Same with SCADA stuff. It needs its own backbone, then hardened computers that relay the diagnostic info from the embedded controllers to where it needs to be.
Why not just harden the SCADA equipment? Powerful microcontrollers are cheap; stick TLS and certificates on them.
A completely separate (air gap, and no wireless, no shared programs or data) device from your "insecure" Internet computer. I see very little chance of this happening. The first unwitting member of a botnet who signs in to the "secure" Internet with their magical "secure" credentials will immediately un-secure it for everyone else.
As I've gotten older (and now have money to buy stuff), I'm fine with a way for copyright owners to shutdown pirates after repeated offenses. (When I first got a cable modem in 1997 or so, I got internet shutoff due to some involvement in pirating. A call to my ISP got my internet turned back on.)
The court system.
That answer should be sufficient in and of itself, but to further elaborate; do you want your neighborhood covenant to have the power to shut off your water if you plant the wrong kinds of things in your yard? The power to turn off your electricity if they don't like your christmas lights or loud music? Do you want other drivers on the road to be able to disable your engine if they think you cut them off? Law and order is important. Allowing the media companies to control Internet connections is the very definition of vigilantism.
Holy crap, Ken Thompson was on the panel. If that isn't proof enough that the analysis at the very least was overseen by someone who knew what they were doing, then I don't know what is.
What about torrenting a parody video covered by fair use? The MPAA isn't required to take you to court to shut off your Internet connection so no more fair use for you because it's only an affirmative defense and not a "right". What about downloading "copyrighted" documents from Wikileaks?
And most importantly, can we get the MPAA cut off from the Internet for illegally redistributing "This Film is Not Yet Rated" to its members?
and iTunes and Netflix and Youtube and of course any indie websites. Isn't that the real idea behind these measures? To force us to go back to the store for overpriced Content?
Piracy is not the cause of declining MPAA/RIAA importance.
Technically, he still owns the LPs/CDs. Just because he can't put them into a player (due to their current molecular configuration) and play them doesn't mean anything since backup copies are allowed by fair use. In fact, he's in an even better position than most because it's very unlikely that some punk will steal his original copies of the music now. Then he *would* have to file an insurance claim, police report, re-buy his media, etc.
That's because Glassier didn't do anything to make money - he just borrowed money. In real life, the Glassier would either need to have an income stream, or use the loan to start an income stream. Otherwise, yes, it's time to give up the collateral.
So where does Glassier's income stream come from? Unless it comes directly from the banker (e.g. someone breaks the banker's window) someone else will have to take out a loan to supply his income, ad infinitum until the banker ultimately makes money for contributing no tangible goods to the economy. Perhaps his trustworthiness is worth 5% on loans, but everyone eventually pays for trusting the banker by owing more money to the banker every year. This is a necessary result of depending on a bank to create new money instead of simply trusting interest-free IOUs from the other participants in the economy. Obviously it needs some (self) regulation, but all it really requires is that d$/dt >= 0 in the long term for each issuer of IOUs.
Yes, and by the current difficulty, block rate, and GPU efficiency you would only need about 1.5GW of continuous power to produce a block chain longer than the legitimate chain that would form while you were making your fake chain. The longest chain wins. And all it would let you do is double-spend. You could make more bitcoins simply mining.
It's still a pyramid scheme, as has been commented dozens of times on all the previous articles about BitCoins. Early adopters get the easiest blocks to solve, making them the most coins for the least effort?
This doesn't necessarily matter because the difficulty is chosen dynamically so that roughly 1 block is found every 10 minutes. This means that even though the actual difficulty was much lower a couple years ago there weren't millions of blocks being created by the early adopters. Anyone could have joined and had an equal chance to receive a block in the early days. The ease of obtaining bitcoins in the early days was only because of the small number of early adopters and not due to the lower difficulty of finding a block. Similar effects were seen during oil and gold rushes where the easiest to obtain and most desirable resources were obtained by the initial investors.
Social security, OTOH, has always had the explicitly stated intent of paying Generation-M directly from the payments of Generation-M+n. Your ability to "get yours" in the future depends entirely on fleecing new "investors" out of their then-present-day contributions to the system.
So insurance is a Ponzi scheme? After all, a policy holder is guaranteed an average rate of return (generally negative) given his or her risk of injury/accident and the average payout of each covered incident. The initial investors who create the insurance company's initial fund are paid back *directly* from the investments of the next generation of investors (the insured). Once the initial investors are paid off, the first generation of policy-holders becomes reliant on future buyers of policies in order to guarantee their average expected return.
I think the guaranteed/expected rate of return has *everything* to do with a Ponzi scheme and not merely the structured transfer of wealth from Generation-M+n to Generation-M. If the expected rate of return when buying car insurance was positive, it would be a Ponzi scheme. Social security does not guarantee a profit except for low income workers who cannot afford to increase their market share (in fact if they did increase their market share by earning more and paying more social security taxes they would attain a negative rate of return), and hence functions merely as an insurance program.
I suppose it depends on how well designed your hardware crypto-device is. Does it parse the message it is signing and extract the relevant information to display? Or does it accept a "display" field from the bank and sign whatever message comes with it? And if you can only see the amount signed but not the destination account it would be open to a MITM attack on your computer/browser, preferably during a high-value transaction. Does the crypto-device verify a transaction against a list of authorized accounts stored in the device or is it the banking site doing that verification? Still, it is a heck of a lot better than most banking sites.
"LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION Dear crypto-processor USB device, please sign the following transaction: 'I transfer all my money to hacker@hacker.com' thanks LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION" -- trojaned/virus-infected e-payment executable on your windows box.
Are you really going to scroll through a tiny display every time looking for hidden things that you're signing?
This guy was a miner, so it is not inconceivable to just watch the p2p network with enough nodes and see which IP address is actually contributing the new blocks from his mining client. Once you have an IP address, look for vulnerabilities on the host machine. If you can't get miners to connect directly to you, just start hacking other bitcoin peers until you find a node that a high-ouput miner is attached to. You could probably do timing analysis to figure out which peers are "closer" to miners by timing when new blocks become available from them.
Sure, if someone builds a secret quantum computer then everyone is boned, SSH/SSL/x509/etc. included. I'm talking about a known significant threat of quantum computing being able to break ECDSA, e.g. a working 10 or 20 bit quantum computer. That's the time to move to other public key (or symmetric hash based) signature schemes and transfer all your money to yourself under the secure scheme.
If SHA-256 is broken bitcoin is effectively useless; there's no way to trust new blocks and therefore no way to transfer bitcoins. Who decides what the last valid block was? Everyone who received bitcoins after that block is screwed even if they weren't scamming anyone. The proof of work is gone too; although it would probably not be impossible to form a consensus of the correct block chain by directly comparing all the block histories in everyone's local copies, that is still a big effort. The best case scenario would be to modify everyone's client to generate a new block hash chain using their locally stored copy and a new secure hash, and then picking the majority result from the set of new hash chains.
Assuming that valid criticism of the bitcoin protocol/design are accepted by more than 50% of the community, an upgraded client could change the direction of the longest valid block chain and the less than 50% would be forced to upgrade to a compatible client to spend their bitcoins or else splinter the bitcoin network into pieces with a common history but an incompatible block chain after the point that the design change was made. Do you see splintering as a potential problem for bitcoin or just a natural evolution? Obviously it would be useful to keep all the bitcoins in one pool because of their limited nature, but what if a group of Keynesians wants to fork the code and allow for an inflationary currency by never reducing the payout for creating new blocks, or perhaps even increasing it as the difficulty increases? If the parameters are chosen right, the new network could attract a significant portion of the miners to the new network, especially if it looks like the currency market is moving to the new network and taking the real value of the system with it. In short, I don't think any current flaws in the bitcoin design are a fatal flaw; the best design will ultimately win out with a fork and a significant majority of the GPUs following the best fork.
Post-mining phase, when they've all been discovered and its just trading-time, at least superficially I don't think it would really matter...
False. Most transactions are created so that the signature of a specific ECDSA key is required to use the bitcoins in any new transaction, e,g. that new ECDSA key "owns" the bitcoins at that point. Anyone who can solve the discrete log problem (with a quantum computer most likely) can take any bitcoins that are parts of such open transactions (e.g. any currently unspent coins requiring an ECDSA signature). All is not lost: By extending the opcodes in the bitcoin scripting language it will be possible to add new cryptographic functions and everyone can just transfer all their bitcoins back to themselves under a better signature scheme. The distributed hash blocks will prevent double spending coins assigned in previous blocks to breakable ECDSA keys that have subsequently been re-spent. Ultimately this will be a benefit to the system as a whole because ancient bitcoins signed over to private keys that have been lost can just be brute-forced with a quantum computer and put back into the pool.
Slashdot Mirror
Same with SCADA stuff. It needs its own backbone, then hardened computers that relay the diagnostic info from the embedded controllers to where it needs to be.
Why not just harden the SCADA equipment? Powerful microcontrollers are cheap; stick TLS and certificates on them.
A completely separate (air gap, and no wireless, no shared programs or data) device from your "insecure" Internet computer. I see very little chance of this happening. The first unwitting member of a botnet who signs in to the "secure" Internet with their magical "secure" credentials will immediately un-secure it for everyone else.
As I've gotten older (and now have money to buy stuff), I'm fine with a way for copyright owners to shutdown pirates after repeated offenses. (When I first got a cable modem in 1997 or so, I got internet shutoff due to some involvement in pirating. A call to my ISP got my internet turned back on.)
The court system.
That answer should be sufficient in and of itself, but to further elaborate; do you want your neighborhood covenant to have the power to shut off your water if you plant the wrong kinds of things in your yard? The power to turn off your electricity if they don't like your christmas lights or loud music? Do you want other drivers on the road to be able to disable your engine if they think you cut them off? Law and order is important. Allowing the media companies to control Internet connections is the very definition of vigilantism.
Or maybe the Kessel Run was a traveling salesman problem?
Holy crap, Ken Thompson was on the panel. If that isn't proof enough that the analysis at the very least was overseen by someone who knew what they were doing, then I don't know what is.
Trolling people on facebook is like shooting dead fish in a barrel with a nuclear weapon.
What about torrenting a parody video covered by fair use? The MPAA isn't required to take you to court to shut off your Internet connection so no more fair use for you because it's only an affirmative defense and not a "right". What about downloading "copyrighted" documents from Wikileaks?
And most importantly, can we get the MPAA cut off from the Internet for illegally redistributing "This Film is Not Yet Rated" to its members?
and iTunes and Netflix and Youtube and of course any indie websites. Isn't that the real idea behind these measures? To force us to go back to the store for overpriced Content?
Piracy is not the cause of declining MPAA/RIAA importance.
I think you mean the "Free Markets AND Bust" bandwagon.
/s/MP3s/files/, because hey, you might have renamed britneyspears.mp3 to myresume.doc to hide it.
Technically, he still owns the LPs/CDs. Just because he can't put them into a player (due to their current molecular configuration) and play them doesn't mean anything since backup copies are allowed by fair use. In fact, he's in an even better position than most because it's very unlikely that some punk will steal his original copies of the music now. Then he *would* have to file an insurance claim, police report, re-buy his media, etc.
That's because Glassier didn't do anything to make money - he just borrowed money. In real life, the Glassier would either need to have an income stream, or use the loan to start an income stream. Otherwise, yes, it's time to give up the collateral.
So where does Glassier's income stream come from? Unless it comes directly from the banker (e.g. someone breaks the banker's window) someone else will have to take out a loan to supply his income, ad infinitum until the banker ultimately makes money for contributing no tangible goods to the economy. Perhaps his trustworthiness is worth 5% on loans, but everyone eventually pays for trusting the banker by owing more money to the banker every year. This is a necessary result of depending on a bank to create new money instead of simply trusting interest-free IOUs from the other participants in the economy. Obviously it needs some (self) regulation, but all it really requires is that d$/dt >= 0 in the long term for each issuer of IOUs.
Such a mass would be sensitive to other factors such as humidity.
And baggage handlers.
Yes, and by the current difficulty, block rate, and GPU efficiency you would only need about 1.5GW of continuous power to produce a block chain longer than the legitimate chain that would form while you were making your fake chain. The longest chain wins. And all it would let you do is double-spend. You could make more bitcoins simply mining.
It's still a pyramid scheme, as has been commented dozens of times on all the previous articles about BitCoins. Early adopters get the easiest blocks to solve, making them the most coins for the least effort?
This doesn't necessarily matter because the difficulty is chosen dynamically so that roughly 1 block is found every 10 minutes. This means that even though the actual difficulty was much lower a couple years ago there weren't millions of blocks being created by the early adopters. Anyone could have joined and had an equal chance to receive a block in the early days. The ease of obtaining bitcoins in the early days was only because of the small number of early adopters and not due to the lower difficulty of finding a block. Similar effects were seen during oil and gold rushes where the easiest to obtain and most desirable resources were obtained by the initial investors.
Social security, OTOH, has always had the explicitly stated intent of paying Generation-M directly from the payments of Generation-M+n. Your ability to "get yours" in the future depends entirely on fleecing new "investors" out of their then-present-day contributions to the system.
So insurance is a Ponzi scheme? After all, a policy holder is guaranteed an average rate of return (generally negative) given his or her risk of injury/accident and the average payout of each covered incident. The initial investors who create the insurance company's initial fund are paid back *directly* from the investments of the next generation of investors (the insured). Once the initial investors are paid off, the first generation of policy-holders becomes reliant on future buyers of policies in order to guarantee their average expected return.
I think the guaranteed/expected rate of return has *everything* to do with a Ponzi scheme and not merely the structured transfer of wealth from Generation-M+n to Generation-M. If the expected rate of return when buying car insurance was positive, it would be a Ponzi scheme. Social security does not guarantee a profit except for low income workers who cannot afford to increase their market share (in fact if they did increase their market share by earning more and paying more social security taxes they would attain a negative rate of return), and hence functions merely as an insurance program.
I suppose it depends on how well designed your hardware crypto-device is. Does it parse the message it is signing and extract the relevant information to display? Or does it accept a "display" field from the bank and sign whatever message comes with it? And if you can only see the amount signed but not the destination account it would be open to a MITM attack on your computer/browser, preferably during a high-value transaction. Does the crypto-device verify a transaction against a list of authorized accounts stored in the device or is it the banking site doing that verification? Still, it is a heck of a lot better than most banking sites.
"LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION Dear crypto-processor USB device, please sign the following transaction: 'I transfer all my money to hacker@hacker.com' thanks LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION LEGITIMATE TRANSACTION" -- trojaned/virus-infected e-payment executable on your windows box.
Are you really going to scroll through a tiny display every time looking for hidden things that you're signing?
Well, good news, now it's *less* of a ponzi scheme because ~2% of the money got randomly redistributed!
This guy was a miner, so it is not inconceivable to just watch the p2p network with enough nodes and see which IP address is actually contributing the new blocks from his mining client. Once you have an IP address, look for vulnerabilities on the host machine. If you can't get miners to connect directly to you, just start hacking other bitcoin peers until you find a node that a high-ouput miner is attached to. You could probably do timing analysis to figure out which peers are "closer" to miners by timing when new blocks become available from them.
Some people need killing and/or maiming. It's a good thing there is an effective tool for doing it.
Sure, if someone builds a secret quantum computer then everyone is boned, SSH/SSL/x509/etc. included. I'm talking about a known significant threat of quantum computing being able to break ECDSA, e.g. a working 10 or 20 bit quantum computer. That's the time to move to other public key (or symmetric hash based) signature schemes and transfer all your money to yourself under the secure scheme.
If SHA-256 is broken bitcoin is effectively useless; there's no way to trust new blocks and therefore no way to transfer bitcoins. Who decides what the last valid block was? Everyone who received bitcoins after that block is screwed even if they weren't scamming anyone. The proof of work is gone too; although it would probably not be impossible to form a consensus of the correct block chain by directly comparing all the block histories in everyone's local copies, that is still a big effort. The best case scenario would be to modify everyone's client to generate a new block hash chain using their locally stored copy and a new secure hash, and then picking the majority result from the set of new hash chains.
Assuming that valid criticism of the bitcoin protocol/design are accepted by more than 50% of the community, an upgraded client could change the direction of the longest valid block chain and the less than 50% would be forced to upgrade to a compatible client to spend their bitcoins or else splinter the bitcoin network into pieces with a common history but an incompatible block chain after the point that the design change was made. Do you see splintering as a potential problem for bitcoin or just a natural evolution? Obviously it would be useful to keep all the bitcoins in one pool because of their limited nature, but what if a group of Keynesians wants to fork the code and allow for an inflationary currency by never reducing the payout for creating new blocks, or perhaps even increasing it as the difficulty increases? If the parameters are chosen right, the new network could attract a significant portion of the miners to the new network, especially if it looks like the currency market is moving to the new network and taking the real value of the system with it. In short, I don't think any current flaws in the bitcoin design are a fatal flaw; the best design will ultimately win out with a fork and a significant majority of the GPUs following the best fork.
Post-mining phase, when they've all been discovered and its just trading-time, at least superficially I don't think it would really matter...
False. Most transactions are created so that the signature of a specific ECDSA key is required to use the bitcoins in any new transaction, e,g. that new ECDSA key "owns" the bitcoins at that point. Anyone who can solve the discrete log problem (with a quantum computer most likely) can take any bitcoins that are parts of such open transactions (e.g. any currently unspent coins requiring an ECDSA signature). All is not lost: By extending the opcodes in the bitcoin scripting language it will be possible to add new cryptographic functions and everyone can just transfer all their bitcoins back to themselves under a better signature scheme. The distributed hash blocks will prevent double spending coins assigned in previous blocks to breakable ECDSA keys that have subsequently been re-spent. Ultimately this will be a benefit to the system as a whole because ancient bitcoins signed over to private keys that have been lost can just be brute-forced with a quantum computer and put back into the pool.
A break in SHA-256 would be a disaster.
So, how's that ~4 gallon commute working out for you? Economically and environmentally sustainable, is it?