The Chief Technology Officer at EOS says reports swirling about security vulnerabilities in the platform are outdated and inaccurate.
Daniel Larimer says all but one of the bugs mentioned in the Chinese report that sparked the controversy have already been fixed.
On the EOS developers’ channel on Telegram, Larimer said, “We have fixed all reported bugs, we have one crash in our unit tests in wavm that we are fixing. That [Chinese] report is FUD, it was fixed before it was even published. So far the vast majority of reported bugs have actually been in 3rd party libraries we build on. It is one thing to over-write memory, but they wouldn’t over-write executable memory and they wouldn’t get root access.”
The initial report from the Chinese internet security firm Qihoo claimed to have discovered “a series of epic vulnerabilities” in the EOS platform. The company said the loopholes could allow attackers to remotely execute code allowing them to take full control of transactions and “decimate” the network.
EOS is at a critical point in its development. The platform is now just over four days away from the launch of its mainnet.
