Trojan Goes After Bitcoins

Orome1 writes "Bitcoin has definitely caught the attention of criminals. Even though it has been calculated that the use of botnets for Bitcoin mining is still not quite as lucrative as renting them out for other purposes, targeting people who have them in their digital wallets is quite another matter. Symantec researchers have spotted in the wild a Trojan dedicated to this specific purpose. Named Infostealer.Coinbit, it searches for the Bitcoin wallet.dat file on the infected computer and sends it to the criminal(s)."

mugging

[x6060]

Imagine that. Storing values that represent "Money" in a plaintext file was a bad idea. Who would've thunk... =\

Re:mugging

[cgeys]

Well, it's open source. You can improve it yourself.

Re:mugging

[NeutronCowboy]

No kidding. I always thought that the actual money file was encrypted, and could have an arbitrary name. You know, like a truecrypt volume file. Then I find out it's by default a text file hanging out on your computer. Fine and dandy if you have 100% control over your computer at all times, but we all know that's never the case. And judging by the passwords people use, it will be easy to brute force most passwords.

Somehow, I think bitcoin is going to flame out in a rash of digital thievery when criminals realize that it is easier to steal someone's bitcoin file than it is to mine it or even look for credit card info.

Re:mugging

[x6060]

I would worry about ANY attempt at a form of open currency that was released with such a gaping hole as "If someone grabs this single file off my computer then they have all my money..." It doesn't matter if it's open or not.

Re:mugging

[Joce640k]

I, for one, was totally stunned by that. WTF were they thinking? If the rest of Botcoin is as security-minded as this then it's sunk before it even goes anywhere.

Re:mugging

The only way Bitcoin is going away is if somebody invents a better way to send money over the internet to drug dealers.

Or am I the only one who noticed that the BTC -> USD rate quintupled after Silk Road hit the mainstream media?

Re:mugging

Welcome the notion of public key cryptography. If someone steals the private key, they can then steal/impersonate anything based upon that. Same issue that RSA had with their symmetric keys getting lose recently.
The easy and bullet-proof solution for bitcoin is to have a "savings" account wallet you store offline. A neat feature of bitcoin is that you don't need your wallet to add money to it (just to remove money from it). And the wallet is a very small file. You can put it on a floppy, cd, or any secure location or even multiples as backups.

Re:mugging

[hedwards]

I haven't been following it that closely, the Time To Lulz is just not suitable for spectating. I'd chalk that up to people having a ZOMG I can actually do something with this pseudo currency reaction. It's probably the only sane reaction I've seen to Bitcoins, if you buy some, to spend, then you're not likely to get burned. Assuming you don't go stupid and stalk up on them for the long term.

Re:mugging

[rcs1000]

Bitcoins may well be worthless, but they are in no respect a Ponzi scheme. Ponzi schemes have to grow geometrically to continue in existence, which is why they quickly get destroyed after a few iterations. Bitcoins in circulation, on the other hand, grow at an increasingly slow pace. Similarly, Ponzi schemes have a 'promoter'.

The whole purpose of the bitcoin ecosystem is that it is something electronically transferrable (anonymously), yet fundamentally limited in its number.

Now: they could easily be a complete fraud - with the number of bitcoins in circulation being far more than claimed. However, if the claims for the limitation of their number in circulation are true, then they could easily become a store of value, in that any fiat currency (or indeed gold itself), has value because choose to believe it.

Or to put it another way: if people wish to assign bitcoins value, they can. Likewise, they can choose not to.

Re:mugging

[petermgreen]

If someone has access to your user session then encrypting your wallet it is only going to make the attackers life slightly harder since you will need to supply the software with a password to decrypt it at some point.

There isn't really any good soloution to this other than moving the wallet completely off the machine that is running an insecure general purpose OS onto a limited function device.

Re:mugging

[Yvanhoe]

Just as bas as printing this money on paper. What a ludicrous idea.

Re:mugging

Multiples usually cost extra.

Re:mugging

[Mindcontrolled]

I'll admit to the fact that bitcoins are not a ponzi scheme as soon as I get an open admission that neither is social security by one of the notorious conservatrolls here.

Re:mugging

[bennomatic]

What's a floppy?

Re:mugging

[icebraining]

You could encrypt the wallet, but with what? A password? Offline encryption is too cheap. A key file? But then if you keep that key file in the machine, you gain nothing.

There's no really effective security that the bitcoin program could apply; you need to copy the wallet off the machine.

Re:mugging

I was going to stalk up on BitCoin but they hit me with a restraining order for "stocking". I attribute it to hosiery discrimination!

Re:mugging

[x6060]

Except that I can physically secure paper. And stealing it requires a physical confrontation (Something criminals want to avoid at all costs). Also, you cant really automate mugging people on the street.You CAN automate stealing bitcoins. While if I have bit coin I can be sitting on my computer, just browsing the internet and poof, all my bitcoins are gone, and i might not even know till I try and use them next.

Re:mugging

[jeffmeden]

Something a would-be thief would likely not even recognize as being able to store a high-virtual-value item such as a bitcoin wallet. Consider it the equivalent of stashing your money in a cookie jar.

Re:mugging

Your girlfriend told me it's YOU.

Re:mugging

[erroneus]

Agreed. Seems pretty obvious that the file should actually be comprised of two parts where one is kept on a removable storage device and the other can be on your local machine(s). That wouldn't be "THE Answer" but it it would be better than this.

I think that a lot of these types of problems will emerge and Bitcoin will be redesigned and rebooted.

Re:mugging

[Pope]

It's still a pyramid scheme, as has been commented dozens of times on all the previous articles about BitCoins. Early adopters get the easiest blocks to solve, making them the most coins for the least effort? As more people join, the effort goes up geometrically, meaning more effort has to be put in to realize lesser gains? A very few people at the start control a huge number of the BitCoins? It's a fucking pyramid scheme of the highest order. And it makes me laugh my ass off over the fools who can't see it for what it is and drop thousands or tens of thousands of real dollars on it.

Re:mugging

[tbannist]

I don't think Bitcoin is a ponzi scheme. It's not really an investment scheme at all. It's closer to a pyramid scheme or possibly a just a simple con. After all, the more people "mining" Bitcoins, the less productive mining Bitcoins becomes. The early investors got Bitcoins faster and cheaper and as demand rises they can sell their Bitcoins that cost less to make for the same amount as the later, harder to make Bitcoins.

Re:mugging

Money file doesn't contain money. It just contains public-private key pairs. Just like RSA's recent failure or if someone swipes your PIN and card, if someone steals the one thing you were supposed to keep safe, all bets are off.
You don't actually need the file to add money to your account, so people should just keep their savings wallet in an offline/secure location.

Re:mugging

[Yvanhoe]

The idea that you can't secure a computer to make it impervious to non-physical attacks is the biggest fraud of the 21st century.

Re:mugging

Hey, here's an idea. Put the bitcoins in a TrueCrypt vault. Put the TrueCrypt vault on a USB stick. Put the USB stick on a chain and hang it around your neck. Problem solved. God, I must be a genius.

Re:mugging

[rcs1000]

No: you don't get it.

A Ponzi scheme involves earlier investors being paid by later investors.

The whole point of bitcoins is that their number is mathematically limited. They may - or may not - have value depending on whether people attribute value to them. Their number increases, but slowly (the very opposite of a Ponzi scheme).

In a Ponzi scheme, a central promoter tells people their investment is worth x. On the contrary, with Bitcoins, the only value they have is what someone else will pay for them. And the fact that their number is mathematically limited means people *may* attribute value to them.

Now: there is clearly a demand for a currency which allows electronic, anonymous transfers. And there is clearly demand for a currency, where the government cannot devalue its real worth by printing as many as they want.

But, there is a corollary. And that is that, unbacked by the government, and being basically illiquid, you are making an enormous bet that other people will in the future choose to attribute a value to a very large number.

I am much, much less sceptical of bitcoins than many on here. But that does not mean I own any. I'm not that brave...

Re:mugging

[DrXym]

Well it's not a text file, it's a Berkeley DB file but same difference. It's shoddy design and it would have been apparent to anyone who spent a few minutes looking at the state of the source code.

Re:mugging

Assuming you don't go stupid and stalk up on them for the long term.

I'm sneaking up on your bitcoins.

Re:mugging

[Bert64]

Any currency works like that...
If someone grabs your cash then they have all your money with traditional currency too.
You need to take the same precautions with bitcoin too.

Re:mugging

[cHiphead]

Isn't every monetary system a pyramid scheme in that respect?

Re:mugging

Social Security is in no respect a Ponzi scheme. Ponzi schemes have to grow geometrically to continue in existence, which is why they quickly get destroyed after a few iterations. Social Security on the other hand is prevented from growing geometrically because the population isn't growing fast enough, and yet it is slatted to keep going strong forever... ...

Wait, what do you mean "Social Security can't continue at its current pace"? Surely there are enough stupid kids working to pay retirees. "There isn't"? Huh, I guess I got nothing.

Re:mugging

[LocalH]

As opposed to "If someone grabs this single wallet out of my pocket then they have all my money". Sure, PINs and the like, but still the situation is similar.

Re:mugging

[Thud457]

The problem with Social Security is that people are living longer, screwing up the demographics it was originally based upon. If Congress had the intestinal fortitude to adjust the retirement age to reflect this fact, we wouldn't have a problem with SS. It's just a matter of drawing the line at the right place on the bell curve.

Hell, if they had the foresight to capture that calculation in the original legislation, rather than citing a specific retirement age, we would never have had this problem at all.

Re:mugging

[batquux]

You can put your wallet.dat on a flash drive, lock it in a safe, and still be able to send money to it. The network keeps track of the values. The wallet is your key to access the bitcoins.

Re:mugging

And there is clearly demand for a currency, where the government cannot devalue its real worth by printing as many as they want.

The value of modern currency has very little to do with how much of it is printed; the vast majority of American dollars in the world are not, have never been, and never will be printed money. This is an outdated view of how currency works.

Re:mugging

[tehcyder]

You can put it on a floppy

It's not 1993 you knowI, thought they'd stopped even making floppy disks?

Re:mugging

[DrXym]

If someone has access to your user session then encrypting your wallet it is only going to make the attackers life slightly harder since you will need to supply the software with a password to decrypt it at some point.

Encryption protects the data as it resides on disk so unless the trojan is keylogging and captures the exact moment you enter a password (which you may only do once in a blue moon) it has nothing to work with. That increases the chances you'll detect the trojan before it can steal any data. Encryption also protects you from drivebys, e.g. a web browser exploit that allows someone to lift a file off your disk.

Of course crypto may not protect from someone who owns your machine and has the time to log keystrokes but the simple fact is the Bitcoin client is doing NOTHING at the moment. It's shoddy security.

Re:mugging

[cforciea]

Why just a few minutes ago I did it to mine. By unplugging the ethernet cable.

Re:mugging

[mmcuh]

This problem has nothing to do with the Bitcoin network, only the client. Anyone can write a new client that stores the wallet in a safer way and it will not require "rebooting" the Bitcoin system itself.

Re:mugging

[pla]

I'll admit to the fact that bitcoins are not a ponzi scheme as soon as I get an open admission that neither is social security by one of the notorious conservatrolls here.

Ponzi schemes have one, and only one, defining characteristic, of which many people seem to take great delight in proving their ignorance:

Generation-M investors receive their "profits" directly from the investment of Generation-M+n. Simple as that, nothing more and nothing less. All the other attributes of a Ponzi scheme (geometric growth, for example) merely derive from that core property either as a direct mathematical consequence, or as a hack to keep the scheme from collapsing sooner.

BitCoins do have any inherent value beyond their buying power (currently close to zero). That most of their trading activity comes directly from 100% pure unrestrained speculation has nothing to do with Ponzi schemes, any more than you could say the same of NYMEX or FOREX. If you choose to cash out of BitCoins today, you don't get paid by tricking new participants out of their investment dollars - You get paid because you fairly and openly sold something to a buyer who knew fully well what they received.

Social security, OTOH, has always had the explicitly stated intent of paying Generation-M directly from the payments of Generation-M+n. Your ability to "get yours" in the future depends entirely on fleecing new "investors" out of their then-present-day contributions to the system.

Put another way - If you buy tulip bulbs and the market crashes, you still have (possibly worthless) tulip bulbs. If you give me $100 today with nothing but a promise that I'll give you $200 next week, and I vanish from the planet, you have nothing.

Re:mugging

[Patch86]

Not really. With inflation, it's kind of the reverse.

Anyone who has had a pile of USD for the long term will find that they are worth less and less every year, while someone who is earning fresh dollars in any given year (say, is paid a yearly salary) will find the value of this salary remains relatively constant over time. Thus the scheme that is regular currency benefits "new entrants" (new earners of money) over "early adopters" (people who earned money in the past, and are now living off their accumulated pile of wealth).

Although really it's apples and oranges. Plenty of people have criticisms for fiat currencies like dollars, pounds and euros, but they are usually very different to the criticisms that are levelled at BitCoin.

Re:mugging

[x6060]

And that is the ONLY way to do it.

Re:mugging

[Grygus]

The idea that you can't secure a computer to make it impervious to non-physical attacks is the biggest fraud of the 21st century.

I've never heard anyone claim that.

Not fraud: if a system is accessible, then it is hackable.
Fraud: all systems can be practically made impervious to all but physical attacks.
Fraud: if the computer can only be hacked by a physical attack then it is completely secure.
Fraud: any system can be made completely secure.

You can make a system very difficult to hack. That's expensive and requires both expertise and vigilance, which makes it impractical for a lot of real-world scenarios. Even for the ones who invest the effort and money, they've only made the chances low; there are no guarantees.

Re:mugging

[bws111]

Yeah, it's simple. All you need is perfectly designed and implemented software and hardware, and perfect users who never let their guard down. Or leave it disconnected from the network (including sneakernet) at all times.

Re:mugging

[nhaehnle]

Some historical perspective: around 1900, people bemoaned demographic change in Germany. People were starting to get older, and who would pay for all the old people? They used the exact same language and arguments that are en vogue again today. But the reality is that throughout the 20th century, retirement systems worked just fine. In fact, the situation improved instead of getting worse. That's just for perspective.

Now here's the thing: it's not about the money, and it's not about the demographics. It's about productivity. In those days, the number of workers per retiree was in the double digits. Today it's an order of magnitude lower. The world didn't end, because our productivity increased. Technology helped, and it will help in the future.

Ask yourself this: can the real goods and services that society wants to supply its retirees with be provided? Given the high rate of unemployment throughout the Western world, the answer for the US and Europe seems to be a very clear Yes. If only our politicians were to use money and the financial system to solve problems instead of creating them, there would be no Social Security problem at all.

Re:mugging

[marcosdumay]

There can't be far more bitcoins in circulation than claimed. But it can quite well be a ponzi scheme, not with the amount of coins, but with their value. The only thing it needs to become a ponzi scheme is that most people buying it be buying with the intent of selling it with a highter value, not with the intent of buying something with it. If that is happening or not, I can't know.

Re:mugging

[Bert64]

They have the easiest blocks to solve, but the way bitcoin is designed is that a block is solved every 10 minutes... So even if an early adopter threw a lot of gpus at it, bitcoins are still being generated at roughly the same rate...
The only difference is that now there are a larger number of people competing for the same generation rate of coins.

Re:mugging

[rthille]

Heh, I just hacked it over your wifi link you forgot to turn off... Oh and there's a flaw in your bluetooth stack and I've got a good antenna, so I managed to hack it from your front yard. And it turns out that that CD with the new game you bought has a virus I wrote on it, and it re-enabled your wifi without displaying that it did so and is sending "all your base" to me.

Re:mugging

[Bert64]

You don't need to keep your bitcoin wallet on your computer all the time, its still possible to receive bitcoins while the wallet is offline...
So put your wallet on a USB stick, and treat it like you would with paper money - lock it away in a safe when you dont require it.

Re:mugging

It's close to stockpiling gold in a cupboard in your house... Just A LOT fewer people see value in bitcoins than gold. Even gold has value as a material for building things. It's probably way over valued for that, though. Bitcoin has no value for anything other than what people agree to in a market (that's pretty non-liquid). It's just a passing fad with the usual build-up, bubble, and downfall. Even the early adopters would have a hard time cashing out on them because of the lack of liquidity on the exchanges. They can only sell x number of bitcoins at that high value before they fulfill all the asks and then the value goes down to the next asking price. This will happen all the way down to 0. There is just simply not enough demand for an early adopter to unload a bunch onto the market in exchange for USD. I think a lot of people forget that there has to be a buyer for every single bitcoin sold.

Captcha: illusion

Re:mugging

[grumbel]

Generation-M investors receive their "profits" directly from the investment of Generation-M+n.

Isn't an important part you are missing here that generation M+n has to be larger then generation M? If both generations are of equal size there is no problem, as the 'scheme' can continue forever. The problem with social security is that size of those generations is changing, people live longer, etc. which creates an imbalance.

Put another way - If you buy tulip bulbs and the market crashes, you still have (possibly worthless) tulip bulbs. If you give me $100 today with nothing but a promise that I'll give you $200 next week, and I vanish from the planet, you have nothing.

You still have the promise, it might be worth nothing, but your tulip bulbs might also be worth nothing if the situation changes. A hell of a lot of our money scheme depends on essentially nothing more then promise and trust, that doesn't make it a Ponzi scheme.

Re:mugging

[MyFirstNameIsPaul]

But the same argument can be made for stocks. Those who purchased Yahoo! shares at its IPO made millions, and those who purchased in 1999 were suckers. Does that make the Yahoo! IPO a pyramid scheme? I don't think so.

Re:mugging

[peragrin]

Well that and instead of taking the surplus out of social security for 40 years the government left the money in there as true savings then we wouldnt have this problem either. Instead politicains gave us an IOU due in 30 years and spent it. Now that IOU is due and there isnt enough to cover what was promised.

Never trust your money with morons. They believe in unlimitedcontinous growth.

Re:mugging

[Grishnakh]

I don't know if they still make them or not, but in the last days when I tried using them (probably 10 years ago now), I found that they were extremely unreliable. They were constantly getting corrupted, even when I tried multiple floppy drives. Back in the 80s early 90s when I used them regularly, this was not the case: they were generally extremely reliable, so I'm forced to believe that the floppy disks they manufactured as they were dying out were of much lower quality than when they were in their heyday.

Re:mugging

[MyFirstNameIsPaul]

You could have a local wallet with a limited number of BitCoins - just like the wallet you carry around with you - for your walkaround money. Then store your full wallet offline in a removable media that you access with a live CD essentially acting as your teller.

Re:mugging

[Eponymous+Coward]

People get really hung up on the mining part of Bitcoins. In the beginning, I can understand that. Once Bitcoin reaches some critical mass (and some argue that it has), then mining doesn't really matter anymore for most of the players. The likelihood of winning Bitcoins gets to be similar to the chance of winning a lottery. Much easier to either work for Bitcoins (ie accept it as payment) or buy them with conventional currency.

Re:mugging

[nedlohs]

It's clearly not a ponzi scheme and it's also clearly not a pyramid scheme.

The those in early benefit is standard in essentially everything. Those in early also lose the most when whatever the thing is doesn't "take off".

The people first at an area with a lot of gold in the ground get easy pickings sitting on the surface. Those in later have to spend money digging mile deep holes in the ground to get at the remaining gold.

And of the course the entire point of bitcoins isn't the "mining" it's using them as a currency. I do not mint my own coins or print my own Federal Reserve notes and yet I use them as a currency just fine. Similarly I don't need to ever "mine" a bitcoin in order to use it as a currency and if it did become a functioning currency in more than just a fringe area the vast majority of people using it wouldn't either (they would simply buy bitcoins or be paid directly in bitcoins).

Re:mugging

[cavreader]

I think Germany decided to fix their retirement system without wasting time re-defining the retirement age. They followed the "let's kill all the Jews, who everyone knows are filthy rich, and use their money and assets to fix the fatherland's pension plans". This method had the added benefit of reducing the number of Germans who would live long enough to retire.

Re:mugging

[jpapon]

You have a point, but I'd venture to say that those two gigantic wars in the first half of the twentieth century really affected the retirement demographic in Germany. I don't know this for sure, but I'd also venture to say that the retirement systems in Germany were probably reset at some (if not several) points between 1900 and 1950.

Re:mugging

[tbannist]

If you imagine the bit coins being created mostly at the top of pyramid and being sold down to the new people at the bottom, you should be able to see how it could be viewed as a pyramid scheme. If the top of the pyramid only sells coins to people lower on the pyramid than themselves, eventually you'd end up with a big base of suckers left with worthless tokens while the early adopters walk away with bags of cash.

I'm not saying it's actually a pyramid scheme, because I think some of the early adopters believe in Bitcoins. However, I think if someone is going to claim it's all a scam, they make sure the scam they're accusing it of being makes sense. Bitcoin is not at all like a Ponzi scheme.

Re:mugging

No: you don't get it. A Ponzi scheme involves earlier investors being paid by later investors.

I think he does get it. The people who have large troves of BitCoins - the early adopters, who have a disproportionate stake and much more to gain by inflating the exchange rate of BitCoins - can cash out their holdings. Thus, they take actual money (which has fiat value) from other speculatorsA pnzi scheme in exchange for these BitCoins, which only has value in the hope that it can be exchanged later on these same markets for more fiat money than they paid for it. So, the 'earlier investors' are paid out by the 'later investors' for items that are otherwise worthless. The only real distinction is that no one has promised that the BitCoins will appreciate in value - except...

In a Ponzi scheme, a central promoter tells people their investment is worth x.

Like Slashdot constantly posting stories implying intrinsic value like parity to the dollar, exchange volatility (implying that the value of BitCoins has ever been non-zero) and theft of BitCoins, stated in USD (implying that they are worth stealing).

On the contrary, with Bitcoins, the only value they have is what someone else will pay for them. ... And there is clearly demand for a currency, where the government cannot devalue its real worth by printing as many as they want.

Both of which, without the efforts of the promoter, would be zero.

But, there is a corollary. And that is that, unbacked by the government, and being basically illiquid, you are making an enormous bet that other people will in the future choose to attribute a value to a very large number.

The 'greater-fool' theory. If BitCoins were routinely discussed on the BBC News or CNN or MSNBC or the like, by which I mean "took up proportionally as many stories as they do on Slashdot," I would probably agree that this was the case. However, Slashdot is the *only* outlet where I've seen BitCoin mentioned.

Early investors getting paid on the backs of later investors? Check

Promoter(s) puffing up the value of the issue to try to lure in new investors? Check.

Completely worthless without later investors and promoters luring them in? Check.

That is exactly a Ponzi scheme.

Re:mugging

[tompaulco]

According to Wikipedia "A pyramid scheme is a non-sustainable business model that involves promising participants payment, services or ideals, primarily for enrolling other people into the scheme or training them to take part, rather than supplying any real investment or sale of products or services to the public."
Clearly Bitcoin is not a pyramid scheme. Nobody is promising anybody payments, and certainly not payments for signing anybody else into the scheme. Also, there is nowhere to sign up. There is no cost for entry or exit. Bitcoin is quite simply just a currency, one that some people accept and most people don't, but the people who are promoting Bitcoin would like for more people to accept it.

Re:mugging

[Lord+Byron+II]

Other posters are suggesting ideas such as requiring a password to unlock the file, or splitting the file into two parts stored in different places. These are all just "security by obscurity" options. The only real way to secure your BitCoins is to secure your computer. Start off with an up-to-date OS, a decent firewall and antivirus, don't download strange programs, and set your firewall to deny Internet access to any program other than those that need it.

Re:mugging

Saying things over and over again does not make you right.

Making money via mining is not the main motivating purpose of bitcoin participation. Yes, initially participation is motivated by "gains", that is just a bootstrap mechanism. The foundational motivation is to store value in the long term, and that does not require unsustainable increasing participation by others (the definition of a ponzi scheme).

Re:mugging

You do understand that there's no need to "redesign and reboot" anything because of this? You (or your bitcoin client) just needs to encrypt the file -- the private encryption key may well be on a USB stick, that's up to you.

The idea that bitcoin "wallets" themselves should include encryption for protection is misguided, there's no need for that.

Re:mugging

[karnal]

Damn kids, get off my lawn.

Re:mugging

You mean like cash?

Re:mugging

Not only can people subjectively value bitcoins, they do. A few brick and mortar businesses have begun to accept them, but their remote digital use is much greater. A large number of charities accept bitcoins now, which in turn are sold for more ubiquitous currency used in the particular area of the world they intend to help. It is also used as a workaround to some of the trade barriers between countries and the governments that put up obstructions. It also undercuts banking middle men in a serious way. I read an article about bitcoin describing how banks charge 45 billion dollars per year in transaction fees in just the US. As long as all the servers running the open source code continue to vote to keep the limit on the supply, inflation grows logarithmically(or rather, cost to 'mine' more coins becomes harder and harder to do, like real resource mining) and only when the demand for more bitcoins makes it worthwhile to do so.

It is still a novelty for some who are buying them, but quite a few people use them as an investment or a true currency, buying them and then selling when their price has gone up, only to buy again as the price keeps going up. I bought 100 bucks worth a while back myself because I find the idea very interesting, but haven't used them yet so I can't say how easy it is to use them as a medium of exchange. Mostly, I am just fascinated by the technological and the economic considerations.

Re:mugging

[nhaehnle]

True, those wars were disruptive. But the dependency ratio (number of workers per retiree) did drop as was predicted around 1900 - perhaps not as much as those predictions said it would, but the change was still an order of magnitude. It was productivity improvements that saved the day.

And yes, the retirement system in Germany was reset after the Second World War. And the coolest thing about this is that pensioners benefited from that reset. It was the reason that Germany switched to a Social Security-type system instead of capital-based retirement funds: by using the Social Security-type system, we could guarantee that pensioners could benefit from the general economic upswing in Germany that started in the 1950s and really took off in the 1960s.

Re:mugging

"If someone grabs this single container from my pocket then they have all my money..."

See what I did, there?

Don't bother pointing out that you only have some of your total wealth in your physical wallet, in BitCoin you can and should have multiple wallets, effectively paralleling different accounts/credit card/money in pocket.

Re:mugging

Except it gets harder for everyone, not just those who started first. And those who started first do not benefit from the people who start after. In conclusion, you're fucking retarded.

Re:mugging

Yeah by that reasoning you should also consider stocks a pyramid scheme. If I would have bought a lot of Apple stocks in the 90's I would have been rich now. Does that make it a pyramid scheme or do you just don't know what a pyramid scheme is?

Re:mugging

https://en.bitcoin.it/wiki/FAQ#Doesn_t_Bitcoin_unfairly_benefit_early_adopters?

Doesn't Bitcoin unfairly benefit early adopters?
Early adopters have a large number of bitcoins now because they took a risk and invested resources in an unproven technology. By so doing, they have helped Bitcoin become what it is now and what it will be in the future (hopefully, a ubiquitous decentralized digital currency). It is only fair they will reap the benefits of their successful investment.
In any case, any bitcoin generated will probably change hands dozens of time as a medium of exchange, so the profit made from the initial distribution will be insignificant compared to the total commerce enabled by Bitcoin.

Fair enough, I say.

Re:mugging

[gparent]

So you never carry any money, ever, then? Keep in mind you can have multiple wallets, you can create them at a whim. Nothing prevents you from making a savings account and keeping that file on a flash drive or on a machine disconnected from the internet.

Re:mugging

It's no different from gold mining: people who had the best tools and got first to the places rich in gold minerals got richer than people who didn't: that doesn't make gold a pyramid scheme. Gold was easier to mine in the past than it is now: that doesn't make gold a pyramid scheme.

According to Wikipedia, a pyramid scheme is "a non-sustainable business model that involves promising participants payment, services or ideals, primarily for enrolling other people into the scheme or training them to take part, rather than supplying any real investment or sale of products or services to the public."

First, you didn't show that Bitcoin is non-sustainable. Second, there are no promises or claims by Bitcoin devs regarding future or past nominal value of Bitcoins: the only claim is that Bitcoin tracks irreversible transactions (as long as nothing in the protocol or code is broken) and that the generation of new currency is controlled and randomized (and, thus, fair). Is it the fault of Bitcoin devs or early adopters that the market apparently values Bitcoins as it does? I think not.

To understand why there is no injustice involved, see it this way: it's a risk/reward trade-off for early adopters. When Bitcoin started, the value of each Bitcoin was completely unknown and estimated at low values (at least, the market value of Bitcoins started rather low and stayed low for a long time), so, yeah... Bitcoins were easier to make at the beggining, but they were rather low value anyway, so you would still be at loss, if you factor in energy consumption.

The truth is, early adopters either did it for fun (because they liked the idea) or because they had the vision to see Bitcoins could be worth more in the future than they were then (those were right, apparently). They are the ones that actually made Bitcoin work, so why don't they deserve to be rewarded? Were you the one that made Bitcoin possible? No? No reward for you, then.

In the end, you just seem like a bitter person because you didn't have the vision to participate more actively in Bitcoin while it was still in its inception. Like I said before, unless you are actually going to back your "pyramid scheme" theory with some actual arguments (i.e. show that either Bitcoin is not sustainable or that Bitcoin devs claim anything they shouldn't), your comment just seems uninformed.

Of course, if early adopters were able to somehow see the future and know that Bitcoins would eventually be worth 20 USD each, then I would agree with you: they had unfair advantage.

tl;dr: You jelly?

Re:mugging

[MrL0G1C]

Older machines weren't pulling as much air through the computer and the floppy drive - my newer machine has 4 big fans pulling air through and the floppy drive is full of dust - this could be one of the causes of corruption.. new floppy drives also very cheap.

Re:mugging

Ya know, I hear this type of whining a lot, oh the ones that got in first hold the largest amount. Well.. you live in a country where ~1% of the population owns ~90% of the wealth... yet your perfectly fine with that.

I started mining a month ago, with my existing hardware. For a few extra buck in electricity I've purchased several ounces of silver. Do explain how that equates to a pyramid scheme? Are the ones on top making profit on the coins I mined or the silver I purchased with them? No.

Re:mugging

except in reality the "early adopters" don't have their coins change hands dozens of times, they hoard them until BTC is trading at a nice value and then dump it.

one guy made the market collapse last week because he tried to sell a big batch of BTC (that had not been exchanged since being mined in 2009) at mtgox (magic the gathering online exchange. yes, that's what it stands for.) all of a sudden BTC moves from 30 USD to 7. it later rallied to a little under $20.

Re:mugging

[pla]

Wish the trout were that cooperative these days

Well, as long as you intend to take this discussion at least somewhat seriously...


social security is not, and was never meant to be an investment

My particular word choice no bearing on the underlying dynamics of the system. Whether you say "investment" or "contribution" or "donation" or "cookies", if the amount extracted by generation M exceeds that put in by generation M+1, you cannot avoid ending up with an empty jar.

Re:mugging

[DamnStupidElf]

Social security, OTOH, has always had the explicitly stated intent of paying Generation-M directly from the payments of Generation-M+n. Your ability to "get yours" in the future depends entirely on fleecing new "investors" out of their then-present-day contributions to the system.

So insurance is a Ponzi scheme? After all, a policy holder is guaranteed an average rate of return (generally negative) given his or her risk of injury/accident and the average payout of each covered incident. The initial investors who create the insurance company's initial fund are paid back *directly* from the investments of the next generation of investors (the insured). Once the initial investors are paid off, the first generation of policy-holders becomes reliant on future buyers of policies in order to guarantee their average expected return.

I think the guaranteed/expected rate of return has *everything* to do with a Ponzi scheme and not merely the structured transfer of wealth from Generation-M+n to Generation-M. If the expected rate of return when buying car insurance was positive, it would be a Ponzi scheme. Social security does not guarantee a profit except for low income workers who cannot afford to increase their market share (in fact if they did increase their market share by earning more and paying more social security taxes they would attain a negative rate of return), and hence functions merely as an insurance program.

Re:mugging

[Mindcontrolled]

True, but then again, I have yet to see proof that this is actually the case - to the contrary, surpluses of the social security system have been funneled off to finance other, completely unrelated items for quite a while. I agree that the changing age distribution is putting a strain on the system, which has to be dealt with, but the constant cries about imminent collapse are far from the truth.

Excuse the fishing quip - just coming back from the river and the trout are particularly uncooperative today indeed. Sorry for that.

Re:mugging

[gad_zuki!]

I'd be very curious to see if my passphrases are breakable. The feasibility of cracking 30+ character mixed case and numbers seems difficult even for the most determined attacker. From what I've read these trojans just pick up plain-text files that have zero encryption.

That said, I agree, keeping your wallet on your flash drive is probably the way to go.

Re:mugging

I would worry about ANY attempt at a form of physical currency that was released with such a gaping hole as "If someone grabs this single wallet out of my back pocket then they have all my money..." It doesn't matter if it's open or not.

Re:mugging

[DamnStupidElf]

It's still a pyramid scheme, as has been commented dozens of times on all the previous articles about BitCoins. Early adopters get the easiest blocks to solve, making them the most coins for the least effort?

This doesn't necessarily matter because the difficulty is chosen dynamically so that roughly 1 block is found every 10 minutes. This means that even though the actual difficulty was much lower a couple years ago there weren't millions of blocks being created by the early adopters. Anyone could have joined and had an equal chance to receive a block in the early days. The ease of obtaining bitcoins in the early days was only because of the small number of early adopters and not due to the lower difficulty of finding a block. Similar effects were seen during oil and gold rushes where the easiest to obtain and most desirable resources were obtained by the initial investors.

Re:mugging

Printing money on paper??? That's crazy! Someone could steal it and you'd have no idea who did it! And what if you lose the cash or it gets destroyed?

Plus cash is anonymous... what if people use it to buy drugs and illegal things? How will we track them down?

Re:mugging

[idontgno]

If someone stealing your single wallet out of your pocket gets all your money, you are one poor mofo, or one dumb one (dumb like writing PINs on debit cards)... plus the fact that you'll might get the money in the bank back, whereas bitcoin has no equivalent safety net. The anonymity the designers craved is beginning to bite back; possession becomes 10 tenths of the law if identity can't be associated with ownership.

So, if your bitcoins mean anything to you, protect your wallet.dat better than your real wallet, because your losses will probably be more complete and irrecoverable in the former case than in the latter.

Re:mugging

[pla]

So insurance is a Ponzi scheme?

IMO, yes, though I don't think I'd bother dying on that particular hill. One could argue that they merely pool risk for a fee, but consider what happens when too many participants try to cash out at once (ie, after a widespread natural disaster) - The insurance companies fold, and you end up with a situation virtually indistinguishable from Bernie Madoff's fallout.

Re:mugging

[Goaway]

See what I did, there?

Totally disregarded the difference of risk between getting mugged and getting malware on your computer?

Re:mugging

[MyFirstNameIsPaul]

I disagree. You just end up with failed business model. Just because the actuaries didn't do their job properly doesn't mean a Ponzi scheme was being used. If I open a store and it goes out of business, leaving the suppliers unpaid, was that a Ponzi scheme? No. It just happens that in the insurance business, the customers are also a sort of vendor (the ones paid for the product sold).

Re:mugging

[shentino]

*points a gun at you*

Your money or your life, and make with the decryption keys.

Funny thing about robbers...they say "or" when everyone knows damn well they're going to take the money either way.

Re:mugging

the file should actually be comprised of two parts where one is kept on a removable storage device and the other can be on your local machine(s)

Why not divide the file in 100 pieces, and put them all around the world? Oh, yeah, because that'd be a pain in the ass and would not solve the problem. The attacker could just copy it when your machine reads it. Even if the external device processed the data, the attacker could feed it fake data. If the attacker owns your machine, you are fucked.

Re:mugging

[DriedClexler]

Now: they could easily be a complete fraud - with the number of bitcoins in circulation being far more than claimed.

Not really. The blocks (basically, sets of serial numbers like you'd have on paper currency) are known to all users and defined in the protocol everyone is using. If there is any deception in the number of bitcoins "out there", then it doesn't matter, because none of the nodes will recognize the validity of a transaction based on one of those bitcoins.

There will only ever be ~210,000 blocks in total, and there can't be any "secret" ones out there. If someone tries to spend a coin originating from "block 400,000", every node on the network implementing the protocol correctly will reject it and refuse to propagate such a record.

Alternatively, if they try to spend a coin claiming to originate from a valid block, then the publicly-known block chain must record them as the real owner, requiring the last owner to have signed it over to them.

So, it's nigh-impossible for there to be any deception about the number of usable bitcoins out there.

Re:mugging

[osu-neko]

Password encrypting a file is not "security by obscurity".

Re:mugging

[osu-neko]

You could encrypt the wallet, but with what? A password?

A good encryption algorithm and a password, yes. It's trivially easy to do this in such a way that the cost of decrypting the file without knowing the password exceeds the value of the wallet.

Re:mugging

[makomk]

Stocks have underlying intrinsic value: they represent a company with actual assets. Bitcoins don't.

Re:mugging

[MyFirstNameIsPaul]

Dollars do not represent assets, either.

Re:mugging

[Mattpw]

What about putting a second offline non electronic factor like a www.shieldpass.com card over the top of the container?

Re:mugging

I'm surprised anyone is still using floppies. Guess you haven't upgraded your machine in at least 10 years.

Re:mugging

[AlienIntelligence]

Somehow, I think bitcoin is going to flame out in a rash of digital thievery when criminals realize that it is easier to steal someone's bitcoin file than it is to mine it or even look for credit card info.

And...

If you do it correctly...

it's not illegal! Or what you would be charged
with is orders of magnitude less than grand larceny.

That is the part that worries me in the interim.

-AI

Re:mugging

[MrL0G1C]

Hey now! upgraded to quad core etc, but why bother upgrading the floppy drive - mines disabled to stop it appearing in XP send-to menu.

Re:mugging

[Yvanhoe]

You need up to date software, a decent OS like OpenBSD with a good admin. Your users can be dumb as hell as long as you don't give them unecessary privileges.

Yes, it is socially very difficult to make a company accept the constraints to have a secure network, but I suspect it will become increasingly acceptable as high profiles lose millions in security flaws.

There is a difference between thinking that a task is difficult but achievable and thinking it is not worth even giving it a try.

Re:mugging

[Eponymous+Coward]

If you are going to look at it as a pyramid, then it's an incredibly flat, broad pyramid. The amount of Bitcoins that trickle in at the top is minuscule compared to the number being traded around by everybody else. I would agree with you if the rate of creation were significant, but it really isn't.

I would wager that the people making the most money are those who buy and sell Bitcoins with traditional currency. I really don't think the mining part of the economy is worth as much scrutiny as it gets.

Re:mugging

[JimboFBX]

Actually dollars are backed by gold locked up in the treasury. Ever heard of Fort Knox?

Re:mugging

[JimboFBX]

Stocks that do not ever pay dividends, buy other companies by printing stock, and pay their managers by issuing stock, are a pyramid scheme.

Re:mugging

[MyFirstNameIsPaul]

The gold held by the by the U.S. Treasury is not used to back Federal Reserve Notes ('dollars'), nor any other notes. The gold is simply kept as an asset. You might find the Wikipedia article on the United States Dollar enlightening.

Re:mugging

[MyFirstNameIsPaul]

The shareholders are the owners of the company. They can fire the board of directors at any time and vote in people who will declare dividends.

Re:mugging

[makomk]

Nope. The value of dollars is that they're accepted for goods and services, and that they're legal tender and can be used to pay taxes. This may surprise you, but most of the businesses selling goods or services for bitcoins (and there aren't a lot of them - they've tended to be quite short-lived) actually set their prices in dollars because the value of a dollar is more stable and because most of their expenses are in dollars or another real-world currency with a stable exchange rate to the dollar. There are scripts to check the Mt Gox exchange rate and update how many bitcoins someone's charged in real time.

Re:mugging

[tgd]

I have no idea what they were thinking, but it could easily be that they know there's no way to secure the file, so why give people a false sense of security?

If you leave it in a file that is plaintext and unencrypted, perhaps people will treat it like they treat their wallet or their social security card. If you encrypt it, you've done *nothing* to help security, but have led a much broader set of users to believe you have.

When money is involved, people will make a reasonable effort in their attempts to steal it. Writing some code to use thread injection and a filesystem filter to grab it as the software decrypts it is only a slight bit more complicated for anyone who knows that level of OS internals.

Re:mugging

[MyFirstNameIsPaul]

None of the things you stated has anything to do with an asset-backed currency, which the U.S. dollar is not an asset-backed currency.

Another visitor!

Next up: Guy pays for burger with Bitcoin.

Can we stop the Bitcoin stories already?

Re:Another visitor!

[sakdoctor]

That isn't going to happen. Didn't you notice that bitcoin has it's own slashdot icon?
These slashvertisments are here to stay.

Re:Another visitor!

[infodragon]

As much as the Bitcoin stories are getting a little much we are seeing the birth of something completely new; A medium of exchange that is independent of any government. The criminal/socially unacceptable elements are legitimizing the currency by applying value. Anything that enough humans apply value to will become valuable. The primary value of gold is that many people ascribe value to it and wish to possess it. If you buy gold on the markets you pay a storage fee because there are not enough commercial applications of gold to make storage profitable. Silver, platinum, copper... They all pay a bit if you buy contracts. The only purpose of gold then is to provide a medium of exchange.

Bitcoin is something similar in that a very large group of people are beginning to value the electronic currency, thus it has value. The context of the source of that valuation has no consequence. Humans are now using it as a medium of exchange which is now creating demand. That demand is causing a rise in price and others now wish to posses it as it has potential for increasing value. This is the basic form of speculation.

Now we have a socially illegitimate group applying the initial value and then speculators step in. Speculators are socially acceptable and so a balance is beginning to form. If this continues a stabilized economy will form and it will be unstoppable.

To wish that these stories be stopped is a bit shot sighted. We may be witnessing something that has *NEVER* happened before! It's quite exciting to watch something like this form, not to mention the insight into human behavior and the many benefits that can result for that insight. Not to mention a currency that is independent of any one government.

I do not see Bitcoins ever replacing government currency but I do see it becoming a supplemental tool for securing wealth and providing a medium of exchange detached from economically repressive governments. Any government that taxes represses it's people, the people accept that repression as a necessity to govern the society. Anyway, being able to purchase something without the government being in your business is a true expression of freedom and extends a way for true privacy to be exercised. This scares quite a few people in government and will be incredibly interesting to watch it play out.

As a side note, the VHS and Internet were "legitimized" by unsavory elements of society. And here we are discussing something in a way that 20 years ago was a dream and 80 years ago was unimagined, all because it was first a marginal "thing" exploited by unsavory elements in which a majority of the population expressed the desire to not be bothered. We live in exciting times and Bitcoin is the tip of something extremely interesting.

Re:Another visitor!

Its simple... some people have wads of cash tied to BitCoin, so they want it on /. as often as Apple stories hit. Even though BitCoin serves no real purpose, as it can't be used anonymously.

I wouldn't call it a Ponzi scheme officially, but early adopters are the ones who will be cashing in (easier to "mine" coins at the start as opposed to later on.) That is why you are seeing the slashvertisements -- once the currency gets established, the guys who had a ton of coins initially will cash out, and the currency will devalue to nothing.

I say note it as a cool crypto trick, but pass it on. It has no robustness built in, as if RSA or the hash algorithms has any weaknesses, the whole Bitcoin ecosystem will forever grind to a halt and everything put into it will be worthless. This is why early adopters want more people -- so they can cash out before the blackhats end the party by cracking the cryptosystems used.

Re:Another visitor!

[Zenaku]

I would mod you up if I could, as you've said just what I wanted to say.

BitCoin is technically interesting, dammit. I don't own any, and I don't think I want to. . . it does seem like a risky, unstable economy to me. But the very idea of it is brilliant, and the implementation details and implications of its existence are profoundly interesting to me. It fits the "New for Nerds, Stuff that Matters" theme far better than most of the other stories posted here.

Re:Another visitor!

[infodragon]

I've considered putting $10 USD into just because it creates a vested interest. That interest sensitizes on a psychological level that no amount of intellectual interest can duplicate.

Re:Another visitor!

[BitZtream]

The criminal/socially unacceptable elements are legitimizing the currency by applying value

So some bored kid modifies a standard off the shelf virus to go specifically after a given file on your computer, that is in effect worthless ... it suddenly becomes worth something? You must be one of the morons who bought into Bitcoin. They aren't attacking so much to do something with your bitcoin, its more like mugging you and taking your wallet then throwing it away later. They are going after them just to go after them and cause trouble, NOT to use the crap that is unusable sense no one with half a clue would accept it as payment for anything of actual value.

The primary value of gold is that many people ascribe value to it and wish to possess it.

The primary value of gold is its unique physical properties which are both visually pleasing to most people and very useful in many different processes and industries. It has a higher than normal value because of its rarity. Those two facts give it value, which THEN leads to their being a market for it.

You seem to be totally disconnected from reality as far as what things have value and why.

Bitcoin is something similar in that a very large group of people are beginning to value the electronic currency, thus it has value.

4 is not 'a very large group'. By that same measure however, there is 'a very large group' of idiots who send their bank account info to Nigerian spammers to. Actually, its the same group.

Now we have a socially illegitimate group applying the initial value and then speculators step in

Really? Again trying to ascribe value to something because someone wants to grief you over it? Do you think a gay man is valuable JUST because some idiot homophobe beats him up? Your logic is just dumb.

I do not see Bitcoins ever replacing government currency but I do see it becoming a supplemental tool for securing wealth and providing a medium of exchange detached from economically repressive governments. Any government that taxes represses it's people, the people accept that repression as a necessity to govern the society. Anyway, being able to purchase something without the government being in your business is a true expression of freedom and extends a way for true privacy to be exercised. This scares quite a few people in government and will be incredibly interesting to watch it play out.

Damnit, I got trolled. I didn't realize you were one of those idiots who think taxes are oppression. Without the result of government taxes, I'm rather sure your dumbass would have died from starvation being completely unable to survive in an anarchistic with none of the benefits of civilization to save your ass.

Re:Another visitor!

[Tharsman]

As a side note, the VHS and Internet were "legitimized" by unsavory elements of society.

Objection!!!

There is nothing "unsavory" about good porn!

Re:Another visitor!

[betterunixthanunix]

Value does not appear magically, or because a bunch of people wake up one day and ascribe value to something. Value exists because of supply and demand -- something which is limited and which people want. The demand for currency is not that it is a "medium of exchange" -- that is nice, but nobody is going to accept pieces of paper with numbers printed on them just because they are a convenient medium of exchange. The demand for currency is a result of its useful in settling debts -- debts owed to the government (e.g. taxes), private debts (which you can have the courts settle, and which the courts will only deal with in terms of the government's currency), and so forth. The supply of currency comes from governments and banks, and it is finite -- hence, we have a situation where currency has value.

As for Bitcoin, supply is simple -- supply is limited by design, and comes from the participants in the system. Demand, on the other hand, is shakier. Demand for Bitcoin stems solely from demand for other currencies; Bitcoins are only in demand as long as people are willing to operate a Bitcoin exchange, and as long as people are willing to buy Bitcoins (i.e. because they believe they can turn a profit by selling the Bitcoins for something else). This is not a system that has much long-term viability; if the Bitcoin userbase does not keep growing, the value of Bitcoin will start to fall, as the holders of Bitcoins attempt to exchange them for other currencies.

Or in other words, Bitcoin is a fancy pyramid scheme. For Bitcoin to have value, people need to keep entering the system and keep propping up the speculative bubble that surrounds Bitcoin. At the end of the day, when there are no more Bitcoins to be mined and nobody is trying to enter the system, the only thing left will be for the current participants to dump their Bitcoins. The early adopters will win (and have probably already won); the late adopters will be stuck with a bunch of worthless Bitcoins.

Re:Another visitor!

[Fear+the+Clam]

As much as the Bitcoin stories are getting a little much we are seeing the birth of something completely new; A medium of exchange that is independent of any government.

Aside from, of course, barter.

Re:Another visitor!

[infodragon]

> So some bored kid modifies a standard off the shelf virus to go specifically after a given file on your computer, that is in effect worthless ...

I'm not referring to people stealing, please ref...

http://idle.slashdot.org/story/11/06/06/1410217/Bitcoin-Used-For-the-Narcotics-Trade
http://thehill.com/blogs/hillicon-valley/technology/164865-senators-tell-doj-to-shut-down-online-drug-market

> The primary value of gold is its unique physical properties which are both visually pleasing to most people and very useful in many different processes and industries.

The primary value of gold comes from people desiring to posses it. What they do with it afterwards is inconsequential. A HUGE majority of the gold supply is in the form of reserves held by governments and banks. Another large portion is at the bottom of the ocean from sunken Spanish ships. My point was, which was probably not well conveyed, is that the utility of gold is incredibly low, compared to most other commodities, yet it has extreme value because humans value it!

>4 is not 'a very large group'. By that same measure however, there is 'a very large group' of idiots who send their bank account info to Nigerian spammers to. Actually, its the same group.

Ref above... It has the attention of the US Senate now, and it is a very active component of black market transactions.

>Really? Again trying to ascribe value to something because someone wants to grief you over it? Do you think a gay man is valuable JUST because some idiot homophobe beats him up? Your logic is just dumb.

  Ref above...

>Damnit, I got trolled. I didn't realize you were one of those idiots who think taxes are oppression

Taxation is a form of repression. The value exchanged for that repression is something that is real/vital and needed for the functioning of a government. Citizen X produces wealth and the government taxes that wealth. Citizen X's purchasing power has been repressed, though, his value for taxes may exceed the value lost of purchasing power. Again ignorance, there is a difference of a repressive act, taxation, vs a repressive system. The difference is quite significant. I am assuming that you use oppression interchangeably with repression, there are subtle but quite significant differences.

Re:Another visitor!

[Patch86]

So some bored kid modifies a standard off the shelf virus to go specifically after a given file on your computer, that is in effect worthless ... it suddenly becomes worth something? You must be one of the morons who bought into Bitcoin. They aren't attacking so much to do something with your bitcoin, its more like mugging you and taking your wallet then throwing it away later. They are going after them just to go after them and cause trouble, NOT to use the crap that is unusable sense no one with half a clue would accept it as payment for anything of actual value.

Things are worth whatever people will pay for them. For reasons that are, frankly, a bit of a mystery to me too, people are willing to buy BitCoins for real world USD on a variety of BitCoin exchange sites. That gives them value (and is why people are stealing them). World of Warcraft "gold" has value for the same reason- you can sell it for real world money, so it's worth something.

The same essentially applies to gold (the real world element this time). It has industrial uses obviously, but the majority of its value is determined because it is rare and people want it. There's no real reason why people should want jewellery made of gold, rather than something else- but they do, and so it has a high value.

The main difference between gold and BitCoins is that gold has demonstrated a consistent (and relatively stable) high value for thousands of years. There is no guarantee that BitCoin will sustain any sort of value past the end of the month; if it still has value in a couple of decades, then you can wake me up.

Re:Another visitor!

[NotAGoodNickname]

If the primary value is gold is that it is "visually pleasing to most people and very useful in many different processes and industries" then why did the value of gold rise over 700% in the last 10 years? Based on your statement it either has become 700% more visually pleasing or 700% more useful for industry. Gold isn't valuable at all, except people choose to invest in it. If there was no gold, some other metal would be used in the industrial processes. Obviously the primary value of gold is for speculation and hedging against uncertainty.

Re:Another visitor!

[Zenaku]

Barter is not a medium of exchange. It is just exchange. Without the medium. That's what makes it barter.

Re:Another visitor!

[Aceticon]

The pattern of human behaviour around BitCoin just looks more and more like the same think that can be seen in any unregulated market.

Just look at all the stories coming into Slashdot which either outright say or imply that BitCoins have value and your should jump into the bandwagon (Even Criminals Want BitCoins!!!).

It all looks a lot like traders pumping up stock with posts in the appropriate forums and/or chain-mails (only BitCoins are aimed at geek-suckers).

BitCoin does not solve the hard problems with estabilishing an independent currency (creating a market on the currency with enough people that trust and use it without requiring a state-sized actor to back it all up using men-with-guns), instead it just solves the (comparativelly) easy bits of how to print a digital currency that cannot be falsified.

A nice tech demo it is, a social breakthrough it's not.

Re:Another visitor!

[MyFirstNameIsPaul]

Coincidence of wants

Re:Another visitor!

[mcmonkey]

As much as the Bitcoin stories are getting a little much we are seeing the birth of something completely new; A medium of exchange that is independent of any government.

How is bitcoin different from, for example, WoW gold? Isn't this just some form of in-game currency without the game?

Re:Another visitor!

[slashdotjunker]

You have caught bitcoin fever.

I can easily substitute any collectible item every where "bitcoin" appears in your post. For example, collectible coins, stamps, beanie babies, paintings, sculptures, vintage cars, faberge eggs, barbie dolls, swatches, baseball cards, etc.

Let's talk about something specific. A Picasso serves exactly the same role as a bitcoin. There are a limited number. They are difficult to forge. They have value because people think they have value. They are independent of any government. They can be used as an alternative storage and investment of wealth. They can be stolen. The ownership is tracked by a community.

The peering algorithms which underlie bitcoins are somewhat interesting. Beyond that, there is nothing new.

Re:Another visitor!

[infodragon]

If somebody provided a public online exchange for WoW gold, Blizzard would take them down. The system of exchange for out of game items is completely underground and Blizzard can confiscate said gold. Where as Bitcoin is encouraged to be traded and there are multiple exchanges and parallels the Forex spot market. The freedom to move the currency is a significant factor in it's value.

Also the value of WoW gold is tied to in game activities. The value of Bitcoin is tied to anything that accepts it. WoW gold would be a lot more valuable if you could legitimately buy anything with it for which a merchant exists.

Re:Another visitor!

By "completely new", do you mean "oldest kind of currency in the world" ?

https://secure.wikimedia.org/wikipedia/en/wiki/Private_currency
https://secure.wikimedia.org/wikipedia/en/wiki/Complementary_currency
https://secure.wikimedia.org/wikipedia/en/wiki/Alternative_currency

Re:Another visitor!

[infodragon]

Collectables are only desired by others with the same desire. Bitcoins are desired by anybody that desires something that can be purchased with Bitcoins. Your analogy is anemic.

A Picasso does not serve the same role, it is unique and there is only one. It's transfer is highly public and to keep it private there are extreme measures that must be taken. Also a Picasso would fall under the definition of barter, one item for another, rather than a medium of exchange. Again an anemic analogy.

As for nothing new other than peering algorithms, you have chosen to blind yourself to what Bitcoin is. Rather than taking a rational approach you have attempted to use poor analogies in an attempt to rationalize denial. http://www.nytimes.com/2011/06/15/arts/people-argue-just-to-win-scholars-assert.html

Re:Another visitor!

[PitaBred]

If you have an ATI/AMD GPU, it will only take a couple days for you to mine a coin or two of your own by joining a pool.

Re:Another visitor!

Just calm down. It's a pyramid scheme, and one that is mostly used for the sale and purchase of drugs.

This isn't some amazing new currency, it's a tool for crime.

Re:Another visitor!

[infodragon]

No and Yes.

You didn't read my post or did not comprehend the fact I strongly suggest that it is used for unscrupulous means. "The criminal/socially unacceptable elements are legitimizing the currency by applying value."

http://en.wikipedia.org/wiki/Pyramid_scheme

Bitcoin has a limited supply. A Pyramid Scheme it does not make!

I have the feeling I may be feeding a troll.

Re:Another visitor!

[mcmonkey]

If somebody provided a public online exchange for WoW gold, Blizzard would take them down. The system of exchange for out of game items is completely underground and Blizzard can confiscate said gold. Where as Bitcoin is encouraged to be traded and there are multiple exchanges and parallels the Forex spot market. The freedom to move the currency is a significant factor in it's value.

Also the value of WoW gold is tied to in game activities. The value of Bitcoin is tied to anything that accepts it. WoW gold would be a lot more valuable if you could legitimately buy anything with it for which a merchant exists.

So basically, WoW gold is harder to move around, since it isn't sanctioned for use outside the game. But WoW gold has more value, since it can be used by anyone inside the game.

While bitcoin can be freely traded, but there really isn't much to do with it.

I think another poster hit the nail on head comparing bitcoin to baseball cards.

Re:Another visitor!

[infodragon]

Your perception of value is flawed. You are confusing utility with value. Gold is a commodity, having very little utility, but extreme value (borders on the line of medium of exchange, non-commodity). Bitcoin is not a commodity (medium), currently has low utility but high value, I do believe it is currently inflated. WoW gold is not a commodity (medium), has extreme utility but in a vary narrow realm that is punished (confiscated) if it's found to be used outside that realm. Baseball cards are a commodity having no utility but very few have high value.

Using a commodity as a means of exchange is barter. Bitcoin is not a commodity so the analogy of baseball cards is flawed.

Re:Another visitor!

It fits the "New for Nerds, Stuff that Matters" theme far better than most of the other stories posted here.

...and the first time the idea was discussed, it was 'News'. What's not news is that the people who think this is money are doing all the things with BitCoin that humans have been doing with cash for thousands of years, namely, using it for illicit purchases, trading it for other forms of money for profit, and stealing it.

Re:Another visitor!

[idontgno]

Tulips.

Specifically tulip futures. Tulips themselves could be considered commodities (although their utility values is pretty limited), but the way the market treated them in 17th Century Europe, they were really media of exchanges, right down to the fact that you had to "cash them in" (either take delivery of the commodity, or sell your contract) to get external economic effectivity (liquidity -- "real money").

Tulips were hard to increase supplies of (since it takes years for seed to grow to flowering plants, and bulbs can only be split in a relatively narrow window in Fall). Their aesthetic interest and novelty were part of the bubble's mechanic: Tulips are beautiful, and had introduced to European markets only a few decades earlier.

To summarize: bitcoins are the 21st Century geek equivalent to tulips.

Re:Another visitor!

[mcmonkey]

Bitcoin is not a commodity (medium), currently has low utility but high value, I do believe it is currently inflated.

How does bitcoin have high value? In these daily bitcoin threads I've seen mention of using it for illicit money laundering, and there are the exchanges where I can change bitcoin in to US dollars and the reverse.

What else can I do with bitcoin? What retailer will exchange bitcoin for goods or services? I must be missing those links in these threads. If you gave me any amount of bitcoin, the only thing I would think to do with it would be to offer it back to you for sale. It would be only worth what you pay me. If you refused to buy them, I'd throw them away. They aren't worth the drive space it would take to save the file.

The more I learn about bitcoin, the more it sounds like baseball cards or beanie babies or pogs. There's a market that drives up the value, until the thing falls out of favor, and suddenly it's worthless.

The difference is bitcoin comes from GPU computations rather than a private manufacturer. And the scheme for prevented fraud is different.

The US dollar is different because the US government supports it. Gold is different because, no matter what its utility to the man on the street and no matter that its price will fluctuate, there is several thousand years of history that says gold will always be worth something in trade.

Bitcoin is just a digital beanie baby. Limiting the total number of bitcoin or having a hash to prevent counterfeiting doesn't change that fact. There were limited edition beanie babies with special authentication tags. The issue with the beanie baby market wasn't that there were too many, or counterfeiting was rampant.

The issue with the beanie baby market is it was just a fad. Fads end. And as soon as the beanie baby fad ended, the market crashed.

Early bitcoin "investors" are trying to start a fad. It's the "pump" phase of "pump and dump". The folks in bitcoin now may be able to cash out at a profit, but as a long term financial system, it makes as much sense as putting your retirement funds in to beanie babies.

Re:Another visitor!

[infodragon]

Another anemic analogy.

By your implication any future (of commodities) would be considered in the same category.

Bitcoin is not a commodity; it is a medium of exchange. Because it is probably in a speculative bubble is irrelevant. Because it's primarily used for criminal activity is irrelevant. The fact it may go away is irrelevant. What is relevant is, at this time, it is used as a medium of exchange as currency is used. It is intended as a medium of exchange. There is no functional difference from purchasing something with a credit card, debit card, or ACH. A merchant has a list of goods with associated Bitcoin prices, and can easily list USD, AUD, EUR, CAD... as well. Market forces are now imposing themselves on the value of Bitcoin not the perceived value of goods/services between two parties as a barter would. The current volatility presents difficulties but we've seen this in the past with Russia and Zimbabwe to name two examples. I believe Bitcoin has a very high potential of going the way of those currencies as well!

My personal belief is it is HIGHLY inflated and is probably being manipulated. There's irony involved as speculators and criminals are being harmed by criminals. Speculators take the risk and uninformed risk is just asking to get nailed. Criminals harming criminals... that's just poetic justice. I believe a small portion of those that may be harm are legitimately trying to eek out a business and I do feel for them, but it is something very new and by definition speculation. Undertaking a speculative venture without educating yourself and a willingness to deal with the risk is silliness and immature.

Re:Another visitor!

[infodragon]

>How does bitcoin have high value?

I can *EXCHANGE* Bitcoin(currency) with other currencies, just as I can CAD - USD or EUR - USD or AUD - EUR. Google it. There is an open market similar to Forex spot. This is NOT a commodity.

It has high value because it directly translates to other currencies in a manner that is identical to other currencies. It may be a pump and dump but it's still currency and this does happen to nations currencies. So please explain how Bitcoin is different from the AUD? USD? EUR? GBP? CHF? JPY? ...? Each have had episodes of high volatility, speculation craziness and manipulation. Other countries have seen their currencies devalue to less than toilet paper.

Re:Another visitor!

[infodragon]

Thirty seconds of googling produced this

Because you may be lazy, which I'm guessing due to making assumptions that 30 seconds of googling can debunk, I'll quote a bit for you...

"f you want a chicken pita from Meze Grill in midtown Manhattan today, you can fork over $8.75 or give them about half a Bitcoin. The restaurant began accepting Bitcoin Tuesday "

The article is dated today. Hmmm... midtown Manhattan... smack in the middle of one of the largest cities in the world... hmmmm... not to mention a major financial hub... hmm....

http://tech.fortune.cnn.com/2011/06/17/the-clock-is-ticking-on-bitcoin/

Re:Another visitor!

[shentino]

You're only paying attention to demand.

Supply is also a part of the economic equation.

Re:Another visitor!

[OptimusPaul]

I'm sorry but taxation is not a repressive act. Perhaps in a state, like Minnesota. that has a regressive tax rate it could be considered a repressive act. Even then I don't think it is, lower income people potentially get more from the system that the higher income people. The fact that citizens get something in return negates that it is repressive.

Re:Another visitor!

So there is 700% less supply of gold about? I thought new gold was being mined every day.

Re:Another visitor!

[Apotsy]

As a side note, the VHS and Internet were "legitimized" by unsavory elements of society.

Ah, the old "VHS beat Betamax because it had porn" canard! Haven't heard that one in a while. Google a bit and you'll find quite a bit of discussion on Snopes, The Straight Dope, and elsewhere about it. Bottom line is that there is no real evidence to support that notion, while there are plenty of other (well-documented) reasons why VHS won the war.

Re:Another visitor!

[mcmonkey]

Thirty seconds of googling produced this

Because you may be lazy, which I'm guessing due to making assumptions that 30 seconds of googling can debunk, I'll quote a bit for you...

Fair enough. After posting that comment, I noticed these bitcoin stories have their own /. icon. Clicking that icon brought me to list stories, including one from November 2010 which has a few links to places where one can spend bitcoin.

Getting use in meatspace Manhattan is something. On the flip side, there are about a brazillion restaurants in Manhattan. That there's 1 accepting bitcoin doesn't shock me. But you gotta start somewhere, right?

Re:Another visitor!

[Darinbob]

If it's copying gold as a medium of exchange, then bitcoin is also copying some of the flaws of gold. In other words, if bitcoin were really to be modern then it should invent a modern system of exchange without the millenia old flaws. The problem with gold is that I can steal some from you and you have no way of proving that the gold I have was once yours and was taken against your will. Bitcoin should have come with transaction history in some form and authentication of ownership transfer (stuff that's matter of course in modern banking systems).

Bitcoin is a bit interesting, in the same way that many school science fair projects are interesting. Simulating an artificial economy, that's cool and nerdy. But it hasn't taken a conceptual leap forward.

Re:Another visitor!

[infodragon]

http://www.mediacollege.com/video/format/compare/betamax-vhs.html

You appear to be right. I appreciate you pointing that out!
Thanks!

Re:Another visitor!

[igreaterthanu]

That is only 700% against the United States Dollar. Last time I checked the United States Dollar is anything but a stable store of value, especially compared to Gold.

Re:Another visitor!

Governments - as usual - always want theit taxes, and to follow the money trail. The move to cash-less payments is a wet dream of some governments because everything can be tracked and data mined. This is a new headache and obviously the crackdown is in the planning stage. Since RIAA and MPAA didn't have much luck with stopping torrents, this will not be any easier. Especially as investors will have countermeasures to keep it afloat.

Re:Another visitor!

So... what you're saying is that you like to gamble?

Re:Another visitor!

[Troed]

If you can crack RSA you can go after the traditional banking system a lot easier than Bitcoin (since it uses ECC).

Re:Another visitor!

[infodragon]

Yep, $10 is gonna kill me financially if I lose it. I'll lose the house, my wife will leave me; she'll probably get the dog. My daughter will grow up never knowing her deadbeat father. My parents will disown me and I'll have to resort to poaching to feed myself because I won't qualify for govt aid because I have a gambling issue!

Thank you for bringing this up and showing me the way!

Overhyped

[darth_MALL]

I saw a comment in a previous article about Bitcoin suggesting that /. was acting as a shill for this 'product'. How is they hyperbole justified when the only place it's talked about is here? Shenanigans.

And yet...

[Sygnus]

Nothing of value was lost.

Re:And yet...

[montyzooooma]

Except for Slashdot's credibility.

Re:And yet...

[RivenAleem]

Trying to set up a recursive thread?

Re:And yet...

[SEWilco]

I also would like to lose nothing of value. Is there a tool with which I can create a worthless wallet, or a wallet that screams "THIEF! THIEF!"? But then I'd have to have the wallet on a machine which might get attacked. Well, at least I could plant a tree in case a nut comes along.

Is there any way to give them a poisoned wallet?

[John+Hasler]

n/t

Re:Is there any way to give them a poisoned wallet

[bistromath007]

*looks at the trend in value of bitcoins*

Yes.

A file within a file...

[xMrFishx]

Encryption! (Sorry, couldn't resist - and I know it's not)

But honestly, if you're using this system for any sort of money handling, then leaving it, the equivilent of lying around, is not a good idea. Secure your money properly, use common sense. Also I believe it's even on BitCoin's good practise list of recommendations. Encrypt your wallet and keep a backup elsewhere incase a nasty trojan erases it. Good data retention practise applies to everything.

Re:A file within a file...

[olsmeister]

For BitCoin simply to place it on their list of recommended good practices is not sufficient and, quite frankly, irresponsible. If experience has taught us nothing else, it's that the average user has very little concept of how to secure their data, and if it is to be done correctly it needs to be at the application if not the OS level.

Hell, I'd be willing to bet that even if BitCoin were limited for use exclusively by IT professionals and CS majors, we'd still be seeing stories about people being robbed.

Re:A file within a file...

Sure, you can encrypt your wallet, and then you have to decrypt the fucking thing to use it.

Of course, the recommendation is to have a separate wallet on a USB stick or something that's encrypted, and then to transfer coins from your insecure wallet to your secure one on a regular basis (you don't need to decrypt a wallet to send coins to an address in it). But what "normal" user will know to do this?

What the client *should* do is what every fucking private-key-storing tool does: encrypt the god damned private keys with a secret key that the user must enter before the client can sign a transaction. But, of course, this is too brain-dead fucking obvious, apparently.

Re:A file within a file...

Even renaming the file would stop 99% of trojans from finding it.

Re:A file within a file...

[icebraining]

There's nothing Bitcoin can do. Encrypting with a password is useless (too cheap to crack), encrypting with a key file is useless if the key file is kept on the same machine.

The user has to copy the wallet off the machine, there's no magic bullet.

Re:A file within a file...

[icebraining]

The bitcoin program has to have *some way* of finding the file. The trojan can use the same way.

Re:A file within a file...

That's just a bullshit excuse.

Encrypting with a long english language sentence (say, this one) will stop even the most determined attacker.

Re:A file within a file...

[maxume]

So someone should market a usb stick as a physical bitcoin wallet?

They could brand it as "The Magic Bullet".

Re:A file within a file...

[walshy007]

What the client *should* do is what every fucking private-key-storing tool does: encrypt the god damned private keys with a secret key that the user must enter before the client can sign a transaction. But, of course, this is too brain-dead fucking obvious, apparently.

Too cheap to crack computationally, no security would be achieved and you've just annoyed the users by adding an extra step they can forget (and also lose all their bitcoins by forgetting their password)

Bad idea

Re:A file within a file...

[DrXym]

Encryption! (Sorry, couldn't resist - and I know it's not) But honestly, if you're using this system for any sort of money handling, then leaving it, the equivilent of lying around, is not a good idea. Secure your money properly, use common sense. Also I believe it's even on BitCoin's good practise list of recommendations. Encrypt your wallet and keep a backup elsewhere incase a nasty trojan erases it. Good data retention practise applies to everything.

If Bitcoin knows it's good practice, then why can't it be implemented in software? The simple fact is if Apple did this or Microsoft or Google then people would (and do) shit on them from a great height. The problem here is the Bitcoin client used by the majority of users is insecure by default. It's making it easy for the bad guys to rip people off.

Re:A file within a file...

[DrXym]

It's not cheap to crack a strong password and if I had substantial investment in bitcoin you could be damned certain I would choose an extremely strong password. And a key on the disk would help too simply because some hacks might use driveby attacks so putting an unguessable key in the same directory (which could even be xor'd with the password hash) would make it virtually impossible to decrypt a wallet even if someone developed a remote exploit to lift it.

Re:A file within a file...

[Nursie]

Inisist on a decent/strong password. It's at least going to take some time to crack that way.

Re:A file within a file...

Oh bullshit.

1) Take password.
2) Hash password using bcrypt.
3) Use the resulting 448-bit hash to encrypt the private key.

Using bcrypt protects against bruteforcing of the password, as it's designed to be slow (anyone using a cryptographic cipher for password hashing should be shot... they're *designed* to be optimized). And good luck brute forcing a 448-bit secret, particularly given it's not just limited to printable characters.

Really paranoid? Pick a very long password. For example, pick a book. Pick a page number. Now take the first couple sentences. There's your password. Now write down the book and page number on a piece of paper and put it in your wallet.

Worried about losing your password? Export the private keys, unencrypted, to a USB stick.

Well, assuming the client supported key import/export, which it doesn't (yet).

These are solveable fucking problems. It baffles me that you twats keep making excuses for the bitcoin devs, who clearly wouldn't know security if it kicked them in the balls.

Re:A file within a file...

That's just a bullshit excuse.

Encrypting with a long english language sentence (say, this one) will stop even the most determined attacker.

I don't follow you. You have seventeen words. Let's say there are 750,000 words in the English language. That's only 12.75 million possibilities - and that's ignoring rules of grammar and syntax, which could be used to lower the number of possibilities dramatically. A well-written brute force cracker on a fast home PC would break this password almost instantly. What am I missing?

Re:A file within a file...

What am I missing?

The part where a cracker can't assume they know the structure of the password text. But let's say they did.

Take password. Now feed it through bcrypt before using it to encrypt the private key.

Have fun brute forcing bcrypt, or the resulting 448-bit symmetric key.

Re:A file within a file...

[blueg3]

Hardened PBKDF with a remotely decent password isn't cheap to crack at all. If you want to be insulated against forgetting the password:
(a) encrypt wallet with key A
(b) store a copy of key A alongside wallet, encrypted with password-based key B
(c) store an unencrypted copy of A on a USB disk

For (c) you can alternately store a copy of the unencrypted wallet; store a copy of the private key A; make a public-private keypair, put the public-key-encrypted key A alongside the wallet, and store the private key; or make a new private key C, encrypt key A with that, and store C on the USB disk.

It's not simple for a home user to cobble together, but the above is a common way of encrypting files while providing lost-password recovery (and allowing the user to change their password without having to change the lost-password-recovery data). Bitcoin clients should support it.

Re:A file within a file...

They will not erase it, they will just transfer the funds from it to themselves. After that your bitcoin.dat file is useless.

Re:A file within a file...

Break this one:,0{1A~ntw1NVZp^R9,^?l1kE&cOFZh*+6#=ll34d

Re:A file within a file...

[Temporal+Anomaly]

Encryption! (Sorry, couldn't resist - and I know it's not) But honestly, if you're using this system for any sort of money handling, then leaving it, the equivilent of lying around, is not a good idea. Secure your money properly, use common sense. Also I believe it's even on BitCoin's good practise list of recommendations. Encrypt your wallet and keep a backup elsewhere incase a nasty trojan erases it. Good data retention practise applies to everything.

If Bitcoin knows it's good practice, then why can't it be implemented in software? The simple fact is if Apple did this or Microsoft or Google then people would (and do) shit on them from a great height. The problem here is the Bitcoin client used by the majority of users is insecure by default. It's making it easy for the bad guys to rip people off.

The standard client makes it very clear that your wallet is nothing more than a private key (presumably because it's marketed to nerds who understand what that means). This issue has nothing to do with bitcoin itself, and there's no reason why you couldn't make a more user friendly client that protects the key for you.

Re:A file within a file...

[DrXym]

Of course someone could make a more secure client but the reality is most people use the default one, the one advertised on the bitcoin site. The one riddled with holes. Internet Explorer wouldn't be absolved of security problems (e.g. ActiveX scripting issues) just because users have a choice of another browser and neither should the same apply to bitcoin.

Re:A file within a file...

[osu-neko]

Encrypting with a password is useless (too cheap to crack)...

Err, no. A strong encryption algorithm and a strong password is far more expensive to crack than the value of most people's bitcoin wallet. It would be a monetary loss to bother doing it.

Re:A file within a file...

[icebraining]

So you'd be security conscious enough to use a strong password, but not to take the wallet file off the machine, therefore _actually_ protecting it from any kind of remote attack? That doesn't make much sense.

In reality, security unconscious people would use '12345' and get hacked anyway.

Re:A file within a file...

[icebraining]

Nobody stupid and/or ignorant enough not to take a wallet with a good number of bitcoins off of the machine will choose a strong password.

Re:A file within a file...

[DrXym]

No security would prevent a keylogger but there are measures such as I suggest which would prevent drivebys and minimize the window of opportunity even if someone infiltrated your network. And yes Bitcoin should probably offer a file picker when it launches so you can choose some file that's situated on another drive. It means when Bitcoin is not running a trojan has no idea where the wallet is assuming it is encrypted. But the measures I suggested would still protect users.

As for 12345, that's the user's problem but it doesn't excuse software which doesn't lift a finger to help protect financial data.

Re:ALL BITCOIN NEWS IS SPAM

Who pays you, little mechanical turk? Who's behind all the anti-bitcoin FUD? I wouldn't trust it to hold my money but I refuse to believe anyone is as ignorant of the principles as your comment suggests.

trojan infected computer

How does this Infostealer.Coinbit trojan get on to the infected computer?

Infostealer.Coinbit
Type: Trojan
Systems Affected: Windows 98, Windows 95, Windows XP, Windows Me, Windows Vista, Windows NT, Windows Server 2003, Windows 2000 link

Re:trojan infected computer

[DrXym]

How does this Infostealer.Coinbit trojan get on to the infected computer?

Well the easiest way would be to package it up as a bitcoin miner. People who install miners are by definition bitcoin users and greed could lower their guard enough that they would install the thing if it promised better performance than other miners. There are enough miner apps around with source code that the trojan could actually mine for a while before flipping into robbery mode. Miners also imply bitcoin is running in server mode where it has the potential to subvert the application even if its running on a separate box.

But can't the network be fooled???

After relentlessly reading through the bitcoin wiki, it seems like there are many possible ways to corrupt the system. In the real world it's like trying to pass around fools gold but the cross-checks just aren't beefed up enough to catch it. All one needs is a decent size cluster to create it's own blocks/hashes and then dump it on the network. The network then thinks it's all legit. it's literally making money out of nothing, not mining or exchanging...

Re:But can't the network be fooled???

[nhaehnle]

Since the hashes depend on the entire previous block chain containing all previous transactions, you cannot simply pre-compute hashes in private to prepare for one giant dumping on hashes into the network.

It is possible to corrupt the network, you have to be able to produce more hashes than everybody else together, i.e. you have to own >50% of the computing power in the network. So you need more than a decent size cluster; you actually need more than the sum of all the decent sized clusters that are already out there.

Re:But can't the network be fooled???

[DamnStupidElf]

Yes, and by the current difficulty, block rate, and GPU efficiency you would only need about 1.5GW of continuous power to produce a block chain longer than the legitimate chain that would form while you were making your fake chain. The longest chain wins. And all it would let you do is double-spend. You could make more bitcoins simply mining.

Re:But can't the network be fooled???

[makomk]

Yes, and by the current difficulty, block rate, and GPU efficiency you would only need about 1.5GW of continuous power to produce a block chain longer than the legitimate chain that would form while you were making your fake chain.

That's only if you were using GPUs. FPGAs are orders of magnitude power-efficient, and it'd probably even be cost-effective to base an attack around custom-built structured ASICs which are more efficient still. Current best estimates are that you could do it for $1-2 million and a few kilowatts of power.

And all it would let you do is double-spend. You could make more bitcoins simply mining.

That assumes your goal was to make bitcoins, rather than to undermine the bitcoin infrastructure. If Bitcoin was really as dangerous to vested interests as many of its proponents claim, someone would inevitably be willing to spend the money just to see it die. If double-spending isn't enough to destroy trust in Bitcoin, you can also prevent any transactions from succeeding across the whole network with that much hash power.

so ?

[unity100]

how is it any different in real life ?

Re:so ?

in real life, federal law states that as long as I report my card info as being stolen within three days of my discovering that it has been stolen (not within three days of the actual theft, note) then I'm only liable for the first $50.

of course that requires governmental oversight of commerce, which the lolbertarians behind buttcoin strongly oppose, so...

Re:so ?

It's not. Put your savings in a secure savings account. Don't walk around with it all in your back pocket or under your mattress.

Re:so ?

I don't keep all of my money in one location. Some is in my wallet, some in various accounts, some in the mattress, etc. You can't steal it all at once.

Re:so ?

[unity100]

thats a credit card. a credit card is not money. in real life, if your money is stolen, it is stolen.

Re:so ?

[icebraining]

That's if you have a card. Bitcoins wallets are like cash, not cards.

Re:so ?

okay, then in real life, people halfway across the world can't steal my paper cash money electronically through my computer just because I went to a dodgy website with an insecure web browser

captcha: "taxable". hahahahahahaha

Re:so ?

[unity100]

you can also put your bitcoins in an OFFLINE computer. or flashdisk. or a secure 'bank' that will keep them.

Re:so ?

[MyFirstNameIsPaul]

You store your cash on a card? How do you do that? I think what GP was trying to say is that if you store all your cash in your house or on your person, it's much more likely to get stolen than if you store it in a bank, which is what most people do.

Re:so ?

[unity100]

you can do the same with bitcoin. you can have numerous wallets, keep them all in different places, even offline computers/flashdisks.

Re:so ?

[jeffmeden]

thats a credit card. a credit card is not money. in real life, if your money is stolen, it is stolen.

In real life, if your money is money (as in paper currency) you need a safe in order to consider it, well, safe. Otherwise, yes, its pointless to think that bitcoin is any less secure than having cash around. But hmm, we did think up some "alternative" to requiring anyone who wishes to participate in the currency economy to obtain and store paper currency... If only I could remember what it was...

Re:so ?

[jeffmeden]

I can if I devalue it to the point of uselessness! Muahahahahahah

Yours in deflation,

Kilgore T Krugerrand

Re:so ?

It works, but then you need to go online to use it.

or a secure 'bank' that will keep them.

Yeah, that sure sounds legit.

Re:so ?

[NiteMair]

You mean those institutions that take your money and then reinvest it to make money for themselves - occasionally causing an economic collapse that decreasing the value of your money drastically? They also happen to keep a pretty handy record of every transaction so that governments can see what you've been up to with your money...

Yeah, I can't see why anyone might be searching for an alternative form of currency.

Re:so ?

[Patch86]

In real life, the vast, vast majority of my money is stored in bank or building society accounts. If my money is stolen from those (i.e., a bank robbery) the bank is legally obliged to repay me. If the bank goes bust and can't repay me, the government has promised to pay me back (up to £85k per institution).

The amount of money that I keep in physical, stealable cash form is usually only a working amount (£10 or £20), and only very rarely and very briefly more than that.

Your BitCoin "wallet files" represent everything you need to access all a person's money (as the story of the $500,000 theft a few days ago demonstrates). There is simply no comparison with conventional money- it would be the equivalent of keeping $500,000 in a box in your bedroom with a small label on it saying "all of my money is in here".

Re:so ?

by the way, I love the tacit admission that buttcoins are not valuable in real life.

Re:so ?

[tehcyder]

how is it any different in real life ?

It's not, if you're stupid enough to keep all your cash under your bed in an area known for burglaries.

Re:so ?

[Patch86]

An offline computer is secure from a hacking perspective, but could still get stolen in the old-fashioned sense (a burglary). Even if the burglar doesn't know what he's stolen, your wallet file will still be gone. A house fire or similar would have much the same effect (good luck getting your insurance company to pay up for "I had £50,000 worth of virtual BitCoins stored on that computer!").

The best way would be to keep your wallet file on an offline storage medium (burn it to some CDs) and put it in a safe deposit box at a conventional bank or similar. Although that would be a pain in the arse to actually take money out from- orders of magnitude less convenient than a regular bank account with a cash card or internet banking facilities.

Re:so ?

[tehcyder]

You mean those institutions that take your money and then reinvest it to make money for themselves - occasionally causing an economic collapse that decreasing the value of your money drastically? They also happen to keep a pretty handy record of every transaction so that governments can see what you've been up to with your money...

Yeah, I can't see why anyone might be searching for an alternative form of currency.

Why don't you buy some fucking gold and start your own insane version of the fucking Gold Standard with you and your two equally fucking deluded friends?

Re:so ?

[unity100]

with the legal obligation that your bank has, comes innumerable liabilities for you ranging from privacy to currency fluctuations to financial manipulation of entire system.

Re:so ?

[nhaehnle]

You do realize that a bank robbery can never actually steal your money, right? A bank robbery is about stealing bank notes that are owned by the bank. If you give a couple of bank notes to a teller at the bank to add them to your account, and five minutes later they are stolen in a bank robbery, nobody actually stole your money at any point.

Unless you store bank notes in a safety deposit box at the bank, in which case I am not so sure they owe you anything in case it gets stolen.

Re:so ?

[unity100]

people halfway across the world can't steal my paper cash money electronically through my computer just because I went to a dodgy website with an insecure web browser

is it. how do you think the identity thefts are conducted, leave aside your cash disappearing through cayman islands via an unauthorized wire ... fool. dont wander too much around online. you dont know shit about security.

Re:so ?

[unity100]

japanese yen stored in an american bank, is no different than bitcoin hash put in the same bank's safe you own.

Re:so ?

[NFN_NLN]

In real life, the vast, vast majority of my money is stored in bank or building society accounts.

Every major country uses a fiat currency that is nothing more than "digital currency" much like bitcoin. The actual physical currency (M0), at least in the US, represents less than 5% of the actual wealth (M3).

Bitcoin is "stealable" because it has no central authority. If you want a currency with central authority it also comes with many negatives. The biggest being that the central authority effectively gives itself a license to debase the currency. This is nothing more than legalized counterfeiting.

http://en.wikipedia.org/wiki/Money_supply

People still talk about "printing money" when they refer to quantitative easing, but now it is little more than changing a single value in a database.

Re:so ?

because with this stuff they can just generate spergerrands for free out of thin air by using their gaming PCs and their mothers' electric bill! gold costs money!

Re:so ?

[jonbryce]

But M3 money is secured on real estate, cars, business equipment and so on, where as Bitcoins are not secured on anything.

Re:so ?

[DrXym]

okay, then in real life, people halfway across the world can't steal my paper cash money electronically through my computer just because I went to a dodgy website with an insecure web browser

captcha: "taxable". hahahahahahaha

Not only that they can't steal hundreds of people's money simultaneously. The problem with bitcoin zealots is whenever a vuln is found they always strive to make a comparison to a real world analog as if that somehow makes it all right or the comparison is even valid.

Re:so ?

[Dahamma]

Well, we have these new things called "banks" that hold your money for you securely. But you might have missed them if you haven't been paying attention for the last 500 years...

Re:so ?

Because we can't transfer gold through the internet?

Re:so ?

[Abstrackt]

how is it any different in real life ?

In real life I don't lose the contents of my wallet if someone breaks into my computer, nor do I lose more than about $5 in change if they steal my wallet.

Re:so ?

[sveinungkv]

Why don't you buy some fucking gold and start your own insane version of the fucking Gold Standard with you and your two equally fucking deluded friends?

Perhaps he lives in the USSA and wants to avoid getting thrown in jail for "domestic terrorism" like the liberty dollar guy was.

Re:so ?

[MyFirstNameIsPaul]

There is nothing backing the dollar. Those are only items purchased using dollars.

Re:so ?

[MyFirstNameIsPaul]

That is why you purchase a fire safe. Just make sure you get one that is also waterproof. It turns out they extinguish fires with water. Lots of it.

Re:so ?

[MyFirstNameIsPaul]

Actually, deflation works to increase the value of the money. It means less currency chasing more goods.

Re:so ?

First Privacy is a fucking joke. You have no expectation of privacy, now get over it. Also, bitcoin has the same currency fluctuations as real money.

Re:so ?

Except that Japanese yen is not ethereal.

Re:so ?

[makomk]

That's more backing than Bitcoin has - there isn't much you can actually purchase with it, and most of the users seem to be hoping to cash out their riches for money they can actually spend. Which is why the recent bubble went "pop"...

Re:so ?

[MyFirstNameIsPaul]

That is no backing at all. A good purchased with a currency does not mean that the currency is backed by that good. The only way a currency can be backed is when it can be exchanged for something as a part of a guaranteed standard, such as gold, for example. USD used to be guaranteed against gold, so ever dollar was a guaranteed amount of gold, regardless of the value of gold. So that would a 'backed' currency, not just a good purchased using a currency.

Re:so ?

[unity100]

is it ?

do you know that banks can lend 10x the real assets they hold, and that those assets dont even need to be solid, real world assets, and the majority of the 'money' that goes around are in that electronic/bond/assurance form, rather than solid money ?

and do you know what the term liquidity means ?

Re:so ?

[jonbryce]

M3 money is bank created money.

It happens as follows:

You go to a bank, deposit $10,000
The bank lends out that $10,000 to someone to buy a car
The car dealer deposits that $10,000 back in the bank meaning there is now $20,000 of cash deposited in the bank out of the original $10,000 M0 cash.

The $10,000 of M0 money is backed by the federal reserve. The additional $10,000 of bank created M3 money is backed by the bank, which in turn is backed by the $10,000 auto loan.

Re:so ?

[Patch86]

I do realise that. That was sort of my point. I can take 10x £20 notes into my local bank branch, hand them over the counter and pay them into my bank account. Whatever happens after that- the bank is robbed, burns down, defrauded, bankrupted, or nuked- I know I can still get my £200 back (either whatever is left oft he bank will repay me, or the government will), regardless of what has happened to the original fist full of paper.

It's a guarantee that you don't have with BitCoins- you lose it, it is simply lost. It would not be such a problem if there were registered banks that dealt in BitCoins (as I would be able to behave in exactly the same way, with the same guarantees)- but there isn't. You would even struggle to take out an insurance policy on your BitCoin money- you're completely at the mercy of your own ability to protect a single plain text file.

Re:so ?

[MyFirstNameIsPaul]

You are making up your own definition of a 'backed' currency. I cannot exchange my dollars for anything other than market value of a good or service. A backed currency guarantees exchange for something, such as a specific amount of gold, regardless of the market value of the good.

Re:so ?

[makomk]

Whereas I can't exchange my bitcoins for anything including the market value of a good or service (and with the instability of the bitcoin-USD market, it's not even clear what that would be). The US dollar may not be backed by anything, but there's still a lot more supporting it than bitcoins.

Re:so ?

[MyFirstNameIsPaul]

Acceptance and backing are two different things.

My offer stands

[bigsexyjoe]

I would be happy to pay five billion bigsexyjoe nickels for you to stop running bitcoin stories. Thank you

Re:My offer stands

[Ecuador]

I will add eleventy bajillion pirate dinaarrgh dollars to that offer.

Re:My offer stands

I'll add 8 Pu's.

I just have to de-orbit them first.

Re:My offer stands

[wikdwarlock]

I've got a whole slew of newly "acquired" bitcoins in my Infostealer.Coinbit account I can contribute to the cause as well. If they can be used to stop the blatant and rampant slashvertisement, they will finally have a valuable use.

Re:My offer stands

[kvezach]

Sorry, I won't go for anything less than 239 PUs.

Re:My offer stands

[Dahamma]

And I'll give you all of my Monopoly money, as apparently even Parker Brothers has switched to debit cards.

Re:My offer stands

[idontgno]

I'd vend at least 5,000 quatloos against Bitcoin stories. And I'll toss in 500 Triganic Pu, although I can only pay off in Triganic Ningi*. It'll be up to you to figure out where to put 4,000 triangular rubber coins with a surface area of 20 million square miles each.

*Universe

Monetary Units: None

In fact there are three freely convertible currencies in the Galaxy, but none of them count. The Altarian Dollar has recently collapsed, the Flainian Pobble Bead is only exchangeable for other Flainian Pobble Beads, and the Triganic Pu has its own very special problems. It exchange rate of eight Ningis to one Pu is simple enough, but since Ningi is a triangular rubber coin six thousand eight hundred miles along each side, no one has ever collected enough to own one Pu. Nigis are not negotiable currency, because Galactibanks refuse to deal in fiddling small change. From this basic premise it is very simple to prove that the Galactibanks are also the product of a deranged imagination.

-- Hitchhiker's Guide to the Galaxy, article about Universe

Re:My offer stands

[osu-neko]

If you're not interested in a story, don't click on it.

Websites judge the popularity and desire for news or articles on a particular subject based on how many people click on it. If enough people ignore stories about a topic, it'll drop off the radar.

On sites with forums, the amount of forum posts generated by an article serves as further measure for it's popularity. Indeed, for sites that thrive on discussions, a post in the discussion counts much more than simply a click on and reading of the article. So if you really want to see a particular topic covered a lot more, come in and post in the discussion of that topic!

Note: it doesn't really matter what you post. Positive or negative, as long as it's generating discussion, it's considered good and encouragement to post more on the topic.

Congrats. With your post above, you have helped ensure more bitcoin stories on /.

Suspicious

[inviolet]

Color me skeptical that this virus is purely venal in nature.

Governments have far more to lose from bitcoin than J. Random Crimeshop has to gain from stealing bitcoin wallets (with the associated hassle of converting them to cash). A purely electronic money that is peer-to-peer can easily evade taxation. Governments would collapse within the year of bitcoin's widespread acceptance.

I think this was one of the background premises of _Snowcrash_ and _The Diamond Age_. Without the ability to tax transactions, or even to track them to individuals, governments crash and burn. So even if this particular virus was not born in Langley, Virginia, sooner or later the CIA absolutely MUST craftily squash bitcoin.

Re:Suspicious

They will simply transfer the tax burden from transactions (sales tax) to incomes (income tax).

Re:Suspicious

[betterunixthanunix]

Governments have far more to lose from bitcoin

What do governments have to lose from Bitcoin? At the end of the day, no nation's currency is in jeopardy from Bitcoin, because:

1. People still need to pay taxes, at the very least on their property, and they cannot use Bitcoin to settle their tax obligations. People who do not pay their taxes will lose their property, and possibly be put in prison.
2. Courts do not have to recognize debts paid in Bitcoins, nor do courts have to recognize a failure to repay a Bitcoin loan. Thus, nobody will make Bitcoin loans (since it would be too difficult to seize the collateral from people who default on the loan) and only a fool would try to repay a loan in Bitcoins, since the courts might still insist that the loan be repaid in another currency. Loans are an important part of the economy, and are necessary for a lot of businesses to operate; if Bitcoin cannot support a system of loans, then Bitcoin will never replace other currencies.
3. As it turns out, in some countries (like the United States), barter is taxable, and thus a Bitcoin transaction would be taxable. Failing to report a large Bitcoin transaction would be a serious crime, and it would be fairly difficult to hide it. If Bitcoin becomes the currency of people who are committing crimes, the government will start tracking down Bitcoin users; since people will still need their nation's currency eventually, governments will only have to watch the Bitcoin exchanges and see who is trying to selling Bitcoins for other currencies.

Really, Bitcoin is a superficially interesting experiment that is doomed to fail in the long run. Digital cash should be issued by banks, and backed by actual currency -- you can still enable anonymous and offline payments, and you have the added benefit of being able to track down people who try to cheat the system (e.g. there are digital cash systems in which people who try to double spend wind up revealing their identity in the process). Unfortunately, the current US political climate is not very friendly toward anonymous payments, and so it is unlikely that we will see banks issuing digital cash, but it is nice to dream.

Re:Suspicious

[Beelzebud]

Well the most important point is that if you think bitcoin is a threat to world governments, you're living in a dreamworld, and your grip on sanity is weak at best. Don't try to live on bitcoins, you might starve to death.

Re:Suspicious

[ribuck]

Governments have far more to lose from bitcoin...

Governments who embrace and legitimise Bitcoin will gain economic growth due to Bitcoin's speedy transactions, reliable settlement, and low transaction cost.

Governments will need to make some adjustments, for sure, but they needn't fear Bitcoin.

Re:Suspicious

[Dog-Cow]

Nonsense. If someone is stupid enough to try and live on bitcoins, they deserve the outcome.

Re:Suspicious

[Nursie]

"Governments have far more to lose from bitcoin"

Governments have nothing to lose from bitcoin. They could ban it and watch the value and transaction volume plummet in seconds as people drop off the network in droves.

And if you *liked* the vision of the future on snowcrash then you're pretty fucked up...

Re:Suspicious

[inviolet]

They will simply transfer the tax burden from transactions (sales tax) to incomes (income tax).

With bitcoins, how would a government know what your income is?

See the problem yet?

Re:Suspicious

[betterunixthanunix]

When you work "under the table," how would the government know what your income is? Oh, right, because a business with 500 employees can't hide the fact that it is paying those employees, and the government is going to want to know why their taxable income is not being reported.

Really though, the situation you describe would not even be possible in a lot of places, since an employee who does not get paid their Bitcoin salary will have no legal recourse. A few foolish people would get cheated, have the courts tell them that there is nothing they can do about it, and suddenly people would be demanding salaries paid in their nation's currency.

Re:Suspicious

[Bert64]

Bitcoins are no easier to avoid tax with than cash, arguably harder... And there is already widespread tax evasion taking place with cash, as well as holding currency in foreign banks etc...

The real problem government has with them, is that they cannot artificially control the value of bitcoins.

Re:Suspicious

[nhaehnle]

This may sound strange to the libertarian types out there, but the biggest benefit of a government-controlled currency is that it can be controlled. This allows a reasonable government to dampen economic cycles by implementing countercyclical policies. The facts of life are that the economy can get into a situation that is universally agreed to be bad, without any single individual being able to do anything about it. Then collective efforts are required to get out of it, which is where government comes in.

In a world of only Bitcoin, such collective action would be forbidden by the mathematical safeguards of the system, and the consequences would be roughly as bad as the consequences of the gold standard. (Yes, despite what some people believe, getting rid of the gold standard allowed for a lot of good to be achieved in the world economy.)

Re:Suspicious

Really, Bitcoin is a superficially interesting experiment that is doomed to fail in the long run.

Actually I think that a form of currency that can't really be loaned out serves a purpose.

Re:Suspicious

[DarkOx]

They don't even need to that. Just because you happen to be using another currency does not mean sales tax does not apply. The government could either accept payment in BitCoin directly or simply insist (as they do today in I think most states) that you pay them in dollars whatever the sales tax would, based on the exchange rate for the date of purchase.

So just because you payed 100 BitCoin for a new stereo rather than $800, in your locality where the total sales tax is 8pct does not mean you don't still owe the government $64, assuming 100 BitCoin was worth $800 that day. Now will they catch you right now, given BitCoin is used by so few, maybe not. Start running a business though and don't report any sales taxes and you are going to get audited. You will then owe interest and penalties as well. So short term the government loses nothing, BitCoin is really no more and no less traceable than cash.

They only issue that could crop up is if the currency is considered more stable than their own dollar and their is flight to it for safety destroying the value of the dollar. Which they would not want because they would have less control over the value of BitCoin. I don't really see that happening anytime soon. If it was backed by a commodity perhaps, but its not; and given its no good for public debts I can't really see if ever becoming a competitor as real wealth store.

Re:Suspicious

[makomk]

There are more effective ways of destroying Bitcoin if you're a government-scale attacker. What's more, most of the Bitcoin supporters are libertarians of the "if your computer gets hacked and you lose all your bitcoins, it's your fault - ha ha!" kind.

So?

[betterunixthanunix]

So a trojan goes around trying to find some data? Big deal. Call me when the data has some actual value, and is not just part of a giant speculative bubble (or perhaps pyramid scheme).

Re:So?

[walshy007]

Call me when the data has some actual value,

The value of anything is assigned by people themselves, nothing has inherent value. It will have value when people assign it to it, which many people already have apparently.

Re:So?

[betterunixthanunix]

nothing has inherent value

You mean that food does not have an inherent value? Or shelter? Or medicine?

Value is a result of supply and demand. If there is a limited supply of something that people want, then it has value. The more people demand it, or the more the supply is limited, the more value it has. People don't just "assign" value to something by some magical process.

We all know where the supply of Bitcoins comes from. Where does the demand come from? Oh, right -- speculation about your ability to exchange Bitcoins for other currencies. Compare this with the demand for those other currencies, which is the result of the need to pay taxes, the ability to have a court settle a dispute over a debt, and so forth. Nothing magical about it; the demand for currency is a result of the legal framework that surrounds it, and the supply comes from governments and banking systems.

When I can take you to court for defaulting on a Bitcoin loan, or when I can pay my taxes in Bitcoins, there will be no question about whether or not Bitcoins have any actual value. Until then, Bitcoin should be considered a speculative bubble if you happen to be optimistic or a scam if you are not an optimist.

Re:So?

[walshy007]

You mean that food does not have an inherent value? Or shelter? Or medicine?

Not at all, you've assigned it value, although it is a generally common value of humans based on their biological urges of wanting to live (since those that don't tend to well.. die). Those items themselves have no inherent value, it is solely your own view.

Value is a result of supply and demand. If there is a limited supply of something that people want, then it has value. The more people demand it, or the more the supply is limited, the more value it has. People don't just "assign" value to something by some magical process.

People have already assigned it value, not because of supply and demand, but because they _want_ it. They consider it valuable enough to want to acquire, so it has some value to them, otherwise why would they try to get it?

In the cases of currencies, most people already agree there is no inherent value. But what they fail to realize is that even general purpose items have no inherent value either, people value the currencies for their ability to acquire other items/services which they do value. The value if those items is also artbitrary, To a devout hindu person that was starving a pound of steak would have no value in aiding their hunger.

To an anti-firearm person a brand new walther ppk is worthless to them (except for perhaps selling it and trading its value for something else, but the point is even though it has utility it has no inherent value... all of the values were assigned by people).

Compare this with the demand for those other currencies, which is the result of the need to pay taxes, the ability to have a court settle a dispute over a debt, and so forth. Nothing magical about it; the demand for currency is a result of the legal framework that surrounds it, and the supply comes from governments and banking systems.

The original demand for currency was to find something of which everyone could agree to value for the sake of exchanging other items that they or the people they were bartering to valued. The only reason people assign value to currency are the other things of perceived value they can get with them.

When I can take you to court for defaulting on a Bitcoin loan, or when I can pay my taxes in Bitcoins, there will be no question about whether or not Bitcoins have any actual value.

I can purchase services that I value right now with bitcoin, so why should i not value bitcoin because of the subjective value I have for those services that it can acquire for me?

Likewise if some eccentric math head decided to start personally valuing bitcoins for some crazy bizarre reason, how is that not value even though they are not even purchasing anything with them?

What people value is quite arbitrary, aside from biological urges most people have but even then that does not mean items have _inherent_ value, only that many people value it.

Re:So?

I wonder when people like you will face the reality that bitcoin is worth something, and you missed the boat when it increased in value over x1000 in the last 2 years. How can the current slashdot groupthink argue such a silly position that this one and single item that has a market trading over $1 million per day is actually worth absolutely nothing? It's a denial of reality, and you all should grow up.

This is a problem with available solutions

[Dr.+Spork]

This security hole and related stealing is definitely a problem, but it's not a problem for Bitcoin. I give it a week before somebody releases a beta version of a simple bitcoin management application that encrypts, backs up and hides the relevant .dat file, as well as providing other functionality for managing your account and maybe even mining. Ideally, this would be a program that you compile yourself, so that you know there's nothing shady in it. I don't see anything in Bitcoin itself which makes it inherently vulnerable to this sort of stealing. A good application for this could make bitcoins at least as safe as your password for online banking.

Re:This is a problem with available solutions

Wrong. The problem isn't encryption - the problem is that the keys are there, in your computer. Are you telling me you're going to decrypt the wallet file just before a transaction, and then encrypt it and erase the plain text file again?

Then you'd need a password for that. But if you have a virus, they could put a keylogger and find out how to access your wallet file. They'd crack the password - unless it's a huge passphrase that we all know 99% of the people wouldn't use.

A chain is as strong as its weakest link - and the weakest link in this case, is your PC. Storing your digital money in your PC is equivalent to hiding your money under your mattress.

What we would need is a separate computer serving as a "bitcoin server" that you could connect to. Perhaps there would be companies specialized in bitcoin security - you'd give them your bit money, and they'd take care of it. Oh wait, those are called "banks"! And not even banks are safe from hackers and fraud.

A 100% digital currency might be reliable in theory and science fiction, but in today's world, it's completely unreliable.

Re:This is a problem with available solutions

I don't see anything in Bitcoin itself which makes it inherently vulnerable to this sort of stealing.

It's bits that can be copied. That is an inherent vulnerability.

Re:This is a problem with available solutions

[sur3857]

Exactly, with Bitcoin _you_ are your own bank, so yes, you should take at least some security measures to protect your goods.
What I would do? Put a Bitcoin standalone box in a safe place, and log in there remotely to make transactions. I give it two weeks before somebody releases a PHP app for that purpose. There is a public service that does just that right now (Instawallet), but you don't need to trust in a third party.

Re:ALL BITCOIN NEWS IS SPAM

[hedwards]

There's nothing behind the anti-bitcoin crowd, apart from the fact that we're smart enough to see what a colossal scam it is. Supposedly, it isn't anonymous, which makes it even less useful as that would make it unsuitable to replace bags of cash for criminal deeds.

You get bitcoins by doing the calculations which are required to use bitcoins, so, it's not based upon anything other than the belief that it's valuable. On top of that, the rate at which ones gets bitcoins slows as time goes by to a fixed amount, meaning that early adopters get bitcoins for basically nothing, while the people later on get screwed. It's not quite a Ponzi scheme, but it's damned close.

Additionally, unlike other fiat currencies, you're not guaranteed to be able to buy anything with them later on, or even doing anything with them. USDs are essentially just paper, but you're guaranteed to at least be able to pay your taxes with them, pay debt, or exchange them into whatever your local currency is via most banks.

So sad

[TheRealFixer]

Back in 2001, a virus stole all my TreeLoot dollars. 2 years of punching the monkey, all down the drain in an instant.

Re:So sad

[MadKeithV]

Be glad it didn't steal your porn collection. At least 2 decades of spanking the monkey down the drain in an instant.

Does encryption help? Why not secure sessions?

[madhatter256]

I don't think encryption alone will help. It only protects you when your PC is not on or when bitcoin is not running. Once bitcoin is running, the trojan only needs to find the memory space the program is using to steal your wallet.dat info.

Why not make bitcoin do what most banking websites do and create secure sessions when accessing your account, or in this case your wallet.dat file?

I haven't dabbled a lot in bitcoin, so far, but afte installing it, everything is there, in the open. It doesn't ask me to create an account persay, it generates one, but it doesn't ask me to create a password or anything.

Daily Story

About Bitcoin......can Lulzsec release something and get a story before lunch, FTW!?

Why?

Why? They aren't worth anything, who the fuck cares.
Bad press is better than no press, or what?

-1 reader for slashdot. Keep it up guys

[PhreakOfTime]

I stopped reading slashdot for awhile, because of this blatant garbage. If I wanted to read a bunch of shills, I would read ITworld.

Low and behold, I finally come back today, and there is ANOTHER bitcoin story(non-story). Slashdot just lost a reader, and I've been here for oh... 14 years.

Re:-1 reader for slashdot. Keep it up guys

And yet you will come back time after time.

Re:-1 reader for slashdot. Keep it up guys

[cforciea]

See you tomorrow.

Re:-1 reader for slashdot. Keep it up guys

[Relayman]

Suggestion: Skip over the headings that don't appeal to you and read the ones that do. Comment on things you feel strongly about. I, for one, enjoy my daily Bitcoin story.

Re:-1 reader for slashdot. Keep it up guys

I skip the stories that don't interest me. Too bad you don't have the judgment to do the same.

Re:-1 reader for slashdot. Keep it up guys

How did you get a 500K UID 14 years ago?

Re:-1 reader for slashdot. Keep it up guys

[osu-neko]

Suggestion: Skip over the headings that don't appeal to you and read the ones that do. Comment on things you feel strongly about. I, for one, enjoy my daily Bitcoin story.

But... having stories you have to skip over... the mere fact that stories are being posted that you're not interested in... this severely threatens your belief that you are the center of the universe. If you're that kind of person, the fact that such stories even get posted makes you extremely mad, and you really have no choice but to quit reading the cite that constantly rubs your face in the fact that you aren't the center of the universe. It's so cruel when a website doesn't tailor its output precisely for you...

Re:-1 reader for slashdot. Keep it up guys

[osu-neko]

Argh... s/cite/site/

What????

why in the world is the file not substantially, or even multi-layer encrypted??????

what is money?

[circletimessquare]

money is an abstract representation of a wealth of a society. as such, it needs integrity. this integrity is derived from transparency. without integrity or transparency, "money" loses meaning, and therefore value, because people lose confidence in a society's money: they don't want to invest meaning and value in it if they can't depend upon the idea that it is worthy to do so. and without integrity and transparency, there's no way to track or understand a currency's value. it's like wanting absolutely security with absolute convenience: on some level, convenience and security are antagonistic concepts, you make compromises and tradeoffs

likewise, what bitcoin wants to be, what it wants to do with the idea of money, is actually antagonistic with the way money is supposed to work in society. and IN society is the only way money ever works: even gold has no meaning without other human beings who desire it. if you have a pile of gold, and you are starving, you're doomed. you can't eat it. so what is the intrinsic "value" of gold after all? none, really

so bitcoin is a philosophical failure, and is doomed, except for the temporary enthusiasm of a bunch of people who don't even understand what money really is

the more well-functioning, well-policed, transparent, and rich, the society, the more integrity there is, the more confidence there is, and the more value your money has

which brings us to an argument about the tea party assholes who are antagonistic to the idea of investing in the general health and welfare of society, from the healthcare of their fellow citizens to the infrastructure of their rail systems. even though such an investment pays dividends, increasing your personal wealth, in concrete and abstract ways, and not investing in the health of society reduces the value of your money. because money loses value if society loses value. but i digress

Re:what is money?

[coldsalmon]

"You could take all the gold that's ever been mined, and it would fill a cube 67 feet in each direction. For what that's worth at current gold prices, you could buy all -- not some -- all of the farmland in the United States. Plus, you could buy 10 Exxon Mobils, plus have $1 trillion of walking-around money. Or you could have a big cube of metal. Which would you take? Which is going to produce more value?"

--Warren Buffet

Re:what is money?

Way to bring down your entire, "somewhat" well thought out paragraph to a burning failure of an ending.
I fail to see how healthcare or any of the other things you mention can benefit society when they are governed by a single, giant, slow-moving infallible being. The whole reason why today's society works and money, gold, et al. have usable value, is because people have the choice to take these things and trade them for something they want. If a leviathan arbitrarily forces society to buy gold at a certain value, its value no longer adapts according to society's perception of it and the entire structure ends in flaming ruins the way your comment does.

Re:what is money?

[circletimessquare]

healthcare is best served by the government, not because it does it well, but because it does it better than the free market

unless you prefer social darwinism?

you fail to understand what "choice" means when you have no choice at all, such as with healthcare expenses

Re:what is money?

[AllergicToMilk]

I don't agree about transparency. Bitcoin is pretty darned transparent with regard to monetary policy compared to, for instance, the Federal Reserve or the IMF. What bitcoin is not, presently, is stable. That stability might only arrive once the Bitcoin money supply is worth billions rather than millions of dollars. The value of the money supply is, in fact, the measure of the integrity of the currency. It is the measure of user's confidence, defined.

Re:Does encryption help? Why not secure sessions?

[icebraining]

Once bitcoin is running, the trojan only needs to find the memory space the program is using to steal your wallet.dat info.

Well, you do need root access to read other programs' memory space, so it would make it more difficult.

The reason encryption would be useless is because offline password cracking is too cheap nowadays, specially if you have a beefy GPGPU system like any bitcoiner will.

Here's the Bitcoin Story...

[Nethemas+the+Great]

I was kind of wondering what happened yesterday. I mean seriously, a whole day without a Bitcoin story!

Re:ALL BITCOIN NEWS IS SPAM

[icebraining]

But how is it a scam, if that's all obvious? You can get all that by simply reading its FAQ. It specifically says they promise no profits, and that it'll be worthless if nobody accepts them.

ENOUGH!

[pz]

Enough with the Bitcoin spam!

Re:ALL BITCOIN NEWS IS SPAM

[walshy007]

You get bitcoins by doing the calculations which are required to use bitcoins, so, it's not based upon anything other than the belief that it's valuable.

Can you please explain how anything is _inherently_ valuable? all value is assigned by people themselves.

USDs are essentially just paper, but you're guaranteed to at least be able to pay your taxes with them, pay debt, or exchange them into whatever your local currency is via most banks.

And if those uses are for some reason not needed by you at all and yet bitcoins is, how is bitcoin less valuable?

Lesson of the day, there is no inherent value, all values are subjective.

Trojans are unsafe.

[Ukab+the+Great]

Trojan's in your wallets don't offer very much protection. Any sex ed teacher can tell you that.

Re:Trojans are unsafe.

[david.given]

I keep my Trojans in the bathroom cabinet, but it's not very satisfactory --- all that shouting in ancient Greek keeps me awake and they throw spears at me when I'm in the shower.

Bitcoin Spam

[mlwmohawk]

Can we stop getting bitcoin spam. It is a stupid idea.
Seriously, for a monetary system to have value it has to be widely agreed upon. Bitcoins are nothing more than electronic wampum, eWampum or iWampum, if you will. (Those are my trademarks! :-) The value of a bit coin is no more or less a monetary system than is the value of baseball cards, sure, you can buy, sell, and trade them, but they are not actual currency and are not likely to be. In limited circles they make take on as a token, similar to chips at Las Vagas, but that isn't money.

Re:Bitcoin Spam

In limited circles they make take on as a token, similar to chips at Las Vagas, but that isn't money.

I don't know anyone who accepts Canadian "money". I knew those hosers had some scam going on!

Yeah, sorry - BitCoin is money. Deal with it.

Re:Does encryption help? Why not secure sessions?

Well, you do need root access to read other programs' memory space, so it would make it more difficult.

The client does *not* need to keep the *private* keys decrypted all the time. That's only necessary when transferring coins to another address. So the client could prompt the user for the password at the time the transaction is performed, decrypt the key, perform the operation, and then throw the memory away. This makes it exceedingly difficult to pick the key out of memory.

The reason encryption would be useless is because offline password cracking is too cheap nowadays, specially if you have a beefy GPGPU system like any bitcoiner will.

Bullshit. A sufficiently long password is still plenty secure, even given GPUs these days. Take your favorite book. Pick a page number. Now copy out the first sentence or two. Problem solved.

Nice FTP Password...

At least with the rash of articles on /. regarding poor password choice of late, the trojan coder is at least promoting semi-decent password security by not choosing an obvious default password choice. Check it out, on the code snippet, within TFA. It goes well with the default server of "user@host.com"...

Re:ALL BITCOIN NEWS IS SPAM

[Beelzebud]

It's up to the proponents of bitcoin to convince the rest of the public that your currency has value. Until you can do that, it IS worthless. That is your lesson of the day. Good luck.

Are bitcoins forever lost if owner HD fails?

If bitcoins can be stolen by grabbing the contents of a .dat file, does that mean that those same bitcoins could be *forever* lost if their owner has an irrecoverable HD failure (with no backup?)

Re:Are bitcoins forever lost if owner HD fails?

[ldbapp]

Yes.

Re:Are bitcoins forever lost if owner HD fails?

Wow. A money system with an intrinsically limited number of units that can irrecoverably lost during an event that, likely, will happen to everyone at some point in their life if they don't have a backup.

Re:Are bitcoins forever lost if owner HD fails?

[cos(0)]

I know, right!

Thankfully we all have backups of our real wallets, with USD currency. That way when we lose/misplace our wallet or get mugged, we simply pull out the backup and proceed with our lives.

A bitcoin story for today!

[Relayman]

I was wondering what I was going to do without my daily bitcoin story. Now I'm happy until tomorrow when I'll be looking for the next bitcoin story.

Re:ALL BITCOIN NEWS IS SPAM

[walshy007]

It's up to the proponents of bitcoin to convince the rest of the public that your currency has value. Until you can do that, it IS worthless.

Not everyone needs to use bitcoin, so long as people that you wish to trade with value it, then how is it not valuable?

I could trade bitcoins for services i may require right now whereby bitcoin would be a far more convenient method of transfer of the funds. When multiple people you are interested in trading with all value it, how is it then of no value to you when you can acquire services you may need with it?

Re:Does encryption help? Why not secure sessions?

[MyFirstNameIsPaul]

Run a vanilla Ubuntu Live CD and encrypt your BitCoins on a removable media. Problem solved. Do what you do with your real-world dollars: deposit your BitCoins in a bank, or do they have those yet?

Re:Does encryption help? Why not secure sessions?

[DrXym]

I don't think encryption alone will help. It only protects you when your PC is not on or when bitcoin is not running. Once bitcoin is running, the trojan only needs to find the memory space the program is using to steal your wallet.dat info.

Not necessarily. Bitcoin by default might hold incoming transactions as plaintext in a receivables tray but transfer them to savings tray when the user enters a password. After 5 minutes the password is dropped and the old behaviour resumes. I expect for most people this means their exposure is reduced from 24/7 down to 5 minutes a week or similar. The wallet could still show them some meta info about their savings (e.g. transaction history & amounts) but it would protect the coins themselves.

The trojan might have to sit around for days or weeks for someone to need to unlock the wallet and in the meantime the chances of it being detected are that much greater.

Making a file called wallet.dat right now...

The contents of which is: "Hazim complains about the problem of shoplifting."

Please no more.

No more bitcoin articles.

"new for nerds" maybe. "stuff that matters" hardly.

I haven't read ANY of the responses, but I predict someone said "that's what you get for placing arbitrary value on worthless crap", and oh snap, someone replied "how is that different than our placing arbitrary value on papers dollars?" blah blah blah.

same thing EVERY day, an otherwise non-news, non-interesting-except-to-laugh-at bunch of shit.

Botnet bitcoin mining

[Permutation+Citizen]

Article estimates that botnet bitcoin mining is not lucrative, comparing with renting rate for DDOS attack.

1 - If botnet contains a good proportion of computer with GPU, it could mine in GPU and be much more efficient.
2 - I doubt botnet are rented 24/24

Re:Botnet bitcoin mining

[thebobster]

Also, renting out a botnet means sales pitches to unsavory people (Q: who'd want to rent out a botnet? A: someone who's probably not trustworthy in paying his bills).

For a botnet herder, bitcoin mining means they don't have to work or pay for sales or collections.

shocking

[kelemvor4]

It's shocking to me that so many people are taking bitcoin seriously. Even before all the news stories started coming out about stuff like this it just sounded like a bad idea to me.. why would anyone want to risk it?

Re:shocking

[osu-neko]

Because people who don't take risks are people who never make much money.

Re:ALL BITCOIN NEWS IS SPAM

[Bert64]

There is no guarantee with any currency... Any currency you hold could be devalued, look at the Zimbabwean dollar for instance (http://en.wikipedia.org/wiki/Zimbabwean_dollar) which suffered from hyperinflation. And the problem with such currencies, is that they are controlled by a single entity - usually the government of the country where the currency originates, so acts of incompetence or malice can very rapidly devalue the currency.

B & E

[DemonGenius]

So this can be analogous to someone using a key bump technique on my house's lock, sneaking in and stealing all my money that I've kept in a conveniently predictable location. Yeah, definitely a problem with the Windows Bitcoin software design. Quite disappointing considering that it was designed to be a secure currency. Having installed this on my torrent machine to see what the fuss is all about, the fact that the dat file is in the application settings folder of Windows rose some pretty big flags for me.

Solution: get a "house" with a good "security system" (i.e. run Bitcoin on Linux)

Re:B & E

Except if someone breaks into my house, my security cameras will see their actual face, and if I'm home (and if the house is in an appropriate jurisdiction) I can shoot them in that face. With this trojan, the "burglar" is in some other country, behind a number of proxies.

SVN makes a similar choice.

Basically, the very best they could do is interface with every local service which is designed for this sort of thing. Windows has some sort of encryption which uses per-user, or at least per-machine keys, though I have no idea how secure that is. On Kubuntu, I've got KWallet. On OS X, there's Keychain.

But then you're still vulnerable to keyloggers.

This is one thing I like about Bitcoin, but which could seriously hinder its adoption: You, the end-user, are entirely responsible for your security. This means I can make it much more secure than my bank will -- have a "savings account" (or, more accurately, savings wallet) on a separate, hardened machine with fulldisk encryption, and maybe even a proper air gap.

I can also, like you, naively assume that it's somehow magically encrypted by magical crypto fairies. I mean, you sound reasonably intelligent, but really, WTF, dude? When did it ever ask you for any sort of password that it could conceivably use for encrypting a file? Did it ask for access to Keychain or KWallet or anything similar? Or did you never actually try the software? My immediate reaction was, ok, I need to find out how it's storing my money and how to make that secure, not "Oh I guess it's encrypted by default somehow."

No mods points :-(

[acid06]

You've made a brilliant post about Bitcoin, Mr. The best I've read so far.
I'm no Bitcoin-wacko but your post should be used as a reference whenever someone asks general questions about Bitcoin.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Comment removed

[account_deleted]

Comment removed based on user account deletion

Independent of any central entity

[poszi]

As much as the Bitcoin stories are getting a little much we are seeing the birth of something completely new; A medium of exchange that is independent of any government.

This is not new. There were and are many currencies independent of any government (Disney, Linden dollar, local currencies) but Bitcoin is the first project of currency fully decentralized, independent of any central authority. This is something really novel.

Two other radical features

[X86Daddy]

Bitcoin also represents two other major breakthroughs that have been dreamed about since the Internet gained public awareness: viable microtransactions, and electronic payments sans middlemen and fees.

This method of value exchange may change the earning dynamic for thousands of starving artists... the new band that gives its MP3s away but gets a few more cents worth from appreciating fans than they would from their share of an album's sale... the web comic author who finally has a tipjar equivalent working on her site, the author getting his feet wet writing short stories can gauge how interested people are in paying for his writings by asking for tips before putting in the time to write a full length novel. The maintainer of a freeware application can be encouraged to build more features or fix more bugs, etc...

Bitcoin's largest and most powerful enemies in the near term may actually be companies like Paypal and Visa, when people start exchanging value without their involvement. I expect legislation to be drafted by said companies, handed to the senators and congresspersons they own, and placed into law as the first real effort to destroy or fight Bitcoin.

Re:Two other radical features

[mcmonkey]

Bitcoin also represents two other major breakthroughs that have been dreamed about since the Internet gained public awareness: viable microtransactions, and electronic payments sans middlemen and fees.

So where can I spend bitcoin? Where are the retailers that will exchange bitcoin for goods and services?

Re:Two other radical features

[makomk]

Bitcoin also represents two other major breakthroughs that have been dreamed about since the Internet gained public awareness: viable microtransactions, and electronic payments sans middlemen and fees.

Not really. Due to the fundamental way Bitcoin is designed, all transactions have to be broadcast to and stored by all fully-fledged Bitcoin nodes, so it can't really scale to support microtransactions. (In fact, it's intentionally limited to a maximum of about 7 transactions per second for now to prevent the network being overloaded, less if the transactions are complex.) What's more, in order for your payment to go through it has to be accepted by one of a handful of Bitcoin mining pools, and they generally require a processing fee.

Re:Two other radical features

https://en.bitcoin.it/wiki/Trade

exactly. . .

[jafac]

While INFORMATION (more accurately; Knowledge) can be PROPERTY that has value. . . DATA can NOT.
Data can act as a form of CURRENCY, to TRACK A TRANSACTION.
But it can never be a commodity that stores value. This is the flaw in bitcoin.

The thing, even about Information or Knowledge, is that it can be copied infinitely and transmitted. So while certain Information and Knowledge has value, in that it can enable one to access physical assets in a more efficient manner; this is not an actual value. It's an "effective" value. But you can't really, in a natural sense, "hoard" information, and build a portfolio of value on a rule of scarcity, all on your own. Not without a framework of legal fiction and a government with police and law to support an Intellectual Property regime, to protect your Information for you. Otherwise, any other person can simply discover and use that information for themselves. And this is also true for Bitcoins. It is not true for PHYSICAL assets. (yet. Not until we figure out how to transmute matter, inexpensively; ie. Stephenson's Diamond Age).

Re:exactly. . .

[osu-neko]

Surely you don't suffer from the delusion that money is anything more than data? That hasn't been true for a very long time. Even prior to computers, only a tiny fraction of money was in the form of printed currency notes (dollar bills, etc). Money is, for the most part, numbers written in columns on spreadsheets. US$ are no different from bitcoins in that respect, and therefore, that cannot be the flaw in bitcoin, for it's true of US$ as well. Bitcoin has many flaws, but that isn't one of them.

Re:exactly. . .

Sorry, don't get your point.

"Bitcoin" is a contract you make with all voluntary parties (let's say, bitcoin users). That's what makes it a currency. The totality of demand gives it value. So, there, you have a store of value now.

Forget computers. Suppose, in our a tribe, all monetary transactions were public. But instead of names, we used passwords (keys) to initiate new transactions. You'd have to memorize your passwords, and you could create new ones at will, assuming you had the mental facility to also create public key pairs of those secret "key"s. Whenever someone wants to create a transaction, he goes to the public ledger and writes it down in a form that it can now only be re-transmitted by someone who knows the recipient's key. No account IDs needed.

In the above setup (which is identical to Bitcoin), no tribal authority is needed, since the mathematics is enough to prove that the transactions are authentic. Unfortunately, you need computers to make it practical. We could of course keep things simple and use personal identification, etc. but then there would need to be a central authority involved. Which is something to be avoided, if technology allows it. And DATA here, are the passwords and the ledger, but the whole scheme is what is needed to get it working, which actually comprise the "contract".

Physical assets work the same way. Yes, you can pile up rocks, but that doesn't make them a store of value? Demand gives something economic value. But it doesn't make something a currency. Currency is a thing that's agreed upon, it's a contract among users.

Something can be demanded because of its other properties, or because it is a currency. You could need gold to make golden fibers, or you could need it as a currency. Those are different properties of the same thing. Bitcoin doesn't have other properties (in this context). This makes it a pure currency.

Now, it could be argued if it's a good currency or not (pyramid scheme and whatnot). And it being a currency does not mean that it's a good store of value, since it doesn't have any value other than being a currency. How good a currency it is will determine its value.

Re:Does encryption help? Why not secure sessions?

[icebraining]

But that's the thing: someone security conscious enough to use a good passphrase, wouldn't keep the wallet file in the machine in the first place. Everyone else will use '12345' as their password even if Bitcoin asks for one, rendering the feature useless.

We don't even know if their code is secure.

[elucido]

In my opinion their code itself needs to be audited. It's very possible the security flaw is in bitcoin itself.

Who are the developers? What are their names? Why isn't the source code posted up on pastebin or presented in a way where the cloud or crowd can grok and audit it? The Linux Kernel is easy to find. Even TrueCrypt's code can be found.

Look I don't even need to have to see the goddamn code. Show us the pseudo-code displaying the core algorithms. I just need to know there are no errors or bugs in this code and who is writing it.

Re:We don't even know if their code is secure.

Why isn't the source code posted up on pastebin or presented in a way where the cloud or crowd can grok and audit it?

bitcoin-0.3.21/src/ is part of the download...

Re:Does encryption help? Why not secure sessions?

[madhatter256]

But that's the owners problem if they use a simple password. I would like the program have security features built into it, such as the one I suggested. It's not to prevent hacking as that is impossible, but make it harder and moreso if the user uses a stronger password in the first place.

Being that it's open source, someone has to code it, and maybe that one person might be able to sell that 'secured' version. Better than what is out there now.

Let the user select

[elucido]

Let the user select a location that is not standard.

Put your bitcoins in a bank

[SoftwareArtist]

If you store cash under your bed and someone breaks into your house, its gone. That's why most people don't keep their money under their beds - they put it in a bank. The bank has much better security than you do. If someone robs a bank, it's the bank that loses money, not the customers. And if they lose so much money they can't pay back the customers, then the government covers it.

I wouldn't store large sums of money in a file on my computer, but once my bank offers to let me deposit bitcoins and let them manage the security, then it becomes a real option.

Re:Put your bitcoins in a bank

[makomk]

Of course, a scary number of Bitcoin "banks" in existence now have CSRF vulnerabilities that allow any website you visit to drain your balance. Which is not exactly an improvement.

Re:ALL BITCOIN NEWS IS SPAM

[DriedClexler]

I can sympathize with the suspicion about something new, especially a financial idea, but I can't sympathize with these particular points.

Supposedly, it isn't anonymous, which makes it even less useful as that would make it unsuitable to replace bags of cash for criminal deeds.

True, but how do you securely send large bags of cash 100+ miles for free?

You get bitcoins by doing the calculations which are required to use bitcoins, so, it's not based upon anything other than the belief that it's valuable.

You get them by trading something for bitcoins -- just like how you get USD. You can also get *newly created bitcoins* in the minting process by contributing cycles to authenticating the validity of the transaction data. It's a bit strange to object to this method of minting money, but not one in which a sovereign can costlessly print as much money as they want.

When did you ever get an invitation to partake in a share of the US Mint's next run?

so, it's not based upon anything other than the belief that it's valuable. On top of that, the rate at which ones gets bitcoins slows as time goes by to a fixed amount, meaning that early adopters get bitcoins for basically nothing, while the people later on get screwed.

Just like everything else. Early adopters of the next big thing benefit if it takes off and provides a network or infrastructure that is beneficial to others. I think you forget all the people who adopt something that *doesn't* take off. There seems to be this mentality that, "I should get to partake in the fruits of a successful enterprise [not that Bitcoin is an "enterprise", strictly speaking], but not have to put any skin in the game or take the risk of losing a lot when it doesn't succeed."

Sorry, you can't have it both ways. You probably knew about Bitcoin long before, and had every opportunity to be an early adopter. Didn't want to take the risk? Then don't complain about not getting the reward.

Additionally, unlike other fiat currencies, you're not guaranteed to be able to buy anything with them later on, or even doing anything with them. USDs are essentially just paper, but you're guaranteed to at least be able to pay your taxes with them, pay debt, or exchange them into whatever your local currency is via most banks.

Sure, but at what rate? It's little consolation that your dollars will cancel your $10,000 tax bill, if the government is going to keep injecting trillions to wipe out whatever savings you had.

Yes, currencies have a risk of gaining or losing value. Bitcoin is no different in this respect.

Re:ALL BITCOIN NEWS IS SPAM

[hedwards]

In 2004 we had a politician running for governor that claimed to be able to rebuild a local bridge with 8 lanes instead of the planned 6 lanes and to be able to do so for less money than what we were going to pay for the 6 lane bridge. He nearly won the election. Just because it's obvious, doesn't mean that there aren't people who are stupid enough to fall for it.

Re:ALL BITCOIN NEWS IS SPAM

[hedwards]

Being able to transmit money for free, is nice, but it's not a reasonable way of choosing a form of payment.

The US Mint doesn't print money, they strike the coinage, the Bureau of Engraving prints the money. (Not really important to the point, but I'd rather not let that slip by. The mint is run by political appointees that were themselves appointed by individuals that I got to vote for. The number of coins in circulation is based upon need, and the growth in the supply is more or less meaningless. They don't just keep minting coins because they can, those coins cost money and they only strike them as needed. Same goes for paper currency, the amount they print has a relationship to the number that they have to replace and the size of the economy.

The Federal Reserve's policy relation in all of this is ultimately not as open ended as you seem to suggest. Sure they created a lot of money in recent years via quantitative easing, but the effect itself, particularly with the early stages was nihil. They could have done the same thing by way of issuing government assurances that the government would step in for some portion if need be. And required banks to put their own money to buy themselves out of government ownership in exchange. Same solution to the same problem, the only difference was nominal. Believe it or not, the rich and the corporations that normally are for class warfare are even more opposed to that sort of thing than the lower classes are as they have much more to lose. Hence we won't be seeing that in the long term.

When it comes to bitcoins, you aren't being given the opportunity to partake of the next run. The number of bitcoins popping into existence at this point is embarrassingly small, it's hardly unusual for somebody to spend more money on electricity than if they were to just buy the coins. I'm not sure on what basis one would claim that one was getting anything. This isn't any different than how the mint does it, I can buy those coins. The Mint doesn't lie to people about what they're getting or how they get them.

The last point is a straw man, and blatantly so. Yes, we in the US could have hyperinflation, but we won't. The reason why is that businesses and government like some inflation, but not hyperinflation. Hyperinflation isn't something that just happens, it's more or less a deliberate act of economic sabotage. Nobody in the US, whether it be citizen, corporation or government official is going to let that happen. We might have high inflation, but it will never get to that point, and we will still be able to pay off our debts using that cash. Something which is decidedly not the case with bitcoins.

In other words, the real world economy is pretty well understood, and so is the bitcoin economy, but unlike the real world economy, there is only one outcome that we're likely to see. And that's a run on the bank as the early adopters rush for the exits leaving everybody else holding the bag.

Re:ALL BITCOIN NEWS IS SPAM

[hedwards]

No, that's not a problem with currencies. It's a problem with corrupt, incompetent government officials. Hyperinflation doesn't just happen, and in practice it doesn't happen in countries with a functioning government. Zimbabwe had that because of deliberate sabotage of the economic system to keep Robert Mugabe in power.

We won't see that in the US because neither the rich, poor, corporations nor government appointees are willing to let that happen, and the problem is about as hard to avoid as a train. It's well understood what causes that to happen, it's not exactly hard to avoid.

Re:Is there any way to give them a poisoned wallet

...besides creating a poisoned wallet, naming it wallet.dat, and moving your real wallet to a usb drive off the computer?

Re:ALL BITCOIN NEWS IS SPAM

[icebraining]

But he was actively lying to people; the bitcoin devs aren't! As I said, their FAQ is very honest.