Bitcoin Exchange Mt.Gox Suffers Serious Attack, Instawallet Offline

Bruce66423 writes "The BBC reports that Mt.Gox, the main exchange dealing with Bitcoins, has been attacked, and other resources are off line. A scary reminder of how insecure ALL money is in the computer age..." Also at TechWeekEurope. A message at bitcoin storage service Instawallet's site begins "The Instawallet service is suspended indefinitely until we are able to develop an alternative architecture. Our database was fraudulently accessed, due to the very nature of Instawallet it is impossible to reopen the service as-is."

Is it?

[paiute]

"A scary reminder of how insecure ALL money is in the computer age...."

I applaud the creation of Bitcoin, but really, would you trust your $10,000 more on a server somewhere or in an FDIC-covered bank?

Re:Is it?

And if you did trust it on a server somewhere, would that server be "Magic The Gathering Online Exchange"?

(Or are we supposed to forget that that's what "MtGOX" stands for?)

Re:Is it?

[Hentes]

There are many degrees of computer security, just like in real life. When you deal with lots of money, you want security that matches with the risk. Banks can do that.

Re:Is it?

[betterunixthanunix]

If you're into security, I'd highly recommend looking through the specs. It's an incredibly beautiful piece of engineering whether or not you are using it.

I looked at the specs, in great detail. What I saw is a system that uses cryptography but which is not secure under the notion of "security" that cryptographers use. The effort required for a successful double-spending attack on Bitcoin scales linearly with the effort required to use Bitcoin; this is worthless as far as cryptographic security is concerned. It is also troubling that the Bitcoin "security proof" only rules out a single attack strategy. Usually we want security proofs to rule out *all* theoretically feasible attacks, even those that we do not know of.

Re:Is it?

[Archangel+Michael]

That depends on if the US government can confiscate money held in banks like what happened in Cyprus, or not. The question is, do you trust government to honor its promises. Ask the Native Americans how the government honors its treaties.

"I'm altering the deal, pray I don't alter it further"

Re:Is it?

[camperdave]

See! I knew bitcoins were some in-game currency.

Re:Is it?

[Archangel+Michael]

I don't trust MTGOX, and I have no illusions of trust. However many people trust the government. The real question is, is the illusion of trust better than the reality of not trusting anyone.

Caveat Emptor.

Re:Is it?

[camperdave]

The big sack of pennies under my bed is as secure as ever.

Security through bad-guys-not-carrying-a-forklift... Clever.

Re:Is it?

[lgw]

You obviously do not work with money or banking software. Its not a ledger, its a transaction trail. And its not in "an" its in several.

For transactions that stay in Bitcoins, the entire network tracks every transaction (well, more than half of it has to). The same goal is served without a central authority. The privacy implications are more disturbing than the prospect for fraud.

However, the exchanges are a different matter. Just like those stupid mortgage derivatives, there's a real need for a regulated exchange here. Note that most of the regulations involved in trading e.g. corn at the CME aren't government regulations, they're market rules. If you want to buy or sell at the CME, you follow those rules, if not, perhaps there's another market that works the way you'd like.

The CME (and the other big markets, but that's the main one for the US) is really good at writing rules that protect traders from crap like having the exchange hacked, or any of the other crap that the likes of Goldman Sachs have come up with over centuries of trying to hack the system.

My biggest worry with bitcoins is what happens when Goldman et al discover there's money to be made by manipulating that market, and have nothing to stop their centuries-old bag of tricks.

Re:Is it?

[lgw]

As I understand it, a successful double-spending attack on Bitcoin requires controlling more than 50% of the computing power participating in the transaction validation network at the time you make the transaction. As that is the same thing as the bitcoin mining network, and that has gone to custom ASICs now, that's a pretty impressive obstacle. I don't think even the NSA has that kind of horsepower any more (though if anyone does, it's them).

If there's some flaw you see in the implementation of that, it's a really interesting flaw and you should publish.

Usually we want security proofs to rule out *all* theoretically feasible attacks, even those that we do not know of.

You contradict yourself there. Everything is vulnerable. Everything from AES to SHA-x relies on the premise that no one has come forward with a weakness, and lots of smart people have looked, and that's as good as it gets. You can't prove a negative.

Re:Is it?

[lgw]

When I buy a share of stock or a corn future, my need to trust the government is minimal. I need to trust the exchange. And the big exchanges have an excellent track record - the exchange rules protect against 400+ years of dirty tricks by participants, and the likes of MtGox have a very long way to go. Attacking the database is just the most obvious and straightforward approach; there are so many ways to participate fraudulently in an exchange, or corner the market, or so many other dirty tricks that become rewarding if bitcoin really takes off.

Re:Is it?

[Archangel+Michael]

This wasn't a hack of the database. It was a DDOS attack. The database was not at risk in this case. People who don't understand technology need to not talk about it like they do.

And unlike most other exchanges, I can actually hold on to my own bitcoins, and submit to the exchange only when I want to trade them for other currencies.

Re:Is it?

[betterunixthanunix]

To spend Bitcoin money multiple times, you only need slightly more computing power than everyone else using Bitcoin combined. The weakness is due to the use of consensus to decide which transactions are valid; by amassing enough computing power, one can control the consensus.

Re:Is it?

[Anon-Admin]

That is because you do not understand how the stock exchange works. Some notes to help you under stand

#1) When you buy a stock, you do not own the stock. (Unless you get a hard copy of the stock certificate)
#2) The real stock is in DTCC's (Depository Trust and Clearing Corporation) name in a hidden vault in New York City.
#3) DTCC when Clearing the sale simply moves the record of the stock from one account to another and does not change the ownership of the stock.
#4) DTCC's Data center is running on 10 to 15 year old hardware and the stuff crashes all the time.
#5) Some day the database will crash and the information as to who owns what will be lost
#6) DTCC Will profit as they own all the stocks.

DTCC the privately held company you never heard of processing 4.6 quadrillion dollars a year in stock transactions.

Wait tell you find out who makes up the board of directors!

Re:Is it?

[SydShamino]

In my opinion, microsecond stock transactions are the very type of dirty trick the exchanges should be protecting against, so based on the current actions of the stock exchanges, I disagree with your opinion on the big exchanges' track records.

Re:Is it?

[betterunixthanunix]

The attack only requires that the attacker does as much work as the rest of the network until the original transaction is accepted (e.g. after six confirmations), at which point the attacker introduces the malicious block chain where he paid himself. That is not exponential: the attacker is maintaining his own block chain in secret, and only has to work as hard as is needed to keep that block chain as long as the current consensus, which means the attacker will work just slightly harder than the entire rest of the network is working. The concise way of saying that is that the attacker's effort scales linearly with the work done by the rest of the Bitcoin network, which is what I said in the first place.

Re:Is it?

[lgw]

This wasn't a hack of the database. It was a DDOS attack. The database was not at risk in this case. People who don't understand technology need to not talk about it like they do.

We can at least read TFS.

"The Instawallet service is suspended indefinitely until we are able to develop an alternative architecture. Our database was fraudulently accessed, due to the very nature of Instawallet it is impossible to reopen the service as-is."

Now if TFS is just wrong (as happens), it's good to say so explicitly.

My point was that securing one's DB is just the first and most obvious step. Running a successful exchange puts you in direct opposition to investment banks: folks with no morals, who hired the majority of math PhDs for several years just to look for market exploits. You may be smart. The folks who run bitcoin exchanges may be smart. But this is an advanced, persistent threat, and one that's not in any way limited to technology

And unlike most other exchanges, I can actually hold on to my own bitcoins, and submit to the exchange only when I want to trade them for other currencies.

Unlike what exchange? You can't hold physical corn? Or live cattle? Or gold? Heck, I can get printed stock shares if I feel the need (I've done this for sentimental reasons - framed in my office). You seems to be confusing an exchange with a bank. The two have little in common.

Re:Is it?

[lgw]

It's been my experience that complaining about HFT is a sure sign that someone doesn't actually trade on an exchange or understand them except as an abstraction. HFT reduces the bid-ask gap. It's not a dirty trick at all: it's pitting the investment banks against one another for the benefit of the casual trader. That's exactly what we want exchanges to do.

Re:Is it?

[lgw]

The only way for the government to confiscate bitcoins would be to copy and decrypt wallet files.

Easily done. I try to resist xkcd references here, but it's just too apt. The government would confiscate bitcoins by using its monopoly on force to demand some from you.

Re:Is it?

[Algae_94]

Just to clarify, TFS is correct, but Instawallet is not an exchange. MtGOX is an exchange that is undergoing a DDoS attack. Instawallet had their DB attacked. As far as I can tell Instawallet is just a company that will hold your bitcoins for you, like a safety deposit box, only without the safety in this case.

Re:Is it?

[alexander_686]

Let us see - Some minor nits and a major point.

DTCC moved to New Jersey a few years go, I think.

DTCC is owned by it members – so it’s as private as your local co-op. (Which is private, but has a slightly different profit motive)

As to profiting when they own all of the stock? You are going to have to explain that theory to me.

Loss of data? DTCC has a set of records. Each brokerage firm has a separate set of records. (Many being held in a separate, custodial account) If DTCC and it multiple site backups were to blow up the master record could be reconstructed by pooling individual brokered records. Difficult to put back together – yeah – but doable.

Ownership does change – I mean DTCC does report ownership changes to the company. You seem to have a peculiar and narrow definition of “ownership”. It’s like cashing a check at the bank – it’s not like they move cash from one drawer to the other – and yet a real exchange has been made.

Re:Is it?

[viperidaenz]

Without the safety or the insurance.

Re:Is it?

[AuMatar]

No, it does so in the opposite direction.

I bid $10. Someone asks $9.99. Obviously we're going to make a deal. There's an overflow of 1 cent- one of us will make 1 more cent than they expected to. Either of us could move, we could split the difference, or we could just set an exchange wide rule for this (say the seller always makes it, or the buyer).

Now add in HFT. Same scenario. The HFT sees my $10 bid before the seller does, and sends a buy for $9.99 exactly to the seller, buying the stock. He then sells to me for $10. He makes that extra penny. Has he helped me? Not at all- he took an average of half a penny from me. Does he help the seller? Nope, he took half a penny from them, for the service of completing the transaction a few microseconds sooner.

HFT are parasites. They provide no value to either side, but make a vig. There is no bid-ask gap that they reduce because the bid is higher than the ask. If it wasn't there'd be no money for them to make. Its immoral, unethical, and ought to be illegal. It also siphons millions to billions from the economy.

Re:Is it?

[lgw]

I'm going to ignore your sarcasm, and hope this helps some readers.

There are many potential sellers and buyers. For a given market, at a given point in time: the "bid" is the highest price any buyer is offering; the "ask" is the lowest price any seller is willing to take.

When the bid and ask intersect, people do business. In a "thick" market this happens all the time, and the bid and ask tend to stay very close together. That's great for a casual market participant: you don't need to study the behavior of the exchange in order to get a fair price. If you'd like to buy or sell corn at about $6 per bushel, and the last trade was $6, you can just buy or sell "at market" (just taking the best price at the moment), trade immediately, and not get screwed. You might pay $6.01 or get $5.99, but there's no need to carefully craft a stop or limit order, being careful of which way the market might move, and how long you're willing to wait, and what opportunity you might lose. Further if you accidentally buy 10x what you intended, you can turn around and sell immediately and lose only a trivial amount.

On the other hand, a "thin" market just sucks. If corn is going for about $6/bushel, but the bid is $5 and the ask is $7, it's a real problem for a casual market participant. If you unwittingly accept "market price", you get a terrible deal. To get any kind of fair price, you need to follow trading to know that when occasional trades happen, they're "about $6". You put in a stop or limit order for $6, but the guys sitting at $5 and $7 do nothing but trade this market full time, and they can wait. Let's say you're selling. No buyers for a minute at $6, five minutes, you say heck, maybe I was off a bit, and try $5.90. Still nothing. Eventually someone takes you out at $5.70. Most markets used to trade like that. Great for the investment bank that has a team of full-time speculators, bad for the guy who just needs to sell a couple tons of corn. And heaven help you if you accidentally buy 10x what you intended.

But there's obviously a profit to be made there: buying at $5.70 from the little guy and selling at $6 - the business of "market making". Once you have multiple competing market makers, the game changes. A isn't going to let B buy at $5.70, he'll take it at $5.71, except C will take it at $5.72, and so on, until you can just sell at $5.99 and not worry about it. The minimum profit the market makers will take is limited by 2 things: how fast the market is moving (which creates risk during the time the market maker owns the contract) and the amount of automation available. The reason most markets used to be thin was the lack of automation: unless there was a total of millions to be made in a given market, it's not worth paying someone to become the expert there. But now everything is algorithmic, and there's almost no per-market cost, and bid-ask gaps are tiny almost everywhere.

Sure the intermediary wants a profit- but when every market has multiple competing intermediaries, everyone wins. The more market makers participate, and the more frequently they do so, the less money gets siphoned off on each trade by those guys.

Re:Is it?

[lgw]

$10. Someone asks $9.99. Obviously we're going to make a deal. There's an overflow of 1 cent-

If the bid is $10 no one will ever ask $9.99, they'll hit your $10 bid. What you've described is not what market makers do.

There is no bid-ask gap that they reduce because the bid is higher than the ask. If it wasn't there'd be no money for them to make

You've got it backwards. I suspect you started from the assumption that HFT is evil, and constructed a scenario to explain why they are evil - but you've wandered away from reality.

See my post here http://slashdot.org/comments.pl?sid=3615411&cid=43362361 where I explain in detail - it's too much to repeat here.

A reminder of how insecure ALL money is?

[nysus]

Uh, no. Somehow I sleep a little better knowing my money is backed up by the FDIC if I keep it in a real bank.

Re:A reminder of how insecure ALL money is?

[Wonko+the+Sane]

Those depositors were generally not "people in Cyprus" but rather "people in Russia with money in Cyprus".

No, the Russians were all tipped off ahead of time, and were able to withdraw their money via overseas branches that remained open during the freeze in Cyprus. The only people who were affected were regular people and small businesses.

Re:A reminder of how insecure ALL money is?

[prisoner-of-enigma]

Anything over 100,000 euros was uninsured, just as anything over $250,000 is uninsured in the US. Those depositors were generally not "people in Cyprus" but rather "people in Russia with money in Cyprus".

And this makes the people who were subjected to government-authorized robberies sleep better at night...how exactly? When the government can arbitrarily decide to take your funds, does it really matter where thy put the dollar/euro limit at? This should terrify everyone.

Re:A reminder of how insecure ALL money is?

[prisoner-of-enigma]

Uh, no. Somehow I sleep a little better knowing my money is backed up by the FDIC if I keep it in a real bank.

And, as recently demonstrated by Cyprus, if the government arbitrarily changes the rules ex post facto and decides they're going to take your money "because we need it," how well do you sleep? You sleep well thinking the rules of the game can't be changed. They can. They are. This is a terrifying precedent.

Re:A reminder of how insecure ALL money is?

[Wonko+the+Sane]

That tiny island is probably more solvent than the United States. Our balance sheets only look better because of a complete lack of transparency and honest accounting.

Re:A reminder of how insecure ALL money is?

[Steve+Hamlin]

I trust that the U.S. Government won't expropriate my bank account more than I trust that private Bitcoin servers won't get hacked.

Sleeping well is relative.

Re:A reminder of how insecure ALL money is?

[hedwards]

It's not a scam.

The way the FDIC works is that they monitor the financials of all the banking institutions that are covered by them. And they require that the banks hold a certain amount of cash in reserve at all times in order to ensure that they can cover the funds that they've loaned.

The FDIC itself shuts banks down and sells them to other banks prior to them getting into serious trouble. So, the end result is that the FDIC rarely has to pay anything and when it does, most of the money is still in the bank.

$25b is a lot of money, but you have to realize that in order for it to owe $1tn or more that they would have to miss a ton of banks that weren't complying with the law, and that's highly unlikely. What's more, $10tn would require a complete collapse of the system, at which point there are bigger fish to fry. Such as finding fish to fry because you're starving.

Yet the value of BitCoin keeps on rising

Why does it smell like tulips in here....

Dwolla Also Hit

[eldavojohn]

Also Dwolla was down for two days but appears to be back up as they appeared to have worked a deal with CloudFlare. Mt. Gox uses Prolexic so this shouldn't affect them, right? Right? Accessing the database of Instawallet sounds like a total fail though.

A scary reminder of how insecure ALL money is in the computer age...

Really? My Celtic ring money is still fully intact around my wrist and still worth the silver it's made out of. All currencies have their ups and downs. Some benefits are double edged swords (just ask Renminbi traders). Nice editorial though -- the services surrounding BitCoin are clearly infantile and only now are getting DDOS protection.

My credit union offers two factor authentication. Could a Bitcoin exchange do the same? You bet. But they haven't. The fact is that it's easier to find legit and robust exchanges and institutions in USD than BitCoin.

Re:Dwolla Also Hit

[Kiwikwi]

If you'd get off your horse for a moment, you might realize that MtGox offers two-factor authentication and has for a long time.

target

[roman_mir]

Bitcoin exchanges are a target right now at the current exchange rates, but I was thinking just a little while back, isn't it strange that somebody who released the original protocol is unknown and wishes to stay anonymous? I thought about that for a little bit, there are a number of possibilities. Of-course somebody who had the original idea could run the hash generation for a much longer time before anybody started doing it as part of a mining (proof of work) network. I don't know, it's hidden in plain sight

This feature is then used in the Bitcoin network to secure various aspects. An attacker that wants to introduce malicious payload data into the network, will need to do the required proof of work before it will be accepted. And as long as honest miners have more computing power, they can always outpace an attacker.

- good, what if somebody had a much longer stretch of time to work out the answers before they could even become questions? It's not like those transactions are random.

What other motives can somebody have to release a protocol like this one potentially to be used by millions of people who see this as a way to make money? Giving people incentives to come up with faster SHA generators? Somebody who wants to break encryption mechanisms by generating huge amounts of SHA codes against various data?

I think without actually getting into the source code it's impossible to read the answers to any of these questions, so maybe that's the next step, read the source code.

Re:target

[Paran]

It's more likely that the author(s) value their freedom. The US government (I haven't looked at others) has a history of shutting down alternative currencies and trying to inprison the creators.

Re:target

[roman_mir]

Yes, the US government (and other governments as well) does have a history of shutting down alternative currencies and imprisoning and even labelling the people behind them as terrorists.

On March 18, 2011, after a 90 minute jury deliberation, von NotHaus was found guilty on various counts, including the making of "counterfeit coins" (resembling legal tender coins).

Attorney for the Western District of North Carolina, Anne M. Tompkins, described Bernard von NotHaus and the Liberty dollar as "a unique form of domestic terrorismâ that is trying âoeto undermine the legitimate currency of this country.â The Justice Department press release quotes her as saying: âoeWhile these forms of anti-government activities do not involve violence, they are every bit as insidious and represent a clear and present danger to the economic stability of this country". .....

Although he was convicted in March 2011, the U.S. government has still not reached a sentencing decision for Von NotHaus. Since his trial, The New York Times has described Von Nothaus as "the Rosa Parks of the constitutional currency movement", for his creation of an alternative currency that is valued at "more than 60 million dollars." Von Nothaus presently resides in a Malibu mansion that was lent to him by a friend, where he faces a possible sentence of upwards of 20 years in prison, for the crime of making his own money.

I agree with you. However in case of Bitcoin the currency is not minted by the originators of the protocol and there is nothing to 'shut down', the currency cannot be shut down. Individual businesses can be forced not to accept Bitcoins, that's true. One way for gov't to 'shut down' Bitcoins is to buy them off of the hands of all people who hold them and keep buying as long as Bitcoins are generated, but that's a stupid thing to do, it would drive the perceived value through the roof, giving huge incentives for people to start their own clones of Bitcoin in hope to have gov't buy those up as well (obviously with inflation, with printed money).

Re:target

[pantaril]

- good, what if somebody had a much longer stretch of time to work out the answers before they could even become questions? It's not like those transactions are random.

This will not work. You cannot compute the answers to unknown questions. The questions are composed of all transactions in recent 10 minutes which are basically input and output addresses signed with unknown private keys. In order to successfully employ 51% attack on bitcoin you must be able to ouperform the rest of the network in real time for at least 10 minutes.

Re:BitCoin apologists

[Laser_47]

That isn't a problem with the BitCoin protocol, but Instawallet's website.

InstaTheft

Was InstaWallet attacked? Or is that what they want you to believe while they abscond with all the untraceable bitcoins?

Re:"...ALL money is in the computer age."

[emho24]

Yet if the cash in your wallet represents anything more than chump change, expect it to be "hacked" the next time you run into the authorities.

Re:BitCoin apologists

[Umuri]

Relevant xkcd to rant below: http://xkcd.com/932/

So please, explain to us how a third party's online wallet service is now a fundamental flaw in bitcoin itself? They made a server that did data management for the user, and thought they had security in place such that their data was unacessible without the proper password. They then were proven wrong. So now they need a new method of storing it (architecture) that is secure.

For the obligatory car analogy, this is like you saying a certain car brand sucks at security because an aftermarket mechanic installs hidden compartments in it, and then the compartment gets broken into because it has a shitty lock. Now the mechanic is out of the compartment installing business until he finds a better lock to put in.

Old news?

[prisoner-of-enigma]

This is semi-old news. Mt.Gox has been under attack for at least a couple of days but they appear to be handling it pretty well. I haven't noticed any problems with using them at least. Trades might be taking a tad longer but nothing big that I can see.

Instawallet, on the other hand, crumbled at least a day or two (I read about it early yesterday morning). Their problem had nothing fundamental to do with BTC but more to do with the unique way Instawallet did business with (I believe) greater anonymity. The whole "we gotta rearchitect this thing" press release was that their fundamental way of doing business made them uniquely targetable by fraudsters, thus they gotta figure out something new.

Re:BitCoin apologists

[JesseMcDonald]

This has nothing to do with "BitCoin's developers". The "alternative infrastructure" comment applies exclusively to InstaWallet, a provider of "online wallets", which was hardly a major player to begin with, and Mt. Gox wasn't "hacked", they were the target of a DDoS attack which made it difficult to access their web site. That's inconvenient if you rely on them for exchanging BTC and USD and need to do so in a hurry, but there are other exchanges available, and everyone's balances on and off the exchange are still perfectly secure. At no point did either incident affect the actual Bitcoin network.

Re:Money is not secure, period

The US cannot possibly end up like Cyprus. If it does, it means the global economy has collapsed and ALL forms of currency - save for bulets and possibly bottle caps - is worthless. Bitcoin backers demonstrate their fundamental lack of understanding of the economy on a daily basis.

Re:"...ALL money is in the computer age."

[fustakrakich]

The cash in my wallet remains un-hacked.

No, it doesn't, unless you want to ignore inflation.. The dollars in your wallet are losing value every day.

Bitcoins irrelevant USD. Paypal 30 times as large

[raymorris]

The people running the central banks don't know a bitcoin from a cupcake and don't care. There are over 100,000 times as many dollars as there are Bitchcoins. In ten years, PAYPAL might be worried about bitcoin. PayPal is 30 times as large as bitcoin (by transaction volume), so if bitcoin got 20 times as popular it would be real competion for PayPal.

For the US dollar? The Federal Reserve is about as concerned about bitcoins as Coca Cola is concerned about some kid's lemondade stand. The Fed IS concerned about people switching to the Euro because currently about half of all international trade is in USD, but much is moving to the Euro. That reduces the amount of USD governments and institutions keep in reserve, which are effectively free loans to the fed. (They get to sell dollars which get locked away, without inflating the market.) So the euro matters, bitcoins are such a tiny, tiny market that big bankers hardly notice they exist.

is it me or bitcoin exchanges keep getting hacked?

[youn]

there are so many in the news, it is difficult to keep track

Full faith and credit

[sjbe]

I hate to break this to you, but your insured deposits aren't held as coins in an outsized piggy bank like Scrooge McDuck's Money Bin. They exist only as entries in an electronic ledger.

Yes, and? Those insured deposits are backed by the full faith and credit of the United States government and the bank is liable for their security. Bitcoins enjoy none of the same protections. If someone wants to use bitcoin and understands the amount of risk they are assuming then I have no quarrel with them but let's not pretend the amount of risk is remotely comparable.

Re:Full faith and credit

[DragonWriter]

Within the past century, 95% of the purchasing power of the US dollar has been taken away by inflation. Exactly how safe do you think the US dollar is again?

If you are using currency as a long-term store of value, you are mostly using it wrong.

Re:Full faith and credit

[sjbe]

If you are using currency as a long-term store of value, you are mostly using it wrong.

Good thing I'm not doing that then. My money is invested in a combination of stocks, bonds, real estate and a few other assets. Holding excess cash, whether it be dollars or bitcoins, is foolish due to inflation and in the case of bitcoin exchange rate risk. (excess cash meaning more than your reasonably foreseeable liquidity needs)

Re:Full faith and credit

Within the past century, 95% of the purchasing power of the US dollar has been taken away by inflation. Exactly how safe do you think the US dollar is again?

Try to keep in mind that you make a lot more of those US dollars over that same time period as well, so your point that inflation has eroded the US dollar is not taking into account that wages have inflated right along with prices. So unless you have kept your wealth in actual currency for the last 100 years (which would be about the stupidest thing ever) then your point is a bit weak.

Nice graph of 100 years of wage and price data

Average wage in 1900 $438 a year
Price of a pound of butter 26 cents

Average wage in 1990 $23602 a year
Price of a pound of butter $2.10

Re:Full faith and credit

[viperidaenz]

I can buy nearly twice as much butter now! Maybe that's why Americans are fat?

The purpose of the FDIC

[sjbe]

Remember, the FDIC has about $25B in treasury notes (not cash, that's long gone) in its fund to cover about $10T in deposits, and most of the insured banks have very low ratios (perhaps 10% cash-on-hand at most). If there's ever a bank run, the FDIC can't stop it.

The FDIC doesn't have to stop it. The purpose of the FDIC is to keep bank runs from starting in the first place, not to be able to back every dollar deposited. The FDIC is there to reassure people that even if their particular bank is having issues that they still will be able to get to their money because the government is there to back them up. Bank runs start because people think they cannot get to their money. If the money is insured there is less chance of them doing this.

Re:The purpose of the FDIC

[bill_mcgonigle]

The FDIC is there to reassure people that even if their particular bank is having issues that they still will be able to get to their money because the government is there to back them up.

Right, this is what allows bank customers to not care at all about how risky their banks' activities are.

Bank runs start because people think they cannot get to their money. If the money is insured there is less chance of them doing this.

We'll see what happens once the current FDIC fund is exhausted.

For those of you too lazy to RTFA

[slashmydots]

Hackers DDOSed just the website itself to scare people into a sell-off then bought up the cheaper coins and waited for the price to rise again. This has nothing to do with the bitcoin network or protocol, zero coins were stolen, and no security was breached at MTGox. So everyone above me, STFU and read the article or this before talking out your ass about bitcoins.

Re:For those of you too lazy to RTFA

[Pecisk]

But a hacker's scam worked, didn't it? But this is problem in general with people and IT systems - common crowd don't even understand how it works broadly, so don't expect them to distinguish simple DDOS or network failure from bank/system going bankrupt, for example. Education and explaining - those can only limit damage in such cases in long term. In short term - be honest and leave yourself emergency information channels open.

a positive thing?

[chris.alex.thomas]

in a way this could be a positive thing.

right now, not so many people are using it as opposed to paper money, so there is not so much scope for theft or fraud, but I guess for the people doing the losing it's more serious.

however, with each attack comes a stronger topology and methology to securing the system, the hacking attacks should in theory make the system stronger and more realible.

in theory anyway....

Re:BitCoin apologists

[luis_a_espinal]

Easy with the strawmans.

That isn't a problem with the BitCoin protocol, but Instawallet's website.

The OP is not faulting the BitCoin protocol. He/she is faulting the BitCoin developers/staff/whatever for their deployment architecture choices. After, choosing Instawallet's is/was an architectural choice. For the type of operations BitCoin is aiming for, we are talking architectural options that must accomodate growth into the realms of mega-scale/mega-resilient, ala AWS, ebay or Google.

Having to halt operations indefinitely until an alternative architectural solution is in place, that is not acceptable. Furthermore, they should have never gone into operations without one. I've worked in small, insular enterprises where having alternate architectures for catastrophe recovery was a starting, non-negotiable requirement.

I'm not saying "me-can-do" nor saying this just out of spite to join the Borg bashing collective. I'm simply stating a matter of fact that is revelant when building and fielding systems of such potential caliber. Hopefully useful lessons will be learned so that it does not happen again.

Same argument as my grandmother

[sjbe]

Within the past century, 95% of the purchasing power of the US dollar has been taken away by inflation. Exactly how safe do you think the US dollar is again?

And within that same time period incomes have risen faster than inflation and so has the value of stocks and many other assets. Dollars are a store of value but there are better ones out there. You're making the same argument that my grandmother does when she inappropriately compares the price of milk to the price 50 year ago. A dollar is worth less but our ability to acquire them is greater. Net result is that after you adjust for inflation I'm actually paying less of my income than she did 50 years ago.