dude lol its almost like you're doing it on purpose. in case you're not just trolling hard, loading every single post - why would anyone ever save a dollar?
Bitcoin Willy Report
- Thread starter Thorn
- Start date
dude lol its almost like you're doing it on purpose. in case you're not just trolling hard, loading every single post - why would anyone ever save a dollar?
Haven't you been paying attention? SPENDING is what drives an economy, SAVING just ruins it. The goal of Keynesian flavored monetary policy is to have a currency so worthless that it's constantly in motion and everybody gets to feel "rich" at least once per day.
The ironic thing is that in 3-5 years you're going to be kicking yourself as look back on today and wish only that you were as excited about Bitcoin as I am.
I know what it looks like; but I swear that is not my other account!
Wha...? /facepalm. Some people really astound me... This reporter wrote an awesome pro-bitcoin piece last week where he showed deep understanding of the economics behind bitcoin... But apparently he's got the same technical understanding of it as Jameel does... Oh well, he'll learn.
The core devs are throwing their support behind multisig transactions themselves, and they're right to do so. Multisig transactions in and of themselves are excellent, work beautifully, and improve security. I'm talking about these new wallet services that are popping up like BitGo and greenaddress.it, who's main selling point is their high level security due to client side encryption. It's bullshit -- a marketing gimmick, a facade. At best it's a "feel good", and at worst it's detrimental to user security.
I'm not sure, but do you know how it works? Here's what a private key looks like:
Uncompressed: xprv9s21ZrQH143K2JF8RafpqtKiTbsbaxEeUaMnNHsm5o6wCW3z8ySyH4UxFVSfZ8n7ESu7fgir8imbZKLYVBxFPND1pniTZ81vKfd45EHKX73
Compressed: KxDQjJwvLdNNGhsipGgmceWaPjRndZuaQB9B2tgdHsw5sQ8Rtqje
You don't need the private key though. All you need is the seed, and many of these new wallet services use mneomnic passwords. So for example, the password "!2013!wttOeS2R" translates into the phrase "In 2013 I will take the opportunity every Sunday to relax", and vice versa. All you need is that password (not the words), and you can generate all the private keys associated with all addresses on that user's account.
This password is generally stored within the user's web browser, and the signing of transactions happens via Javascript within the web browser. You don't have to be a technical genius to realize this is a bad idea. If you don't believe me, feel free to contact Norton / Symantec, and ask for their thoughts on doing bank level encryption of important financial data within the client's browser. There's already been malware floating around disguised as browser extensions that sniff out user's blockchain.info keys, and I would imagine you can expect an increase in this type of malware as these wallets gain popularity.
Again, just realize WHY these wallet services were created. They were created from the perspective of "we need to gain user's trust by ensuring the site owner can't steal funds", and not from the perspective of "we need improved coin security". So please quit praising how highly secure these new multisig wallets are, because they're not, and you're going to cause people to lose their money.
It's 8 - 14 characters. The software doesn't care about the words, and those are only there to help human memorization. If you end up inputting the words, they just get translated back into that 8 - 14 char password, and that's the only part the software cares about.
Guys like BitGo are fine, and there's nothing overtly wrong with them. Just don't buy into the hype that they're oh-so-secure, and don't put more than you're willing to lose into them. I can almost guarantee over the next 12 months we will see some major thefts from these oh-so-secure multisig wallets.
That's the million dollar question, and many developers of higher caliber than me still don't know the answer. I personally like my new implementation, but the one downside is it isn't trustless, or well, can't be marketed as trustless. The software is developed to NOT store the private keys, but your users don't know that, and will have to trust you're not storing them.
On the flip side though, these multisig wallets aren't trustless either, even though they're marketed as such. If the site owner is nefarious, it takes nothing to add a few lines of Javascript to fire off AJAX requests, and steal all user's seeds. I am going to offer the whole multisig + client side encryption thing as an option in my implementation, so site admin will be able to choose between the two. However, I'm going to put a stern warning regarding the client side encryption one.
Then my implementation is a little less user friendly as well. When conducting a send, they have to input both, their chosen wallet password and upload 1 of 2 QR code images they get upon registration that look like:
Then obviously the standard 2FA, IP restrictions, SMS verification, etc... plus optional delayed sends, geographic restrictions (eg. only sends from Chicago allowed), amount restrictions (eg. flag anything over 2 BTC for additional authorization), etc. Then both, mandatory and optional multisig transactions. The mandatory part is so every send is signed by the software, so if someone gets your private key, they can't create & broadcast a raw transaction to the blockchain.
Then for optional multisig, you'll be able to define a friends list, and rules. For example, enter 5 of your friends, then define rules like "anything over 0.5 BTC requires 2 friends to authorize", "anything over 2 BTC requires 3 friends to authorize", etc. For each friend, you will define a security question and answer. If the friend does NOT have an account in the software, it will also generate a bitcoin address + private key for them, and you'll have to send them the private key, as it won't be stored anywhere in the db.
Then when you conduct a send, it's going to e-mail all your friends, and say "LiamLennon is conducting a send you need to authorize". If they have an account in the software, they can just login, and there will be a menu allowing them to authorize the send. If they don't have an account, they click a link, answer the security question, and enter the private key. Once enough friends have signed the transaction, it gets committed and broadcast to the blockchain.
And a bunch of other shit. I'll e-mail you here shortly with details and a demo. If you wanted to use it, free of charge for you obviously.
Serious question, why isn't that fact the one mining pool now has 51% of the hashing power a concern? Wasn't a 51% attack always the potential fatal flaw with BTC?
It is a huge problem. Lukep just has his head in the sand, as per-usual. I remember previously he was preaching that it would be impossible or any one entity to get 51%, including governments. Now that it's happened, apparently it's not a big deal in his eyes.
It is though, especially since Ghash.io has already proven they're malicious. They previously stole 3000 BTC via double-spends on a gambling site:
https://bitcointalk.org/index.php?topic=327767.0
No, I just listen to the people that know what the fuck is going on.
Plus, I have read and understand the actual whitepaper, which routinely eliminates 100% of the need to panic in all bitcoin-related situations to date.
If you're not going to take Andreas' word for 51% attack harmlessness:
[ame=http://www.youtube.com/watch?v=yWTQgmCuiCw]Andreas Antonopoulos Says States Can't Stop Bitcoin - YouTube[/ame]
How about Gavins', the long-time head dev that took over from Satoshi?
https://bitcoinfoundation.org/2014/06/13/centralized-mining/
Gavin said:
And like I said, I understand the whitepaper, which addresses exactly what could be done with majority hashing power... It's just not as much of a doomsday scenario as people like Kiopa_Matt here thinks it is... It is actually further demonstration that bitcoin is Antifragile, as you will see better-than-par reactions to this happening.
Of course events like this can send the price tumbling for a few hours, but it's not going to "kill" bitcoin. Even an outright malicious attack can't do that.
Oh, and by the way, The Ghash.io share is now down to 42%, thanks to all the Reddit panic.
Thankfully, after this event, the number of miners using P2Pool has doubled.
That's Antifragile. :xmas-smiley-016:
That's no 51% attack, and you don't even know that this was fraud of any kind. They claim to have been attacked by a former development team member, and that was long before they had even 25% of the hashing power. There are a half dozen pools capable of doing exactly this.
If they were malicious (and it was as easy as you seem to think it is) then the moment they achieved 51% wouldn't they have tried something on a bigger target? They've had two opportunities now, and many months of opportunity at higher percentage shares than that last 'attack.'
Ok, first, nobody seems to like Andreas at all, or at least not that I can find. Second, you know full well what he says is bullshit, and I know you know this, because you've posted about it before. In that video he says it's no big deal because "they will gain dominance over the blockchain for 10 mins, commit one double spend, then we'll kick them off the network, rework the protocol, and continue on like nothing happened". You know as well I as do it's nowhere near that simple.
The "rework the protocol" is a hard fork, which could potentially destroy bitcoin, or at the very least probably drop the price down to $50. Yes, it would get rid of those conducting the 51% attack, but it would also get rid of tons of legit sites / services, until they rework their code to work with the new protocol. It's the equivalent of PayPal changing their API overnight, and not allowing ANY API requests using the old format. Your site's checkout just simply stops working, until you change your code to make it work with the new API format.
Never said it was a 51% attack. I said they've proven themselves to be malicious. And it took them over a month of silence before they popped up with the reply of, "oh, it was a rogue employee".
Nobody "likes" Andreas? I think you'll find that he's one of the most respected and influential people in bitcoin, especially when it comes to Security.
People "like" him so famously that he's got memes about him:
As the only bitcoiner to speak at TED, and being both a Dev and head of Security at Blockchain.info, he's like the most quoted person on security there is. Where do you get this stuff?
I don't think you've got the right guy... Andreas rocks. He's also go a decade of financial information systems experience b4 he heard of bitcoin.
Then explain how btc recovered so fast from that accidental fork earlier this year. 6 hours after finding out the blockchain was forked, we recovered it. That's without seeing it coming.
Sadly we may never know if they had a person there up to no good; but the fact is that they've had months of ample opportunity to do far more sinister things than that. Sorry, I just can't get worried about that when it's obvious that they'd destroy all of their revenue streams if they tried something evil.
Bitcoin isn't as secure as it is transparent. We'd all see exactly what they did there and they'd be villianized and shunned out of business the same hour, likely destroying the worth of their newly-stolen coins, too. What a dumb thing to attempt!
That's totally different. That's a reorganization of the blockchain, and it happens all the time. Granted, it's generally only maybe 20 mins and not 6 hours, but it happens quite often, and software protocols are in place to handle this. When the article says "we handled it", nobody handled anything -- the software is already developed to handle these situations, and did so beautifully, so kudos to the core bitcoind dev team on that. Why do you think it takes 3 - 6 confirmations before a company is willing to accept your money? It's in case there was a screw up, and a reorganization of the blockchain is required.
That's 100% totally different than a hard fork though, which is what Andreas was talking about in the video as if it's no big deal. Anyway, whatever... doesn't matter. I'm done talking technicalities of bitcoin with you, because it's too frustrating.
Nice find...that is pretty odd that they don't take care of that sooner. Shows that the inside functions of their business and care for the bitcoin community could be questionable.
Agreed. LukeP for a forward thinking anarchist...not sure how you can't be concerned about this. Peter Todd one of the core dev's sold 50% of his bitcoin holdings recently due to this problem.
Anyways so we don't hoard Thorn's original thread, please reply on the new one. I want to get your input once more on the comments that didn't get a reply. It's not important if only a few people read this if myself, you or anyone else is able to determine what is right for them about the future of bitcoin & cryptocurrency. http://www.wickedfire.com/shooting-...-cryptocurrency-join-dat-fun.html#post2192713
I'll just keep bumping this thread for bitcoin stuff, instead of making a new one.
Anyway, US Marshal Service auction is over. Reports saying $723 wasn't a winning bid, and assuming true, fuck me... current market price is about $625, so these things went for way over market price.
Anyway, US Marshal Service auction is over. Reports saying $723 wasn't a winning bid, and assuming true, fuck me... current market price is about $625, so these things went for way over market price.
^ Why would anyone bid that much higher than the market?
The only reason I can think of is that this person can't get that amount of volume through any exchange without substantially increasing the price.
Will they disclose who it was?
I wonder if it was a hedge hund
The only reason I can think of is that this person can't get that amount of volume through any exchange without substantially increasing the price.
Will they disclose who it was?
I wonder if it was a hedge hund
Damn, that's incredible... All bidders reporting like Pantera and SecondMarket couldn't even get their hands on any of these blocks... Demand was thru the roof.
According to Bloomberg reporter Matt Miller (that bald guy we've turned into a raving bitcoiner) there are a ton of Bank & hedge fund managers all over wall street that keep asking him how to get coins 'on the down low,' and he's pointed more than a few of them at this auction.
So we're seeing one of two scenarios play out here... Either:
1) The bankers see a new asset class that they need to gain exposure in because they sense that it's taking off...
2) The bankers see an opportunity to Dump coins hard, without so much as a decent pump first before dumping them on the open exchanges all at once.
If the former is happening, then there is still a lot of actual demand (the coindesk article points to over $20 Million left on the table with no coins today!) and we should expect this demand to keep nudging the market upwards all summer until some major even pushes it one way or the other.
If it's the latter though, expect a big dump that takes the price of bitcoin down to $400 or even as low as $300 sometime... They don't have enough coin to do much more damage, however. 30k coins is big volume for one day, but trivial overall. (Out of 13 Million coins in circulation.)
According to Bloomberg reporter Matt Miller (that bald guy we've turned into a raving bitcoiner) there are a ton of Bank & hedge fund managers all over wall street that keep asking him how to get coins 'on the down low,' and he's pointed more than a few of them at this auction.
So we're seeing one of two scenarios play out here... Either:
1) The bankers see a new asset class that they need to gain exposure in because they sense that it's taking off...
2) The bankers see an opportunity to Dump coins hard, without so much as a decent pump first before dumping them on the open exchanges all at once.
If the former is happening, then there is still a lot of actual demand (the coindesk article points to over $20 Million left on the table with no coins today!) and we should expect this demand to keep nudging the market upwards all summer until some major even pushes it one way or the other.
If it's the latter though, expect a big dump that takes the price of bitcoin down to $400 or even as low as $300 sometime... They don't have enough coin to do much more damage, however. 30k coins is big volume for one day, but trivial overall. (Out of 13 Million coins in circulation.)
Or maybe a more likely scenario -- the govt chose the winners (ie. their friends) before the auction even took place.