On the weekend news of a bug at NEO-Nodes made the rounds. The NEO bug discovered by the Chinese software giant Tencent is supposed to make it potentially possible for attackers to withdraw crypto currencies from wallets of NEO node operators. NEO co-founder Erik Zhang now gave the all-clear – at least in part.
On December 1, Tencent Security on the Chinese social media platform Weibo announced the discovery of a bug in the NEO block chain. Accordingly, the operators of NEO nodes expose themselves to crypto-piracy if they use the standard configuration. This is what the Tencent announcement says:
“The monitoring of the famous blockchain project NEO […] revealed the risk of remote piracy. When a user starts the NEO node with the default configuration and opens the wallet, the digital currency can be stolen remotely.”
Tencent recommends three things to the node operators:
1. update of the NEO client to the latest version
2. not using the RPC function and changing the BindAddress in the configuration file to 127.0.0.1
3. if not: change RPC port, enable HTTPS-based JSON RPC interface and adjust firewall policies accordingly
So far, so FUD. What, in contrast to the Tencent warning, did not make the round so fast was the answer from NEO co-founder Erik Zhang, who refuted the claims only a few hours later.
Erik Zhang: “Normal” users not affected
Zhang swiftly reacted to reassure the NEO-Hodler community. “Normal users” don’t have to worry because the RPC function is disabled by default. RPC can only be accessed via the NEO-CLI client. Since this is a command line program, technically inexperienced users do not run the risk of opening the door to hackers through careless configuration adjustments. Zhang closes:
Since Zhang does not deny the security gap, one can assume that operators of NEO nodes are in danger of being robbed. It is probably for this reason that Zhang points to the bounty program that NEO launched this year under the name “NEO Vulnerability Bounty Program”. Anyone who finds a relevant and above all unknown NEO bug is entitled to a reward from NEO.
The guidelines of the Bounty Program state:
“If vulnerabilities are published before NEO repairs or publishes them, the reward is void.”
Tencent will therefore not be able to claim a reward for discovering the NEO bug.
This post summarize is succintly:
“No vulnerability exists and there is nothing to fix.
- Normal users do not use neo-cli
- Neo-cli does not have RPC activate by default
- Neo-cli does not have wallets active by default
- Users that need neo-cli with RPC and wallet enabled are advised to set a firewall in the installation docs for obvious reasons (putting your private key on an accessible server is pretty dumb)”
Was this FUD by Tencent?
No, because bug clearly exists. However, Tencent did, purposefully or not, mislead their readers by claiming this was a default configuration which is proven to be false. It is important to note that bugs and software errors are the most common thing in any company and with any technology. NEO team is clearly aware of that and puts a lot of focus and resources into their bug bounty campaigns and should be applauded for that.
NEO price analysis: NEO/USD defies gravity with 50% of weekly gains
- NEO remains the best-performing altcoin out of top-20.
- The technical correction may take the price to $15.00.
NEO has gained nearly 50% in less than a week and moved to the 16th place in the global cryptocurrency rating. NEO hit $20.84 during early Asian hours on Wednesday and retreated to $20.52 by the time of writing. The market capitalization of the coin jumped to $1.4 billion, while an averaged daily trading volume is registered at $1 billion, which is significantly higher than the long-term average. NEO is most actively traded at Bitfinex against USDT.
NEO’s technical picture
Looking technically, a sustainable move above $20.00 unlocks an uncharted territory for NOE bulls. The coin hit the highest level since September 2018 and now poised for further growth with the next bullish target at $25.00-$25.30. Once it is cleared, the growth is likely to gain traction with the next focus on $30.00.
However, the upside momentum may slow down a bit and even give way to a short-term downside correction as NEO is grossly overbought on all timeframes. The initial support awaits at $19.00 (middle line of 1-hour Bollinger Band) and $18.50 (the upper boundary of the recent consolidation channel).
A sustainable move below this handle will open up the way towards the next bearish aim of $17.50 (Simple Moving Average, SMA100 and the lower line and the lower boundary of the above-said consolidation channel) It is followed by $17.00 (lower line of 1-hour Bollinger Band), while the critical support lies with psychological $15.00.
NEO/USD, 1-hour chart
NEO acquires 20-year Microsoft veteran software engineer
- Harry Pierson’s primary goal at NEO will be to focus on developer tools for the NEO platform.
- NEO announced last month that they are launching a new $100-million push to promote adoption.
Harry Pierson, a veteran software engineer who has worked for 20 years at Microsoft, announced that he is joining NEO. During his time at Microsoft, Pierson has worked as a senior project manager on the IronPython team and the xlang project, which he calls “a cross-language, cross-compiler, and cross-platform generalization of Windows Runtime’s language projection technology.”
In his blog, he wrote:
“I’m joining NEO Global Development’s brand new Seattle office (which is really in Redmond). NEO is a community-driven open source project delivering the technical underpinnings for the Smart Economy. NEO Global Development (aka NGD) is the technical R&D arm of the NEO Foundation, the NEO project’s governing body. I’m going to be the Chief Architect for the Seattle office.”
Pierson’s primary goal at NEO will be to focus on developer tools for the NEO platform.
“While developer experience will be my primary focus, I also expect to pitch in on the core NEO platform. NEO 3.0 development is already in full swing. Core platform might not be my focus, but platform capabilities and developer experience go hand in hand. I’m sure I’ll have plenty of opportunity to contribute to the core as we work towards our 3.0 release.”
Another ex-Microsoft executive, John deVadoss, leads NEO’s new Seattle office. Pierson noted that he has worked for deVadoss before and he is looking forward to working with him again. This is the latest in a string of positive action being taken by NEO. Last month, they announced that they are launching a new $100-million push to promote adoption on their smart contract platform.
NEO price analysis: NEO/USD consolidates early Asian gains
- NEO is again the best-performing altcoin out of top-20.
- The critical support is created by $15.00 handle.
NEO, the 18th largest coin with the current market value of $1.2 billion, has resumed growth after a short-lived downside correction. NEO has gained nearly 6% of its value in recent 24 hours and stayed mostly unchanged since the beginning of Tuesday. NEO/USD is changing hands at $17.90.
NEO’s technical picture
On the intraday charts, NEO/USD is locked in a tight range limited by $17.50 (Simple Moving Average, SMA50 and the lower line of Bollinger Band on 1-hour chart) and $18.00 (the upper boundary of the above-said Bollinger Band). A sustainable move below the channel support will open up the way towards the next bearish aim of $16.30 (SMA100, 1-hour) closely followed by $16.16 (Monday’s low). Critical support lies with psychological $15.00 strengthened by SMA200 1-hour.
On the upside, we will need to see a strong move above $18.00 for the upside to gain traction with the next aim at $19.00 and $19.80 (the recent high reached on June 22). Ultimate resistance awaits is at $20.00.