Bitcoin Exchange Mt.Gox Suffers Serious Attack, Instawallet Offline

Bruce66423 writes "The BBC reports that Mt.Gox, the main exchange dealing with Bitcoins, has been attacked, and other resources are off line. A scary reminder of how insecure ALL money is in the computer age..." Also at TechWeekEurope. A message at bitcoin storage service Instawallet's site begins "The Instawallet service is suspended indefinitely until we are able to develop an alternative architecture. Our database was fraudulently accessed, due to the very nature of Instawallet it is impossible to reopen the service as-is."

Is it?

[paiute]

"A scary reminder of how insecure ALL money is in the computer age...."

I applaud the creation of Bitcoin, but really, would you trust your $10,000 more on a server somewhere or in an FDIC-covered bank?

Re:Is it?

And if you did trust it on a server somewhere, would that server be "Magic The Gathering Online Exchange"?

(Or are we supposed to forget that that's what "MtGOX" stands for?)

Re:Is it?

[ackthpt]

"A scary reminder of how insecure ALL money is in the computer age...."

I applaud the creation of Bitcoin, but really, would you trust your $10,000 more on a server somewhere or in an FDIC-covered bank?

The big sack of pennies under my bed is as secure as ever.

Re:Is it?

[westlake]

I applaud the creation of Bitcoin, but really, would you trust your $10,000 more on a server somewhere or in an FDIC-covered bank?

I hate to break this to you, but your insured deposits aren't held as coins in an outsized piggy bank like Scrooge McDuck's Money Bin. They exist only as entries in an electronic ledger.

Re:Is it?

Huh? Bitcoin is still rolling along just fine. MtGox is an exchange. The coins are still being transacted just fine.

This is my biggest problem with people not understanding this technology. *Sites* have been hacked and DDoS'd, so far the Bitcoin network itself has been much more reliable. If you're into security, I'd highly recommend looking through the specs. It's an incredibly beautiful piece of engineering whether or not you are using it.

Re:Is it?

[Hentes]

There are many degrees of computer security, just like in real life. When you deal with lots of money, you want security that matches with the risk. Banks can do that.

Re:Is it?

[chill]

Irrelevant. The guarantee is by first the bank then the U.S. Government, regardless of how the funds are recorded.

In the case of Mt. Gox, it is an exchange and not a bank. The only threat would be if you attempted to exchange for a different currency and couldn't because of the DoS. Just like what happened to Bank of America earlier.

As for the wallet -- they're fucked.

Re:Is it?

I applaud the creation of Bitcoin, but really, would you trust your $10,000 more on a server somewhere or in an FDIC-covered bank?

Is it any safer there than a Cypriot bank?

Re:Is it?

[betterunixthanunix]

If you're into security, I'd highly recommend looking through the specs. It's an incredibly beautiful piece of engineering whether or not you are using it.

I looked at the specs, in great detail. What I saw is a system that uses cryptography but which is not secure under the notion of "security" that cryptographers use. The effort required for a successful double-spending attack on Bitcoin scales linearly with the effort required to use Bitcoin; this is worthless as far as cryptographic security is concerned. It is also troubling that the Bitcoin "security proof" only rules out a single attack strategy. Usually we want security proofs to rule out *all* theoretically feasible attacks, even those that we do not know of.

Re:Is it?

[Archangel+Michael]

That depends on if the US government can confiscate money held in banks like what happened in Cyprus, or not. The question is, do you trust government to honor its promises. Ask the Native Americans how the government honors its treaties.

"I'm altering the deal, pray I don't alter it further"

Re:Is it?

[bill_mcgonigle]

I applaud the creation of Bitcoin, but really, would you trust your $10,000 more on a server somewhere or in an FDIC-covered bank?

Remember, the FDIC has about $25B in treasury notes (not cash, that's long gone) in its fund to cover about $10T in deposits, and most of the insured banks have very low ratios (perhaps 10% cash-on-hand at most). If there's ever a bank run, the FDIC can't stop it.

What the FDIC does is give the banking class license to invest wildly, without their customers caring at all what their banks do. Classic moral hazard.

The thing bitcoin has going for it is that nobody can double the amount of money in circulation and make the value of your coins worth half in turn. Of course it's really volatile, so while good for money transfer, don't store too much of your wealth in it long term.

For wealth storage, there's little subsitute for real assets these days.

Re:Is it?

[camperdave]

See! I knew bitcoins were some in-game currency.

Re:Is it?

[Archangel+Michael]

I don't trust MTGOX, and I have no illusions of trust. However many people trust the government. The real question is, is the illusion of trust better than the reality of not trusting anyone.

Caveat Emptor.

Re:Is it?

[camperdave]

The big sack of pennies under my bed is as secure as ever.

Security through bad-guys-not-carrying-a-forklift... Clever.

Re:Is it?

[lgw]

You obviously do not work with money or banking software. Its not a ledger, its a transaction trail. And its not in "an" its in several.

For transactions that stay in Bitcoins, the entire network tracks every transaction (well, more than half of it has to). The same goal is served without a central authority. The privacy implications are more disturbing than the prospect for fraud.

However, the exchanges are a different matter. Just like those stupid mortgage derivatives, there's a real need for a regulated exchange here. Note that most of the regulations involved in trading e.g. corn at the CME aren't government regulations, they're market rules. If you want to buy or sell at the CME, you follow those rules, if not, perhaps there's another market that works the way you'd like.

The CME (and the other big markets, but that's the main one for the US) is really good at writing rules that protect traders from crap like having the exchange hacked, or any of the other crap that the likes of Goldman Sachs have come up with over centuries of trying to hack the system.

My biggest worry with bitcoins is what happens when Goldman et al discover there's money to be made by manipulating that market, and have nothing to stop their centuries-old bag of tricks.

Re:Is it?

[Joce640k]

Where's mister, "It'll be $1000 before the end of the year, quote me on it."?

I want to mock him.

Re:Is it?

[Dast]

Damn, where are my mod points today?
SIGSEGV
Forklift is NULL

Re:Is it?

[lgw]

As I understand it, a successful double-spending attack on Bitcoin requires controlling more than 50% of the computing power participating in the transaction validation network at the time you make the transaction. As that is the same thing as the bitcoin mining network, and that has gone to custom ASICs now, that's a pretty impressive obstacle. I don't think even the NSA has that kind of horsepower any more (though if anyone does, it's them).

If there's some flaw you see in the implementation of that, it's a really interesting flaw and you should publish.

Usually we want security proofs to rule out *all* theoretically feasible attacks, even those that we do not know of.

You contradict yourself there. Everything is vulnerable. Everything from AES to SHA-x relies on the premise that no one has come forward with a weakness, and lots of smart people have looked, and that's as good as it gets. You can't prove a negative.

Re:Is it?

[slashmydots]

Somewhere? K K Tibanne Corp in Japan. And they already got hacked once so you'd think they'd have gotten their shit together. This may have been a DDOS or something stupid like that though since the price of BC is freaking $133! That's like 50% up from 2 weeks ago.

Re:Is it?

[Wonko+the+Sane]

Right. Since you've done such a thorough analysis of the method Bitcoin uses to prevent double spending, you can explain it in your own words and point out specifically where the weaknesses are?

Re:Is it?

[slashmydots]

The bought the domain name, dumbass. It's now K K Tibanne running it. That's like making fun on pets.com because of 15 years ago or whatever.

Re:Is it?

[slashmydots]

Amen to that. People don't realize the protocol is absolutely, 100% perfectly fraud-proof. It is designed to be impossible to forge a bad block or fake a transaction or gain ownership of coins you don't own. The only way to actually do it is to outprocess the entire rest of the network, which is impossible.

Re:Is it?

[hedwards]

This is ignorant hogwash, the FDIC can and does take control of banks before they fail. When we say that a bank failed, it usually means that they've dripped below their margin requirements and are at risk of failure. The FDIC swoops in over night, not unlike spies actually, and assumes control of the operation before even the staff know that the bank was going to be seized.

The reason for this is because it prevents a run on the bank and lessens the likelihood of the FDIC having to pay out non-trivial sums of money. What's more, there are almost certainly actuarial tables that dictate how much money they need to cover the total. If it really came to where they had to pay out $10tn to bail out the entire industry, we'd have bigger worries on our hands.

Re:Is it?

[lgw]

When I buy a share of stock or a corn future, my need to trust the government is minimal. I need to trust the exchange. And the big exchanges have an excellent track record - the exchange rules protect against 400+ years of dirty tricks by participants, and the likes of MtGox have a very long way to go. Attacking the database is just the most obvious and straightforward approach; there are so many ways to participate fraudulently in an exchange, or corner the market, or so many other dirty tricks that become rewarding if bitcoin really takes off.

Re:Is it?

[slashmydots]

For all the rest of you that might believe that nonsense, I know the protocol inside and out and that's all bullshit and horribly inaccurate. He has no idea how the protocol actually works. It has nothing to do with reversing encrypted data since that will do nothing for you.

Re:Is it?

[DragonWriter]

I hate to break this to you, but your insured deposits aren't held as coins in an outsized piggy bank like Scrooge McDuck's Money Bin. They exist only as entries in an electronic ledger.

They also exist in the form of various transaction documents and balance statements I can present to a court with jurisdiction over the bank in question as evidence of the existence of the deposits.

Re:Is it?

[Princeofcups]

And if you did trust it on a server somewhere, would that server be "Magic The Gathering Online Exchange"?

(Or are we supposed to forget that that's what "MtGOX" stands for?)

Since some people will pay $10,000 for a mint Black Lotus, it's in the same ballpark. :-)

Re:Is it?

[lgw]

The government could decide to confiscate all your bitcoins too: what's your point? Heck, the US government could decide to confiscate the money in Cypriot banks, if it wanted to. There's little you can do if the nation with the largest military starts behaving badly. But realistically, if the US starts confiscating it will be far more handy pools of money: 401Ks, university endowments, and re-insurance company assets, all of which could be taxed in some new way when the money runs out. Bank deposits are a very unlikely target here.

Re:Is it?

Yeah, it`s been plain from day one that Bitcoin`s vulnerability lies in the wallet files, not the protocol itself. Get access to a user's wallet file, and you have his entire savings at your discretion. Spend them, and the transaction will record you as the legitimate owner and consumer - there is literally no wa yt oprove bitcoin theft and/or fraud.

Of course the wallets are anonymous, but conveniently a cursory search of internet traffic will reveal locations HIGHLY likely to contain wallet files - anywhere bitcoin transactions are processed.

Isn`t it nice?

Re:Is it?

Yeah, sure sounds like the world's reserve currency being printed out of thin air.

Re:Is it?

[DragonWriter]

Amen to that. People don't realize the protocol is absolutely, 100% perfectly fraud-proof. It is designed to be impossible to forge a bad block or fake a transaction or gain ownership of coins you don't own. The only way to actually do it is to outprocess the entire rest of the network, which is impossible.

Unless honest participants in the network definitively control more than half of the computing power on the planet, it is at best impractical rather than impossible. Its not "absolutely, 100% perfectly fraud-proof".

Re:Is it?

[Archangel+Michael]

How can a government confiscate that which it has no knowledge of?

Re:Is it?

[DragonWriter]

That depends on if the US government can confiscate money held in banks like what happened in Cyprus, or not. The question is, do you trust government to honor its promises.

The thing about the unlimited power that comes with soveriegnty is that governments can confiscate computing devices as well as confiscating bank deposits or any other kind of property.

So how is Bitcoin secure, again?

Re:Is it?

[Archangel+Michael]

This wasn't a hack of the database. It was a DDOS attack. The database was not at risk in this case. People who don't understand technology need to not talk about it like they do.

And unlike most other exchanges, I can actually hold on to my own bitcoins, and submit to the exchange only when I want to trade them for other currencies.

Re:Is it?

[lgw]

There is about 20x more money deposited in banks than there is physical currency (the Fed bizarrely doesn't track
the M3 any more).

The thing bitcoin has going for it is that nobody can double the amount of money in circulation and make the value of your coins worth half in turn. Of course it's really volatile, so while good for money transfer, don't store too much of your wealth in it long term.

Doubling the amount of physical currency in circulation would have little effect on inflation. Moving to gold as the US currency would have little effect on inflation. Moving to bitcoin as the US currency would have little effect on inflation. The physical (or virtual) artifact used as a barter intermediary barely matters.

You don't need to create more instances of currency to inflate the money supply, heck these days fractional reserve lending is small potatoes compared to QE-Infinity in that regard. Sure, gold or bitcoins or whatever that you keep stuffed in your wallet would be safe from inflation, but the risk of simply being robbed is real, along with all the other problems associated with holding cash.

Beyond a few months expenses, cash is pretty pointless - you want to invest, not stuff your mattress. The important risk is economic collapse, not currency collapse.

Re:Is it?

[betterunixthanunix]

Moving to ASICs only means that your attacker needs to get a lot of ASICs. Nobody said the attacker could only use CPUs or GPUs.

As for the matter of security proofs, while it is true that AES and SHA256 are based on heuristic tests, there are cryptosystems that are based on strong security proofs. For example, the following statement can be proved: the decisional Diffie-Hellman problem can be solved in polynomial time or the ElGamal cryptosystem is secure against any chosen plaintext attack. The math needed to prove lower bounds on the DDH problem is still a matter of research, but such a lower bound proof would eliminate all questions about the security of ElGamal.

These kinds of security proofs can be given for digital cash systems as well:

http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.44.8279

You can't prove a negative.

Anyone who has studied math or theoretical computer science knows that that statement is untrue. Proofs of non-existence are not at all uncommon. There is no construction in Euclidean geometry for a regular heptagon. There is no algorithm that solves the Halting Problem. No cryptosystem can have statistical security unless the key is at least as long as the plaintext. These statements can all be proved and they are all famous results.

Re:Is it?

[betterunixthanunix]

To spend Bitcoin money multiple times, you only need slightly more computing power than everyone else using Bitcoin combined. The weakness is due to the use of consensus to decide which transactions are valid; by amassing enough computing power, one can control the consensus.

Re:Is it?

[Cajun+Hell]

A scary reminder of how insecure ALL money is in the computer age....

I applaud the creation of Bitcoin, but really, would you trust your $10,000 more on a server somewhere or in an FDIC-covered bank?

Think about what you just implied: that banks are so insecure, that they need insurance to deal with their likelihood of failure. That only serves to support the point that all money storage is insecure.

Of course, it only works, if one mistakenly thinks of banks as an extreme case, one of the more secure ones. If you view banks as being of, say, average security, then you can start to think in terms of doing things well, and there's probably no good reason bitcoin wallets can't be done well. It might be interesting to try. Anyone working on it?

FWIW, I'm not against insurance, but I do think that if a system encourages the average user to rely on it as a no-brainer which everyone ought to choose to pay for (and face it: FDIC, like anything else, can't possibly be free), that's a poor testament to the system's security. It also raises questions as to the cost. And creepily, I don't see insurance premiums coming out of my checking account. That makes me wonder if FDIC is unusually expensive/corrupt, if its costs must be so hidden. Yet another reason people ought to work to try to make bitcoin more viable.

Re:Is it?

[shaitand]

It was a DDOS. Nobody is immune to them and nobody's coins were stolen.

Re:Is it?

[luis_a_espinal]

I don't trust MTGOX, and I have no illusions of trust. However many people trust the government. The real question is, is the illusion of trust better than the reality of not trusting anyone.

Caveat Emptor.

Basic economics and historical data say yes. Trust is a proxy for inherent risks (or lack thereof) in the legal and economic systems of a society.

Trust facilitates the exchange of goods and services. The greater the trust, the greater the exchange and/or lower the costs of carrying out transcations. The Lesser the trust, the smaller the exchange and/or the greater the costs of protecting yourself.

On a more mundate example, I don't trust the government to know how exactly to maintain a free and effective economy. But I do trust that by savings will be FDIC-protected up to a certain ceiling, or that my property rights will be protected in general. Trust, and ergo, risk, are contextual.

Re:Is it?

[betterunixthanunix]

Point of clarification: the "or" in the statement about ElGamal is an exclusive or; if the DDH problem can be solved efficiently, ElGamal can be broken. The formal statement is actually a reduction: any algorithm that can attack the ElGamal cryptosystem can be used to solve the DDH problem.

Re:Is it?

[Anon-Admin]

That is because you do not understand how the stock exchange works. Some notes to help you under stand

#1) When you buy a stock, you do not own the stock. (Unless you get a hard copy of the stock certificate)
#2) The real stock is in DTCC's (Depository Trust and Clearing Corporation) name in a hidden vault in New York City.
#3) DTCC when Clearing the sale simply moves the record of the stock from one account to another and does not change the ownership of the stock.
#4) DTCC's Data center is running on 10 to 15 year old hardware and the stuff crashes all the time.
#5) Some day the database will crash and the information as to who owns what will be lost
#6) DTCC Will profit as they own all the stocks.

DTCC the privately held company you never heard of processing 4.6 quadrillion dollars a year in stock transactions.

Wait tell you find out who makes up the board of directors!

Re:Is it?

[Wonko+the+Sane]

An attacker with more computing power than the rest of the network combined can produce a longer proof of work chain and thus spend on one chain before eventually orphaning it with a different branch that sent the same output to a different address.

The actual amount of computing power needed for this attack does increase exponentially based on how far back in the chain the transaction to be reversed is contained, and the attacker must maintain a majority of hashing power for the entire duration of the attack.

Re:Is it?

[shaitand]

Those sorts of proof give a false sense of security. They say nothing about attacks not contained within the proof. The same is true of code that is supposedly proven bug free mathematically.

While these things don't hurt it is false to say that nothing counts in a security sense without them.

Re:Is it?

[Minwee]

In a large sack, underneath the mattress.

At least you know that they're safe.

Re:Is it?

[SydShamino]

In my opinion, microsecond stock transactions are the very type of dirty trick the exchanges should be protecting against, so based on the current actions of the stock exchanges, I disagree with your opinion on the big exchanges' track records.

Re:Is it?

[shaitand]

At the end of the day all computer security implementations come down to raising the cost to successfully employ an attack. It would likely be less expensive to attack an inactive wallet containing a large number of coins than to get >50% of the mining power. While such an attack is theoretically feasible it is not economically feasible.

Additionally, in the real world there is only so much of that hardware to be had at any price.

Re:Is it?

[betterunixthanunix]

The attack only requires that the attacker does as much work as the rest of the network until the original transaction is accepted (e.g. after six confirmations), at which point the attacker introduces the malicious block chain where he paid himself. That is not exponential: the attacker is maintaining his own block chain in secret, and only has to work as hard as is needed to keep that block chain as long as the current consensus, which means the attacker will work just slightly harder than the entire rest of the network is working. The concise way of saying that is that the attacker's effort scales linearly with the work done by the rest of the Bitcoin network, which is what I said in the first place.

Re:Is it?

[mcmonkey]

Amen to that. People don't realize the protocol is absolutely, 100% perfectly fraud-proof. It is designed to be impossible to forge a bad block or fake a transaction or gain ownership of coins you don't own..

Well this guy says it's not 100% fraud-proof, that there is a way to fake a transaction.

The only way to actually do it is to outprocess the entire rest of the network

Can that effect be localized? That is, the validity of a transaction is decided by consenus of the network. Controlling a majority of the existing network is highly implactical, would likely consume more resources than the value of all available BitCoins, so not worth doing even if someone decided to try.

But if I could get the system I am transacting with seperated from the network--a "holodeck" simulating the internet--can't I fake that consenus? Is it a concern that I don't need to outprocess the entire network, just outpocess the network my trading paartner can see?

Re:Is it?

[DocSavage64109]

If it was a DDOS, they wouldn't have to re-architect the entire system.

Re:Is it?

[lgw]

This wasn't a hack of the database. It was a DDOS attack. The database was not at risk in this case. People who don't understand technology need to not talk about it like they do.

We can at least read TFS.

"The Instawallet service is suspended indefinitely until we are able to develop an alternative architecture. Our database was fraudulently accessed, due to the very nature of Instawallet it is impossible to reopen the service as-is."

Now if TFS is just wrong (as happens), it's good to say so explicitly.

My point was that securing one's DB is just the first and most obvious step. Running a successful exchange puts you in direct opposition to investment banks: folks with no morals, who hired the majority of math PhDs for several years just to look for market exploits. You may be smart. The folks who run bitcoin exchanges may be smart. But this is an advanced, persistent threat, and one that's not in any way limited to technology

And unlike most other exchanges, I can actually hold on to my own bitcoins, and submit to the exchange only when I want to trade them for other currencies.

Unlike what exchange? You can't hold physical corn? Or live cattle? Or gold? Heck, I can get printed stock shares if I feel the need (I've done this for sentimental reasons - framed in my office). You seems to be confusing an exchange with a bank. The two have little in common.

Re:Is it?

[Edzilla2000]

I think you need to read the summary again. They are talking about TWO different sites...

Re:Is it?

[lgw]

It's been my experience that complaining about HFT is a sure sign that someone doesn't actually trade on an exchange or understand them except as an abstraction. HFT reduces the bid-ask gap. It's not a dirty trick at all: it's pitting the investment banks against one another for the benefit of the casual trader. That's exactly what we want exchanges to do.

Re:Is it?

[shaitand]

I get that we don't usually read TFA around here but you shouldn't actually argue the point if you don't.

From TFA:

"In a tweet on its Twitter feed, MTGox said it was fighting off a distributed denial-of-service (DDoS) attack"

Yes. It was a DDOS. It is speculated the attackers may not have wanted to shut them down but slow them down and prevent a mass price movement in response to unloading coins. That is just guesswork but since it is theoretically possible they are re-engineering to fix or limit that possible vulnerability.

Re:Is it?

[betterunixthanunix]

Economic arguments are usually pretty bad; that was a lesson learned in World War II:

https://en.wikipedia.org/wiki/TICOM

The Germans knew Enigma could be attacked but believed that it would be far too costly. That is the same sort of argument you are making for Bitcoin: that the payoff of an attack would not make it worth the cost of the equipment, or that nobody could afford so much computing power in the first place.

There are a lot of problems with this reasoning. The recent price surge should tell you that the cost of the equipment needed to attack Bitcoin may become smaller compared to the payoff of such an attack. It is also the case that the purpose of the attack might not be to profit directly, but to undermine the trust in Bitcoin and kill the system -- any number of governments with the resources needed for such an attack might want Bitcoin to go away. You are also assuming that the attacker cannot simply sell the equipment right after the attack, keeping his profits (which may be sizable).

There is also a deeper problem with this reasoning: there is no way to raise the cost of an attack without also raising the cost of using the system. Compare this with other cryptosystems, where there is a security parameter that can be arbitrarily chosen, where the work needed to use the system is some polynomial in that parameter while the work needed to attack the system is exponential. That is the core of the problem: if you discover that someone is attacking Bitcoin, there is basically nothing you can do except to buy more equipment. With the digital cash systems proposed by Chaum, Okamoto, and others, even if you were confronted with an attacker who could break the security of the system, you would only need to adjust the security parameter to stop that (to put it another way, nobody talks about the need to buy more ASICs just because ElGamal keys are too short -- we just make the keys bigger; now apply that reasoning to a digital cash system).

Re:Is it?

[lgw]

That is because you do not understand how the stock exchange works

The stock exchange is one of a great many exchanges. Every corn or cattle or timber contract results in physical exchange of commodities.

Some notes to help you under stand

Your arrogance adds little to the conversation - I'm sure there are Slashdotters who work for the DTCC! Every exchange has risks, but risks that have actually been problems historically and ended markets are more threatening. You don't generally worry about those because all the big exchanges have evolved trading rules to protect against them. The bitcoin exchanges don't carry that weight of history - and they really should.

Re:Is it?

[Saethan]

The government could decide to confiscate all your bitcoins too

The only way for the government to confiscate bitcoins would be to copy and decrypt wallet files.

Re:Is it?

[lgw]

You certainly need faith and trust of the government that issues the currency that those stocks are denominated in, the dollar for example. Such dirty tricks with that dollar currency erodes the trust in the currency.

Why so? If I buy a corn future with US$, the future value of the US$ does not in any way effect the 50 bushels of yellow #2 corn I'm owed, and it has little effect on the corn growing in some farmer's field.

Re:Is it?

[lgw]

The only way for the government to confiscate bitcoins would be to copy and decrypt wallet files.

Easily done. I try to resist xkcd references here, but it's just too apt. The government would confiscate bitcoins by using its monopoly on force to demand some from you.

Re:Is it?

[lgw]

How can a government confiscate that which it has no knowledge of?

The entire bitcoin network is notified of every bitcoin transaction. Not the best currency for money laundering, really.

Re:Is it?

[betterunixthanunix]

Actually, the proofs do not mention any specific attacks; they simply assume the existence of some attack, and then show that the attacker can also solve some hard problem efficiently. What the proofs do is to show that the system maintains a specific security property; attacks on things other than that particular property may still be possible, but you are guaranteed that that property holds no matter what. Obviously it is not possible to rule out all classes of attacks: what counts as an attack depends on the context in which the system is used.

So, for example, while ElGamal can be proved secure against all chosen plaintext attacks, it is not secure against an adversary who is allowed to view plaintexts that correspond to messages of his choosing. That is a different security property: the CPA property only deals with an attackers who can see encryptions of particular messages, not decryptions of particular ciphertexts. The Cramer-Shoup system is secure against adaptive chosen ciphertext attacks (CCA2), but that does not protect you if the adversary is allowed to tamper with your random number generator.

That is very different from AES. A new way to conduct chosen plaintext attacks could be discovered tomorrow that works on AES. On the other hand, you know that no such attack on ElGamal will be discovered, because it can be proved (with the caveat that it is possible that the DDH hardness assumption is wrong). Likewise, you know that no CCA2 attack on Cramer-Shoup will be discovered; no such statement can be made about AES, because its security is based on heuristics.

All of this boils down to knowing your requirements. If you do not know your requirements, then the problem is not that you had a false sense of security, it is that you never knew what "security" means for your use case.

Re:Is it?

[shaitand]

"The recent price surge should tell you that the cost of the equipment needed to attack Bitcoin may become smaller compared to the payoff of such an attack."

The is covered by the design. The higher the price goes the greater the incentive to mine. The result being that the mining power of the network grows. So the incentive to protect the network grows comparably to the incentive to attack it.

"there is no way to raise the cost of an attack without also raising the cost of using the system"

This is universally true of all applied security. On a whiteboard or spec it might be otherwise but in the real world systems do not have the primary purpose of being secure. They have some other primary purpose and security is an overhead burden be it cost of hardware, implementation, maintaining, or burden upon users. Just as in the real world it is the burden of maintaining security properly and following procedures and not theoretical weakness that typically provide the openings used by attackers. Any applied system can be compromised. The only question is the cost to do so.

Economics is a math that is sometimes harder to prove and follow but I'm not sure I concur with your assertion that a security model is invalid because part of its design is based on that form of mathematics. The simple supply and demand principles upon which Bitcoin is relying for it's mining system have proven to be consistently true in review of a great deal of historical data. Enigma for instance did not become more difficult to break the more money you spent trying to break it. Throwing more mining power at Bitcoin raises the difficulty of mining, and therefore the price, and that economically drives more power to be thrown at defending the network. Where it is possible, Bitcoin does utilize algorithms where a simple length adjustment can increase security.

Re:Is it?

[Algae_94]

Just to clarify, TFS is correct, but Instawallet is not an exchange. MtGOX is an exchange that is undergoing a DDoS attack. Instawallet had their DB attacked. As far as I can tell Instawallet is just a company that will hold your bitcoins for you, like a safety deposit box, only without the safety in this case.

Re:Is it?

[betterunixthanunix]

I suppose my wording was bad; my point was that the problem with Bitcoin is that any increase in the cost of attacking the system corresponds to a proportional increase in the cost to use the system at all. That is not the case with something like PGP, where increases in the attack cost are exponential compared to the increase in the cost needed to use the system. It is possible to design a digital cash system with this property, but Bitcoin does not have it.

Re:Is it?

[paiute]

Think about what you just implied: that banks are so insecure, that they need insurance to deal with their likelihood of failure.

And I heard that you are such a bad driver that the state makes you carry insurance just so you can drive your car.

Re:Is it?

[nine-times]

What the FDIC does is give the banking class license to invest wildly, without their customers caring at all what their banks do. Classic moral hazard.

Well no, it's not a classic example of moral hazard. At least, not according to my (admittedly laymen's) understanding of the system. The people protected by the FDIC are not the same as the people taking wild risks. If a bank goes bankrupt due to poor investment, the bank and the bankers still suffer. The people who are engaging in the safe/responsible decision to put their money into a bank account are the ones who are rescued.

So you might still claim that this is "moral hazard", but it's not the classic example. The bank bailouts since 2008 are more of a "classic" example.

Re:Is it?

[CanHasDIY]

would you trust your $10,000 more on a server somewhere or in an FDIC-covered bank?

Depends... which one, when withdrawn, throws a flag in a government database, and puts my name on some clandestine list?

Re:Is it?

[alexander_686]

Let us see - Some minor nits and a major point.

DTCC moved to New Jersey a few years go, I think.

DTCC is owned by it members – so it’s as private as your local co-op. (Which is private, but has a slightly different profit motive)

As to profiting when they own all of the stock? You are going to have to explain that theory to me.

Loss of data? DTCC has a set of records. Each brokerage firm has a separate set of records. (Many being held in a separate, custodial account) If DTCC and it multiple site backups were to blow up the master record could be reconstructed by pooling individual brokered records. Difficult to put back together – yeah – but doable.

Ownership does change – I mean DTCC does report ownership changes to the company. You seem to have a peculiar and narrow definition of “ownership”. It’s like cashing a check at the bank – it’s not like they move cash from one drawer to the other – and yet a real exchange has been made.

Re:Is it?

[bill_mcgonigle]

Doubling the amount of physical currency in circulation would have little effect on inflation.

Right, but the Fed has more than doubled to total number of USD in recent years.

Moving to gold as the US currency would have little effect on inflation.

If you mean gold coins, sure, as long as they could keep adding zeros to the digital USD. If the USG were restricted to a gold-backed USD, the could not simply create more of it.

Moving to bitcoin as the US currency would have little effect on inflation.

I can't see how this could happen, but even if it did, how could the USG inflate the bitcoin supply?

The physical (or virtual) artifact used as a barter intermediary barely matters.

Well, if you want to use currency on a global basis anonymously, bitcoin has advantages over tally sticks.

Re:Is it?

Oh, right. It's all for our benefit. Sure.

The astroturfing around here has reached absurd levels.

Re:Is it?

[bill_mcgonigle]

The people protected by the FDIC are not the same as the people taking wild risks.

Think a layer deeper. Because the bank customers don't care if their management takes wild risks (due to FDIC) then the bank management does take those risks. And more often than not, they get rewards for those risks (they're not all stupid, by far). Most of the time the bankers are paid handsomely for taking such risks. The numbers who suffer due to a bank failure are minimal, but the FDIC is there to protect their downside (liability for deposits) when they do.

If the insurance were private, wild risks would be restricted by the insurance companies' premiums. If it were non-existent the customers would at least have some reason to care what was to become of their money. I wouldn't personally use an uninsured bank, but they would be able to offer higher rates on savings and lower rates on loans than an insured bank.

Re:Is it?

[TempestRose]

I'm admittedly guessing here, but you're basically saying that the only person / group who is able to perform this attack would actually have to be so rich that they wouldn't need to perform this attack?

Or, they might be extremely rich and simply decide to destroy the Bitcoin currency for some personal reason? ( hate, jealousy, lack of control, whatever...)

I think I can live with that. This person/group would then also be able to destabilize most other currencies in the world, possibly even China, US and EU currencies?

Re:Is it?

[bws111]

This makes no sense. Do you even know what insurance is?

You don't (can't, really) insure against things that are likely to happen, you insure against things that, while extremely unlikely, would result in catastrophic financial loss if they did occur.

The presence of the FDIC (which insures depositors money, not banks) is in no way an indication that the bank is likely to fail. Quite the opposite - it is the government saying 'putting your money in the bank is safe, and even in the very unlikely chance something goes wrong we guarantee you can still get to your money'. It is not there to protect against the 'likelihood of failure', it is there to protect against the mere possibility of failure.

Buying homeowners insurance in no way implies that it is likely your house will burn down, but that there is a non-zero chance it will burn down. If it is actually likely that it will burn down, nobody will sell you insurance for it.

Re:Is it?

[viperidaenz]

Without the safety or the insurance.

Re:Is it?

[viperidaenz]

But they're insured. It doesn't matter if someone breaks in to the system and takes it all. I won't lose what I'm owed.

Last time I checked, no one offered Bitcoin insurance.

Re:Is it?

[viperidaenz]

Until a country like China decides to block the bitcoin network, then the network is split in two and you can't transfer coins across the two networks.

A dodgy/hacked ISP/wifi hotspot could steal all the coins you trade too if they were so inclined, simply by creating fake peers and blocking the real ones.

Re:Is it?

[viperidaenz]

It simply means the attacker needs to control 50% of the network you can contact. If they have control of the network you're connecting to that shouldn't be too difficult.

Re:Is it?

[viperidaenz]

I'd do it just because it would be funny

Re:Is it?

[AuMatar]

No, it does so in the opposite direction.

I bid $10. Someone asks $9.99. Obviously we're going to make a deal. There's an overflow of 1 cent- one of us will make 1 more cent than they expected to. Either of us could move, we could split the difference, or we could just set an exchange wide rule for this (say the seller always makes it, or the buyer).

Now add in HFT. Same scenario. The HFT sees my $10 bid before the seller does, and sends a buy for $9.99 exactly to the seller, buying the stock. He then sells to me for $10. He makes that extra penny. Has he helped me? Not at all- he took an average of half a penny from me. Does he help the seller? Nope, he took half a penny from them, for the service of completing the transaction a few microseconds sooner.

HFT are parasites. They provide no value to either side, but make a vig. There is no bid-ask gap that they reduce because the bid is higher than the ask. If it wasn't there'd be no money for them to make. Its immoral, unethical, and ought to be illegal. It also siphons millions to billions from the economy.

Re:Is it?

[lgw]

I can't see how this could happen, but even if it did, how could the USG inflate the bitcoin supply?

The interesting part of the money supply is not the supply of currency - whether bills, gold coins, bitcoins, or seashells.

I have 100 btc. I deposit them in a savings account. The bank loans that 100 btc to someone buying a house. The homebuilder deposits them in a savings account. The second bank loans 100 btc ... and so on. There are only 100 btc being used to make transfers, but the money supply is much larger 1000-2000 btc in practice.

You'll notice that my example isn't really fractional reserve banking, as the bank is loaning out the entire amount deposited. It's zero reserve banking. The money supply is limited only by the "frictional cost" - the overhead of making those transations in turn. The US has worked that way for over a decade now.

Since the Fed used up all of its traditional power to create money once zero-reserve banking was reached, it now simply buys US bonds by crediting the account ledger of the bond seller without debiting its own account (and appears willing to keep doing so indefinitely - this will not end well).

Re:Is it?

[lgw]

Oh, right. It's all for our benefit. Sure.

The astroturfing around here has reached absurd levels.

Intentions don't matter. None of the investment banks are acting in the public's interest, but the competition between them as market makers benefits everyone trading on the exchange. If you don't understand thin markets and "bid-ask gap", post with an account and I'll explain.

Re:Is it?

[viperidaenz]

What if your computer and backups burn down in a fire? Your coins are irreversibly gone.
If the bank burns down, I still get my money back. If by some magical force the bank no longer exists though, bonus, I don't have to pay back my mortgage

Re:Is it?

[PRMan]

There are many degrees of computer security, just like in real life. When you deal with lots of money, you want security that matches with the risk. Banks can lie to you and pretend that they do that while not telling you that they have been robbed.

FTFY

Re:Is it?

[viperidaenz]

So tell me again what happens if someone steals your private bitcoin key?

If someone steals my internet banking password, I get all the money stolen given back.

Re:Is it?

[ultranova]

I applaud the creation of Bitcoin, but really, would you trust your $10,000 more on a server somewhere or in an FDIC-covered bank?

Neither is trustworthy. However, why would you store your Bitcoins on a server, rather than a memory stick? Encrypt, make a few easily hidden backup copies, and be at ease.

Re:Is it?

[PRMan]

I'm admittedly guessing here, but you're basically saying that the only person / group who is able to perform this attack would actually have to be so rich that they wouldn't need to perform this attack? Or, they might be extremely rich and simply decide to destroy the Bitcoin currency for some personal reason? ( hate, jealousy, lack of control, whatever...) I think I can live with that. This person/group would then also be able to destabilize most other currencies in the world, possibly even China, US and EU currencies?

That's about right. And why would people in the government want to destroy Bitcoin. Many of them and their banker friends are making money off it right now.

Re:Is it?

[bws111]

The FDIC does not 'protect their downside'. The FDIC prtotects the depositors. When the FDIC has to act, the bank has failed and is seized. The investors in the bank have lost their investment. The FDIC does not protect them at all.

Re:Is it?

[shaitand]

You have to be careful with words like cost when talking about an economic platform. I believe you are referring to computational cost. The economic costs balance out. Any increase in fiscal cost has a related increase in market rate for the mining output that negates it. And from the perspective of users who aren't miners the valuation doesn't really matter it just changes the size of transaction units.

"It is possible to design a digital cash system with this property, but Bitcoin does not have it."

You are leaving the window open too wide with "digital cash system." There are digitial cash systems all over the place. Bitcoin is unique in being a decentralized system. Without decentralization a digital cash system is about the most intrusive and evil thing one can imagine. It may well be possible to design one differently but as far as I know Bitcoin is the first and only such currency system that is functional.

Re:Is it?

[PRMan]

In other words, cut off a pocket of the internet from the rest of the internet and get all the Bitcoin processors on there to agree quickly and then transfer the coins into dollars by fooling an exchange on the same subnet? Yes, it's possible. But if you ever reconnect to the world at large, your transaction would be considered invalid and the exchange would be out the cash. Of course, the exchange should know how many peers there are, and should be suspicious if that number drops to 1% and halt all transactions...

Re:Is it?

[PRMan]

Cypriot bank: The government takes 20% of your money because they screwed up.

Bitcoins: Your money tripled in the last month. If you trust your money to someone else's website for long periods (or indefinitely), you could lose it all (although Instawallet is paying out claims to people that lost money in cash (not bitcoins)).

Re:Is it?

[PRMan]

Since they're all done strictly by number (and often a new number on each transaction), it's probably better than many methods...

Re:Is it?

[PRMan]

Good luck to them finding them all. It would be like Russia and China trying to destroy all Bibles. Didn't work.

Re:Is it?

[Hentes]

Banks don't get hacked every month, even though there are much more of them than of Bitcoin exchanges.

Re:Is it?

[ultranova]

If you don't understand thin markets and "bid-ask gap", post with an account and I'll explain.

I'm not the grandparent, but I'll ask nonetheless. In what specific scenario(s) will the presence of HFT mean that a trade is made that couldn't be made without it? Walk me through the process step-by-step and leave no detail out, since I'm too dumb to figure out how adding an intermediary helps when the seller is asking for more than the buyer is willing to pay (that's what "bid-ask gap" means, right?) and the intermediary also wants a profit.

Re:Is it?

[ultranova]

Irrelevant. The guarantee is by first the bank then the U.S. Government, regardless of how the funds are recorded.

If the record is lost, then how will you collect that guarantee? How can you prove that there was money in your account in the first place, and how much? So the security of the record is very relevant indeed.

Re:Is it?

[lgw]

There are people who do all-cash business today and avoid taxes, but it doesn't scale (and the US Government is already looking into bitcoin and its potential for money laundering). If you're running a legal business with employees in the US, the government will know about your wallet and your employees' wallets, and quite possibly your customers' wallets. If you're just hoarding bitcoins, fine, but when you want to spend or invest them or otherwise interact financially with a legal business, the government will know about your wallet.

Sure, there will always be a few people who are totally off the grid, but bitcoin doesn't really change that.

Re:Is it?

[Intrepid+imaginaut]

Have you ever been right once in your life?

Re:Is it?

[chill]

There is no "the" record of BitCoins. It uses a distributed has of the BTC itself. The record and transaction history is spread through the entire system.

Re:Is it?

[JazzLad]

I got it! I'll make a fortune selling a service that lets people store their keys on my server. Now I just need a witty name for it. Let's see, what would evoke in the mind being safe from a fire ... call it a rain service? Nah, computers don't like being wet. Oh! I know! I'll call it a cloud service!

Re:Is it?

[bill_mcgonigle]

Since the Fed used up all of its traditional power to create money once zero-reserve banking was reached, it now simply buys US bonds by crediting the account ledger of the bond seller without debiting its own account (and appears willing to keep doing so indefinitely - this will not end well).

Agreed, because they can create an infinite amount of USD. But to follow the line of argument, how could they create them if the Bonds were being sold for BTC?

Re:Is it?

[bill_mcgonigle]

You're only considering the banks that fail, not all of the banks that succeed fabulously because they've been able to take risks that would otherwise have been untenable, were not the losses guaranteed to be socialized.

Re:Is it?

[fadethepolice]

Man are you dumb. The fact that this was voted insightful truly forces me to again take note of the precipitous drop of overall IQ on slashdot over the last few years. Bitcoin != to an account. Bitcoin = dollar. Where you choose to store your bitcoins is entirely up to you. Depending on your situation your money may be more useful in dollars, bitcoins, euros, or yuan. If you want to access your money without approval of or notification by the US banking system then bitcoins is the way to go. If you want to store your money in a stable, mature currency that has little chance of volatility in value you use the dollar, or perhaps the yuan. If you want to take the chance of a national government unilaterally taking your money without notification you use the euro. The bottom line is that it depends on your needs. Some people may want to take a portion of their savings, buy bitcoins, place the bitcoins on a USB stick then hide the stick in their attic. This might be akin to investing in a smaller more volatile currency such as the rupee or rand. These types of investments have been in use by major investment firms for years, and make up a percentage of the investments in what they call 'high risk growth funds". The article is FUD, your comment is FUD. In fact I almost wonder if there is a connection between you and the people who are precipitating the DDOS attack on MTGOX. The greatest advantage of a bitcoin is that you don't have to ask a large corporations PERMISSION to access or transfer your money. It's entirely too easy for a government to unilaterally freeze all of your assets. I suggest you view a few episodes of Burn notice.

Re:Is it?

[TeknoHog]

Damn, where are my mod points today?

Re:Is it?

[nine-times]

My point was more that if you have to think a few levels deep to view it as "moral hazard", then it's not a classic example.

Beyond that, I would say that your description makes it sound less like the problem is "moral hazard" and more like the problem is that the negative consequences to risky behavior is too infrequent while the rewards are common.

Re:Is it?

[HeckRuler]

It was mentioned on NPR earlier. They had some currency consultant on and they were talking about Bitcoins. They were traded on "Mount Gox". He thought there was a huge bitcoin bubble, that people were investing in them as gamble, and that he expected the currency would get regulated in the near future.

BWAHAHAHAHAHA, Oh boy, WOW dude... just... wow.

Re:Is it?

[chill]

To clarify, the ultimate record is the crypto key that signs the particular BTC. YOU hold that. Lose it and the BTC is gone forever. However, the BANK doesn't have it. There is no depository agency.

Hmmm...a business model.

Re:Is it?

[lgw]

I'm going to ignore your sarcasm, and hope this helps some readers.

There are many potential sellers and buyers. For a given market, at a given point in time: the "bid" is the highest price any buyer is offering; the "ask" is the lowest price any seller is willing to take.

When the bid and ask intersect, people do business. In a "thick" market this happens all the time, and the bid and ask tend to stay very close together. That's great for a casual market participant: you don't need to study the behavior of the exchange in order to get a fair price. If you'd like to buy or sell corn at about $6 per bushel, and the last trade was $6, you can just buy or sell "at market" (just taking the best price at the moment), trade immediately, and not get screwed. You might pay $6.01 or get $5.99, but there's no need to carefully craft a stop or limit order, being careful of which way the market might move, and how long you're willing to wait, and what opportunity you might lose. Further if you accidentally buy 10x what you intended, you can turn around and sell immediately and lose only a trivial amount.

On the other hand, a "thin" market just sucks. If corn is going for about $6/bushel, but the bid is $5 and the ask is $7, it's a real problem for a casual market participant. If you unwittingly accept "market price", you get a terrible deal. To get any kind of fair price, you need to follow trading to know that when occasional trades happen, they're "about $6". You put in a stop or limit order for $6, but the guys sitting at $5 and $7 do nothing but trade this market full time, and they can wait. Let's say you're selling. No buyers for a minute at $6, five minutes, you say heck, maybe I was off a bit, and try $5.90. Still nothing. Eventually someone takes you out at $5.70. Most markets used to trade like that. Great for the investment bank that has a team of full-time speculators, bad for the guy who just needs to sell a couple tons of corn. And heaven help you if you accidentally buy 10x what you intended.

But there's obviously a profit to be made there: buying at $5.70 from the little guy and selling at $6 - the business of "market making". Once you have multiple competing market makers, the game changes. A isn't going to let B buy at $5.70, he'll take it at $5.71, except C will take it at $5.72, and so on, until you can just sell at $5.99 and not worry about it. The minimum profit the market makers will take is limited by 2 things: how fast the market is moving (which creates risk during the time the market maker owns the contract) and the amount of automation available. The reason most markets used to be thin was the lack of automation: unless there was a total of millions to be made in a given market, it's not worth paying someone to become the expert there. But now everything is algorithmic, and there's almost no per-market cost, and bid-ask gaps are tiny almost everywhere.

Sure the intermediary wants a profit- but when every market has multiple competing intermediaries, everyone wins. The more market makers participate, and the more frequently they do so, the less money gets siphoned off on each trade by those guys.

Re:Is it?

[lgw]

Including this statement, no, not once.

Re:Is it?

[ArsonSmith]

My bitcoins are stored on a thumb drive in an FDIC-covered bank vault.

Re:Is it?

[lgw]

$10. Someone asks $9.99. Obviously we're going to make a deal. There's an overflow of 1 cent-

If the bid is $10 no one will ever ask $9.99, they'll hit your $10 bid. What you've described is not what market makers do.

There is no bid-ask gap that they reduce because the bid is higher than the ask. If it wasn't there'd be no money for them to make

You've got it backwards. I suspect you started from the assumption that HFT is evil, and constructed a scenario to explain why they are evil - but you've wandered away from reality.

See my post here http://slashdot.org/comments.pl?sid=3615411&cid=43362361 where I explain in detail - it's too much to repeat here.

Re:Is it?

[bill_mcgonigle]

My point was more that if you have to think a few levels deep to view it as "moral hazard", then it's not a classic example.

The mistake is seeing the FDIC as primarily benefiting the account holders (because that's how it's advertised/propagandized). If you see it for really what it is - as insurance for the bankers to take risks, then it's clear that they are the primary beneficiaries. The bankers are able to privatize their gains made on the risks they take and and their losses (liability for deposits) are socialized if they fail.

Every single day bankers gain benefits from FDIC insurance. Only rarely do depositors see anything in terms of payouts.

Re:Is it?

[HeckRuler]

Yes, they're parasites, but they're better than the older parasites that did the same thing and gouged us even more. All the old-money players that are proposing rules to stop the HFT from eating their lunch can't be trusted any more than you trust the HFT.

The bid-ask gap does end up getting reduced because there's more than one HFT and they compete with each other.

Also note, and correct me if I'm wrong on this, that this sort of game only works between exchanges. If you have a $10 bid and someone asks at $9.99 ON THE SAME EXCHANGE, the exchange simply hooks you up and there's an established way to deal with the difference. But the NYSE and the London Stock exchange and Mt.Gox don't work with each other like that. Since you're on different exchanges, you don't know about the guy with the ask price. HFT types work really hard at being the first to notice that imbalance. Or "gap" if you will. If we had some sort of unified global exchange, this would all be moot.

Re:Is it?

[Kijori]

You need to look at the bigger picture - taking depositors' money is only a small part of what happened in Cyprus. It's the result of widespread bank failure and the government defaulting. If the same happened in the US - the government defaulting on its debt and deposit banks collapsing - you would be in huge trouble whether the government took your savings or not. I'm not sure that there's any point in a private citizen living in the US hedging against the collapse of the government; if that happens you've lost no matter how prepared you are.

Re:Is it?

[sexconker]

Amen to that. People don't realize the protocol is absolutely, 100% perfectly fraud-proof. It is designed to be impossible to forge a bad block or fake a transaction or gain ownership of coins you don't own. The only way to actually do it is to outprocess the entire rest of the network, which is impossible.

Unless honest participants in the network definitively control more than half of the computing power on the planet, it is at best impractical rather than impossible. Its not "absolutely, 100% perfectly fraud-proof".

It is actually 100% fraud-proof.

If someone seizes control of the network by exceeding 50% of the total computational power of the network (including their own), they introduces phony blocks in an attempt to double spend, they're forking the block chain. The honest miners will quickly see that certain hosts are accepting phony blocks and ignore them, and stick with their own, clean fork of the block chain.

There was an example of the block chain being forked a few weeks ago due to some bullshit about BerkeleyDB and 512 KB datagram sizes.
The networked converged on one fork and kept on trucking.

If someone is simply double spending and saying "Yup, verified!" without forking the block chain, anyone can trace the transactions involved and call bullshit.

For an individual merchant accepting bitcoins, you can protect yourself from localized instances of this attack by simply waiting for more verifications. The only way to get fucked is by having someone control your network and preventing you from accessing legitimate nodes. If they're doing that, they can fuck you in so many other ways, such as telling customers to send payment to their wallet's address instead of yours.

Re:Is it?

[ultranova]

The effort required for a successful double-spending attack on Bitcoin scales linearly with the effort required to use Bitcoin; this is worthless as far as cryptographic security is concerned.

The effort required for a succesful double-spending attack on Bitcoin scales linearly with the size of the network (the total hash rate of all miners, to be exact), while the effort required to use Bitcoin does not change at all with the size of the network.

Usually we want security proofs to rule out *all* theoretically feasible attacks, even those that we do not know of.

There are two possible attack models against Bitcoin, or any other currency system for that matter:

1. Forgery: someone can create money from thin air. Bitcoin is secure against this, since the origin of all BC can be traced to their creation.
2. Thieft: someone can spend money they don't have. This has two variants: double-spending (spending money you once had but have already spent) and pick-pocketing (using someone else's money). Bitcoin is secure against double-spending as long as any conspiracy attempting to do it doesn't control 50% or more of total miner computing power and the block hashing algorithm (currently SHA-256) remains secure. Bitcoin is secure against pick-pocketing as long as the signing scheme (currently ECDSA) remains secure.

Also, it is impossible to prove that something is secure against an attack you can't imagine, because ruling out an attack requires defining it first, which requires imagining it in some way. At best you can rule out such large categories of attacks (like forgery and thieft) that pretty much anything imaginable falls under them.

Re:Is it?

[lgw]

Every corn or cattle or timber contract results in physical exchange of commodities.

Really? I trade coal futures all the damn time and I've never seen a single barge of coal.

Contracts are traded many times during their lifetime, but eventually somebody takes delivery; otherwise there'd be no market in the first place. Part of the value the exchange adds is in ensuring this actually happens, and doing it so seamlessly that speculators never have to think about it.

Re:Is it?

[betterunixthanunix]

Without decentralization a digital cash system is about the most intrusive and evil thing one can imagine

There are different kinds of decentralization. The systems designed by Chaum, Okamoto, and other researchers in the 80s and 90s allowed for decentralized transactions, even offline transactions, and could be shown to hide the identity of spender. The only central element in those systems was the bank that issued the currency units and which was ultimately responsible for dealing with double-spending attempts (in the case of offline payments, double spending cannot be prevented but can be detected; many systems were proposed with the property that the bank would be able to generate proof that a party had double-spent money if and only if the party had actually done so).

Bitcoin has the goal of removing the central issuing authority from the system. Unfortunately, that means that an entirely new formalization of security would be necessary if Bitcoin were to be provably secure, since currently accepted definitions of security for digital cash are based on the assumption of some kind of authority. This problem reflects a deeper issue: Bitcoin is based on an entirely different concept of money, and so any formalization of Bitcoin's security would first require a formalization of money (which I suspect is a bottleneck).

Re:Is it?

[ultranova]

Actually, the proofs do not mention any specific attacks; they simply assume the existence of some attack, and then show that the attacker can also solve some hard problem efficiently.

Actually, no. To do so you have to define what "attack" means. As the complexity of your system increases, so does the complexity of that task, and pretty soon it reaches the point of having bugs itself. You don't have to solve any hard problem to sell someone the Golden Gate bridge.

Re:Is it?

[fadethepolice]

I'd prefer if you used your vast financial knowledge to explain to everybody you talk to about how lack or regulation of credit default swaps allowed large investment entities to increase the leverage on US home mortgages to the point that the US government had to step in and pay the debts of private corporations.

Re:Is it?

[betterunixthanunix]

All I said is that the proof shows that specific security properties are maintained; that only involves defining the class of attack the system is designed to deal with, not the specific manner attack that is carried out. There are a lot of chosen plaintext attacks that might be performed, but you can prove that none of them will be successful against ElGamal. If you do not believe me, go read the work of Goldwasser and Micali, which was the seminal work in provably secure cryptography, which describes this at length.

Re:Is it?

[ultranova]

To spend Bitcoin money multiple times, you only need slightly more computing power than everyone else using Bitcoin combined.

Which sums up to 703 PetaFLOPS, which is (much) more than the top 10 supercomputers in the world combined. And not only that, you also need to have malicious, rather than financial, motivations - otherwise you wouldn't bother double-spending, but would simply gather transaction fees and coinbases.

It's not going to happen.

Re:Is it?

[ultranova]

But if I could get the system I am transacting with seperated from the network--a "holodeck" simulating the internet--can't I fake that consenus?

No. You'd need to totally isolate that system from the Internet, and even then they could detect that by monitoring the difficulty of blocks - it would suddenly fall off sharply as all of the sudden they're part of a far smaller network. Or, more likely, you'd never convince them, since difficulty is adjusted every 2016 blocks so that they take 2 weeks to mine, and if it's suddenly just you, it'd take years to mine even one - and it takes 6 blocks to confirm a transaction, giving the target system plenty of time to realize something's very wrong.

So no, just no.

Re:Is it?

[DanielRavenNest]

Make an encrypted archive with strong encryption that contains you wallet.dat file (private keys). Store that archive in several places, like email it to yourself, dropbox, skydrive, bank safety deposit box

Note: your account balance is still on the block chain record of transactions. So the bitcoins are still there, you just don't have authorization to spend them if you lose your keys.

Re:Is it?

[viperidaenz]

But now you've lowered the strength of the encryption by giving your private key to a third party, encrypted only by an easy to remember password. You can't encrypt it with a random key because you'll need to store a backup of that key too...

Re:Is it?

[crtreece]

Hopefully you got the pre-1983 pennies, double the melt value for the same face value.

Re:Is it?

[viperidaenz]

You coins are now only protected by the strength of the encryption you've used on your wallet.dat file. You've lost the strength of the bitcoin network.
Having an account balance you can't touch because you no longer possess the keys and can't get them back either is no different than not having them.
Those coins would be lost forever wouldn't they? Isn't there a finite number of coins to be mined? 21 million or so.
Removing coins from circulation will increase the value of those left. There's a financial incentive to destroy other peoples keys.

Re:Is it?

[lgw]

Same way - just as the money in your bank account isn't tied to the serial numbers of actual bills, if I had a bitcoin savings account there wouldn't be any specific bitcoins behind that. If you paid me directly, there would be a bitcoin transaction, but if you paid me by ACH there wouldn't be, there would only be an adjustment to our bank's ledgers (plus an audit trail). The Fed is still free to tell my bank to add to the value in my savings account without adjusting the value in its own.

Of course, a bank in a country without regulation could also play such games, but without the audit trail other banks will just stop accepting such transfers. The only reason the Fed can get away with that BS, without US banks being shunned by the rest of the world's banks, is that everyone else seems to have bigger and worse problems. Wow, this really won't end well.

Re:Is it?

[crtreece]

what happens when Goldman et al discover there's money to be made by manipulating that market, and have nothing to stop their centuries-old bag of tricks.

After articles about it in Wired, Forbes, and who knows where else, I would be surprised if more than one cost / benefit survey hadn't already been completed at each of the too-big-fail banks.

Re:Is it?

[lgw]

I almost went off on a rant about that, actually. It's the perfect example of why good exchanges matter so much. The CME actually went to the government at one point (SEC? FTC? I forget) and explained that the informal exchanges being used for Mortgage CDSs had no oversight, and they should really be allowed to create a format market, with normal rules and oversight, and standardized contracts. Not really a matter of government regulation, mostly normal exchange rules (which is still a thick stack of regulation, but a libertarian-friendly one). But the government told them to get bent - and hilarity ensued.

Re:Is it?

[ultranova]

Yes, I know. The "record" the grandparent claimed irrelevant is the record that you have deposited dollars ($) into a bank in case it was robbed or otherwise subverted, not Bitcoin. I'm arguing for Bitcoin here, y'know.

Re:Is it?

[Myopic]

"would you trust your $10,000 more on a server somewhere or in an FDIC-covered bank?"

That depends, am I a reasonable person or am I a libertarian?

Re:Is it?

[stymy]

You don't seem to understand how proofs work. Cryptography is very mathematical, and so you can definitely prove that no attacks will work against something, based on a few assumptions. We studied the proofs for RSA in my first-year Algebra class. There, we saw that the _only_ way to break RSA is to find an easy way to carry out prime factorization. All other methods of attack won't work (assuming the random-number generation is done properly, of course, and so forth). If you don't believe me, go look up the proofs. If you have a basic knowledge of algebra, you should be able to follow it, and it's only a few pages.

Re:Is it?

[fadethepolice]

Well then, perhaps your expertise is exactly what the bitcoin community is looking for. MTGOX should not be the only exchange. You do seem to know what your are talking about. Most analysts I have heard on television do not stress this point. There is no doubt that real market factors contributed to the collapse of the US housing market, but some people were able to handily take advantage of the collapse. (As happens with most things). As a person who participated in both the dotcom and housing booms of the last 15 years or so, I can say that I was aware of the housing problem before it collapsed and was deftly able to shift gears to the Marcellus explosion that recently occurred, and now seems to be starting to taper off. If I knew as a corporate lemming what was occurring it seems rather far-fetched that the majority of analysts were unaware.

Re:Is it?

[carnivore302]

would you trust your $10,000 more on a server somewhere or in an FDIC-covered bank?

We'll talk again in five years.

Re:Is it?

[carnivore302]

Easy. market is 10.00 - 10.05

You want to sell at 10.02, no trade done.

With HFT, the spread will be lower. The market will be something like 10.02 - 10.03.

Trade done.

Re:Is it?

[Liinux]

I trade coal futures all the damn time and I've never seen a single barge of coal.

Keep your fingers crossed that no software bug will give you this sight in the morning: http://thedailywtf.com/Articles/Special-Delivery.aspx

Re:Is it?

[Rudd-O]

Gox was not hacked.  It was DDoSed.  If you know the difference, you understand how your level of trust in Gox should not diminish.

I don't personally use Gox, but let's not lose track of reality here.

Re:Is it?

[Rudd-O]

" buying at $5.70 from the little guy and selling at $6 -"  I don't understand, if this is the case that there is someone selling at 57 and someone is willing to buy at 60, the market should just clear instantaneously.  Why do you need HFT then?

Re:Is it?

[RivenAleem]

So this makes MtGOX the perfect exchange as it is immune to microsecond stock transactions!

Re:Is it?

[SeattleGameboy]

I didn't realize Wall Street was so caring about small investors...

Seriously, if what you are saying is true, why do HFT purveyors need their servers right next to the exchange servers? If all they are doing is increasing liquidity, why do they need to intercept information before anybody else sees them?

HFT needs to be shut down. All it does is suck profit from small investors.

Re:Is it?

[SydShamino]

The exchange itself could reduce the bid-ask gap by, you know, giving each side half the gap. That way I'd make half the difference selling, and the buyer would make half the difference buying, instead of letting some third party come in and scoop up the profit for their HFT traders so that they and their management can make millions of dollars and only pay hedge fund tax rates on it all.

Re:Is it?

[lgw]

Does no one actually read the posts any more, or have we taken not reading even TFS to the next level?

Sure, the whole business model of a market maker is to make a profit by providing a marginally-valuable service - like most companies in the world. The small investor benefits greatly by pitting these guys against one another. Competition is great. HFT is a result of this beneficial competition taken to the extreme - sure, there may be no additional benefit to microsecond vs sec trading, but there's no additional harm either, and overall we really want that competition to be happening.

Re:Is it?

[lgw]

The investment banks hire every single person they've ever hired to find any possible way to make money with no moral compunction whatsoever. That's just what it means to be an investment bank - exploit every possible advantage without fail. Every possible negative connotation is pretty much justified.

Even so, as long as investment banks are forced to compete with one another, plenty of good can come from them. Arbitrage (in its many forms) helps everyone. Some pretty cool technology has come from the HFT arms race. I'm happy to benefit from it, but it doesn't make the iBanks any less evil greedy fuckers.

Re:Is it?

[SeattleGameboy]

I have studied HFT a bit. If you have some literature about real benefits, I would love to see it. All I have seen is how it adds "liquidity" to the market without stating what benefit that additional liquidity does for small investors. As even you have stated, there is no additional benefit for microsecond transaction. Why are we allowing something with no benefits?

Re:Is it?

[lgw]

OK, once more: the "bid-ask gap" isn't an overlap where there's a free profit. That's why it's called a "gap". When the highest bidder will pay $5, and the lowest seller will accept $7, and occasionally deals are made at around $6, there's nothing the exchange can do to help. It takes a market maker willing to take a bit of risk that if there's suddenly a seller asking $6, to buy at $5.70 and wait for the buyer willing to pay $6 sometime later, and sell to him at $6.30.

People seem to get this backwards a lot. Market makers are doing a risky sort of time arbitrage, making money off of buyers and sellers with urgency, but providing a better price to the impatient buyer or seller than the market otherwise would.

Re:Is it?

[lgw]

All I have seen is how it adds "liquidity" to the market without stating what benefit that additional liquidity does for small investors

Market making as a general activity provides that marvelous liquidity. Competition between market makers keeps the cost of that service quite low.

Why are we allowing something with no benefits?

Because we should allow everything that can't be proven to cause significant harm? Because no one has proposed an alternative where the market makers have the same incentive to compete to provide basic liquidity?

Really - the current system works to provide liquidity with no obvious downside to the casual investor. Why would you want to mess with that? Like any complicated system that works in the field: there's lots of bugs that one could imagine fixing, but the likely hood of making things better overall by changing some aspect you don't like is small.

Re:Is it?

[SeattleGameboy]

I vehemently disagree that there is no downside. Goldman Sachs is not paying millions to put these servers at the exchanges because they are a benevolent entities. They are doing it because they can suck the profits out of trades. These trades would have happened with HFT, just a bit longer. And the spread would have gone to the either the seller of the buyer. Instead, we now have a middleman that no one asked for getting a slice. A microsecond liquidity is not real liquidity, it is just an illusion of liquidity gone as quickly as it appears.

Re:Is it?

[sjames]

You explained why competing market makers are good (nobody disputed that), but failed to show why HFT is at all necessary for it to work. Let's say the market builds in a 1 minute quantum. What changes other than that network latency becomes irrelevant?

Re:Is it?

[lgw]

I vehemently disagree that there is no downside. Goldman Sachs is not paying millions to put these servers at the exchanges because they are a benevolent entities. They are doing it because they can suck the profits out of trades.

Your logic is fundamentally flawed there. Let me try one last time.

There is profit to be made as a market maker, while providing liquidity. Liquidity is good. The more competition, the lower this profit, but we still get the good liquidity. With me so far?

Trading faster gives one market maker a real advantage over the other market makers. That's the shape that the competition (a thing we want) takes among market makers (a service we want) . HFT is the arms race between market makers, not between them and casual traders.

And the spread would have gone to the either the seller of the buyer.

The spread is very large with no market makers (or with just one), and very small with competing market makers. That's why liquidity is a useful service. The casual trader benefits greatly from this small spread, because it would never have gone to him in the first place - he never had the edge.

Re:Is it?

[nine-times]

Except that they aren't really the ones who take the hit when their risky behavior fails.

Right now, they're gambling with your money. If they win, they keep the profits. If they lose, government pays you off and the banker himself might lose his job. Getting rid of the FDIC would mean that they're still gambling with your money, and if they win they still keep the profits, but if they lose, they simply lose your money, and the banker himself still might lose his job.

Re:Is it?

[makomk]

The rules set by real-world exchanges aren't necessarily as robust as you might think. For example, there was a problem where one of the big commodity exchanges effectively didn't actually require metals purchased for physical delivery to be delivered in any real quantity. Goldman Sachs abused the hell out of that loophole and caused problems for a whole bunch of businesses that actually make stuff.

Re:Is it?

[rygar4321]

how exactly you see American government confiscating computers in China? or Russia? Here is your answer. They may not give a damn about collapse of dollar, Chinese may happily burn their trillion bonds if that means collapse of western banking (and introduction of chinese banking in its place). Government that shuts down btc on their territory may actually shoot themselves in foot - because rest of the world may stick to it and be happy with transaction system that is 1000x cheaper.

Re:Is it?

[DragonWriter]

how exactly you see American government confiscating computers in China? or Russia?

I'm pretty sure if I knew exactly how they would do it in any specific case, I wouldn't be allowed to talk about it.

But large nation-states have a long history of seizing persons and property located in foreign countries, and often have well-funded agencies with highly-trained personnel specialized in that task.

"...ALL money is in the computer age."

I just checked. The cash in my wallet remains un-hacked.

Re:"...ALL money is in the computer age."

[emho24]

Yet if the cash in your wallet represents anything more than chump change, expect it to be "hacked" the next time you run into the authorities.

Re:"...ALL money is in the computer age."

[ElectricTurtle]

Yeah, never mind that currency makes up for less than 10% of most developed economies. It's even common to be under 5% in Europe.

Re:"...ALL money is in the computer age."

[fustakrakich]

The cash in my wallet remains un-hacked.

No, it doesn't, unless you want to ignore inflation.. The dollars in your wallet are losing value every day.

Re:"...ALL money is in the computer age."

[viperidaenz]

Didn't most of the world just go through a recession? You know, when the dollars in your wallet gain value every day.

A reminder of how insecure ALL money is?

[nysus]

Uh, no. Somehow I sleep a little better knowing my money is backed up by the FDIC if I keep it in a real bank.

Re:A reminder of how insecure ALL money is?

"Look, would you people stop trivially attacking our exchanges like that?!? We're TRYING to make a point as to how superior Bitcoin is to legacy currency, and you're not helping us! Geez!"

Re:A reminder of how insecure ALL money is?

The people in Cyprus used to sleep well too.

Re:A reminder of how insecure ALL money is?

[Wonko+the+Sane]

I'm sure the customers of Laiki Bank were highly satisfied with their government-provided deposit insurance too, right up until they lost all access to their funds for a few weeks, and lost the majority of their balances. I'm sure the people who aren't getting paid because the company they work had payroll funds frozen are singing the praises of deposit insurance right this minute.

Re:A reminder of how insecure ALL money is?

[Wonko+the+Sane]

Those depositors were generally not "people in Cyprus" but rather "people in Russia with money in Cyprus".

No, the Russians were all tipped off ahead of time, and were able to withdraw their money via overseas branches that remained open during the freeze in Cyprus. The only people who were affected were regular people and small businesses.

Re:A reminder of how insecure ALL money is?

[prisoner-of-enigma]

Anything over 100,000 euros was uninsured, just as anything over $250,000 is uninsured in the US. Those depositors were generally not "people in Cyprus" but rather "people in Russia with money in Cyprus".

And this makes the people who were subjected to government-authorized robberies sleep better at night...how exactly? When the government can arbitrarily decide to take your funds, does it really matter where thy put the dollar/euro limit at? This should terrify everyone.

Re:A reminder of how insecure ALL money is?

[prisoner-of-enigma]

Uh, no. Somehow I sleep a little better knowing my money is backed up by the FDIC if I keep it in a real bank.

And, as recently demonstrated by Cyprus, if the government arbitrarily changes the rules ex post facto and decides they're going to take your money "because we need it," how well do you sleep? You sleep well thinking the rules of the game can't be changed. They can. They are. This is a terrifying precedent.

Re:A reminder of how insecure ALL money is?

Of course it's completely proper to compare the United States to a tiny island that doesn't print its own currency with a banking system whose balance sheets exceeded 800% of GDP and that decided to invest highly in Greek sovereign debt.

Re:A reminder of how insecure ALL money is?

[ackthpt]

Uh, no. Somehow I sleep a little better knowing my money is backed up by the FDIC if I keep it in a real bank.

I'm more comfortable with having a limited amount of my assets in silve or gold coinage - that stuff will pretty much always have value.

And regarding Bitcoins, this not-so-old poll is relevant.

Re:A reminder of how insecure ALL money is?

[Wonko+the+Sane]

That tiny island is probably more solvent than the United States. Our balance sheets only look better because of a complete lack of transparency and honest accounting.

Re:A reminder of how insecure ALL money is?

[camperdave]

Why should they print their own currency, when they can farm it out for less? Lots of countries do.

Re:A reminder of how insecure ALL money is?

[roman_mir]

Uh, no. Somehow I sleep a little better knowing my money is backed up by the FDIC if I keep it in a real bank.

- I don't want to cause insomnia here, but 10 Trillion USD worth of bank credit (so called 'deposits') are covered with 25 Billion USD worth of Treasury notes that FDIC has as 'assets' (which are of-course also a liability, Treasury notes need to be sold first).

25 Billion of debt to cover 10 Trillion of debt. Cyprus salutes you.

Re:A reminder of how insecure ALL money is?

[roman_mir]

Without the 10 Trillion Euro bailout by the rest of EU nobody would have 1 red cent in Cyprus. While the gov't promised to insure deposits of up to 100K Euro, the reality is that there is no such insurance, there is no money.

In USA in a very perverted way the Too Big To Fail will be bailed out again with the tax payer money (actually with everybody's money due to inflation) when the Fed will just print and give the money to FDIC to 'cover losses'.

The reality is that Cyprus had no insurance, neither does USA.

25Billion in FDIC 'assets' (Treasuries are not assets), to cover 10 Trillion USD of bank deposits. If that's not a scam of massive proportions then I don't know anything.

Re:A reminder of how insecure ALL money is?

[Jeremi]

That tiny island is probably* more solvent than the United States.

* note that "probably" in the above sentence means "I have no idea what I'm talking about"

Re:A reminder of how insecure ALL money is?

[Steve+Hamlin]

I trust that the U.S. Government won't expropriate my bank account more than I trust that private Bitcoin servers won't get hacked.

Sleeping well is relative.

Re:A reminder of how insecure ALL money is?

Anything over 100,000 euros was uninsured, just as anything over $250,000 is uninsured in the US. Those depositors were generally not "people in Cyprus" but rather "people in Russia with money in Cyprus".

And this makes the people who were subjected to government-authorized robberies sleep better at night...how exactly? When the government can arbitrarily decide to take your funds, does it really matter where thy put the dollar/euro limit at? This should terrify everyone.

It is interesting when government *not* bailing out failing banks with other taxpayers money is "government-authorized robberies". The bank is bankrupt. The available values left after the bankrupt business is not enough to cover more than around half the value of large deposits (exactly how much is not clear yet, have varied). The other half "disappears", nobody are stealing it, the money doesn't exist anymore, the bank has lost them. The government is intervening to secure that people with smaller deposits are shielded to a larger degree than the really large deposits, and secure the insured amount per depositor (100.000 EUR per person)

Re:A reminder of how insecure ALL money is?

[hedwards]

It's not a scam.

The way the FDIC works is that they monitor the financials of all the banking institutions that are covered by them. And they require that the banks hold a certain amount of cash in reserve at all times in order to ensure that they can cover the funds that they've loaned.

The FDIC itself shuts banks down and sells them to other banks prior to them getting into serious trouble. So, the end result is that the FDIC rarely has to pay anything and when it does, most of the money is still in the bank.

$25b is a lot of money, but you have to realize that in order for it to owe $1tn or more that they would have to miss a ton of banks that weren't complying with the law, and that's highly unlikely. What's more, $10tn would require a complete collapse of the system, at which point there are bigger fish to fry. Such as finding fish to fry because you're starving.

Re:A reminder of how insecure ALL money is?

[hedwards]

Because the power to create currency needs to be held by the government that controls the regulatory and tax structure. That's something that the Europeans are finding out the hard way. The reason being that if you have multiple nations using the same currency, but without a single tax and regulatory structure to cover it, you wind up with situations like this where somebody gets in trouble and everybody else has to help fix it.

I'm not really sure why Europeans have such a hard time with this. I don't personally like having to constantly subsidize the rural states, but they use the same currency and are in the same economic block as us, so we ultimately have to pay for their inability to fund their own lifestyles. It sucks, but that's how that ultimately works.

Re:A reminder of how insecure ALL money is?

[MMC+Monster]

The FDIC doesn't insure all deposits. It insures deposits up to $200K (or was this increased recently?).

I sure as hell trust the FDIC to cover up to that limit more than I trust a bitcoin exchange to cover ... well .. anything.

Re:A reminder of how insecure ALL money is?

[Wonko+the+Sane]

I am sure no one with lots of bitcoins keeps them in an exchange they all run their own wallets.

That would be smart, but a surprisingly large number of users let third parties hold dangerously large quantities of their bitcoins for them.

Re:A reminder of how insecure ALL money is?

[Wonko+the+Sane]

"If you have the facts on your side, pound the facts. If you have the law on your side, pound the law. If you have neither on your side, pound the table."

Re:A reminder of how insecure ALL money is?

[DragonWriter]

And, as recently demonstrated by Cyprus, if the government arbitrarily changes the rules ex post facto and decides they're going to take your money "because we need it," how well do you sleep?

Governments can just as easily arbitrarily change the rules and take away:
1) The computing devices that give me access to Bitcoins,
2) The computing devices that Bitcoin exchanges use,
3) The computing devices that other people accepting Bitcoins use,
4) The bank accounts that Bitcoin exchanges use,
5) The legal environment which allows merchants to feel comfortable accepting Bitcoins in exchange for goods and services,
6) My physical freedom to access any of the things that would allow me to access any Bitcoins I do have,
7+) etc.

So, Bitcoin is hardly immune to arbitrary deprivation by the government.

Its also, demonstrably, subject to additional risks without arbitrary deprivation by the government that conventional bank accounts are not subject to.

Re:A reminder of how insecure ALL money is?

[h4rr4r]

Bullshit.

The USD is the reserve currency of the world. Our bonds are so good we pay near nothing on them. To compare us with an tiny island bank that was dumb enough to invest heavily in greek bonds only shows you to be ignorant.

Re:A reminder of how insecure ALL money is?

[h4rr4r]

Go look up fractional reserve banking.

When you understand that, then you can learn about currency. There is hope for you yet.

Re:A reminder of how insecure ALL money is?

[the+eric+conspiracy]

Gold and silver are often sold as a doomsday hedge. The interesting thing is that there is one time when gold and silver lose their value - when economics break down completely and a condition of famine exists.

On that basis arable land is only true wealth.

Re:A reminder of how insecure ALL money is?

[roman_mir]

It is a scam and "FDIC works" is an oxymoron. In a free market there is no gov't telling banks how much money to have in reserves, it's up to the discretion of the bank in question and of its depositors how much the bank will have in reserves, how much will be loaned out, what the interest rates are. Depositors in a free market system understand that they can lose their money if their money is in a 'savings' account as opposed to 'checking' account, where in fact such notions have a meaning in a free market.

In an FDIC 'insured' (moral hazard ensured) system what you have is no reserve at all, the gov't makes everybody whole and there is no difference between a checking and a savings account, you can claim your entire amount immediately, which is physically impossible if in fact your money is actually loaned out in a real bank (I say 'real bank', meaning a bank working in a non-government screwed up system, or in a free market).

In a free market a bank that makes bad loans will lose the money, people will take whatever they can out and will lose some of it and it is the proper thing to happen. Bank depositors are LENDERS, they are not 'depositors' only unless they are specific about it (they have a deposit box as an example).

Really, a bank is a storage facility, if you use it as a storage facility, expect it to charge you fees for storing your valuables. If you expect a bank to loan out your money and give you a percentage of the gain (the bank makes a decision what businesses to loan the money to), then you have to pay attention as to what real insurance a bank has, what its real reserves are yourself.

Gov't makes you feel protected, in reality in case of USA you are only 'protected' to the extent that the Fed is willing to destroy the value of currency. You'll get your nominal dollars back, never mind that you are losing 5-10% annually in terms of purchasing power.

As to the nominal numbers, the 25Billion in debt that FDIC has (really, Treasuries are not assets, they are a liability, they have to be sold first, so the only true backing here is the Fed with its 'printing press'), it's not enough to bail out ANY USA bank.

There will be bail outs, if you have cash you need for business transactions, you are probably better off holding it in one of the 'too big to fail' banks, you know this way the gov't will make you whole regardless of the amount. 100K, 250K, 100Million, doesn't matter, you'll be given your nominal dollars back.

That's the problem, that's the scam.

Re:A reminder of how insecure ALL money is?

[roman_mir]

10 Trillion in loans of depositors to the banks. 25 Billion in so called 'assets' that FDIC holds.

Unless you are proposing that the only MB money there is the 25Billion, then I don't see how your comment on fractional reserve has any insight into this problem.

Re:A reminder of how insecure ALL money is?

[the+eric+conspiracy]

Did they really change the rules? The banks these deposits were in are clearly insolvent. As such any deposits over the insured limit are at high risk. Add in the fact that the banks in Cyprus were 7 times the size of the Cyprus economy makes it impossible for it to be a stable situation.

The same sort of thing happened when the Icelandic banks failed - foreign deposits over the insured amount went poof and capital controls were put in place.

Ultimately the idea that the US would be able to confiscate bank deposits, or need to runs into two realities - the 5th Amendment, and the fact that the US banking sector is much smaller than that in Europe relative to GDP.

Re:A reminder of how insecure ALL money is?

[luis_a_espinal]

The people in Cyprus used to sleep well too.

Comparing Cyprus's banking system and economy to the US is a bit of a stretch when it comes to play Chicken Little.

Re:A reminder of how insecure ALL money is?

[Yert]

In that event, lead and gunpower will be worth more than gold and silver, frankly.

Re:A reminder of how insecure ALL money is?

[roman_mir]

Don't worry about changing the rules, they don't have to change the rules not to be able to keep their promises.

It doesn't matter if a gov't official tells you that your 'deposits' (credit you extend to the bank) are insured if there is no money.

Cyprus didn't have any money, they didn't have any money at all. What 'insurance'? How can the gov't give you any insurance if they have no assets, no money?

Trusting a gov't to give you insurance... this should sound familiar. FDIC, FHA, F&F, SS, Medicare, any other loan 'insurance', like student loan insurance, any money that gov't says it will give you later.... what money?

When a city goes bankrupt because it spends too much and promises too much to various special groups, where is it going to get the money?

A gov't can be bankrupt, it's not true that a gov't cannot go bankrupt, many governments have and many will and USA and many European governments are bankrupt now. Bankruptcy is a simple thing really, you are taking in much less than you are paying out and your debts are such that lenders will no longer finance you. USA cannot repay any of its debts but lenders are still financing it (well, it's the Fed mostly now via all the inflation). USA is in a unique position of issuing the 'reserve currency'. The rest of the world uses the reserve currency as a backing for their currencies. Of-course they are coming to a realisation nowadays that there is nothing backing the reserve currency itself.

Re:A reminder of how insecure ALL money is?

[roman_mir]

you better have more than just a few Bitcoins when the banking system goes down, you better have actual stuff that would help you live through that calamity and some real money, and I don't mean money that you need a computer to use.

Re:A reminder of how insecure ALL money is?

[mindcandy]

as recently demonstrated by Cyprus

100% of insured deposits were protected.

People bitching about the amounts over that which got the axe is like whining to State Farm that you had extra stuff in your house that you didn't insure AFTER the fire.

Re:A reminder of how insecure ALL money is?

[viperidaenz]

Just ask Sebastian Monroe

Re:A reminder of how insecure ALL money is?

[Darinbob]

Given that the citizens of that government protested, they're not taking the money that is within the insured limit, so the rules for citizens did not change here. Instead the burden shifted to foreign account holders using the banks as tax havens. Those banks were insolvent anyway, a bubble that popped. In some ways the attitude that nothing bad can ever happen because Germany will bail us out was a big cause of the problem. Similar in Iceland, the insured money for citizens was kept whereas foreign investments were hit hard.

Re:A reminder of how insecure ALL money is?

[viperidaenz]

Not only do you need a computer to use it, you need a reliable internet connection and many other people online at the same time on the same network all participating in bitcoin mining.

Re:A reminder of how insecure ALL money is?

[Yunzil]

As opposed to accidentally deleting your wallet.dat?

Re:A reminder of how insecure ALL money is?

[the+eric+conspiracy]

Lead and gunpowder don't do you any good when the farmer hires a band of Samurai.

[in homage to Akira Kurosawa]

Re:A reminder of how insecure ALL money is?

[LateArthurDent]

In a free market there is no gov't telling banks how much money to have in reserves...

In a completely free market, the economy would collapse within a month.

Capitalism is GREAT. The free market is FANTASTIC. Both have severe failure modes and the pure capitalism you guys keep going after as an ideal is every bit as laughable as all the people who want to try out real communism who (correctly) point out that no country every implemented pure communist practices. What they don't realize is that the reason no country has implemented pure communist practices is that if you start out with a purely communist country, you naturally degrade to people taking advantage of the system and causing it to become corrupt. It doesn't work.

Similarly, a completely free market sounds great. Until you realize that certain markets have high barriers to entry, monopolies naturally arise that further erodes competition, and with the competition gone all the efficiency of capitalism is gone with it. Similarly the free market is a great way to arrive at the true value of things, except of course until you consider externalities that are not part of the market itself.

Now, if you want to argue which government regulations to implement, be my guest. There are plenty of them that are absolutely horrible and counterproductive to the growth of the economy. The FDIC is not one of them. It's not exactly hard to figure out what happens without government deposit insurance...just look at the massive number of bank runs during the great depression. You're right that your purchasing power may decrease if the government itself is insolvent, but if you're in a situation where there's a bank run, it means the economy is in trouble and your purchasing power is already on the way down. The question is whether you want the lack of confidence to result in the positive feedback loop involved (as people withdraw their money, the banks get into more trouble, which causes more people to withdraw their money). The FDIC causes people to not panic, limiting the overall damage.

Re:A reminder of how insecure ALL money is?

[clodney]

Anything over 100,000 euros was uninsured, just as anything over $250,000 is uninsured in the US. Those depositors were generally not "people in Cyprus" but rather "people in Russia with money in Cyprus".

And this makes the people who were subjected to government-authorized robberies sleep better at night...how exactly? When the government can arbitrarily decide to take your funds, does it really matter where thy put the dollar/euro limit at? This should terrify everyone.

Would you prefer that the bank went insolvent and people lost everything? Like it or not, when you deposit money in a bank you become a creditor of the bank, and when something goes bankrupt creditors lose money.

Bank insurance exists to increase confidence of the bank's creditors. Instead of a mad rush to be first in line and get your money out at the first sign of trouble, thereby precipitating a bank collapse, it says that you have no risk up to a certain limit. That makes a bank run much less likely in the first case.

Re:A reminder of how insecure ALL money is?

[roman_mir]

Nonsense.

In a free market economy I can start a bank out of my garage without registering any licenses with anybody, without having to jump through hoops, without having to pay any guild money, any monopoly fees, without having to pay for any licenses at all to anybody.

I can just post a note on my garage that said: bank by roman_mir.

done.

Anybody is welcome to come in and deposit if they like what I show them because I will be trying to outcompete the next guy in the next garage.

What you call 'monopolies' that supposedly 'arise naturally' are nonsense. There are economies of scale that are extremely efficient at running their business and I want to buy services / products at the lowest possible prices, so I welcome any amount of competition and scale.

I do NOT welcome gov't coming to any business at all and telling it that it is too big and it has to be broken up, because in a free market a business becomes big when it does well by its customers, not by lobbying the politicians, that's because politicians have no power over businesses and over individuals and over money in a free market.

In fact USA was a free market economy and it didn't 'collapse within a month', it did extremely well to turn an agrarian afterthought of a country, a huge debtor into a first world manufacturer, exporter and creditor. Today that flag is carried by others, not by America.

As to externalities - that's precisely what governments create, they give a pass to people to socialise costs and privatise gains by promoting and defending externalities, by allowing certain well connected businesses to do what they want on public property (another oxymoron, there is no such thing as 'public property' , there is either private property or theft, nothing else).

So it is private property rights that have to be protected in order to ensure that there externalities are minimised, all that gov't does is creates externalities and creates moral hazards by setting various liability caps that invite abuse.

As to FDIC, FDIC and the Fed working in tandem is what created the problem of capital destruction in USA.

Of-course FDIC is completely responsible for the terrible misallocation of people's lending (deposits) all of which have gone to the banks that are propped up by FDIC, the moral hazard of which created the 'too big to fail' problem.

It's funny that you are accusing the free market of monopoly creation and in the same post you are defending FDIC, which is what allowed for the banking monopoly that created the too big to fail, I guess one has to be completely confused to have such a massive cognitive dissonance in one's head.

In a free market a bank run is possible and it happens, however it's a normal situation of weeding out bad businesses, bad decisions, shutting down failures, restructuring bad debts.

In what you have today, FDIC and the Fed created the monstrosity of a banking system, which only has one single function left at this point: maintain the status quo for the government, prop up government spending by laundering money from the Fed to the Treasury and allow a select few to pocket the gains in form of the difference between the Fed's discount window cost of fake credit and the Treasury yield.

Talk about externalities, socialising the costs and pocketing the profits.

The mental image of the economy and politics in your head is an abomination created by this corrupt system.

Re:A reminder of how insecure ALL money is?

[DragonWriter]

As to the nominal numbers, the 25Billion in debt that FDIC has (really, Treasuries are not assets, they are a liability, they have to be sold first, so the only true backing here is the Fed with its 'printing press')

They are really an asset, not a debt, for the FDIC. They are also a liability for the US Treasury, but those are different entities.

More generally, a debtor's liabilities are also assets to their creditors. If you don't understand that, you have no business even discussing assets and liabilities.

it's not enough to bail out ANY USA bank.

The FDIC doesn't insure banks against failure, it insurers depositors against bank failure. The FDIC doesn't bail out any bank.

Re:A reminder of how insecure ALL money is?

[roman_mir]

Yes, that's the reason FDIC is a moral hazard, it 'insures' deposits. It's a moral hazard that created the too big to fail problem in the first place by giving people false sense of security, so that they wouldn't care what the banks did with their money.

As to the FDIC 'assets' being 25 Billion in debt, and being a liability and asset at the same time (it's a wash), clearly you don't understand that FDIC doesn't exist at all, they have nothing. There are no assets, even those 25 Billion are not assets, they are a liability, yes, to the Treasury. However that's not what the FDIC will be relying on to bail out banks (depositors). The Fed, it all comes down to the Fed.

The money will be created out of thin air. The 25 Billion or no 25 Billion, it's an irrelevant amount even if it was actual gold when things come crushing down and they will.

Re:A reminder of how insecure ALL money is?

[DragonWriter]

Yes, that's the reason FDIC is a moral hazard, it 'insures' deposits.

The moral hazard argument has been made (repeatedly) elsewhere in the thread, tacking it on as a response to a post about different claims to which it is irrelevant is pointless.

As to the FDIC 'assets' being 25 Billion in debt, and being a liability and asset at the same time (it's a wash), clearly you don't understand that FDIC doesn't exist at all, they have nothing.

The FDIC does exist as much as any other corporation does, and what it holds are, in fact, assets, (they are liabilities to someone else, but that's irrelevant.)

There are no assets, even those 25 Billion are not assets, they are a liability, yes, to the Treasury.

No, they are not liabilities to the Treasury, they are liabilites of the Treasury to the FDIC. Which does exist.

However that's not what the FDIC will be relying on to bail out banks (depositors).

Depositors and banks aren't the same thing. A bank bailout would almost certainly be an action of the government proper (as was the case with the bank bailouts under TARP, or the auto industry bailouts), as the FDIC has no authority to conduct bank bailouts. That kind of bailout relies on the government's assets (including its taxing power.)

What the FDIC does only becomes an issue if a bank is allowed to fail, not if it is bailed out.

The Fed, it all comes down to the Fed.

What comes down to the Fed? You are confusing so many different things in this post that it is hard to tell what you are arguing here.

Re:A reminder of how insecure ALL money is?

[bazmonkey]

I just want to point out that in the U.S., ex post facto laws aren't allowed. It's in Article 1 of the Constitution. Been there from the beginning. You can trust the FDIC as much as you can trust anyone with your money.

Re:A reminder of how insecure ALL money is?

[roman_mir]

The moral hazard argument has been made (repeatedly) elsewhere in the thread, tacking it on as a response to a post about different claims to which it is irrelevant is pointless.

- what are you trying to say?

The only way that FDIC matters as the moral hazard is because it creates a false sense of security in depositors. What other way is FDIC a moral hazard?

Here is a comment I left probably at the minimum a year ago (/. doesn't tell you the year of a comment for some reason). It explains in which way FDIC is a moral hazard and links to a Congressional hearing on the matter.

FDIC created the 'too big to fail' problem by providing the moral hazard to the depositors.

FDIC does not have any assets, the 25 Billion has to be sold first, those are not assets, that's debt. When a large bank crashes (and takes others with it), good luck to FDIC trying to sell 25 Billion in long term US Treasuries.

It will be competing with everybody else trying to sell the same, it will be competing with the Treasury and likely the Fed at the same time as well. There are no 25 Billion.

Saying that something is an asset to FDIC and a liability to the Treasury, sure, 2 hands, the same body. You can move your IOU from one hand to the other, it won't help you to make that thing that you move from one hand to the other real.

It's the same nonsense argument they make talking about 'independent Fed'. Independent, ha? As if it ever failed to monetise any amount of debt that the gov't produces.

Depositors and banks aren't the same thing. A bank bailout would almost certainly be an action

- it's the same thing from POV of moral hazard.

The depositors, creditors to the bank don't care about the soundness of a bank as long as the gov't promises to bail them out. They don't care if the money comes from FDIC or the Fed or Treasury or the bank itself.

It's the bank that is getting bailed out when depositors get their FDIC money, the bank stays in business. In an actual free market there is no gov't bail out, there are no gov't covered deposits. A bank can have insurance and that's what would cover some of the deposits, but most importantly it's the reserve that the bank would have to hold to insure itself against a run.

Having gov't money being poured at a bank to cover the deposits is not there for the purposes of depositors, it's there for the purposes of keeping the bank afloat even when it is supposed to drown. FDIC wasn't created to provide deposit insurance it was created to provide moral hazard so that the banks that should have failed at the time would not fail because of this non-existing artificial 'insurance'.

It all comes down to the Fed, who will print any amount of money to cover any and all losses to the banks and to the depositors. Nominal losses. You clearly can't understand that USA gov't and every US bank is broke, it all comes down to the printing of money.

Re:A reminder of how insecure ALL money is?

[the+eric+conspiracy]

That only applies to criminal law.

Re:A reminder of how insecure ALL money is?

[camperdave]

Because the power to create currency needs to be held by the government that controls the regulatory and tax structure.

I didn't mean to use a foreign currency, but to get someone else to print it.

Re:A reminder of how insecure ALL money is?

[Ash-Fox]

Without the 10 Trillion Euro bailout by the rest of EU nobody would have 1 red cent in Cyprus.

To be fair, if Cyprus was allowed to leave the Euro (EU will not allow this) and devalue their own currency (something Iceland did recently), they would have had a stable, working economy by now.

Of course, the politicians do not want anyone leaving the Euro project, or that would send a message it's a failure and so, they force the European populations into further poverty.

Re:A reminder of how insecure ALL money is?

[Ash-Fox]

The reason being that if you have multiple nations using the same currency, but without a single tax and regulatory structure to cover it, you wind up with situations like this where somebody gets in trouble and everybody else has to help fix it.

The tax is EU membership. It costs the UK 65 billion GBP a year. That is without the money put into bailouts.

I'm not really sure why Europeans have such a hard time with this.

We have politicians in the European government that have ultimate power that are not elected by the peoples of Europe. We cannot vote them in or out and they have an obsession with the Euro project.

Yet the value of BitCoin keeps on rising

Why does it smell like tulips in here....

BitCoin apologists

[93+Escort+Wagon]

This is NOT a "reminder of how insecure all money is in the computer age". This is a reminder of what a crappy job BitCoin's developers have done. Did you somehow miss the part about the need to develop an alternative architecture before this can be reopened?

Re:BitCoin apologists

[Laser_47]

That isn't a problem with the BitCoin protocol, but Instawallet's website.

Re:BitCoin apologists

[Umuri]

Relevant xkcd to rant below: http://xkcd.com/932/

So please, explain to us how a third party's online wallet service is now a fundamental flaw in bitcoin itself? They made a server that did data management for the user, and thought they had security in place such that their data was unacessible without the proper password. They then were proven wrong. So now they need a new method of storing it (architecture) that is secure.

For the obligatory car analogy, this is like you saying a certain car brand sucks at security because an aftermarket mechanic installs hidden compartments in it, and then the compartment gets broken into because it has a shitty lock. Now the mechanic is out of the compartment installing business until he finds a better lock to put in.

Re:BitCoin apologists

[JesseMcDonald]

This has nothing to do with "BitCoin's developers". The "alternative infrastructure" comment applies exclusively to InstaWallet, a provider of "online wallets", which was hardly a major player to begin with, and Mt. Gox wasn't "hacked", they were the target of a DDoS attack which made it difficult to access their web site. That's inconvenient if you rely on them for exchanging BTC and USD and need to do so in a hurry, but there are other exchanges available, and everyone's balances on and off the exchange are still perfectly secure. At no point did either incident affect the actual Bitcoin network.

Re:BitCoin apologists

[slashmydots]

This is NOT a "reminder of how insecure all money is in the computer age". This is a reminder of what a crappy job BitCoin's developers have done. Did you somehow miss the part about the need to develop an alternative architecture before this can be reopened?

The bitcoin developers didn't design MTGox.com or pick the hosting company, genius. They made the protocol, which has thus far been perfect.

Re:BitCoin apologists

[luis_a_espinal]

Easy with the strawmans.

That isn't a problem with the BitCoin protocol, but Instawallet's website.

The OP is not faulting the BitCoin protocol. He/she is faulting the BitCoin developers/staff/whatever for their deployment architecture choices. After, choosing Instawallet's is/was an architectural choice. For the type of operations BitCoin is aiming for, we are talking architectural options that must accomodate growth into the realms of mega-scale/mega-resilient, ala AWS, ebay or Google.

Having to halt operations indefinitely until an alternative architectural solution is in place, that is not acceptable. Furthermore, they should have never gone into operations without one. I've worked in small, insular enterprises where having alternate architectures for catastrophe recovery was a starting, non-negotiable requirement.

I'm not saying "me-can-do" nor saying this just out of spite to join the Borg bashing collective. I'm simply stating a matter of fact that is revelant when building and fielding systems of such potential caliber. Hopefully useful lessons will be learned so that it does not happen again.

Re:BitCoin apologists

[sp0tter]

Strange... all my friends that use bitcoins have no trouble accessing their funds. Perhaps this is only limited in scope?

Re:BitCoin apologists

[luis_a_espinal]

Is it strawmans or strawmen? Strawmopedies?

Neither. It is a typo. Welcome to the r34l world where inconsequential imperfections are the norm.

Dwolla Also Hit

[eldavojohn]

Also Dwolla was down for two days but appears to be back up as they appeared to have worked a deal with CloudFlare. Mt. Gox uses Prolexic so this shouldn't affect them, right? Right? Accessing the database of Instawallet sounds like a total fail though.

A scary reminder of how insecure ALL money is in the computer age...

Really? My Celtic ring money is still fully intact around my wrist and still worth the silver it's made out of. All currencies have their ups and downs. Some benefits are double edged swords (just ask Renminbi traders). Nice editorial though -- the services surrounding BitCoin are clearly infantile and only now are getting DDOS protection.

My credit union offers two factor authentication. Could a Bitcoin exchange do the same? You bet. But they haven't. The fact is that it's easier to find legit and robust exchanges and institutions in USD than BitCoin.

Re:Dwolla Also Hit

[Kiwikwi]

If you'd get off your horse for a moment, you might realize that MtGox offers two-factor authentication and has for a long time.

Re:Dwolla Also Hit

[dubdays]

My credit union offers two factor authentication. Could a Bitcoin exchange do the same? You bet. But they haven't. The fact is that it's easier to find legit and robust exchanges and institutions in USD than BitCoin.

I believe you're correct in that the exchanges don't use two factor authentication. However, my Bitcoin wallet is an online one (yeah, not so secure, but I only do a little bit of mining...less than $50 in there right now) that definitely does use two factor authentication through the Authy app. Quite simple really, and the exchanges should definitely use something like this.

Re:Dwolla Also Hit

[the+eric+conspiracy]

All currencies go up and down. However the ones that go up and down 20% in one day are not attractive to me for use in commerce or investing.

Re:Dwolla Also Hit

[PRMan]

Bitfloor does as well. At least go to the sites and look at the login page. Jeez.

target

[roman_mir]

Bitcoin exchanges are a target right now at the current exchange rates, but I was thinking just a little while back, isn't it strange that somebody who released the original protocol is unknown and wishes to stay anonymous? I thought about that for a little bit, there are a number of possibilities. Of-course somebody who had the original idea could run the hash generation for a much longer time before anybody started doing it as part of a mining (proof of work) network. I don't know, it's hidden in plain sight

This feature is then used in the Bitcoin network to secure various aspects. An attacker that wants to introduce malicious payload data into the network, will need to do the required proof of work before it will be accepted. And as long as honest miners have more computing power, they can always outpace an attacker.

- good, what if somebody had a much longer stretch of time to work out the answers before they could even become questions? It's not like those transactions are random.

What other motives can somebody have to release a protocol like this one potentially to be used by millions of people who see this as a way to make money? Giving people incentives to come up with faster SHA generators? Somebody who wants to break encryption mechanisms by generating huge amounts of SHA codes against various data?

I think without actually getting into the source code it's impossible to read the answers to any of these questions, so maybe that's the next step, read the source code.

Re:target

[Paran]

It's more likely that the author(s) value their freedom. The US government (I haven't looked at others) has a history of shutting down alternative currencies and trying to inprison the creators.

Re:target

[roman_mir]

Yes, the US government (and other governments as well) does have a history of shutting down alternative currencies and imprisoning and even labelling the people behind them as terrorists.

On March 18, 2011, after a 90 minute jury deliberation, von NotHaus was found guilty on various counts, including the making of "counterfeit coins" (resembling legal tender coins).

Attorney for the Western District of North Carolina, Anne M. Tompkins, described Bernard von NotHaus and the Liberty dollar as "a unique form of domestic terrorismâ that is trying âoeto undermine the legitimate currency of this country.â The Justice Department press release quotes her as saying: âoeWhile these forms of anti-government activities do not involve violence, they are every bit as insidious and represent a clear and present danger to the economic stability of this country". .....

Although he was convicted in March 2011, the U.S. government has still not reached a sentencing decision for Von NotHaus. Since his trial, The New York Times has described Von Nothaus as "the Rosa Parks of the constitutional currency movement", for his creation of an alternative currency that is valued at "more than 60 million dollars." Von Nothaus presently resides in a Malibu mansion that was lent to him by a friend, where he faces a possible sentence of upwards of 20 years in prison, for the crime of making his own money.

I agree with you. However in case of Bitcoin the currency is not minted by the originators of the protocol and there is nothing to 'shut down', the currency cannot be shut down. Individual businesses can be forced not to accept Bitcoins, that's true. One way for gov't to 'shut down' Bitcoins is to buy them off of the hands of all people who hold them and keep buying as long as Bitcoins are generated, but that's a stupid thing to do, it would drive the perceived value through the roof, giving huge incentives for people to start their own clones of Bitcoin in hope to have gov't buy those up as well (obviously with inflation, with printed money).

Re:target

[roman_mir]

But you don't need a rainbow table of that size at all, you only need a small subset that results in hashes that start with a bunch of zeroes, it's a lottery, not a straight sequence.

Re:target

The data you are hashing isn't arbitrary. Your zero-prefixes hashes have to be the result of hashing an actual block. What your trying to find is a nonce that when combine with other data and hashed, results in a hash prefixed with zeroes. That is to say:

hash(data from the last block + nonce) begins with zeroes. Naturally this means you need to find a nonce that works in conjunction with that data.
hash(random data you made up + nonce) beginning with zeroes isn't useful.
hash(nonce) beginning with zeroes isn't useful either.

So you don't just need a handful of nonces that hash to 0, you need a nonce that works with that specific block. Hopefully that clarifies the algorithm for you a little, its a bit difficult to explain. A whiteboard would make things easier.

Re:target

[roman_mir]

Yes, the first block is known, etc. That's my point. The first block is known, it was known to the originators of the protocol before it was known to anybody else.

Re:target

It doesn't matter if the first block is known, you have to know the current block, which has a random hash. You can't rewrite the history, once a block has been generated and propagated, you can only build on top of it. Since you have no way of knowing the hash of the current block before its generated, you have no way of predicting that value.

Additionally, even if you COULD generate hashes in advance like your saying, it wouldn't let you fake transactions. It would only let you conduct a DOS, where you could generate a valid block with no transactions in it. In order to create transactions you need to have the private key from the wallet that is initializing the transaction, which you don't have.

I'm glad to answer any questions you have about the protocol with my limited knowledge, but it seems to me that you really ought to read up on it yourself. The questions you are asking and the ideas you have are common for someone who has just heard about bitcoin, but are clearly addressed in plenty of places without requiring you to read the source code.

Re:target

[pantaril]

- good, what if somebody had a much longer stretch of time to work out the answers before they could even become questions? It's not like those transactions are random.

This will not work. You cannot compute the answers to unknown questions. The questions are composed of all transactions in recent 10 minutes which are basically input and output addresses signed with unknown private keys. In order to successfully employ 51% attack on bitcoin you must be able to ouperform the rest of the network in real time for at least 10 minutes.

InstaTheft

Was InstaWallet attacked? Or is that what they want you to believe while they abscond with all the untraceable bitcoins?

Re:InstaTheft

[PRMan]

Interesting theory. They are paying out claims in dollars, though.

Old news?

[prisoner-of-enigma]

This is semi-old news. Mt.Gox has been under attack for at least a couple of days but they appear to be handling it pretty well. I haven't noticed any problems with using them at least. Trades might be taking a tad longer but nothing big that I can see.

Instawallet, on the other hand, crumbled at least a day or two (I read about it early yesterday morning). Their problem had nothing fundamental to do with BTC but more to do with the unique way Instawallet did business with (I believe) greater anonymity. The whole "we gotta rearchitect this thing" press release was that their fundamental way of doing business made them uniquely targetable by fraudsters, thus they gotta figure out something new.

Money is not secure, period

Look at the situation in Cyprus - large foreign investors are being "robbed" of 60-80% of their deposits in banks. And if push comes to shove, you better believe Obama, or whoever else is in power in the US at the time, will not hesitate to do the same.

Re:Money is not secure, period

The US cannot possibly end up like Cyprus. If it does, it means the global economy has collapsed and ALL forms of currency - save for bulets and possibly bottle caps - is worthless. Bitcoin backers demonstrate their fundamental lack of understanding of the economy on a daily basis.

Re:Worried?

[Big+Hairy+Ian]

It is a case of over statement. bear in mind there's a very long history of bank robberies some of which took advantage of infrastructure that wasn't up to scratch (Ronny Biggs & the great train robbery springs to mind). So wow somebody robbed a bank and another bank branch has closed because they made their safe out of tissue paper.

Move along there's nothing to see here!

Not exactly.

[Westwood0720]

"A scary reminder of how insecure ALL money is in the computer age..."

Which is why I choose to invest in gold, brass, and lead.

Terminology

The word "apologist" implies that something wrong or immoral has taken place, and that the "apologists" are trying to justify it. Therefore, it makes no sense to use the term "apologist" with regards to bitcoin, since bitcoin is 100% voluntary with respect to all parties involved, and therefore nothing wrong or immoral has taken place.

The word you are looking for could be "supporters", "fans", or "customers", but definitely not "apologists".

Bitcoins irrelevant USD. Paypal 30 times as large

[raymorris]

The people running the central banks don't know a bitcoin from a cupcake and don't care. There are over 100,000 times as many dollars as there are Bitchcoins. In ten years, PAYPAL might be worried about bitcoin. PayPal is 30 times as large as bitcoin (by transaction volume), so if bitcoin got 20 times as popular it would be real competion for PayPal.

For the US dollar? The Federal Reserve is about as concerned about bitcoins as Coca Cola is concerned about some kid's lemondade stand. The Fed IS concerned about people switching to the Euro because currently about half of all international trade is in USD, but much is moving to the Euro. That reduces the amount of USD governments and institutions keep in reserve, which are effectively free loans to the fed. (They get to sell dollars which get locked away, without inflating the market.) So the euro matters, bitcoins are such a tiny, tiny market that big bankers hardly notice they exist.

Re:Throwback

[jones_supa]

That's just the mining part, which is in my understanding necessary for the system to operate. You shouldn't feel awful about that. Bitcoins can still be used like any other currency.

is it me or bitcoin exchanges keep getting hacked?

[youn]

there are so many in the news, it is difficult to keep track

Full faith and credit

[sjbe]

I hate to break this to you, but your insured deposits aren't held as coins in an outsized piggy bank like Scrooge McDuck's Money Bin. They exist only as entries in an electronic ledger.

Yes, and? Those insured deposits are backed by the full faith and credit of the United States government and the bank is liable for their security. Bitcoins enjoy none of the same protections. If someone wants to use bitcoin and understands the amount of risk they are assuming then I have no quarrel with them but let's not pretend the amount of risk is remotely comparable.

Re:Full faith and credit

Right, in the US it depends where you keep your money, but the FDIC, NCUA or SIPC would cover the money up to a certain amount. And for most people that amount is far above what they're likely to have at any given time.

What's more, the risks you face at a regular bank are relatively well known, you don't need to also deal with the risks that come from speculation and insecure, uninsured exchanges.

Re:Full faith and credit

[LaggedOnUser]

Within the past century, 95% of the purchasing power of the US dollar has been taken away by inflation. Exactly how safe do you think the US dollar is again?

Re:Full faith and credit

[DragonWriter]

Within the past century, 95% of the purchasing power of the US dollar has been taken away by inflation. Exactly how safe do you think the US dollar is again?

If you are using currency as a long-term store of value, you are mostly using it wrong.

Re:Full faith and credit

[sjbe]

If you are using currency as a long-term store of value, you are mostly using it wrong.

Good thing I'm not doing that then. My money is invested in a combination of stocks, bonds, real estate and a few other assets. Holding excess cash, whether it be dollars or bitcoins, is foolish due to inflation and in the case of bitcoin exchange rate risk. (excess cash meaning more than your reasonably foreseeable liquidity needs)

Re:Full faith and credit

[DragonWriter]

Within the past century, 95% of the purchasing power of the US dollar has been taken away by inflation. Exactly how safe do you think the US dollar is again?

If you are using currency as a long-term store of value, you are mostly using it wrong.

Good thing I'm not doing that then.

If you aren't, then the value decline of the US dollar of the last century is irrelevant to its safety, only the degree of short-term volatility is a safety issue.

Re:Full faith and credit

Within the past century, 95% of the purchasing power of the US dollar has been taken away by inflation. Exactly how safe do you think the US dollar is again?

Try to keep in mind that you make a lot more of those US dollars over that same time period as well, so your point that inflation has eroded the US dollar is not taking into account that wages have inflated right along with prices. So unless you have kept your wealth in actual currency for the last 100 years (which would be about the stupidest thing ever) then your point is a bit weak.

Nice graph of 100 years of wage and price data

Average wage in 1900 $438 a year
Price of a pound of butter 26 cents

Average wage in 1990 $23602 a year
Price of a pound of butter $2.10

Re:Full faith and credit

[alexander_686]

So, 95% loss over 100 years works out to be a inflation rate of what - about 1.5% a year?

Factor in that having no inflation is theatrically impossible and, from a practical point, undesirable. We can debate which is worse – high inflation or deflation – but both rips up economies. Yep – I think that sounds pretty good.

Re:Full faith and credit

[viperidaenz]

I can buy nearly twice as much butter now! Maybe that's why Americans are fat?

Re:Full faith and credit

[HeckRuler]

Holding excess cash, whether it be dollars [...is foolish]

Yes, that's exactly right. And that's the goal of the central bank that's in charge of inflation. They, and their bosses, don't want you to just hang onto your cash. They want you to use it as a medium of exchange, but when it comes to savings, they want you to invest it in other things. That helps the economy. "Putting savings to work" as it were.

or [holding excess] bitcoins, is foolish due to inflation

Uhhhhhh.... yeah.... that was kind of a concern a while ago when coins were easier to mine, but now that they're harder to crunch it's not really a worry. I mean, this was one of the leading reasons that bitcoins was considered viable. It solves inflation. I mean, the part where people just say "fuck it" and print more money for themselves. You can't do that with bitcoins. There's no central authority to control inflation, it's going to swing in value according to it's ACTUAL VALUE without politicians and the FED having a say about how many bitcoins they get to genesis.

and in the case of bitcoin exchange rate risk.

Wow... So did you know you can exchange dollars for yen, euros, or reals? Yeah, they all have exchange rates that kinda go up and down. Just.. you know... fyi.

Re:Full faith and credit

[DragonWriter]

It solves inflation.

(1) Moderate inflation isn't a problem in a medium of exchange, even moderate deflation is. Insofar as Bitcoin is engineered in such a way that it "solves inflation", that's a very bad (fatal, even) for its utility as a currency (though, so long as the conditions supporting that hold, a positive thing for it as an investment, if nothing else as a collectible item, which is a completely different thing than a currency.)

There's no central authority to control inflation, it's going to swing in value according to it's ACTUAL VALUE

"Actual value" of bitcoin is a nonsense phrase. Either its just value in the same sense as the value of a fiat currency -- i.e., what people will accept it for -- or its nothing at all. Bitcoin -- unlike commodity currency -- has no inherent value.

without politicians and the FED having a say about how many bitcoins they get to genesis.

Fed isn't an acronym. And you seem to think this is a good thing, but you haven't explained why (except "solves inflation", as if that was a benefit.) Something with a fixed upper limit of supply, with no utility value, doesn't really have anything that makes it attractive as a medium of exchange. Right now, Bitcoin has a couple of short-term things that are driving it (immaturity in regulation compared to traditional currency and novelty). But its completely pointless as a currency, even as insurance against fear of a general economic collapse (it doesn't even have the feature of holding gold coins that you can expect that it will have utility in the event of a general collapse.)

Re:Full faith and credit

[carnivore302]

Those insured deposits are backed by the full faith and credit of the United States government

hahaha!!

Re:Full faith and credit

[HeckRuler]

Oh I understand the Fed is doing a job by controlling inflation. I just think a decentralized currency with no master and no money printers would be a good thing. You're most certainly right about it being novel.

The purpose of the FDIC

[sjbe]

Remember, the FDIC has about $25B in treasury notes (not cash, that's long gone) in its fund to cover about $10T in deposits, and most of the insured banks have very low ratios (perhaps 10% cash-on-hand at most). If there's ever a bank run, the FDIC can't stop it.

The FDIC doesn't have to stop it. The purpose of the FDIC is to keep bank runs from starting in the first place, not to be able to back every dollar deposited. The FDIC is there to reassure people that even if their particular bank is having issues that they still will be able to get to their money because the government is there to back them up. Bank runs start because people think they cannot get to their money. If the money is insured there is less chance of them doing this.

Re:The purpose of the FDIC

[bill_mcgonigle]

The FDIC is there to reassure people that even if their particular bank is having issues that they still will be able to get to their money because the government is there to back them up.

Right, this is what allows bank customers to not care at all about how risky their banks' activities are.

Bank runs start because people think they cannot get to their money. If the money is insured there is less chance of them doing this.

We'll see what happens once the current FDIC fund is exhausted.

Re:The purpose of the FDIC

[steelfood]

Funny thing is, the banks aren't actually able to back every deposit at any given moment. They have most of the money tied up in investments and such, or just lent out.

The reason the whole system works is because people don't want to take out all of their money all at once.

Re:The purpose of the FDIC

[Kijori]

You're imagining that things are so bad that a guarantee backed by the US government is not enough to stop a bank run, and the run is so widespread that the government cannot meet the bill. In that case the government has collapsed. The banks have collapsed. The stock market has collapsed, the hedge funds have collapsed, the insurance markets and pension companies and every other type of financial institution has collapsed. In this situation, you lose. It doesn't matter if your money was in bitcoins or invested in gold - you just lose. As I said above there's really little point in an American individual hedging against the collapse of the US government - if that happens you just lose.

Re:The purpose of the FDIC

[bhiestand]

There is an upside to everything. Some people will net benefit from a collapse of the government. Maybe they'll position themselves to run the next government, or maybe they'll get rich selling their hoard of canned goods. Or maybe their secessionist dreams will finally be realized.

Re:is it me or bitcoin exchanges keep getting hack

[slashmydots]

3 exchanges were ever hacked in history, 2 were MTGox lol. But this doesn't sound like the first hack. It sounds like it just knocked them offline. The first one actually stole stuff and they thoroughly fixed that problem and sold the site to a company with better resources and a large background in banking.

For those of you too lazy to RTFA

[slashmydots]

Hackers DDOSed just the website itself to scare people into a sell-off then bought up the cheaper coins and waited for the price to rise again. This has nothing to do with the bitcoin network or protocol, zero coins were stolen, and no security was breached at MTGox. So everyone above me, STFU and read the article or this before talking out your ass about bitcoins.

Re:For those of you too lazy to RTFA

[MrVictor]

So everyone above me, STFU and read the article or this before talking out your ass about bitcoins.

They must be talking about asspennies.

Re:For those of you too lazy to RTFA

[Pecisk]

But a hacker's scam worked, didn't it? But this is problem in general with people and IT systems - common crowd don't even understand how it works broadly, so don't expect them to distinguish simple DDOS or network failure from bank/system going bankrupt, for example. Education and explaining - those can only limit damage in such cases in long term. In short term - be honest and leave yourself emergency information channels open.

Re:For those of you too lazy to RTFA

[ToddInSF]

Given today's "news" about the trillions hidden by the wealthy internationally in offshore accounts, I don't see much difference between "hackers" and the wealthy...

Bitcoin too volatile to be usable?

[benjfowler]

I came across this not too long ago: on Reuters, Felix Salmon outlining some opinion that Bitcoin embraces anarchy a little _too_ well, and is too volatile to serve as an adequate store of value as a consequence.

http://blogs.reuters.com/felix-salmon/2013/04/03/why-bitcoins-rise-is-nothing-to-celebrate/

With the value of Bitcoin jumping around the way it does, I'd be leery about keeping any amount of my money in Bitcoins.

Furthermore, if the value (or for the clever City boys, the volatility) of Bitcoin can be so easily gamed, then how am I expected to trust it?

Re:Bitcoin too volatile to be usable?

[PRMan]

For definitions of volatile meaning, "shooting through the stratosphere like a rocket, if you can handle the risk...".

Re:is it me or bitcoin exchanges keep getting hack

[asylumx]

3 exchanges were ever hacked in history

Yes, but it's a very short history and there aren't exactly a plethora of exchanges, especially not popular ones.

Re:These attacks

[benjfowler]

I don't expect basement-dwelling libertarian dunces to comprehend the concept of liquidity. Who am I kidding?

"Tanked"

[jemenake]

What I enjoyed most were the headlines in the "legit" financial sites, looking for any excuse to dismiss Bitcoin. Basically, they all said that the value of Bitcoin "tanked" because it got up to $145 earlier in the day, before "crashing down" to $125. I wanted to ask them "So, it was $95 two days ago. Yesterday, it was $115. Today, it's $125... what was that about 'tanking', again?". And, of course, today, it's at $135. I'll take that tank, any day.

Re:"Tanked"

[Yunzil]

Right because the sign of a good currency is 35% variability over the course of a couple days.

Re:"Tanked"

[pantaril]

Right because the sign of a good currency is 35% variability over the course of a couple days.

That's certainly not sign of good currency but perhaps new emerging currency with big potential.

No I'm not worried

[sjbe]

That depends on if the US government can confiscate money held in banks like what happened in Cyprus, or not. The question is, do you trust government to honor its promises.

The government confiscates money all the time. It's call taxes. This version was just a little less democratic and done in an unusual way which freaks people out.

Generally speaking, no I'm not especially worried about the US government confiscating my money ala Cyprus. Furthermore even making the comparison between the two economies is a bit absurd since the situations are about as different as possible. Put a few billion into Cyprus and you'll hose the economy when you take it out. A few billion is a rounding error in the US economy and most US debt is not actually held by foreigners. Furthermore every penny the US government owes is denominated in dollars which the government can (though shouldn't) print whenever they want. Cyprus uses the Euro over which it has limited control. There is no possible way for the largest US creditors to pull their money out quickly. People make a big deal out of China and Japan each holding $1 trillion in treasury notes but what they usually don't consider is that China doesn't really have any alternative and they cannot sell them quickly to anyone. There literally are no other buyers for that much US debt especially in a short time frame.

I sleep just fine

[sjbe]

And, as recently demonstrated by Cyprus, if the government arbitrarily changes the rules ex post facto and decides they're going to take your money "because we need it," how well do you sleep?

I sleep just fine. Governments have always had the ability to do this (it's called taxes) and they do it all the time. The only thing different here is the means by which they did it.

You sleep well thinking the rules of the game can't be changed. They can. They are. This is a terrifying precedent.

I sleep well knowing that the rules of the game are the same as they have always been. I understand that taxes can go up or down and I plan accordingly. I might not like it but it is hardly a big surprise.

Re:Throwback

[DragonWriter]

I guess I can't get on board with a system that hands out money to people for doing....basically nothing.

Its worse than that, its not for "doing nothing", its for "consuming resources".

Again?

[ThisIsSaei]

It is the site operators and their site with the security flaw, not the bitcoin itself. Not to claim that the bitcoin structure is perfectly solid, but once again people are arguing the wrong point. ( i.e. If your local bank is robbed they have a security problem, but that doesn't demonstrate a failure of the dollar. )

a positive thing?

[chris.alex.thomas]

in a way this could be a positive thing.

right now, not so many people are using it as opposed to paper money, so there is not so much scope for theft or fraud, but I guess for the people doing the losing it's more serious.

however, with each attack comes a stronger topology and methology to securing the system, the hacking attacks should in theory make the system stronger and more realible.

in theory anyway....

And next week...

[Martin+S.]

There will be another astroturfer biggin up bitcoins in order to pump his own 'investment'.

Duh

[Sycraft-fu]

Bitcoins move around like a thinly traded stock. That's fine... for a thinly traded stock, not for a currency. Any currency that fluctuated like Bitcoin did would be in extreme crisis. Also in the case of Bitcoin it would be the first ever case of hyper-deflation.

Any country with this going on would be reeling, crying to the world for help, the IMF and all the big banks would be involved, etc, etc.

To give people an idea the US Dollar, which is the world's reserve currency (like it or not) changed 2% in value last year (2% inflation) which is a bit below it's 3.2% average (since about 1900). Even when it was having extremely high levels of inflation, high enough to be considered highly problematic, it was only about 13% (in 1979). That is change in value per YEAR. That's similar to other stable currencies you find.

Now look at Bitcoin.

Don't use Bitcoin "online wallets"

[Animats]

Almost all the "online wallet" companies have at some point lost customer money. Instalwallet is just the latest. Bitomat, MyBitcoin, and some others also tanked. Bitcoin.org now has a warning: "Web wallets host your bitcoins. That means it is possible for them to lose your bitcoins following any incident on their side. As of today, no web wallet service provide enough insurance to be used to store value like a bank."

They're unregulated depositary institutions. Historically, those don't end well. Keeping much money in Bitcoin "exchanges" is iffy, too. Mt. Gox has withdrawal rate limits on Bitcoins, which is suspicious. They should be able to pay out 100% of their Bitcoin balances at any time. If they can't, they're skimming.

Re:Don't use Bitcoin "online wallets"

[PRMan]

1. All banks can only pay out a fraction of deposits at any given time.

2. Some of that regulation is related to government money-laundering laws they agreed to follow, not their own rules.

Same argument as my grandmother

[sjbe]

Within the past century, 95% of the purchasing power of the US dollar has been taken away by inflation. Exactly how safe do you think the US dollar is again?

And within that same time period incomes have risen faster than inflation and so has the value of stocks and many other assets. Dollars are a store of value but there are better ones out there. You're making the same argument that my grandmother does when she inappropriately compares the price of milk to the price 50 year ago. A dollar is worth less but our ability to acquire them is greater. Net result is that after you adjust for inflation I'm actually paying less of my income than she did 50 years ago.

Yep, ALL money

[glwtta]

How nice of the BitCoin people to provide examples of that, again and again.

ah Slashdot

[Algae_94]

Where the bitcoin stories are published right on time and everything else is at least a week old.

Re:Hackers

[DocSavage64109]

Hackers DDOSed just the website itself to scare people into a sell-off then bought up the cheaper coins and waited for the price to rise again.

That's an interesting theory. How much money could these hackers have possibly made by buying bitcoins for a slightly lower price? I can't imagine it being worth any real effort to arrange something like this.

Re:These attacks

[fustakrakich]

liquidity

As that what they're calling it now? I suppose you're naive enough to believe what happened in Cyprus can never happen here..

Re:These attacks

[benjfowler]

Cyprus was a solvency issue.

Re:is it me or bitcoin exchanges keep getting hack

[PRMan]

Bitfloor was hacked as well. The guy is slowly attempting to pay back in coins, but is only at 1.7 % so far.

Re:These attacks

[fustakrakich]

Aren't they all? Let's not quibble here. The banks are stealing the money, regardless of the name given. And none of this diminishes the probability that they are the ones attacking bitcoin. They certainly have motive and the means.

Re:Hackers

[slashmydots]

In the neighborhood of $10,000 - 100,000 at a non-suspicious volume believe it or not.

re: waste

[jago25_98]

re: waste.
That's a fair point. The people are being paid to secure the network. It's inefficient use of resources of course. There have been subsequent designs, one working on "Proof of stake"(?) another that votes by IP (so anyone with lots of IPs is more powerful).

To the thread in general: There was no disruption to MtGox AFAIK. The Instawallet is the 2nd online wallet to be hacked - not many people use online wallets after the first one got hacked.

2 factor auth is available for many of the exchanges.

Mt. Gox is not a bank

[Animats]

All banks can only pay out a fraction of deposits at any given time.

Mt. Gox is not a bank. Mt. Gox is a payment services firm under Japan's Payment Services Act of 2009. That law allowed non-bank businesses to do payment services, and, since then, many of the mobile operators in Japan run payment services. But payment service firms in Japan are not allowed to engage in fractional reserve banking. "The PSA will impose an obligation on an operator to secure the assets in amounts equal to or more than the total amount of: (i) funds which an operator is transmitting; and (ii) procedural costs in relation to reimbursement of such funds as set out in (i), so that the transferred funds can reach the recipient even in the event of an operator's insolvency."

So Mt. Gox has to have at least 100% of the deposited funds as hard assets.

this isn't a precedent

[YesIAmAScript]

Brazil confiscated huge amounts of money 23 years ago.

http://www.bbc.co.uk/news/business-21876149

'In her first act, Zelia, as she was known, went on national television to tell the country that all bank accounts were being frozen and that no-one could access more than 50,000 new cruzados in the currency of the time (a sum then worth about $1,250).'

This isn't a new thing, you just didn't know about it before. It's not necessarily going to shake all confidence in the system just because you suddenly found out about confiscation.

Bitcoin 2.0, anyone?

[LaggedOnUser]

I have been following these Bitcoin stories with some interest and I have a technical question maybe Slashdot can answer. It seems to me that Bitcoin has problems with scalability.

My impression is that to perform a Bitcoin transaction you have to download the entire history of Bitcoin transactions before you can get started and the entire network has to confirm your transaction and it's authenticity to prevent double-spending of coins. So far, so good. The problem is that this is an all-to-all network in terms of storage and processing requirements and its needs seem to scale exponentially. Last year, I hear there was 2 GB of storage required and this year 6 GB.

My question is: doesn't that imply that Bitcoin won't scale and will eventually fizzle out due to impractical storage and processing requirements? Who will want to download 100 GB or 1 TB of history of transactions of the entire world just to buy a sandwich?

  And doesn't that imply that there is room for Bitcoin 2.0, a new virtual currency with better scalability and possibly other improved characteristics? Compare Bitcoin with the Internet itself. The Internet is far more scalable because it is broken down into subnets and features more point-to-point communication and no need of transaction history which makes it far more scalable.

  Hypothetically, couldn't another virtual currency like Bitcoin be devised, that separates its users into subcommunities based on their frequency of transaction or physical location, and thus feature more efficient local transactions, which most transactions are, while allowing the occasional transaction to be routed between subcommunities? It could also feature a shorter history that only remembers a certain period worth of transactions, like one month, along with everyone's balance, thus avoiding the need of storing the entire history. Further, it could develop a reputation system that enhances the ability of the system to reject bogus transaction.

tl, dr: How is Bitcoin supposed to scale to more usage given its exponentially increasing storage requirements, and what can we replace it with that is more scalable, being better structured, with shorter history, or more efficiently rejecting bogus transactions?

Instawallet attack was no surprise

[atomicxblue]

They have no way to secure the account with a username and password. Wallet is accessed by visiting a URL. How is that even remotely secure?

Slashdot has been compromised

[Baldrson]

One can see from the spin put on recent stories that Slashdot itself has been compromised.

Re:Throwback

[Yebyen]

It's not exactly 'doing nothing' -- the network needs miners to operate. Nobody would know who has bitcoins without the constant efforts of the network to keep them up-to-date. So, you can have one person mining, and everybody pays him for his valuable work, or you let the network attack the mining problem together and it's more resilient, while spreading out the wealth.

The bitcoins have to come from somewhere, they have to get into peoples' hands somehow initially. Would you prefer they are all pre-mined, given to a foundation and the foundation hands them out to the traditional bankers we have already, just for standing there scanning checks, recording transactions... or as you say just 'doing nothing'?