRoot APK without connecting to PC.

---

IMPORTANT It is suggested that you try KingoRoot Apk first. It is more convenient and easy to use without connecting to a computer.

• Allow installation of apps from unknown sources on your Android device.
Settings > Security > Unknown Sources
• Free download KingoRoot.apk on your Android.
• Install and launch KingoRoot.
• Press "One Click Root" on the main interface.
• Wait a few seconds until the result appear.
• Try a few more times for different rooting methods if failed.
• If still failed, refer to KingoRoot Android PC Version, which has a higher success rate.

For more detailed tutorial, please click

How to root any Android device and version with KingoRoot APK?

How to Root Android with KingoRoot (PC Version)

---

Make sure you get everything right beforehand.

• Device powered ON
• At least 50% battery level
• Internet connection necessary
• USB Cable (the original one recommended)

START ROOTING...

1. Free download and install KingoRoot Android (PC Version).
Kingo offers the best one-click Android root software for free. Just download and install it now.

2. Double click the desktop icon of Kingo Android Root and launch it.
After launching Kingo Android Root, you will see its interface as shown below.

3. Plug your Android device into your computer via USB cable.
If your device driver is not installed on your Computer, Kingo will install it for you automatically. Make sure you get Internet conenction so that device driver can be downloaded. If you are using Windows 8, you may need to change some settings first. When running Kingo Android Root on Windows 8, the issue you may most likely encounter is driver installation looping.

How to solve driver installation looping on Windows 8 when running Kingo Android Root?


4. Enable USB Debugging mode on your Android device.
USB Debugging mode enabled is a necessary step of Android rooting process.

What is USB Debugging Mode?

How to enable USB Debugging mode?

INPORTANT: Pay attention to your device screen for a prompt window. Tick "Always allow from this computer". If you don't, you will probably get yourself an OFFLINE DEVICE.

5. Read notifications carefully before rooting your device.
Android rooting is nothing big. However, it is not exactly a small issue either. Rooting your device may open a door for you, and yet with risks.

Android rooting is a modification process to the original system, in which the limitations are removed and full-access is allowed and thus resulting in the ability to alter or replace system applications and settings, run specialized apps and even facilitate the removal and replacement of the device's operating system with a custom one. Rooting your device will immediately void your warranty...  Click to know more about Android Rooting.


6. Click "ROOT" to root your device.
Kingo Android Root will employ multiple exploits on your device, which will probably take a couple of minutes. In the rooting process, your device may be rebooted several times. Do not be panic, it is perfectly normal. And once it begins, please DO NOT touch, move, unplug or perform any operation on your device.

7. Root succeeded.
Hopefully your device is well supported and successfully rooted by Kingo. Until your device reboots itself, do not operate.

8. Check the root status of your device.
Normally, you will find an app named "SuperUser" installed on your device after successful rooting.


TIPS

Measure

Measure

Air pollution in India caused 1.2 million deaths last year

Air quality in India is so poor that that 1.2 million deaths in the country last year can be attributed to air pollution.

A nationwide survey, published in Lancet Planetary Health on Dec. 6, found that at least 12.5% of deaths in 2017, or one in eight, can be attributed to unusually high rates of lower respiratory infections, heart disease, strokes, lung cancer, and diabetes, which are a result of severe air pollution in a certain percentage of cases. Of the 1.2 million who died from air pollution-related causes, 51.4% were younger than 70 years old.

In total, more than three-quarters of India’s population is exposed to air pollution that’s higher than the recommended level set by India’s government. That level, in turn, is four times the maximum recommended by the World Health Organization. No Indian state achieves pollution levels at or below the WHO’s limits.

On average, people in India have their life expectancy cut short by 5.3 years thanks to air pollution, according to a Washington Post report (paywall) published last month.  Those in two districts east of Delhi—Hapur, and Bulandshahr—have their life expectancy reduced by 12 years, which is the greatest reduction in life expectancy due to air pollution anywhere in the world.

The Lancet study adds to a growing body of evidence about the health impact of air pollution, which shows that those living in the world’s most polluted areas, predominantly in Asia and Africa, are the most affected. Reducing global air pollution to levels recommended by the WHO would increase life expectancy worldwide as much as eradicating breast and lung cancer would, Zoë Schlanger reported for Quartz in August.

In India, where industrial emissions, cars, and the burning of crop residue, wood, and charcoal are standard features of daily existence, it will require significant political willpower for air pollution levels to fall. Perhaps the growing evidence on the millions of deaths caused by air pollution will spark that change, but don’t hold your breath.

TRY EVERNOTE

Firefox Quantum includes a new CSS engine, written in Rust, that has state-of-the-art innovations and is amazingly fast.

Getting Started with Plugins

Plugins can extend Selenium IDE's default behavior, through adding additional commands and locators, bootstrapping setup before and after test runs, and affecting the recording process.

Selenium IDE is using the WebExtension standard to work in modern browsers, you can check out Mozilla's Your first extension.

Communicating between the extensions is handled via the external messaging protocol, you can view an example of that here.

This article assumes knowledge in WebExtension development, and will only discuss Selenium IDE specific capabilities.

Calling the API

Selenium IDE API can be called using browser.runtime.sendMessage.

An example signature would be browser.runtime.sendMessage(SIDE_ID, request) where SIDE_ID refers to the IDE's extension ID, the official published IDs can be viewed here.

Request

The request is the second argument for browser.runtime.sendMessage and is similar in it's ideas to HTTP.

{

uri: "/register",

verb: "post",

payload: {

name: "Selenium IDE plugin",

version: "1.0.0"

}

}

• uri - a resource locator to an IDE feature (e.g. record a command, resolve a locator)
• verb - a modifier function (e.g. get gets you stuff, post adds new stuff, just like in http)

The IDE will reply with a valid response, in case of an error it can be viewed by opening the DevTools of the IDE window.

browser.runtime.sendMessage(SIDE_ID, request).then(response => {

console.log("it worked!");

});

The Manifest

Plugins provide the IDE with a manifest that declares their changes and additions to the IDE's capabilities.

{

name: "New Plugin",

version: "1.0.0",

commands: [

{

id: "newCommand",

name: "new command",

type: "locator",

docs: {

description: "command description",

target: { name: "command target", value: "command target description" },

value: { name: "command value", value: "command value description" }

}

},

{

id: "anotherCommand",

name: "another command",

type: "locator",

docs: {

description: "another command description",

target: "locator",

value: "pattern"

}

}

],

locators: [

{

id: "locator"

}

],

dependencies: {

"selenium-webdriver": "3.6.0"

}

}

General Information

• name - required, the plugin name.
• version - required, the plugin version.

Commands

A list of new commands to be added to the IDE, each command takes a few parameters:

• id - required, a camelCase unique identifier for the command.
• name - required, a natural language name for the command, the user will see this.
• type - optional, can be either locator or region, is used to enable the find and select buttons. (NOTE: type is still in beta, and may be changed in the future).
• docs - optional, a collection of metadata for the command description, target, and value. Alternatively, you can use an existing command target or value (a.k.a. ArgTypes) by specifying its name as a string (rather than a sub-collection). See ArgTypes in Command.js for a full list.

Locators

NOTE: Locators are still Work-in-Progress, and will be added shortly

A list of new locators to be added to the IDE, each locator simply takes id.

• id - required, a unique identifier for the locator, will be shown to the user (e.g. name, css).

Dependencies

Additional Node.js dependencies to download and use when ran in command line using selenium-side-runner.

Dependencies are a dictionary of key:value like so name:version, where name is the published name on npm and version is a valid semver published to npm.

Registering the Plugin

To register the plugin with Selenium IDE, make sure the IDE window is open, and that you're using the correct IDE ID.

Send the following message:

browser.runtime.sendMessage(process.env.SIDE_ID, {

uri: "/register",

verb: "post",

payload: {

name: "Selenium IDE plugin",

version: "1.0.0",

commands: [

{

id: "successfulCommand",

name: "successful command"

},

{

id: "failCommand",

name: "failed command"

}

]

}

}).catch(console.error);

Where payload is the manifest.

Press h to open a hovercard with more details.

Advertisement

Join PartnrStack

Join PartnerStack

Measure

Measure

Using Machine Learning to protect Potential Harmful Application

Using Machine Learning to protect Potential Harmful Application:

Detecting PHAs is challenging and requires a lot of resources. Our security experts need to understand how apps interact with the system and the user, analyze complex signals to find PHA behavior, and evolve their tactics to stay ahead of PHA authors. Every day, Google Play Protect (GPP) analyzes over half a million apps, which makes a lot of new data for our security experts to process.


Leveraging machine learning helps us detect PHAs faster and at a larger scale. We can detect more PHAs just by adding additional computing resources. In many cases, machine learning can find PHA signals in the training data without human intervention. Sometimes, those signals are different than signals found by security experts. Machine learning can take better advantage of this data, and discover hidden relationships between signals more effectively.


There are two major parts of Google Play Protect's machine learning protections: the data and the machine learning models.

Data Sources

The quality and quantity of the data used to create a model are crucial to the success of the system. For the purpose of PHA detection and classification, our system mainly uses two anonymous data sources: data from analyzing apps and data from how users experience apps.

App Data

Google Play Protect analyzes every app that it can find on the internet. We created a dataset by decomposing each app's APK and extracting PHA signals with deep analysis. We execute various processes on each app to find particular features and behaviors that are relevant to the PHA categories in scope (for example, SMS fraud, phishing, privilege escalation). Static analysis examines the different resources inside an APK file while dynamic analysis checks the behavior of the app when it's actually running. These two approaches complement each other. For example, dynamic analysis requires the execution of the app regardless of how obfuscated its code is (obfuscation hinders static analysis), and static analysis can help detect cloaking attempts in the code that may in practice bypass dynamic analysis-based detection. In the end, this analysis produces information about the app's characteristics, which serve as a fundamental data source for machine learning algorithms.

Google Play Data

In addition to analyzing each app, we also try to understand how users perceive that app. User feedback (such as the number of installs, uninstalls, user ratings, and comments) collected from Google Play can help us identify problematic apps. Similarly, information about the developer (such as the certificates they use and their history of published apps) contribute valuable knowledge that can be used to identify PHAs. All these metrics are generated when developers submit a new app (or new version of an app) and by millions of Google Play users every day. This information helps us to understand the quality, behavior, and purpose of an app so that we can identify new PHA behaviors or identify similar apps.


In general, our data sources yield raw signals, which then need to be transformed into machine learning features for use by our algorithms. Some signals, such as the permissions that an app requests, have a clear semantic meaning and can be directly used. In other cases, we need to engineer our data to make new, more powerful features. For example, we can aggregate the ratings of all apps that a particular developer owns, so we can calculate a rating per developer and use it to validate future apps. We also employ several techniques to focus in on interesting data.To create compact representations for sparse data, we use embedding. To help streamline the data to make it more useful to models, we use feature selection. Depending on the target, feature selection helps us keep the most relevant signals and remove irrelevant ones.


By combining our different datasets and investing in feature engineering and feature selection, we improve the quality of the data that can be fed to various types of machine learning models.

Models

Building a good machine learning model is like building a skyscraper: quality materials are important, but a great design is also essential. Like the materials in a skyscraper, good datasets and features are important to machine learning, but a great algorithm is essential to identify PHA behaviors effectively and efficiently.
We train models to identify PHAs that belong to a specific category, such as SMS-fraud or phishing. Such categories are quite broad and contain a large number of samples given the number of PHA families that fit the definition. Alternatively, we also have models focusing on a much smaller scale, such as a family, which is composed of a group of apps that are part of the same PHA campaign and that share similar source code and behaviors. On the one hand, having a single model to tackle an entire PHA category may be attractive in terms of simplicity but precision may be an issue as the model will have to generalize the behaviors of a large number of PHAs believed to have something in common. On the other hand, developing multiple PHA models may require additional engineering efforts, but may result in better precision at the cost of reduced scope.

We use a variety of modeling techniques to modify our machine learning approach, including supervised and unsupervised ones.


One supervised technique we use is logistic regression, which has been widely adopted in the industry. These models have a simple structure and can be trained quickly. Logistic regression models can be analyzed to understand the importance of the different PHA and app features they are built with, allowing us to improve our feature engineering process. After a few cycles of training, evaluation, and improvement, we can launch the best models in production and monitor their performance.


For more complex cases, we employ deep learning. Compared to logistic regression, deep learning is good at capturing complicated interactions between different features and extracting hidden patterns. The millions of apps in Google Play provide a rich dataset, which is advantageous to deep learning.


In addition to our targeted feature engineering efforts, we experiment with many aspects of deep neural networks. For example, a deep neural network can have multiple layers and each layer has several neurons to process signals. We can experiment with the number of layers and neurons per layer to change model behaviors.


We also adopt unsupervised machine learning methods. Many PHAs use similar abuse techniques and tricks, so they look almost identical to each other. An unsupervised approach helps define clusters of apps that look or behave similarly, which allows us to mitigate and identify PHAs more effectively. We can automate the process of categorizing that type of app if we are confident in the model or can request help from a human expert to validate what the model found.

PHAs are constantly evolving, so our models need constant updating and monitoring. In production, models are fed with data from recent apps, which help them stay relevant. However, new abuse techniques and behaviors need to be continuously detected and fed into our machine learning models to be able to catch new PHAs and stay on top of recent trends. This is a continuous cycle of model creation and updating that also requires tuning to ensure that the precision and coverage of the system as a whole matches our detection goals.

Looking forward

As part of Google's AI-first strategy, our work leverages many machine learning resources across the company, such as tools and infrastructures developed by Google Brain and Google Research. In 2017, our machine learning models successfully detected 60.3% of PHAs identified by Google Play Protect, covering over 2 billion Android devices. We continue to research and invest in machine learning to scale and simplify the detection of PHAs in the Android ecosystem.

Acknowledgments

This work was developed in joint collaboration with Google Play Protect, Safe Browsing and Play Abuse teams with contributions from Andrew Ahn, Hrishikesh Aradhye, Daniel Bali, Hongji Bao, Yajie Hu, Arthur Kaiser, Elena Kovakina, Salvador Mandujano, Melinda Miller, Rahul Mishra, Damien Octeau, Sebastian Porst, Chuangang Ren, Monirul Sharif, Sri Somanchi, Sai Deep Tetali, Zhikun Wang, and Mo Yu.

Download the best internet security software for free

360 Internet Security

360 antivirus is the most used application for PC, with a 96% market share
Our web browser is the second most used after Internet Explorer
The 360 Total Security home page is the most visited webpage in China
Our antivirus for mobile is the second most downloaded app in the country
360 Appstore is number one in the country and has served 160 million daily downloads to more than 600 million users
360 Search Engine is the second most important in the country

Install, register and sign in to 360 with this link and get a Premium license for FREE.

Download