Qihoo 360 CEO Denies Short Selling of EOS , and EOS’s Mainnet Launch Will Not be Delayed
Qihoo 360 founder and chief executive Zhou Hongyi denied the assertion that his company’s disclosure of some high-risk security vulnerabilities in the EOS platform was a move of malicious short selling of EOS tokens during an interview on May 30 with entrepreneur Wang Feng.
The China-based internet security giant announced on May 29 that its Vulcan team discovered a series of “epic vulnerabilities” in EOS, which is about to launch its mainnet on June 2. These security flaws allow attackers to gain control of all nodes running on EOS remotely by uploading a malicious smart contract to the network. But now these vulnerabilities appeared to have been patched.
Following are excerpts of this interview.
1.It is reported that the EOS team wasfixed those loopholes before they were published.Does it mean Qihoo360 is creating a FUD by publicizing them ?
Zhou: We strictly follow principles of disclosing vulnerabilities across the cybersecurity industry. We usually report the vulnerability to the client for fixing first, and then make it public with permission. If we reveal the security flaws before they are fixed, it will invite unwanted hacker attention. Therefore those bugs of EOS platform were fixed before we released the report.
Zhou emphasized that Qihoo 360 keeps communicating with EOS officials and Daniel Larimer, founder of the project, about this matter and EOS team also recognizes Qihoo 360’s achievements and technical strength. He believed It is the company’s responsibility to find vulnerabilities and fix them.
“We do not engage in malicious short selling. If we really want to do that, we could keep a lid on those vulnerabilities, and reveal them immediately after EOS launches its mainnet.” Zhou said.
2.Why are those loopholes in the EOS platform worth “billions of dollars”?
Zhou: If Qihoo 360 did not find the loophole, those major vulnerabilities could expose EOS to malicious attacks. Based on the current market valuation of the world’s fifth largest cryptocurrency, It’s not exaggerating to say that this loophole is worth “billions of dollars”. So we call them a series of “epic vulnerabilities”.
3.Will any influential security company like Qihoo 360 inthe Internet era emerge in the blockchain industry?
Zhou: I think there is no Qihoo 360-like security company will arise in the blockchain industry. 360 will become the major force behind blockchain security solutions, and together with security peers,we will jointly enhance the security of the blockchain network.
4.How will Qihoo 360 ride the blockchain wave?
I don’t think I understand what blockchain is. I personally have not bought any virtual currencies. When everyone is talking about blockchain nowadays, I , like an idiot, don’t understand what they discuss. But what we understand is security, so we hope to communicate with every player in this space and make the blockchain industry more secure.
In the future, Qihoo 360 will launch three systems based on the blockchain security ecosystem, namely, the security audit system for digital currency wallet, blockchain situation awareness system and blockchain node security solutions.
It’s noteworthy that EOS team has launched the EOSIO Bug Bounty Program which will rewards $10,000 for every bug discovered and shared, and it also confirms that most of those “epic vulnerabilities” found by Qihoo 360 has been patched and will not prevent developers from shipping the software on time.