What is a blockchain? Building trust in bitcoin

Financial processes are dependent upon mutual trust between all parties involved. The reason why individuals lend money from a bank rather than, say, the wealthiest person in their town, is because they offer a greater level of security. However, using banks as the facilitator for all monetary transactions is not always practical and in any case, the 2008 financial crisis has damaged the trust upon which banking depends.

In this climate, bitcoin and similar cryptocurrencies have emerged, but they too are faced with the difficult task of creating a mutual feeling of trust amongst users. When you factor in that banks have been engrained within society for centuries while bitcoin is just a few years old, this challenge becomes all the more daunting.

 Blockchains contain records of all the transactions that have ever taken place using bitcoin

The means through which bitcoin and similar cryptocurrencies create trust is through a network-based ledger known as a blockchain. Much like traditional ledgers used by banks all over the world, blockchains contain records of all the transactions that have ever taken place using the bitcoin currency. Unlike bank ledgers, however, blockchains are handled by a network of autonomous computers, not under the control or influence of any single individual or institution. Not even the operators of the blockchain’s various connection points, or nodes, can tamper with this inviolable ledger.

Bitcoin’s blockchain ledger is maintained by this network of nodes, essentially a network of computer owners that have downloaded a set of software tools that enable their devices to interact with other members of the network. The idea behind this is that each node checks the viability of every single blockchain transaction, ensuring bitcoins are not double-spent and only legitimising transactions once they have been checked against the existing ledger. To incentivise the community to legitimise transactions, bitcoin “miners” are rewarded for dedicating computer resources to this process in the form of new bitcoins. Thus, the blockchain is self-regulating as it is in the interests of all members of the network to reinforce the legitimacy of the currency. Without this level of trust, bitcoin becomes worthless.

Top 5 IT Predictions for Finance Sectors

Perhaps more powerful is the emphasis on transparency lying at the heart of the blockchain. All records are public, anyone is free to view a history of all the recorded bitcoin transactions. When combined with the decentralised nature of bitcoin, this offers a level of transparency that stands in stark contrast to the impenetrability of large scale financial institutions. However, as many media outlets have been at pains to point out, bitcoin’s transparency only goes so far, which has both advantages and disadvantages.

Anyone viewing the blockchain will not be greeted with a list of names, IP addresses, or even recognisable purchases. Instead, each transaction will be accompanied by a string of letters and numbers ranging between 26 and 34 characters. Each address is connected to an owner and he or she is free to share this address in order that money can be paid into it, for example, but outside of this there is no easy way of making a personal connection to a blockchain address. This level of anonymity has, of course, led many to associate bitcoin with illegal actions, as the facilitator to a slew of shady transactions taking place on dark web black markets.

This level of anonymity has led many to associate bitcoin with illegal actions

However, with enough legal backing and some investigative know-how law enforcement agencies have broken through bitcoin’s veil of anonymity. The FBI’s seizure of more than $3 million worth of bitcoins when it brought down the online marketplace Silk Road likely relied on bitcoin’s traceability. Unlike cash payments, digital currencies such as bitcoin always lead somewhere and although the exact details surrounding the Silk Road case are unknown, the public nature of the bitcoin ledger is more likely to have aided the prosecutors than the criminals.

Conversely, outside of the reaches of subpoenas and other more extreme legal methods, the identity of bitcoin users is largely protected. This brings with it many benefits, particularly for the millions of people all over the world without a bank account.  Similarly, in Saudi Arabia women are not allowed to open a bank account without their husband’s permission, meaning that they do not have full control over their own finances. Bitcoin offers these individuals and many others without financial autonomy the opportunity to conduct transactions on their own terms. In this respect, the anonymity offered by bitcoin is hugely empowering.

Of course, bitcoin has a long way to go before it gains the level of respect and dependability that long-established physical currencies have – in the history of world finance, it may ultimately turn out to be nothing more than a short-lived experiment. But for now, it offers an exciting alternative to the monopoly of global financial institutions: disruptive and empowering, anonymous yet transparent, decentralised but secure.


Compliance: Data Storage in a Regulated World

Why do we need Regulatory Compliance within technology?

There are many industries that are regulated – Financial, Health, Insurance, and Accounting and Tax planning to name a few.  Now, here lies the problem – each regulated industry requires different sets of rules according to its given regulator. A need for a bridge between the technical understanding of the business requirements to regulatory guidelines is very apparent.  If anyone reading this article has read the FCA’s (formerly FSA) handbook and tried to understand what IT governance is required they will know what I mean.

I will list out a couple of examples where compliance for data storage and retrieval differ vastly.

  • Health – Meeting and Minutes details – Must be held for a minimum of 30 years.
  • Insurance – Employers Liability Policies – Must be held for a minimum of 40 years.

Now, these are just two low-level examples of data retention, now add ALL of the other considerations (and there are a lot) into the mix. Data Access, Information Security, Business Continuity, Data Protection laws etc, you will soon see that the role of a CIO/CTO within these regulated firms is a difficult one as well as knowing that these regulations change too.

So, we have hoards of information that we need to store under our governing body, where do we store them? This now creates another problem, who do we trust to store them effectively and for this length of time? Let’s be honest, most technology firms cannot see past a 5-year business plan, let alone 40 years. This as well as the format that the data has been stored on, will we all be naive enough to think that in 20+ years’ time the data we stored initially can even be accessed? When I was working in the banking sector we had so many disparate systems it was crazy and over a 5-year plan we eventually standardised them through one platform. However, we still had the same problem of catering for the eventuality of recalling data from an OS2 Warp operating system from 10 years prior.

Now, consider the financial regulated world. This is a very very complicated topic and again the policies differ massively depending on what type of activities you conduct under the regulator’s adherence.

For example, the length of time records should be kept depends on which type of business the records relate to. For MiFID (Markets in Financial Instruments Directive) business, records must be kept for at least 5 years after an individual has stopped carrying on an activity; for non-MiFID business, it is 3 years after stopping the activity and for a pension transfer specialist the records must be kept indefinitely. This includes Email, File, Databases and in fact any data that has used for said given business. There’s a MiFID II on the horizon (2015) with even more significant changes are looking to be introduced.

Now, do you see the complications on this one topic (data storage) within IT Governance?

For me, conformity needs to stem from understanding. If you do not understand what you need to conform to, how on earth can you? A simple understanding of one ruling of conformity for example 2 years of data storage and not 5 could save you £1000`s and let you sleep at night.  Imagine if you knew the rulings for ALL of your data storage requirements and you have fine-tuned them to your infrastructure, or better still spoken to someone who already understands them.

Conformity needs to stem from understanding. If you do not understand what you need to conform to, how on earth can you?

There is one company who I have spoken to recently whose approach to this challenge warrants particular merit, and they stand by a 100% guaranteed data restoration rate however long you store your data for: Arkivum.

Arkivum’s storage is based on the principle that 3 copies are needed for absolute certainty that data is safe. So using active integrity checking at all times, every one of your files is copied three times, with two copies held online in geographically separated Data Centre’s and the third held offline locked away in an escrow service.

Arkivum’s Data Archiving Storage System

Arkivum’s Data Archiving Storage System


It was very interesting for me to talk to a technology company and discuss compliance; they even have a dedicated compliance officer.

The regulation of IT, especially Cloud, is paramount and right up there with security.

Is this the future for IT companies, that they must have a better understanding of compliance rulings in regulated industries?

With the state of “internet of things” gathering momentum and even your domestic items being able to talk to each other (and maybe even talk about you to each other), let alone the internet – my feelings are that the regulation of IT, especially Cloud, is paramount and right up there with security.  The only issue I have with regulations is that they sometimes stifle creativity and flexibility, but that’s a whole new topic that I am sure we will discuss in the future. What are your thoughts on regulated IT and compliance?



The Miniaturisation of IT and Data Centres

Today we all hear about the consumerisation of IT, but the one subject most vendors and data centres do not wish to face is what I define as the miniaturisation of IT.

I am a proud iPhone 6s + owner (and an Apple watch, iPad Pro, MacBook Air, iPad Mini 4 all of these in Gold), when I hold my iPhone up I wonder how…

The ‘how’ I wonder is how does this one small device have more processing power than all the Allied and Axis powers combined during World War II. It is amazing when you look at the original Turing bombes or the later colossus machine and wonder how far forward the human race has come.

But as with any device, it is subject to reform, refinement, resizing or adapting to a new format altogether. An example of this is the number of functions my iPhone performs that required other devices previously;

  • Email – this required a desktop or laptop
  • Music – this required a C90 cassette or record player
  • Music store – I have iTunes which is digital delivery of services rather than the traditional vinyl record or cassette
  • iBook’s – I read my books based on a digital download rather than traditional book manufacturer or consumption

The above are just a few examples where functions and form are realised into a more compact function.

Let’s do a bit of future gazing, one of my personal hobbies looking at current devices and services and predicting future form and function:

Data centres / Servers / Storage

Future Form: Do we need such huge properties and devices guzzling power, spinning up out of date components. My view is the power of the large providers such as Microsoft Azure, IBM SoftLayer, Amazon AWS will all fit onto a single form factor of today’s single server within 20 years. As I predicted many years ago on this blog, we are beginning to see the fusion of biomechanics with computing. As Quantum computing and synthetic DNA storage become mainstream today’s devices will become more and more obsolete. I hear with interest many networking and storage companies moving towards being ‘software only’ companies we will see more of these announcements in the next few years.

Hybrid, Hybrid, Hybrid, before we see what I term as ‘the great leap’ towards cloud-based technologies, we will first see a gradual migration, using hybrid technologies which resemble current architectures. These Hybrid technologies such as those used within the car industry will allow familiarisation with future enhancements whilst retaining the current look and feel of IT hardware. The hybrid transition will move into the laggard space by 2018.

Future Function: Those that invest in data centres should now move onto another website here’s a great link In my view data centres that do not modernise and open up their doors, embracing local and national communities will die. Like the much-maligned 1960’s tower blocks being pulled down around the UK, the data centres that do not offer more than technical real estate will be akin to lemmings walking towards a cliff. The function of the future data centre will be in my view very different today and based upon biotech and be more technical hubs for those that need premises.

My view is that within 10 years most mega-cloud providers would have built their own data centres so they control the full stack, whilst regional data centres will lose 80% of capacity, which will need to be replaced by other revenue streams. Servers/storage and other hardware functions will be software controlled and take 99% less footprint that today’s technical architectures. My final thoughts modernise now or you will be extinct like a dodo.

Laptops and mobile devices

Future Form: We could make this as small as an atom if needs be, the issue is whether the artificial intelligence community can allow for the form to be made into a chip. The reason I say this, voice dictation and thought control will be essential to miniaturise these devices. The keyboard layout is crucial to many familiar with creating spread-sheets and word processing functions. My prediction: the laptop and mobile will be chip sized with embedded virtual reality functions that will pop out a virtual keyboard for those who wish to type using QWERTY.

Future Function: IoT, M2M and any other acronym I can throw out there will be controlled consumed and executed by a biochip. We are already starting to see home automation and personal health embedded via apps onto these devices. My view is long term everything from our passports to movies will be embedded onto every human as a biochip with artificial intelligence functions interacting with our thoughts.