I feel your pain, but I'm not sure the people complaining in this thread understand the sheer size of YouTube. It's literally the entire worlds video repository. There are over 100 hours of video uploaded every minute. Over 100 hours! Even if YouTube employed an entire army of specialised copyright lawyers trained in the international nuances of fair use, there's no possible way the enormous number of disputes could ever be mediated in a fair way.

When you upload to YouTube, you get a lot of stuff for free, but you don't have to use them. You could host the video yourself and then the disputes would come to you directly instead of being auto-resolved by a machine. If you aren't willing to pay the costs of doing that, then you need to accept the consequences of YouTube's razor-thin profit margins and vast economies of scale.

Many years ago there was an R&D project inside a large tech company. It was exploring many of the hot research topics of the day, topics like mobile code, type based security, distributed computing and just in time compilation using "virtual machines". This project became Java.

Were all these ideas actually good? Arguably, no. Mobile code turned out to be harder to do securely than anyone had imagined, to the extent that all attempts to sandbox malicious programs of any complexity have repeatedly failed. Integrating distributed computing into the core of an OO language invariably caused problems due to the super leaky abstraction, for instance, normal languages typically have no way to impose a deadline on a method call written in the standard manner.

Just in time compilation was perhaps one of the worst ideas of all. Take a complex memory and CPU intensive program, like an optimising compiler, and run it over and over again on cheap consumer hardware? Throw away the results each time the user quits and do it all again when they next start it up? Brilliant, sounds like just the thing we all need!

But unfortunately the obvious conceptual problems with just in time compilers did not kill Java's love for it, because writing them was kind of fun and hey, Sun wasn't going to make any major changes in Java's direction after launch - that might imply it was imperfect, or that they made a mistake. And it was successful despite JITC. So when Microsoft decided to clone Java, they wanted to copy a formula that worked, and the JITC concept came along for the ride.

Now, many years later, people are starting to realise that perhaps this wasn't such a great idea after all. .NET Native sounds like a great thing, except it's also an obvious thing that should have been the way .NET worked right from the start. Android is also moving to a hybrid "compile to native at install time" model with the new ART runtime, but at least Android has the excuse that they wanted to optimise for memory and a slow interpreter seemed like the best way to do that. The .NET and Java guys have no such excuses.

Perhaps I will phrase the question in a more helpful manner.

Let's take it as read that you are indeed a (possibly former) Intel employee who worked on RDRAND. Given the black box nature of the RNG and the fact that some time ago someone posted anonymously to Slashdot claiming that a small number of chips were jinxed so that RDRAND was predictable, do you know of a good way to rebuild confidence in the integrity of a particular chips RNG?

More generally, do you have any interesting thoughts on the topic of building trust in blackbox hardware, whether it be an RNG or otherwise (e.g. Intel SGX)?

Hey Kasper,

It's Mike H, remember me? We used to work together in SRE ;) How is the startup going? I have also recently moved on from the big G.

Now. When this thing first started to bubble up, I didn't feel very concerned either. OK, so I got fewer emails from recruiters than otherwise would. No big deal, not like there was exactly a shortage of those.

However, I just want to point out one thing:

I would only consider there to be a real problem, if facebook would reject resumes submitted by candidates, just because they happened to work for Google. I have seen no evidence of such a practice existing.

Did you read the article? It seems that the only reason such a situation did not occur is because Sandberg told Google to pound sand. During the time in question, these emails clearly show that a very senior Google executive was directly asking Facebook not to hire Google employees, even if they employees in question wanted to go work there and what's more, good corporate relations were being pegged to that demand.

I must admit, I never knew much about Rosenberg and don't have many memories of him (can't even recall what he looks like). But regardless, this paints Google in a very negative light indeed. Rosenberg was willing to threaten other companies in order to make them stop not just pursuing but actually hiring "his" people. Facebook refused, but who knows what other companies didn't? Was that really the only time he took that approach? Was this a Rosenberg-specific moment of madness/idiocy or does it run deeper? I await further discovery with great interest. Even if this was a brief failure on the behalf of just one executive, that's still completely unacceptable and Rosenberg needs to be fired, now. Employees are not assets whose freedom of employment can be traded for corporate deals and to treat them that way is completely unacceptable.

The problem is CAs get suberted all the time into issuing certs they shouldn't issue.

Can you please prove this? Unless you're using a very flexible definition of "all the time", there is no publicly known evidence for this point of view. There are millions of certificates in the world and the number of bad certs is low enough that people can enumerate all the compromises on wiki pages.

HSTS is designed to solve the problem of people not requesting encrypted sites.

You realise you can do key pinning in SSL as well, right? The point of certificates is to let you find out a public key when you don't have advance knowledge. Certainly for mobile apps, there's no requirement that the app trusts any CA.

Fail. SSH has been researched and discovered to not work.

We monitored SSH logs to analyze user behavior when our system adminis- trators changed the SSH host key on a popular server within our department. The server’s public key had remained static for over two years and thus expected to be installed at most user’s machines. Over 70 users attempted to login over the server after the key change during the monitored period. We found that less than 10% of the users asked the administrators if there was a key change and none verified the actual key.

SSL is a hell of a lot better at stopping MITM attacks than anything else humanity has created. Certainly SSH does not even qualify.

Inflation means your purchasing power goes down, deflation means your purchasing power goes up. It's the only definition that makes sense, and per that definition BTC has been, on the whole, experiencing deflation.

Alright. If you insist on that definition please re-read my post substituting the word inflation for money supply growth.

The "central bankers" say this because it is true. Deflation encourages people to hold their currency.

Does it? Who told you that? Central bankers?

Here's some economists who tested the data and found it lacking in this regard. The consumer electronics industry is another market that's been in permanent extreme deflation since basically forever and yet is doing just fine. Having something today instead of tomorrow has real value.

But regardless, the argument is circular - if a closed economy used Bitcoin and prices fell because the economy grew and the money supply didn't, then if the hoarding theory was right the economy would stop growing and prices would stop falling. There'd be an equilibrium point.

Not every company which acquires capital is as useless as a company which makes coats for penguins. Consider most companies which manufacture electronics.

Such companies should make for good investments even when there's no inflation: if your option is to do nothing with your money and either get no return (but also no loss), or more generally a return that's no better than the general rate of economic growth, then you should still want to invest. The only kind of investments that inflation can trigger are investments that people would have left on the table, except having their money vanish was even worse. These are not the kind of "investments" our society needs.

Finally, if the goal of BTC is to avoid "massive booms and busts", I'd say that it has failed thus far. In fact, BTC is much more volatile than the national economy. If that is your criticism of the current financial system, what good is BTC?

Give it time. BTC is volatile because nobody knows its future. It could be anything from "world governments ban it" to "the future currency of humanity". In such an environment it's natural you'll get massive speculation, especially because there aren't many high risk/high yield investments kicking around right now. 10 years from now Bitcoin's future will be much clearer. Government policy will have stabilised, Bitcoin's competitiveness vs the current system will be much more established, it won't be covered in the press every day and in general will be boring. Then I'd expect the currency to be rather stable.

Random guy here. I may be wrong, but I think you are confusing inflation with deflation. The value of BTC is rising against real goods. So in other words, it costs less in BTC to buy things today than it did last year. This is deflation.

One of the reasons this topic is so hard to debate is people using the same words to mean different things. In my post above, read inflation to mean "the creation of money" independent of prices. This is not how statistical agencies use it, but in the context of mining it's the one that makes the most sense.

Yes, as it happens, last year the price rose significantly and BTC became worth a lot more. However this is not guaranteed by Bitcoin's design and in fact this year the price has mostly fallen and thus prices have risen (price inflation). Whether Bitcoin prices are rising or falling varies over time.

In other words, you could get into a situation where people holding BTC are largely those who have spent a large amount of money mining it, and those who are speculating on its value. For those who wish to use BTC as a token of exchange for goods and services, it can be difficult/expensive to acquire in any quantity.

Miners have bills to pay and hardware to purchase, so they tend to immediately sell the bitcoins they earn in order to pay their costs. Mining is a highly competitive business with low barriers to entry (though they are rising fast along with the general level of professionalism involved), so over time profits should be thin. And this is indeed what we see.

For people who are holding bitcoins to speculate with them, all it means is that the price rises but that doesn't make bitcoins harder to acquire. The unit we call the "bitcoin" is entirely arbitrary: they are subdivisible into 100 million pieces. Satoshi could have placed the decimal point anywhere and it'd still work the same way. I've been using Bitcoin for years and the difficulty of doing so has never been lower.

In an inflationary system, currency essentially expires ..... this is an excellent feature because it encourages the use of the currency, allowing it to get into the hands of people who will use it for true growth

You're parroting the standard line sold to people by central bankers, yet under their watch the world has experienced a series of massive booms and busts. One of the most natural words that follows "financial" is "crisis". So be more skeptical!

Consider the following scenario. You have some savings in a currency with a stable monetary base, no new money is being created and none is being destroyed. Let's also say the economy is stagnant and not growing or shrinking. We would expect in such an environment that prices remain stable. Now someone comes to you and says they have a great business idea: he's going to knit little coats and put them on penguins in Antarctica, then charge tourists to visit and take photos. He wants you to invest in his business.

Perhaps you think that this is a remarkably stupid business idea that is unlikely to turn a profit, so you politely decline his generous offer. You would rather keep the money as savings for retirement instead.

Now reconsider the same scenario, but in a world where your savings are being confiscated at 2%-5% per year. Recall that due to the mathematics of compounding, at a relatively modest sounding 5% price inflation rate, after 20 years $1 has turned into just 0.35 cents: you lost most of it. Very small changes in the CPI can create huge changes in how much you end up with when you're old. In this world, you listen to the penguin pitch with interest. Sure, you think, it's very unlikely that tourists will pay large sums of money to go to Antarctica just to see slightly cuter penguins, but if you do nothing you're guaranteed to lose more than half your money. If you pay for penguin coat knitting, you'll probably lose more than half your money, but you might not. You might lose, say, only 10%, or possibly even break even. So you invest.

From the perspective of a central planner, er, central banker, this is great! Investment is happening! Employment is created! GDP goes up! But what they cannot see through the thick plastic windows of their statistics is that the economic activity their policies created is fundamentally not useful. Nobody really cares if the penguins have little coats. Heck it probably would make them overheat and hurt them. In a stable environment nobody would "invest" in this obviously stupid waste of time. But inflation makes the stupid suddenly seem like a good plan, and you get pets.com or housing bubbles.

When I see how much hardware and electricity is being wasted on these various mining processes, I can only shake my head.

Bitcoin developer here. Yes, by all means shake your head, it's clear that the current level of mining is a large waste of resources. Nobody has been reporting double spends caused by hashpower attacks, which is what mining is designed to stop, suggesting that right now there's too much security.

But what else would you expect? Inflation causes misallocation of resources. This is basic economics and is the reason Bitcoin is designed to eventually target a stable monetary base. Yet you cannot create a new currency from scratch without inflation, by definition, because the money has to come from somewhere. What's more you can't create a currency fairly if you simply give yourself all the money (pre mining), so there has to be a fairly long drawn out allocation process so everyone gets a chance of taking part in that initial inflation.

This initial misallocation of resources towards excessive security is annoying, but tolerable - existing currencies inflate all the time and this causes huge misallocation of resources towards things like asset bubbles. If we're going to misallocate towards something, more security against rollback attacks is perhaps not the worst thing we could want, especially as market incentives should push people towards using renewable power over the next few years.

I'm not sure when BTC is slated to have all of its coins mined, but it will be instructive to see what happens to it at that point.

The rate halves every four years. It rounds to zero in 2140 but will presumably become irrelevant long before that. How irrelevant really depends on Bitcoin's long term value in dollar/euro/fiat terms though, which is impossible to predict.

At that point mining will be supported entirely by fees. How much mining takes place will depend on how much security the Bitcoin user community really needs, which I am expecting to be determined by letting it fall until double spending attacks start to become commonplace and an actual risk to business. Then the game theory becomes quite complicated because mining is a public good, but I'm expecting merchants and other big sellers who need the security to form assurance contracts with each other to incentivise mining. In theory this solves the problem of people not wanting to subsidise their competitors, but the use of assurance contracts for continuous goods like hash power is a rather under-researched area. I'm looking forward to reading papers written by academic economists and game theorists over the coming years to learn more about what the post-inflation world will look like.

It improves security by preventing card cloning, which is one of the key ways the US card system is defrauded. It is not "broken" in Europe, so your latter question is irrelevant. You are probably thinking of academic papers which did what academics do: probe the system for weaknesses and published their research, which often led to fixes (except when their attacks were so convoluted nobody actually does them in practice). This is common to all security systems everywhere and is one way they get better. However magstripe cards don't incrementally improve this way because they're so fundamentally broken there's no point researching them.

If you need further encouragement, consider that America has 5% of the worlds population, 25% of the worlds credit cards and over 50% of the worlds credit card fraud.

Tor added 10,000 users which for a country the size of Turkey is lost in the noise. Meanwhile a commercial competitor, HotSpot Shield added about quarter of a million Turkish users in just 12 hours. It'd be nice if the Tor guys made a version that relaxed some of the ultra-paranoid things they do and made a single-hop proxying service for users who don't care much about anonymity and just want to evade censorship.

You appear to think criticising something without having any constructive suggestions for improvement is useful, and that people choose how to invest their spare time based on what "leaders" (there are none, really) pronounce. That's not how things work.

Eh? I was drinking with the executive director of the Foundation and routinely work with Gavin, who is maintainer of the core software. I guess they are the closest you're going to get to "developers and leaders" by your description. Obviously they're concerned about all this. But the alternatives aren't there yet. One Bitcoin developer, Gregory Maxwell, has proposed protocols that allow exchanges to prove solvency - but they're complex and of course, do not address the root problem that large piles of coins make tempting targets for hackers.

Decentralised exchanges are very interesting and the way to go, but the technology to do them well isn't here yet.