Slashdot videos: Now with more Slashdot!

... but she hasn't unrolled the transaction yet either.

So, what if I and everyone else who accepts BC for payment said "before we accept your coin, we need to run its complete history against known coin thefts"?

That wouldn't necessarily stop "off-blockchain" transactions like people who trade whole wallets or who "print coins out on paper" and trade them, but it might slow it down if people knew that they might be the one stuck "holding the dirty money."

There is still the problem that this alone won't prevent people from spending stolen BC before it is reported. In order to fix that, you will need some accepted means of "de-valuing" any money that was ever "co-mingled" with "dirty money." People other than the original thief would be forced to absorb the loss but at least once the loss was reported, I could accept your "partly dirty money" after applying a discount to it to reflect the "non-dirty" portion of its value. I wrote a top-level reply to this article outlining this in more detail.

I thought the point of the blockchain was that it recorded every transaction.

I have no idea if it's practical, but in principle, it should be possible to trace the coins from a known point in time, taking into account the "dilution" when they are mixed with other coins.

In other words, if you give me your entire wallet consisting of 1BC that is later determined to be "dirty money" (as declared by the police/a court/whomever) and I put it in my wallet consisting of 9 other BC, my wallet is now "10% contaminated" by the "dirty money."

If I then I give 1BC each to 10 other people who have wallets with 9BC in them, those 10 people each have wallets that are "1% contaminated" by the original "dirty money".

If they each add 90 BC to their wallets, they will each have wallets with 100BC that are now "merely 0.1% contaminated" by the "dirty money."

And so on.

But you will know "where the money went."

As I said, this should be doable in principle. As to whether it is doable in practice I have no idea.

If this kind of tracing is doable in practice, then it can be used to reduce the occurrence of coin theft by reporting thefts to a central authority (or even logging the theft in the block-chain itself) and having people who accept BC as payment treat coins that have been stolen as worthless and treat those that have been co-mingled with stolen coins in "upstream" transactions as having only a "fractional" value based on the "non-dirty" portion of its transaction history.

Yes, there will be thefts but the crook will have to pass the dirty money off on to some innocent/naive party quickly, before the coins are reported stolen. Whoever has the coins or a wallet that was contaminated by having the coins used in an upstream transaction at the time that the theft is reported will typically be stuck with the loss, but from that point on the coins can be used at a "fair" value, based on the value of the non-stolen portion of the money. Depending on the legal frameworks in place and whether the party who gave them the contaminated BC can be identified, they may be totally out of luck or they may be able to recoup the loss from their own counter-party or an insurance company. If they are able t recoup from the counter-party, he will either be stuck with the loss or he may be able to recoup it from the party who gave him contaminated coins or his insurance company, and so on.

Of course, there is the possibility of fraudulently reporting money as stolen. To prevent this, it is doubtful that any reporting system that didn't include some form of accountability for lying would be feasible. I can't think of any way of doing this besides requiring people to reveal their real-life identity and real-world address to the police or other "authority" so that if it turns out they are lying, they can be prosecuted for perjury.

Oh, before you ask, yes, I do realize that this would increase the complexity of handling BC transactions significantly and that alone may make such a system impractical, at least for now.

If you misunderstood my to mean "gold, the relatively inert chemical element used for teeth fillings, expensive paperweights, electrical circuits, and as a financial hedge against inflation" then I take your point.

If you understood me correctly to mean "high quality code" then I don't understand your comment, please elaborate.

... for the mafioso:

* Kill your prospective IT guy before you let him touch your computers, or

* Kill him after you discovered he used his skills to undermine your operation.

I've seen the before-and-after when crap code was rewritten and refactored by hand by a good coder.

The improvement was huge.

Was it better than if the same coder wrote the code "from scratch" from the problem-description or design document? I don't know, but my point is that crap can be turned into gold by a good coder, and that refactoring can be part of the cleanup.

Good, now when my clients get hit by ransomware there is still hope that the "over-written" file can be recovered.

Well if you are going to charge the data center provider, you might as well go for everyone else who is merely providing a service. Find everyone who downloaded the material and charge their ISPs and their electric utility companies, because if the people weren't downloading underaged-p0rn they would presumably have a lower electric bill and would choose a cheaper plan from their ISP. Or so the logic goes.

Seriously, unless this business was specifically "in the business" of turning a blind eye to or even facilitating activity that reputable hosting companies don't do and providing services which have no practical value to legal businesses, then leave the hosting company alone.

For downloads of updates, yes, checksums and the like can and probably should be widely published. As others have said, having the checksums ONLY on the vendor's web site probably isn't any good but if they were "all over the web" they would essentially be tamper-proof.

Better than a checksum would be a cryptographicly signed by a public key that was issued by a major company that you trust already.

As far as the firmware that is on the drive:

Unless you have a way of directly reading the firmware memory without using the firmware itself, forget about it. Any attempt to ask compromised firmware to give you a data dump of itself would likely just get it to lie to you. Yes, there is probably equipment out there that can read the chips but you probably don't have it and you probably can't afford it unless you are doing it as a business or as part of a larger business (such as computer manufacturing, where you may want to validate that OEM drives contain the firmware that should be on them and not the ones that $SPYING_GOVERNMENT_AGENT installed).

As other replies have said, you are probably better off getting a lawyer BEFORE you go to the bank or anyone else.

Why?

1) If they've already discovered this themselves they may be working with the FBI and there may be a subpoena in your ISP's hands within minutes of you making your discovery.

2) Even if there isn't, the veiled threat of prosecution can be very intimidating.

3) By having your attorney speak to the bank and/or the government/police authorities for you BEFORE the police contact you, it will be abundantly clear to the police that you are just a good citizen and that it would be a political mess if they threatened to press charges or ignore the problem.

If someone in a high-security environment such as a a major sporting event wants to take your picture to run it through a face-matcher program, they are going to spend the money use* a camera which behaves like the human eye, ignoring frequencies outside of the range of human vision.

Basically, if you are still recognizable to a trained cop who has seen a good photo of you, someone can make a camera and computer that will recognize you with about as good an error rate as a trained cop.

*Or design one themselves, or pay someone to design one themselves.

Your point is well taken, but the Congressman and Senators who represent the people who live in and around Argonne are much more likely to have the informal political "pull" to get things done quickly without the need for formal action on Capitol Hill than other House and Senate members.

Other members to target would be those serving on or better yet those chairing the committees that do a lot of business related to Argonne.