This is especially true given that the insane climb in zero-day prices in recent years has largely been driven by governments starting to buy them up as weapons. You cannot outbid entities that are able to both tax and print money, it's simply impossible. All that would do is result in the NSA spending more on zero days to ensure they still win, and bankrupt a lot of useful software companies.
Er, my Nexus 5 doesn't have any advertising or "scumware" on it out of the box, as far as I can tell. What are you talking about?
If you're thinking of the RNG thing, actually some banks did still have the logs which is why they were able to identify the problem in the first place. But yes not all banks are so careful.
Don't get me wrong. It's good that people research EMV, and the task isn't easy. I respect the Cambridge team for that reason. But when they talk to the media or about their work in general, they act as if friendly fraud doesn't exist and EMV is just one giant scam by banks. That's ridiculous. "Friendly fraud" (that's the technical term for it) where the consumer defrauds the bank/merchant is not only a thing, but a highly prevalent and measurable thing. EMV protects sellers by shifting payment security to the buyer, who is typically the one who can most affect it, by keeping their PIN safe. It's not OK that banks don't seem to be pen-testing their own systems aggressively enough, although of course as the system is closed we don't know about the mistakes their own development teams did catch. But it's not useless, and nor is the liability shift. After all, in commerce it takes two to tango.
You mean the system that is processing many, many orders of magnitude more transactions that bitcoin? So many that bitcoin as it currently exists couldn't even begin to handle them without major overhaul?
The amount of mining done is irrelevant to transaction loads, it essentially controls the risk ratios for any given specific transaction that might be reversed. You get the same level of security for the same amount of mining regardless of whether that mining protects 100,000 transactions or 10 million.
Bitcoin can fairly easily scale to loads experienced by existing payment networks. PayPal only handles about 40-50 transactions per second, it's not very much. Visa does more like 10,000 per second, which a solid multi-core server could easily chew through with good optimisation of the software: processing a Bitcoin transaction is a lot cheaper than rendering your average PHP-driven, complicated database backed webpage. You can read a back of the envelope analysis of how Bitcoin scales here.
It's hilarious how its proponents have zero sense of perspective about their favourite little toy.
I think it's rather sad (not hilarious) how its detractors have zero understanding about how the system actually works, but decide to trash it anyway.
AFAIK with Chip-and-PIN, you would need a lot more time with the card, some expensive hardware, and some reverse-engineering skills instead of just click-the-copy-button skills.
Actually it's better than that. Nobody knows how hard it is to clone an EMV card because I'm pretty sure it's never been done (by the non-banking industry). All the attacks on EMV that have been mounted are things like obscure protocol attacks that could be detected by the bank, attacks on very old first generation cards that didn't have CPUs inside them, attacks on weak random number generators inside ATM's and the other sorts of attacks you'd expect to see on an enormous and widely deployed cryptographic system. There have been a few amusingly convoluted social engineering schemes as well.
Some say EMV is the largest crypto system in history, larger even than SSL, and that would not surprise me. But what nobody has reported so far is cloned cards (at least not cloned DDA cards which is what most of the industry is using now for some time already).
The idea that EMV is broken or security theater is an idea pushed by exactly one group, AFAIK, the research group at Cambridge. They've done great work researching flaws in the system and ensuring public sector bug research keeps up with the criminal worlds research, but they also love making dramatic press releases and getting their names on TV, so every time they discover a new (invariably patchable) weakness, they declare it's game over and the entire system is worthless. Not so.
It could go down either for porn or "hate speech", which Cameron is wasting no time adding to the filters. The lulz will be heavy then.
You're just making stuff up to suit your argument. There is no evidence that BTC will ever be stable. The very nature of it's inability to be centrally regulated will guarantee that it can never be stable. Regulation is a stabilising force, it's why prosperous, healthy and wealthy countries all have the most regulations. Don't get caught in the Tea Party anarchist hype. If you want anarchy go take a holiday in Mogadishu or Kabul and then come back and tell us how well that works out.
What a ridiculous load of nonsense. Firstly, I'm not making stuff up to suit my argument. There really have been periods of stability. For instance I remember that when Bitcoin was at about $5 it stayed there for around 6 months or so, iirc, and after that it spent another six months floating around $10-$12 mark, which is the sort of volatility associated with national currencies. The reason is that back then it wasn't in the media much, governments weren't paying attention and so on. When I argue that in future it will be stable again, it's an argument based on both common sense and historical experience.
Regulation is a stabilising force? Regulation is an ossifying force. If you confuse "stagnant " with "stable" then it might superficially appear that way, but all it really does is lock in the status quo. The global recession of 2008 started in America, it was triggered by subprime US housing loans, and the USA has probably the most heavily regulated financial sector in the entire world. It's also got one of the most backwards. The USA still uses cheques, it still uses 1970's era magstripe credit cards, most online banks don't even seem to use two-factor authentication, internal wire transfers take days and are not free: all these things are commonplace outside the USA. If regulation is so great, why is the financial system in the USA such a mess despite vast, sprawling financial regulatory bureaucracies?
Finally, your belief that I'm a tea-partier is hilarious. I'm not even American. I think the tea party are a bunch of nutters. They're certainly not for small government, that would require them to heavily slash military spending, something they are very visibly not doing. I certainly don't want to live in Somalia. However Somalia's problem is not lack of financial regulation (there aren't even any banks there), it's very recent and massive wars that wrecked any semblence of civilisation.
In fact, it's funny you bring up Somalia, because badly thought out financial regulations (around making bankers liable for the crimes of their account holders regardless of whether the bankers knew anything) are about to start killing large numbers of innocent Somalis. Somalia relies heavily on the diaspora sending back money to their families, in particular from the UK. Many of those families use money from family members who work abroad to buy food. British banks have all terminated the accounts of money transmitting firms who send money into Somalia because they're afraid the US government will accuse them of aiding al Shabab. Barclays was the last bank to allow these companies to have an account, and the threat of the Somali diaspora being cut off from their families was so great that 45 MP's wrote to Barclay's, begging them to not comply with the governments own financial regulations! Barclays didn't listen of course, nor would you if you faced jail sentences for the actions of account-holders-of-account-holders, and a UK court had to force them to keep the accounts open via injunctions. God knows how that will play out.
If you investigate what it takes to be compliant with US state money transmitter laws you will see there's no possible way for Caldwell to ever comply. Most estimates I see say it takes several years and between 3-10 million dollars to come into compliance with these regulations. He'd have to have his fingerprints be taken 47 times. Effectively, being labelled this way (it's a vague set of rules) is a death sentence for any small company. So no the difference is no "as subtle as a nuclear weapon". Given a set of laws so absurdly hard to comply with that basically only one new company in living memory has succeeded (PayPal), and that is the subject of a book called "The PayPal Wars", there's practically little difference between that and being explicitly banned.
The inability to charge back is the #1 reason that prevents any consumer from perceiving it as a safe currency against vendor fraud. It serves no benefit to the consumer.
Minor correction - dispute mediated transactions have been a part of the design since day one. The problem is lack of surrounding infrastructure like "file dispute" buttons in wallets and the various protocols needed to organise that, companies that run dispute mediation services with those protocols and so on. But there is widespread consensus that it's a good idea and basically, it's just waiting for someone to do the design and implementation work to make it happen.
Its incredible volatility is the #1 reason that prevents any vendor from seriously adopting it.
It's certainly a PITA at the moment, yes, although when Bitcoin is out of the public eye and governments aren't busy banning it there have been relatively long stretches of peace and stability. During those times you HAVE seen vendors price things in Bitcoins, actually, although yes most prefer to peg to an exchange rate.
Over time the instability will go away because governments will all decide on their policies around it, the technology will mature and become boring, most people will have heard about it and decided what they think, etc. The huge volatility you see at the moment is because almost every day there's some important piece of news that affects people's perception of future value.
As to the
I think only the most naive anarchists argued that (and I've called them on it many times before in various Bitcoin forums). The gamble being made there is effectively that given a choice, a government would choose not to become totalitarian and oppressive, and would prefer to give up some control over the financial system.
Well, only an idiot would believe China would do that. They are already totalitarian and oppressive, no surprise they'd be willing to jail anyone who uses Bitcoin.
In contrast, many European countries are sorting out how they're going to handle it. See the recent announcement from Denmark saying that Bitcoin is fully legal, and people who want to run exchanges don't even have to be regulated as financial institutions at all! It seems very unlikely that the governments of Norway or Denmark are going to start jailing anyone who sells sandwiches for coins.
America is somewhere in the middle. It's not as free or liberal as most of the smaller European states, but it's not as oppressive as China. Hence the confused approach there where the US government is saying one day Bitcoin is cool and it's all OK, and then next day threatening Bitcoin businesses with jail time. They can't quite decide which direction to go in, it seems.
"No one governing" the Euro is what almost caused the collapse of the EU over one small state having credit difficulties.
Er, no. What people were worried about was that heavily indebted countries would voluntarily choose to exit the Euro so they could inflate away their debts by printing money as fast as possible, and bulk exits of countries from the Euro would cause problems. The "solution", if you want to call it that, was that after resisting for a long time the ECB (actually Mario Draghi) gave into immense political and personal pressure to start open-ended Euro printing in order to essentially reallocate money from savers in Germany and other northern states to heavily indebted, often highly corrupt governments in the south. In order to preserve the fiction that Europe is one big happy family all sharing the same wonderful currency, the ECB agreed to a global tax on all Euro savings everywhere and made lots of people who managed their finances appropriately very very unhappy!
This is not actually solving any problems - it just sends a powerful message from governments that only suckers try to save money because governments will inevitably confiscate it from you in order to pay for (e.g.) absurdly generous pensions in Greece or elsewhere.
Bitcoin does not allow governments to do this. If Europe had been running on Bitcoin at the time, then those governments would have had to go through an actual default and inflict the pain on the people who lent them the money - but on the other hand, if Europe was run on Bitcoin, it's very unlikely the southern countries could have got into so much debt in the first place. Who was lending such vast sums to countries that had such basic, fundamental fiscal problems? Banks, of course, banks who knew they would be bailed out (with yet more money printing) if something went truly tits up. They gambled that politicians cared more about keeping the Euro than protecting savers, and they were right. If Europe used Bitcoin for everything, the "moral hazard" of banking would not exist as they would know that nobody could bail them out, and they'd have far fewer deposits to play with anyway (or maybe none). As a result, far less money would have been invested into places like Greece and the economic distortions such huge borrowing allowed would have never happened.
Just a few minor corrections (I had multiple private email conversations with Satoshi over a couple of years before he disappeared).
The bitcoin site was registered via an anonymous DNS registrar that specialises in anonymous speech. For a short while he also used an email account from the same service, again, a service dedicated specifically to anonymous speech. I've seen no evidence it was selected due to any links to Japan.
I don't know where you got the idea that his writing style was that of a native Japanese speaker. He never once wrote anything in Japanese or even referred to Japanese culture. His writing style was actually that of a British guy: full of British English spellings and mannerisms. Also, he timestamped the genesis block by including a headline about the British banking bailouts from The Times. That's a British newspaper that is most commonly referred to outside the UK as "The London Times" due to its rather generic name. It would be rare for an American or Japanese person to refer to it just as "The Times". Finally, his forum account was set to GMT and his posting activity was during evenings GMT.
Having worked with his code and the man himself, at least for a short while, I think Satoshi was very likely to be a single person, who lives in the UK. But that said, I've never dug any deeper because he clearly wished to have his privacy and I think it would be a sad day if Satoshi's real identity were revealed without his permission.
X.509 already supports this and complex, non-hierarchical trust schemes are frequently used.
The problem is it doesn't make any difference because you still need to be able to connect to servers that are only signed by one CA, and you have no way to know ahead of time how many signers there should be for any given host. And if all clients accept one signer, why would anyone pay for two?
This idea fails for another reason - many CA's validate your websites identity by connecting to it. If you take control of a server/domain name or MITM it temporarily, you can probably find at least 3 CA's that validate ID in the same way and get all three to issue a bogus cert.
These are hard problems. Simple as that.
X.509 already has a name constraints extension. The problem with TLS is not necessarily its features or design, but that often solutions or upgrades become difficult to deploy because the standard for "this works" is "every device on the planet can connect", a standard that is often unreachable when you start thinking about buggy SSL stacks in embedded devices that never get upgraded.
IF you were willing to accept, say, a 10% error rate for old devices connecting to your server, you could do all kinds of upgrades (caveat; I pulled 10% out of thin air), but in practice people are rarely willing to accept such losses in backwards compatibility for new features. TLS is a victim of its own success, in a way.
It's strange that every single defender of the firearms ban justs ignores the Swiss status quo.
Swiss culture doesn't have much in common with US culture. For one, the people are nowhere near as politically divided or generally so extreme. For another it has a working health system that's capable of handling mental illness. And for another, the gun culture is really not the same no matter what the NRA might claim. In the US you have cases of people walking into bars and restaurants with loaded guns, even in urban areas. The only time I see guns in public in Switzerland is when army reservists are moving around, or when someone is going to a gun club. People don't carry them around as part of normal everyday life.