Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment Re: Slippery slope. (Score 1) 604

This cowardly attitude is an open invitation for any terrorist or hostile foreign government to shut down any American city any time they choose by sending one or two armed men to our shores. Or, apparently even recruiting one or two people from our labor pool. If our grandparents thought this way while fighting the Nazis, Hitler could have won the war against the allies with a hundred "terrorists."

And... we shut the whole city down - except for the Dunkin Donuts shops?

We cower in fear from these two kids, so that we don't even read them their rights when we arrest them?

Somewhere your grandparents are rolling in their graves from shame, that this is the once mighty country they fought wars to defend.

Comment Re:Slippery slope? (Score 4, Interesting) 604

Wow - you felt like this was the right time to beat the "tort reform" horse?

Dead civilians, dead cops, and you pulled that hoary old saw out of your trove of political hobbyhorses?

By the way - you can let it go.

Visit China or Mexico or India. The courts have no power over the rich in those places, and safety measures are considered a foreign luxury. If while at work on the assembly line, you lose your hand en la Máquina then there's no system at work to tell anyone it should have had a simple safety feature to keep your hand out - you were the careless one, after all - so you just go on the street to beg with your other hand, with the crowd of other one-handed people. Your life is worth less than the little money and effort a bit of safety engineering would cost, in those places.

Oh, for the millions of people it benefits, a small percentage of people abuse it - just like health insurance, taking fake sick days at work, the welfare system, the military procurement system, and every other human system ever invented, except at least in the case of torts, you have to fool both a judge and a jury to do it. It's actually one of the least abusable systems we have. If only everything else worked that way.

And yet, propagandists will try to convince you to be riled up over someone who got a jury award in a courtroom because they want to distract you from a banker who got a bonus on a bailed out bank, or bribery in congress, or a drug company who thinks quality control is a big government intrusion onto their profits.

Even that lady who got millions for spilling McDonalds coffee on herself... didn't get millions for spilling coffee on herself. She got $640k, in the end, because McDonalds decided to serve coffee 40 degrees hotter than everyone else, and when it spilled on her lap, she suffered horrific agony, massive burns on her vagina, needed skin grafts, and her medical treatments continued for two years. McDonalds already knew they were injuring hundreds of people like her, and even paid out up to half a million in the past in settlements, but they couldn't be bothered to tell people to turn down the knob in the coffee makers to where everyone else sets it. And the manager of that particular location was a douche, and decided "no one should get money for spilling coffee." Well, if you make it hot enough, you do injure people, to the point where it shocks the conscience. (reference) Amazingly after this case the knobs got turned down and the coffee went to normal temperature and everyone stopped getting hurt.

This is why I say you can let it go. Get outraged about legal bribery (Citizens United, etc), bank bailouts and billions of military budget dollars wasted and lost that was supposed to go support our troops. If you really hold on to tort reform so much that it seems relevant in the aftermath of the Boston Marathon bombings, go live in one of the many earthly paradises that has no tort, and see for yourself what it's like.

Comment Re:Slippery slope? (Score 1) 604

Hmm. You call it voluntary. But whatever the police said caused most businesses, schools, and government agencies to close. Except the donut shops, of course. Those, the police kept open.

You say they are not likely to do it again except in equally extreme situations. I say we rolled out the red carpet to the world's terrorists and foreign governments, showing what a panicky bunch of children we are. I say anyone with a violent agenda in the entire world is likely to do this again whenever they wish to send one or two armed men to our shores (or even recruit from the innumerable, mediocre candidates available domestically), and that will be at times of their choosing.

Comment Re:Fundamentals (Score 1) 583

Namecoin (a distributed name system based on Bitcoin) had a problem a few years ago that demonstrated an example to this. Majority mining power just disappeared from the network, and it took miners months to produce 2016 blocks after that, ultimately rendering the network useless (until they found a way to mine both currencies in parallel with 100% efficiency on both, which is very interesting in itself).

I think I start to see what you mean. You're saying that I'd need to win against the rest of the internet's difficulty in order to make a valid block. And that no block is valid unless it follows the difficulty function, which is historically validated down the chain.

Interesting. I'd read about the difficulty heuristic but hadn't thoroughly understood it or realized the implications. In fact you have come up with an entirely new and fairly huge problem for bitcoin that I hadn't considered. Since the difficulty function is not real-time, bitcoin could suffer the same problem that namecoin suffered. It could, in fact, kill the entire thing far more acutely. All you need is a sufficient fluctuation in CPU volume. Right?

So you should be quite afraid of DoS attacks - but far more of changing market conditions. If something causes people to start to leave the network a little too quickly, and it slows down, causing a further exodus, then you have a runaway condition, and the entire thing is doomed for a "temporary" period long enough to kill it, effectively. No?

Bitcoin's fault tolerance is remotely similar to Freenet.

I think you can see my point about the ease of segmentation - and that it is irrelevant to the attack that the block chain can be reconstructed from a single leak, since there would be no leaks in a likely attack. And, agreed - quite academic in light of the issue you raise about faking blocks.

I don't think this conflicts with what I said. You need to break the chain of transactions in order to render the history useless.

Transactions are a chain. In the case of bitcoin, you have perfect and transparent recordkeeping of this chain as a precondition to the system working. Once a link is made, for any reason, you can never break it. You can have many wallets, but at scale you can't keep them separate. At any scale, you still need to have your various accounts exchanging funds sooner or later (and so will any laundry). You can try to create huge volumes of noise, break transactions and amounts up, and make many intermediate fake accounts, but none of those games are particularly resistant to analysis. Hence the example I linked to earlier.

We haven't even started to talk about the guts of P2P routing yet. From Freenet to Gnutella, the ideals of distributed computation never once met the realities. What happens when nodes in Bitcoin's mesh misbehave in different ways? Make too many connections? Route data in valid but esoteric ways? Spam bad data at neighbors, and blame it on other neighbors? And so forth...? The P2P substrate is actually a terribly difficult design problem that is usually inseparable from the higher-level goals of the network, and I've heard relatively little about how the protocol itself works.

Comment Re:Fundamentals (Score 1) 583

I had a longer response that was just eaten by the browser. Now unfortunately I have to be brief:

You can't roll back transactions or double spend without producing blocks, and producing valid blocks don't get easier by isolating the victim from the network. If you agree that brute force attacks on proof of work isn't impractical, this isn't very viable either (i.e. people will realize there's something wrong when confirmation takes hours to days instead of minutes).

It has to be easier if you isolate someone from the network. Imagine if all the computers but yours disappeared tomorrow. Are you saying your computer could not now win a race of 1? Or that there is any difference between a communications cutoff and lack of existence?

I don't get what you mean here. Even if a little information is leaked between the segments, the network will be whole again. Of course you have to have a reasonable leak. For instance, you could send the data on a flash drive and I wouldn't consider it a valid leak because of the latency.

If I am intercepting your communications, it is less complex to intercept everything rather than some things. Confirmations will be quite speedy, since they will come from me as well.

For the rest, I would suggest reviewing the Anonymity page bitcoin themselves puts up.

The Weaknesses page puts it succinctly: "Tracing a coin's history can be used to connect identities to addresses."

Comment Re:You're not kidding (Score 1) 583

Here's Kaminsky:

Scammers and legitimate entrepreneurs make these same arguments, and try as hard as they can to sound the same. Of course if you worked a little at something and it seemed vaguely original to you, you are the lifeblood of capitalism and no amount of reward seems too much. If it went south later and screwed everyone downstream, who could have ever foreseen it? Just be careful your arguments would sound convincing to a jury when all the downstream people come calling.

As a side note I am quite sure the mining difficulty explosion was expected. The entire design expects it, and the papers explain this clearly. It's necessary for the system to work.

We actually are very hesitant for the law to protect people from their investment decisions, rightly so, and I think it would take our society quite a while to come up with any kind of response, let alone protections surrounding, these decentralized financial systems. I believe, don't get me wrong, that they have an important future. But in the meantime, buyer beware.

Comment Re:You're not kidding (Score 1) 583

I think the Kaminsky analysis coupled the astoundingly rich rewards for early adopters - which dwarf most comparable things in the world of commerce (you could make what is now worth $90 at a very high rate with a cheap CPU, and they did this for many years before mining got tough), with the extremely poor chances faced by later adopters who arrive before the sell-offs, scandals, and centralization necessary for scale, to reach the "Ponzi-like properties" statement. I suspect the insider's horde, mined when the difficulty was low and the payoff was rich, is worth more today than $75m, or at least I should hope it would be, for their sake?

Put differently, if you can create a fake currency, convince enough people it's real for it to be worth something, and then dump your holdings of it before it all crashes down?

Yeah, that's shady, bordering on criminal. Of course, the people who lose their shirts are the sucker investors, who are supposed to be parted from their money if they're fools, but there are limits to that philosophy embodied in common law. If Bitcoin's creators and insiders falsely represented their system as part of the scheme, they could go to prison (and they have been careful not to, though mixed messages are an old scam long recognized in law, and you cannot be entirely covered by disclaimers about how experimental and likely to fail bitcoin is if you also say some less careful things too).

All that said, I imagine this was a well-intentioned experiment from the start, though I can't know. It's just one of the interesting risks you run, in that position.

Comment Re:You're not kidding (Score 1) 583

Actually I replied to gox and have many concerns remaining at this point. He is making good arguments, though.

I think he's particularly off base on the anonymity issue.

If you can link to Bruce Schneier endorsing bitcoin's security, I would love to read it. You can't though, because he hasn't.

Kaminsky shredded it as well - links to his deck from 2011 are all over this discussion, but I can provide one if you like. In conclusion he said it had "Ponz-like properties" - though he refused to charge it as such directly, yet. His words, not mine.

Your comment about white hats turning black - I think you are suggesting that people who found flaws in bitcoin might keep them to themselves, and use them to profit rather than disclose them? I agree with you - though that rather cuts against bitcoin's credibility than for it.

Comment Re:Fundamentals (Score 1) 583

Please keep in mind that convincing me isn't less difficult than convincing the whole network. You still need to produce hashes lower than the target, and even if I am only connected to you and perfectly believe you, every block you need to produce needs the same amount of work as the rest of the network.

I don't see how that follows yet. Rolling back transactions or double spending is more than enough to sink everything. I merely need to fool you for long enough to engage in another transaction - perhaps including converting the currency out of bitcoins. Bitcoin's own vulnerability FAQ (which openly discloses several fatal looking flaws I hadn't thought of besides this one) indicates segmentation is not a practical attack because "any leakage" will carry the whole network state. Which I don't understand at all - because in many scenarios it is more work to create segmentation with leakage than without?

The attack presumes I can control your communications with the rest of the world - indeed, for most internet users this is the status quo via several entities, such as their ISP and their repressive government (leaving aside the various other ways it can happen). A split sounds like a good term - splinter, probably more accurate. In such a case, the difficulty of the attack must be reducible, or how can the rest of the world, which we are not communicating with (for long enough for me to defraud you) still be a factor in the CPU spend for the attack? Shannon will wake from his grave to hear the explanation.

Once I have my stolen cash, I'm perfectly happy for the splinter to heal - in fact, I want it to, so I can steal from you again later.

Bitcoin is not anonymous

In discussions I am having here today, this is still news to others, I'm afraid. In fact I think it is hardly redundant. For instance, I would like to address your assertion that, If you wish to remain anonymous, trusted 3rd parties have any relevance.

First of all, the concept is enormously troubling on its face - enough so that no one seriously advising others about anonymity should speak of it. But let us say there are really 3rd parties you would like to trust, and you have a desire to perform anonymous transactions.

I think we need to make it clear what we are talking about here: Bitcoin is the least anonymous, most transparent currency ever invented. Nothing else in existence is more law-enforcement-friendly.

Your trusted third party scenario is my dream if I am an FBI agent. As an intermediary for someone else, you buy something with account Y. Associating your real identity with your cryptographic identity is policework - let us admit that it can and will be done. From there on out I can see every transaction you have ever made with Y. You may make multiple identities - so much the better. With surveillance of your net connection (which even in the US I can do without a warrant) I will learn any identity you use to conduct business. That's leaving aside that, soon, wallet Y will be empty and wallet X will be full. What will you do then? It is impossible to indefinitely segment your payables from your receivables, for reasons found in elementary accounting.

You have all the same problems as a traditional money launderer and many new ones that no money launderer has ever had before.

Anyone who wishes to perform anonymous transactions (the right of every hard cash holder since the invention of money) should run screaming from Bitcoin.

Because the transaction data you need isn't in the chain.

If I cannot tell who owns what, then I can double-spend. If I can tell, then I can see transaction data. No amount of complex dressing can hide this simple wound.

In fact the chain is exactly the transaction data I need, unless I have totally misunderstood the chain, and so did the many security researchers that have been creating transaction graphs from it, i.e.

Comment Re:You're not kidding (Score 1) 583

I do not buy that there has been adequate review of the system - at least, that is not what I see when I look at the public discussion.

A billion-dollar bounty? Who will pay me a billion dollars? I would like a link on that specious claim, please. Do you imagine anyone could recoup the capitalization of an entire market by finding a flaw in the market?

I'll point at my more specific concerns here:

I don't think the lack-of-inflation argument is bitcoin's problem.

Comment Re:Fundamentals (Score 1) 583

I agree brute force attacks would be impractical - this is really what the entire design preoccupies itself with.

If I had to guess, it would be the use of communication interrupts and/or denial of service attacks, or man-in-the-middle attacks (more practical for a high-tech police state like China), to dramatically reduce the computational power needed to mount an attack. For instance, I can steal your coins if I can convince you of an incorrect chain being the longest. It is not necessary for me to keep up with the world's CPU power - merely to prevent you (and enough others) from accurately seeing the world at the right times. Then I have created splits which would be quite disruptive. As the network scales, so would the disruption. When enough people are losing their money, the lack of confidence spreads like a virus, and that is how you destroy a currency/bank/nation/etc.

This simple "communication starvation" attack seems elementary and effective to me that I feel like I must be missing something. But what? I don't buy the "paranoia" argument - that it hasn't happened yet is simply because a state or network-level actor hasn't yet gotten involved. Were the system to succeed, such involvement seems inevitable to me. Prior to the dramatic success of bitcoin (which perhaps we are on track for?), the lack of such problems also makes sense.

Regarding anonymity, I'm afraid I don't follow how this currency isn't an NSA/FBI wet dream yet. Even the traditional banking system is not this transparent. If I can prevent double-spending, I can see what you did with your bitcoins, regardless of how many addresses you use. If I can hide my identity by changing addresses, then money can magically move from one identity to another without a transaction, and I can double-spend. How could it be possible for it to be any other way? And since the chain must necessarily be public, the entire world must (or at least should) have the same information - about every transaction.

If tumblers can launder money, all they can do is take on criminal liability in this highly transparent system - so it is unclear why anyone would want to be a tumbler in that world, but perhaps you can argue that people will host them in "areas with poor law enforcement." However, if double-spending prevention is successful, and there is a clear transaction chain, why it is not entirely straightforward (if merely computationally intensive) to unravel all tumbling activity using the chain? That would make tumblers a dangerous bit of theater.

Slashdot Top Deals

They laughed at Einstein. They laughed at the Wright Brothers. But they also laughed at Bozo the Clown. -- Carl Sagan