Bitcoin

Archived From: Finance
  • 14 5 67814
  • Page
  • Text Only
Bitcoin and similar technologies may have a significant role to play in the future, and the technology is legitimately elegant and adeptly applies several modern strains of cryptographical research.

The recent speculative runup in the main Bitcoin block chain, however, is insane and entirely unfounded. I can't promise that people buying Bitcoins now will lose money, for no one can easily predict where a bubble will end, but the grandiose claims of most of the people in the official Bitcoin forums are absurd and border on the illegal fraud that is explicitly disclaimed by people like Rezin777. Investors would be well advised not to risk their money here. There are several significant reasons for this:

1. Most of the exchanges between Bitcoin and other currencies are illegal or, at the very least, unlicensed and illegitimate. They likely run afoul of US securities laws and US banking laws. This is not just a pub-style bull session about law; it is the result of a reasoned consideration informed by legal experts, though of course it does not constitute legal advice to you. Speaking generally, though, individual users of these exchanges risk having their assets and accounts frozen, risk running afoul of money-laundering laws, and generally risk losing even more than they put into the system.

2. Related, given that the exchanges are entirely unregulated, they can themselves be manipulating the market. Given that Bitcoin is touted as a distributed currency, it is ironic that there is absolutely no check on "Mt. Gox," the major Bitcoin exchange, through which $200,000/day is (unbelievably) passing.

3. The Bitcoin protocol itself is not robust against denial-of-service and other attacks. Many on the official Bitcoin forums have noticed this, and some have spelled out the attack vector in detail, but in short, a persistent denial-of-service attack that shuts down Bitcoin entirely can be mounted trivially for about $700,000 and can very likely be mounted with more sophistication at a substantially lower cost. Indeed, the Google employee who (in a personal capacity) wrote a Java version of part of the Bitcoin client has recognized publicly that any sophisticated analyst could shut down Bitcoin at will, and he explicitly opposed calls for tests of the system's security by the general public. The system has created the impression of security, but it is not secure. What ARE secure and robust are the ideas behind the protocol; it is likely that something like Bitcoin will survive, in some form, in the future. But the main block chain, in which everyone's presumed "wealth" inheres, is of questionable soundness. (To say that more simply: Bitcoin as an idea might survive, but it is far less likely that your "bitcoins" will.)

4. Given that technological attacks are possible, a corollary is that economic attacks in the style of securities fraud are possible as well. If you can disrupt the network at will, you can easily disrupt the network in a strategic way in order to profit from the disruption's effect on the market. Much unsophisticated analysis of Bitcoin rests on the premise that attacks aren't worthwhile to mount because it would be more profitable, with massive computing resources, to "mine" for Bitcoins, but that entirely neglects (1) the economic motivations that come from market manipulation and (2) ideological, political, regulatory, and commercial competition to the main Bitcoin block chain, which makes attacks relatively more attractive for many parties.

5. To the extent the official Bitcoin forums have informed investors' views of Bitcoin, they have likely misled the public. This is interesting from a legal perspective because it amounts to fraud without the individualized intent of fraud (can a mob "defraud" someone when no individual person in the mob is consciously telling a lie from which he or she expects to profit?), but several features of the official forum stand out immediately to informed readers. These are largely tangents, but they may help paint a more accurate picture of the current users of Bitcoin than the official forums would:

a. While I said at the outset that Bitcoin is legitimately interesting from a technological standpoint, it is not as creative or novel as most of the adopters seem to think. Judging from the official forums, the typical adopter is someone with a modicum, but no more, of technical and theoretical experience. (Perhaps of note: those who are leading the ongoing "development" of Bitcoin are little different; they are not sophisticated or creative technological thinkers, and they struggle even with the details of the present protocol. What this means for an investor is that Bitcoin is not practically resilient even to those attacks to which it might respond in theory, such as a compromise of the hash function it mainly uses or the development of a new "mining" technology that cheapens various attack vectors.) To paint the picture very broadly: these people know how to run Linux, compile programs on it, and maybe write a few lines of code; they can also evaluate at a very general level the claims of a cryptosystem. But all except about five people on the official forums have no specific mathematical or systems training, and so the general discussion and enthusiasm creates the impression in a novice that Bitcoin is far sounder than it is.

b. More obviously, the official forum is filled with disturbing and juvenile, extreme anarchism. Comments like "I reject all systems of human morality and law" are common. Uses of Bitcoin to encourage trading in illegal goods and services are routine; even "assassination markets" are encouraged. Bitcoin as a virtual currency probably does not threaten governments the way that some novices initially imagine upon hearing about the technology, but when the only people buying Bitcoins are (1) engaging in illegal activities, (2) anarchist teenagers who want to promote the technology for ideological reasons, and (3) speculators, sound investors like those in the Fatwallet crowd would be well advised to stay away. To a mainstream community of investors, however, the deranged rants that are commonplace among early Bitcoin adopters are perhaps reason alone to hesitate to adopt the technology.

6. Probably less significantly, but still interestingly, the Bitcoin block chain has now been demonstrated by at least two good analysts to be able to store arbitrary data "steganographically." This means that the Bitcoin block chain can contain arbitrary contraband, so that merely by running the Bitcoin client, you may (at least theoretically) be propagating child pornography, Wikileaks, and other material in the style of Freenet and other distributed storage systems. This is more theoretical than practical at the moment, but it is disconcerting. How popular would VISA cards be if (say) 4% of them contained contraband information encoded in the holograms on the front of the cards?

NOTHING IN THIS MESSAGE CONTAINS INDIVIDUALIZED LEGAL OR INVESTMENT ADVICE. My motives for writing this are a distaste for fraud, even when that fraud is not consciously propagated. As a researcher, I also have privately made proposals that address some of the technical drawbacks of Bitcoin, but I have no vested interest in seeing Bitcoin as a technology either succeed or fail.

So a bitcoin is like a tulip containing a kiddie porn Easter egg.

ComputerScientist. Your article is a waste of time, looks like only straw man arguments and ad-hominems.

ComputerScientist. Your article is a waste of time, looks like only straw man arguments and ad-hominems.

Also commentary that price should be based on difficulty confuses cause and effect. Difficulty rises or falls as a result of adjustments in price, such that the network will tend toward expending 300 btc per hour in electricity cost.

I don't understand the reasoning behind hating on bitcoins as some sort of fraud or ponzi scheme.

*YOU DON'T HAVE TO BUY INTO IT WITH ANY MONEY*. At all. Literally, $0.

The only "investment" you could make in it is by buying hardware to make a computer solely devoted to mining. And who gets that money? Bitcoin? No. A completely separate third party hardware company. So there's not even a motivation behind bitcoin being some sort of ponzi scheme or tulip mania etc.

If it's not your cup of tea, don't do it, but it's not like this is an AGAPE WORLD scam where people are actually losing tons of money and are actively being scammed.

{edited for grammatical clarity}

Actually, now that I think about it more, I guess you could also "invest" in bitcoins buy buying it with USD, effectively exchanging USDs for Bitcoins, trying to speculate in Bitcoins being worth more.

Okay, I guess I understand more where the hate is coming from now. Still, you don't *have* to get bitcoins that way!

ensignlee said:   I don't understand why the reasoning behind hating on bitcoins as some sort of fraud or ponzi scheme.

*YOU DON'T HAVE TO BUY INTO IT WITH ANY MONEY*. At all. Literally, $0.

The only "investment" you could make in it is by buying hardware to make a computer solely devoted to mining. And who gets that money? Bitcoin? No. A completely separate third party hardware company. So there's not even a motivation behind bitcoin being some sort of ponzi scheme or tulip mania etc.

If it's not your cup of tea, don't do it, but it's not like this is an AGAPE WORLD scam where people are actually losing tons of money and are actively being scammed.


I would not argue fraud or ponzi scheme, but I would wonder what the future of mining is, exactly. Mining profitably is related to the cost of electricity, the 'difficulty' in mining, and the cost of your rig. One can easily draw a correlation between the explosion in mining and the exponential increase in difficulty.

***

ColbyS said:   Why do I have this sinking feeling the value is going to crash as soon as I get my rig set up...


better question: where the hell did you find a reasonably-priced ATI graphics card that was in stock?

***

Cent25: If you don't know what a "straw man" or an "ad hominem attack" is, you'd best leave the analysis to adults. As a general rule, moreover, it's smarter to avoid responding to a message based on what it "looks like"; doing that may create the misimpression that you don't know how to read.

Ensignlee: Whether gold is in a bubble or not, or has a market beset by implicit or explicit fraud, doesn't depend on whether you can acquire gold by panning for it. The value of a Bitcoin in terms of other currencies comes from its demand in those currencies; it would have no value in US dollars if nobody were willing to pay US dollars (or goods, services, and currencies convertible to US dollars) for it. The "fraud" to which I'm referring lies in unjustified assertions from a mob that a Bitcoin will be worth $100 or $1000 in several months or years. Based on what people claim about their own behavior in the official forums, those assertions are motivating demand for Bitcoins in illegitimate currency exchanges like Mt. Gox by those willing to pay US dollars.

Now, there can indeed be sound economic discussions of what the fundamental value of a Bitcoin in the main block chain ought to be, but the Fatwallet crowd should rightly consider that conclusion guesswork.

The best way to approach that sort of speculation, if you're going to do it, is to look at how much (in US dollars or anything else) is expected to be "on deposit" in Bitcoins at any given time. Consider PayPal as a comparison. According to eBay's 10-Ks, Paypal currently has something like $3 or $4 billion on deposit. "On deposit" is one decent way to estimate the long-term value of a Bitcoin, because of course flows of external currencies into and out of Bitcoins are, at least in the long term, what establish a value for Bitcoins in terms of those currencies. (It is not its usage in trade, but its demand in equilibrium as a store of value, that sets the unit price directly.) If the present Bitcoin block chain were to grow as large as PayPal, the size of Paypal's deposits would (very simplistically) suggest a value of about $190/Bitcoin in the long run. Thus, a value of $9/Bitcoin supposes almost a 1/20 chance that the present block chain will store as much value globally as PayPal presently does. To consider how optimistic that expectation is, note that at present Bitcoin doesn't "store," in the sense I'm discussing, even a fraction of its own $50 million "market capitalization," because that market-capitalization figure reflects only a clearing price; accordingly, to justify the present price in USD, we're not talking about a growth from $50 million to $4 billion but a growth of perhaps $150,000 (yes, an estimate!) to $4 billion.

(There are many reasons this analysis is simplistic, but I'm just trying to sketch it out as the most plausible "optimistic" fundamental value of a Bitcoin. There are any number of reasons to think $190 is too high or too low even for a system that reaches PayPal's size. For example, the more useful Bitcoins are compared to a PayPal balance, the more reason people will have to leave external currencies "on deposit" in the Bitcoin economy. Conversely, the less stable the "price" of a Bitcoin is perceived to be, relative to people's functional currencies, the less reason people will have, in equilibrium, to leave money "on deposit." This latter effect is potentially quite significant, but it is of course not an issue if Bitcoin eventually becomes most users' functional currency, as many on the official forums seem to hope; that is, you don't much care about the exchange rate between Bitcoins and dollars, except as a speculator, if you're paid, and pay all your bills, in Bitcoins. The chances of that happening in any time period, though, are of course orders of magnitude less than the chances of Bitcoin growing as a medium of exchange in that same time period. Another confounding factor is that PayPal pays interest on some balances; merely holding Bitcoins doesn't pay interest, but Bitcoins can be invested -- at present only unreliably and possibly illegally through unlicensed "stock exchanges" -- and they can also appreciate in value given their deflationary nature.)

Given the technical and economic problems I highlighted in my last message, it seems incredibly unlikely -- and I'm saying with with the full recognition that it's just a guess, but a rational guess compared to the irrationally hopeful ones that appear routinely in the official Bitcoin forums -- that the present Bitcoin block chain will eventually be able to store $3 or $4 billion. Long before then, there would be significant incentives to compromise the chain, and my technological assessment (along with those of all other analysts who understand the problems) is that the block chain would not withstand the attacks. As a good analyst pointed out in the Bitcoin forum before evidently being driven away by the harassment of anarchists, the cost of an attack against the Bitcoin block chain rises only proportionally, not exponentially, with the growth in Bitcoin mining. It would be trivial for even a small corporation to mount a successful attack. Would PayPal be able to keep $3 or $4 billion on deposit with Bitcoin's technical problems threatening their financial integrity -- i.e., if at that scale an attack of several tens of millions of dollars could destroy all wealth in the system? (For example, could PayPal exist if any new startup could take its seed funding and cripple it?) It seems doubtful. Adding to the problem for Bitcoin is that it is unlikely the "attacks" I'm discussing violate any laws, because they are specifically permitted by the Bitcoin protocols, which are neutral (by necessity) to the goals of an attacker.

Note that the centralization of PayPal, for all its customer-service problems, is an advantage rather than a disadvantage for most customers. Most investors, bankers, and traders are not anarchists and don't care either about decentralization or about pseudoynmity. (And the drug lords and despots who do care don't need Bitcoin, which is likely far too traceable for them, for of course it's not anonymous and is in fact quite public.)

In any case, in my own view, the worst thing to do would be to take the "$190/Bitcoin" figure in this message, or similar pie-in-the-sky figures in the official forums, and pay $9 for a Bitcoin on the irrational hope that that figure is likely to materialize as a matter of fundamental value (versus pure speculation). It would be like paying $125 for a share of Microsoft on the thought that if they started selling everyone's nanocomputer wristwatches with a biological interface to our nervous systems, the stock would be worth $5000. That something's conceptually possible doesn't mean it's likely to happen. The present block chain is just about as likely to store $4 billion as one that I could create today myself and publicize with a $100,000 marketing budget, and surely you don't want to invest significant money with me merely on that claim. Why have more of a fear of "missing out" on Bitcoins than a fear of "missing out" on the hypothetical investment whose possibility I just created in this paragraph?

What's sad is that a group of naive "investors," both in Bitcoins directly and in "mining" hardware, is potentially being misled, yet they're the most hopeful and vehement in their defense of the mob that's potentially misleading them. This is exactly what happened in 1849 and in many other irrational pursuits of easy money. The number of messages on the official forums by people who say, literally in these terms, "I'll wake up soon and be a millionaire" is depressing; though many of them are anarchists, many of the securities laws are designed specifically to protect people like them.

(AGAIN, THIS IS AN ACADEMIC DISCUSSION, NOT LEGAL OR INVESTMENT ADVICE.)

A Few people have asked for more details, so I'll share with everyone.
the 5870's I have overclocked to 950, memory underclocked to 300 and are running at 430 Mhash/s each using phoenix miner 1.47
the 5850's I have overclocked to 890, memory underclocked to 300 are running at 350 Mhash/s each using phoenix 1.47
I'm using phoenix 1.47 with VECTORS BFI_INT FASTLOOP=false AGGRESSION=7 to get these numbers.
I am running vista 32bit, With catlyst 10.11 individual downloads for the display driver and opencl driver
https://a248.e.akamai.net/f/674/9206/0/www2.ati.com/drivers/10-1...
https://a248.e.akamai.net/f/674/9206/0/www2.ati.com/drivers/10-1...

Here's for 64 bit:
http://support.amd.com/us/gpudownload/windows/previous/10/Pages/...

CAUTION - using MSI Afterburner can void your warranty and cause problems. I've been having problems rebooting after following these instructions, and have had to do a system restore on every boot, and then readjust the settings in MSI Afterburner. With that being said, I use GPUshark to monitor temps/overclocks and MSI afterburner to underclock the memory to be able to reach these overclocks, using these instructions http://www.bitcoin.org/smf/index.php?topic=4292.0

I appreciate that ComputerScientist is willing to offer me both free legal advice and free investment advice!




>.>
<.<

ensignlee said:   ultraRiles said:   I wonder if the founder of Bitcoins has AMD stock options

Haha yeah. It's amazing how much better the ati radeons fare than their Nvidia counterparts.

Used 5870s on ebey are now going for > than the price that they sold for new!!!! $225 now, whereas you used to be able to pick up a 5870 for around $180-$200 After rebates. That's CRAZY!
That's because Goldman Sachs needs enough to fill a data center.

How are you selling your bit coins? I heard paypal now bans bit coin transactions.

ComputerScientist: Again, more name-calling and no content. Not going to waste my time reading the rest of your article.

ComputerScientist: in your estimation, is the susceptibility of the BitCoin network to attacks inherent in the system, or can it be corrected for as the system evolves? What's the nature of these potential attacks that you foresee the possibility of? Is the danger that a denial-of-service attack could cripple the network and inhibit or prevent transactions? Or could they lead to a holder of BitCoins losing all his "money" (e.g., by someone with sufficient computing power generating a dishonest block chain)? Obviously the latter type of attack is more of a concern.

For what it's worth, I don't find your remarks about the BitCoin forum community too convincing. Sure, many members there may be juvenile, they may be anarchists, they may be naive and overenthusiastic about BitCoin's prospects. But that doesn't really prove anything one way or the other about BitCoin. I wouldn't assume that whatever they say is true, but conversely I wouldn't assume that whatever they say is necessarily false either. A more serious concern would be if the key developers were equally naive, juvenile, overenthusiastic, etc. But my sense is that the key developers are both more mature and more intelligent than the average poster on the BitCoin forums (as you'd expect really).

I also think you go too far by suggesting that there may be some sort of "fraud" perpetrated by members of that forum. Speaking enthusiastically (even if naively) about something that you truly believe in can't really be fraud, in my opinion, or else the millions of Americans who share stock tips at the water cooler would be committing wide-scale and massive fraud.

All that said, I am concerned about the possibility of attacks, and your insight on this issue is appreciated since you have obviously put some thought into this and clearly appear to have some expertise in this area.

***

ddos against mtgox and the mining pool can happen and yes there have been periodic downtime for those individual entities, but the p2p system itself continues to function in those instances.

Anyone here speculating on the currency? While I think the chance of a run up and swift crash are pretty high .... I guess the question is whether you can get out in time (use mtgox stop-loss orders to lock in profit?)

I think the market could crash fast enough/quick enough that there would likely be a period where there is way more selling than buying ... thus a good chance of a "stop loss" not being filled ...

ColbyS: There seems to be a belief among those who discuss Bitcoin that a distributed network cannot be subject to a denial-of-service attack; nothing is further from the truth. The developers themselves have recognized this, as has the original academic paper on Bitcoin. The attack would simply either grind the distributed network to a halt or change what is recognized as the current state of what clients perceive to be the legitimate network.

As a simple, relatively nontechnical analogy, consider that the developers of Tor, a distributed network of proxies that allows for relatively anonymous communication online, have admitted that it is relatively simple to disable it by using it to share large files in a peer-to-peer capacity. There's some literature on the calculations involved in such assessments. That problem is one instance of a denial-of-service attack against a decentralized network, just in case the idea that a distributed system is subject to a denial-of-service attack is counter-intuitive.

Dangerhorse: The attacks have already been described at length in the Bitcoin forums and are too technical for the discussion here. Look for messages by Hal Finney, the user called "[mike]", and the user called "ByteCoin." There was a user called "s" too, but he or she erased all forum posts recently and told me it was because of harassment.

The resilience of distributed filesharing systems and Wikileaks is inapposite here, as many have recognized; there are structural reasons those systems and entities persist in the face of opposition. Those reasons do not apply to Bitcoin, which faces a far more significant coordination problem.

Your question about whether Bitcoin could be changed to address the problems is a very good one, but it's one that's hard to answer because it depends on unknown social forces in the future. As a preliminary matter, as I noted before, even problems that can theoretically be addressed might not practically be addressed. For example, it's common to see claims like "if the hash function is compromised, we could always get everyone to switch to a new one," but the community and the development team is not currently technologically sophisticated or agile overall, and it is very reluctant to consider changes to the protocol; it would take a very obvious compromise to get them to act, and it's not clear whether clients would be updated quickly enough. The present leadership of the team is not, by their own admission, particularly well-versed in cryptography, and it is possible that any changes could introduce further compromises unless subject to extensive and slow peer review. At any rate, at least in theory, some problems associated with Bitcoin could be fixed.

Others, however, could not, at least without making Bitcoin something unrecognizable from its current form. The attacks that are possible go to the heart of what we think of as Bitcoin. I believe there are distributed, anonymous, digital currency systems that are immune to those attacks and more like Wikileaks in terms of technological resilience, but it would take a closer analysis of such systems to determine their flaws. There's no reason to think that such systems would be set up to migrate the "wealth" of the currently prominent Bitcoin block chain over to them, though that's always a conceptual possibility. Maybe it could be done with a discount in order to promote adoption.

As for "fraud," as I noted, I recognize I'm describing something that isn't literally legal fraud. But it is just as powerful and potentially just as damaging. We don't have to call it fraud, but it's somewhere between pump-and-dump internet schemes and water-cooler chat about technology stocks in 1999. A handful of people, each with between 30,000 and 400,000 Bitcoins, have a significant financial incentive to promote the technology, and for various social and psychological reasons, others have gone along with it. There is admittedly something ingenious about a system that plays to people's selfish motivations and gives them a psychological stake in the system; there are probably many people who have mined 80 Bitcoins posting messages promoting the system and motivated to downplay its problems.

As for the tenor of the official forums, I don't really care about it, and little that I'm saying technologically depends on my assessment of the people posting there. I'm just giving my observations. I'm also trying to correct the perception that some people have after reading the forums for 20 minutes, at least if you judge by the reaction of several of my colleagues.

***

@ComputerScientist, I think you raise a number of valid points, and a number of not-so-valid points.

ComputerScientist said: 1. Most of the exchanges between Bitcoin and other currencies are illegal or, at the very least, unlicensed and illegitimate.

This is interesting. I am certain that somehow the government is going to try to get involved at some point. And I am interested in the ultimate outcome of that. The particular legal vulnerability you outline is a very real one. There are some interesting jurisdictional questions when it comes down to brass tacks though.

ComputerScientist said: 2. Related, given that the exchanges are entirely unregulated, they can themselves be manipulating the market. Given that Bitcoin is touted as a distributed currency, it is ironic that there is absolutely no check on "Mt. Gox," the major Bitcoin exchange, through which $200,000/day is (unbelievably) passing.

This is a cogent point, and I'm not sure what to do about it aside from start another exchange or three, or come up with a decentralized way to run an exchange such that no participants have to trust any particular other participants to be following the rules.

ComputerScientist said: 3. The Bitcoin protocol itself is not robust against denial-of-service and other attacks.

Please provide links to theses analysis rather than bald assertions.

ComputerScientist said: 4. Given that technological attacks are possible, a corollary is that economic attacks in the style of securities fraud are possible as well.

Fraud is generally an interesting problem. There have been attempts to solve it with a robust reputation system. The fraud you talk about is essentially combining a technical attack (the feasibility of which you have not established to my satisfaction) with a financial attack.

There have been frauds that have been pulled off on a massive scale in the past for just about any currency. Most of the most successful ones involved believing the promises of people you shouldn't have believed.

I personally feel that the system underpinning the US Dollar is part of a gigantic fraud perpetrated upon people who chose to trust rich bankers and their government.

So I do not think bitcoins are especially unique in their potential for massive and orchestrated fraud. And I don't know that they're any more susceptible. I rather suspect they are somewhat less susceptible.

ComputerScientist said: 5. To the extent the official Bitcoin forums have informed investors' views of Bitcoin, they have likely misled the public.

This happens all the time all over the place and people are generally not prosecuted for it. I do suspect there is a strong tendency for people to be bullish because that's how they're making money. I'm one of those people, and my views are based on a particular opinion about the nature of currency and an economy. If bitcoins are valued at a dollar apiece, then 6 million of them are not nearly enough value to cover the kinds of money that changes hands every day. I think bitcoins will rise in value to reflect the value that is being exchanged using them.

The thing that gives a currency its value is simply public perception. A wide variety of strange things have been used as currency in the past. Sea shells, tally sticks, and even stranger things.

Your points 5a and 5b represent little more than ad hominem attacks. 5a is particularly insidious since you have not backed up your criticism of the technological underpinnings with links to any kind of real analysis supporting your position.

That being said, I somewhat agree with you. Bitcoins unexpectedly turning out to have real value (however speculative that value might be) has surrounded them with a horde of people who don't really understand them, as is witnessed by the people who think they are somehow comparable to farmville cash. This has resulted in a miasma of lore not backed by real hard technical analysis. The only really good analysis I've seen is the paper that originally introduced the concept. I would greatly appreciate links to people who've analyzed the system as a whole and the security of the individual pieces.

ComputerScientist said: 6. Probably less significantly, but still interestingly, the Bitcoin block chain has now been demonstrated by at least two good analysts to be able to store arbitrary data "stegonagraphically."

This is going to be true of almost any system for exchanging information on the Internet. "Oh, no, I might be exchanging encrypted child porn!" would be a valid concern in almost any distributed system of information interchange in which you passed on information that other people gave you. Heck, I could probably use Twitter as a means of steganographically encoding interesting stuff and everybody who retweeted what I said would be my unwitting accomplice.

This concern is ridiculous, and I think detracts from your overall argument.

Additionally, in truth, people using credit cards have a whole horde of hidden costs (as unknowingly trading encrypted child porn is a cost) that most users do not understand. For example, I don't think most people are aware that almost all costs for fraud are paid by the merchant, and that merchants also pay ridiculous sums of money for the privilege of accepting them. And this is especially ridiculous given that credit cards are fundamentally incredibly insecure. My bank uses financial enticements to get me to use my check card as a credit card because it is so very profitable for them for me to do so. They actively promote the less secure solutions (an ATM or debit card at least requires I enter a PIN) for their own profit.

I heard the Libyan al Qaeda rebels were behind the bitcoin scam and are piggybacking their financing and instructions for their next attack on the bitcoin system. Apparently, they have figured a way to collect fractional bitcoins and they are going to buy nukes with their accumulating fortunes. Would this imply bitcoin miners are providing material support to terrorists? hmmmm...

@ComputerScientist:

I should've read before I posted. You addressed most of my criticisms of your original post in your follow up posts. I too have noticed a distinct reluctance to talk about flaws, and that concerns me. I would still very much like to see actual technical analyses showing what flaws exist and how they could be exploited.

And, as an aside, I would not buy new hardware hoping to mine your way to riches. Everybody is going to do that, and you'll just end up having the difficulty increase so much that your investment will be wasted. If you have idle hardware you'd like to throw at the task for an investment in your time, go right ahead. But don't go out and buy a brand new rig for it.

Omnifarious said:   I would still very much like to see actual technical analyses showing what flaws exist and how they could be exploited.

Weaknesses

Omnifarious said:   
And, as an aside, I would not buy new hardware hoping to mine your way to riches. Everybody is going to do that, and you'll just end up having the difficulty increase so much that your investment will be wasted. If you have idle hardware you'd like to throw at the task for an investment in your time, go right ahead. But don't go out and buy a brand new rig for it.


Agreed. As a computer technician, I already had several PC's and losts of spare parts laying around which made my cost to add video cards to my existing systems significantly lower than if someone was actually going out and buying complete new computers.

ComputerScientist said:   
I can't promise that people buying Bitcoins now will lose money, for no one can easily predict where a bubble will end, but the grandiose claims of most of the people in the official Bitcoin forums are absurd and border on the illegal fraud that is explicitly disclaimed by people like Rezin777.


Hello.

Bitcoins may be worth nothing very soon. Please do not invest more than you can afford to lose.

Is it also fraud when I make claims like these?

Tell "s" that he/she is sorely missed.

The price of Bitcoin in late march was $0.8. Today, a month and a half later, it is over $8.

From the standpoint of an investor, a good profit is something like a 20% return on investment over the span of a year?

At this rate, you can simply invest as low as 1% of your portfolio and let it ride for a month, see for yourself where it goes.

It's a little risk for potentially decent returns. The fear expressed about the soundness of the system, both from an economical and technological standpoint, seems fairly small compared to the potential it holds.

If it was me, I'd throw a few dollars at it and see where it's going. But wait, I already did that, and I'm in the black, way black.

Also, if you think the Fed is doing a good job, and prefer regulation over personal responsibility, please avoid Bitcoin. (If that is too anarchist for you, I apologize.)

I am unimpressed to read things like "If you don't know what a "straw man" or an "ad hominem attack" is, you'd best leave the analysis to adults."

I too have raised the argument about the value of the block chain. I agree that it's part of the current risk profile, but not a reason to avoid Bitcoin entirely. It's just a reason to throw only discretionary resources at Bitcoin rather than your nest egg. You could go start your own for $0 and tell everyone that when the current one crashes, you'll lie in wait with the answer. If it has a chance of appreciating 1000% with the risk of it imploding being less than 90%, it's a better bet than every game in Vegas and worthy of one's gambling budget at the least.

I don't buy the idea that DoS is a serious risk or the comparison between Tor without specific evidence. The example you cite with Tor - which is a predictable symptom of Tor being a limited resource that can be exhausted - isn't news or even relevant. Tor relies on resources donated by volunteers and the average user of Tor donates no resources to the network; this is not so with Bitcoin. Have a look at how poor of a job DoS has been as a strategy against BitTorrent piracy (google MediaDefender). Any success in disruption is likely to be short lived - just as pirates quickly flock to the P2P program that works when theirs breaks, any successful attack on Bitcoin that doesn't compromise people's keys will just be a speedbump at best.

I agree with you that the chances of Bitcoin the idea outlasting "your Bitcoins" is significant, but I don't think anyone here is oblivious to the possibility that Bitcoin is a bubble or that its value could pop just as fast as it could rise. If you can find some fraud, sure, blow the whistle, we need to know. But if the best you can do is fearmongering about the block chain containing hidden child porn - give me a break - there's just as much chance that you could buy a CD or DVD from Wal-Mart that contains such things that you can't access in the normal course of using the product. The average Joe citizen doesn't need to worry about this, even if it were true. Save your credibility for the issues that are important.

Can someone who believes in this please buy in and out of the market to see if they can get their money back out? I can't believe how any of you are falling for this. OC'ing expensive video cards seems to be an expensive habit. Can someone please tell us their experience of converting bitcoin to US currency cash of goods? I didn't think so. I'd like to see someone buy som PM from this guy.

delzy: trolling? b/c obviously lots of us use mtgox on a regular basis, and have no issues with it. True, if it is shut down or DoSed then it becomes somewhat more difficult to exchange bitcoins to dollars, but it's still quite possible. Just need to find someone willing to make the trade.

Rezin777 said:   The price of Bitcoin in late march was $0.8. Today, a month and a half later, it is over $8.

From the standpoint of an investor, a good profit is something like a 20% return on investment over the span of a year?

At this rate, you can simply invest as low as 1% of your portfolio and let it ride for a month, see for yourself where it goes...


how can you say simply?

the only thing I know about "hash" is that it it something people smoke in Amsterdam ... and P2P to my knowledge is something that people use to steal intellectual property

so you want me to use hash's and P2P to participate in some kind beanie baby cyber money scheme?

no thanks --- maybe you guys who like this should just create a parallel cyber universe off the internet grid and do just everything over there

Casascius: You're challenging my examples without critiquing my arguments. As I said at the time, I raised Tor's exhaustion attack simply to show a questioner that nothing prevents attacks against "decentralized" networks conceptually; it is a common error among those who discuss Bitcoin to assume the opposite. I was simply trying to show a nontechnical reader that just because something is "distributed" doesn't make it invulnerable. You seem to be making a similar mistake, because as I noted, technologies like BitTorrent are simply aiming to disseminate information, not to coordinate it and solve a Byzantine Generals problem using cryptographic proof-of-work; that makes them much harder to stop.

Similarly, I raised the example of side-channel encoding of information into the block chain not as a generalized fear but as a specific attack vector by someone who was trying to invite regulation. (Even then, I said at the time that it was more theoretically interesting than practically relevant.) Maybe I didn't spell out the attack sufficiently: the idea wouldn't be to hide information undetected; it would be to anonymously load a few megabytes of contraband into the block chain and then tell everyone this, leaving users and developers at best to sort out the mess (having created a potentially expensive problem at very low cost) and at worst to defend themselves from prosecution for continuing to transmit the data, now knowing what it contains.

For a bitcoin in the current block chain to be fundamentally (rather than speculatively) worth anything close to the pie-in-the-sky figures like $190, the block chain has to do far more than simply avoid failing entirely. "The risk of it imploding being less than 90%" is not sufficient for a high valuation; it's, conversely, necessary for even a minimal valuation. The probability of Bitcoin growing to be the size of PayPal, from its present size in which it stores very little value (again, orders of magnitude less than the "market capitalization," for obvious reasons), is what investors should be evaluating if they have anything close to a $190 target price in mind. Again, the worst reaction in my (personal) view would be to somehow reify that $190 figure and use it to justify a decision to purchase at $9.

The technical details of the various attacks are too detailed to discuss here, but at least some were recognized originally in the academic paper by the person writing as Satoshi Nakamoto. That paper makes the mistake that has since become common, which is to assume the attack is not "worthwhile" because it would be more productive to run mining software "legitimately" to earn Bitcoins rather than to use that software to mount an attack; that analysis is naive because it neglects, as I said in my first message, other sources of advantages from the attack, like (1) the opportunity to influence the market by an attack and (2) the opportunity to destroy a competitor. Imagine if someone said, "Nobody will ever spend the resources to set a bomb in a building, because once you've gotten through the building's security, it would be so much more profitable simply to take everything inside." It would be nice if that were true, but in the real world, the argument is obviously flawed because there could be significant collateral economic (and of course non-economic) effects of the bomb's explosion. Attacks don't need to compromise private keys; they need simply to confuse the block chain and thereby undermine confidence in it. In the face of an attack now, would you go back to block 123,900? Block 123,000? Where would the agreement come from? The essence of Bitcoin is settlement upon the block chain that represents the greatest difficulty; there's no mechanism for reaching a consensus that keys unlock any value otherwise.

Finally, I'm sorry you're "unimpressed" that I responded harshly to someone who replied to a long, careful analysis aimed at helping people with language like "it's a waste of time and looks like it just contains straw men." Perhaps it was immature to point out that he's not even using the term "straw men" correctly, but unsophisticated people who can't be bothered to read analysis often make mistakes like that, and they deserve to have that pointed out to them. I have not responded harshly to any adult disagreement, and I wouldn't have done so if Cent25 had even attempted it.

@tim1, @ComputerScientist:

If the Weaknesses section of the bitcoin wiki described the possible attacks in overview, then I'm only mildly concerned. Some of these can be mitigated by various strategies. For example, if I know a few trusted friends who run bitcoin clients, I can make sure my client always tries to include them in its network, and it becomes that much more difficult to hoodwink is all into connecting to an island network run by an attacker.

The mining attacks are more concerning. The people running pools are in a powerful position, but they are also accountable to all the miners connecting to them. If they started pulling shenanigans presumably the miners using them would disconnect and find a more honest pool. But the level of scrutiny on their activities should be very high.

But, you're right, a small corporation could run its own internal pool. It's possible to put together a supercomputer that can probably greatly outstrip all the computing power on the entire bitcoin network for a few hundred thousand, or possibly a few million dollars. Once you have something like that you are in a position to do a great deal of damage to the bitcoin network.

OTOH, I think PayPal is also vulnerable to an adversary with funds on that level. The method of attack would be different. You would have to stealthily infiltrate PayPal's corporate network. But once you had the right kinds of keys you could likely wreak all kinds of havoc with PayPal. This is a much more speculative attack, since it relies on being able to hack PayPal, but I don't think it's infeasible. For example, Sony's PSN was hacked by someone significantly less well funded and devious.

But that's not to dismiss them. The mining attacks are possible. And as the amount of value stored in the block chain goes up, the incentive to mount those attacks also goes up.

Personally, I think the best available mining technology should be included in the standard clients to encourage everybody to participate in mining on the network. While you're right, the cost to mount that sort of attack only goes up in proportion to the network size, it's still true that the more compute power is available in the network as a whole, the harder it is to mount the attack.

The lack of ability to upgrade is concerning as well. I know how the protocol could've been designed to allow for a gradual upgrade rather than a big-bang upgrade. But right now an upgrade is akin to getting everybody to agree that a new block chain should be started with all the balances that are in the old block chain. I will have to examine the protocol in more detail to figure out if there's a way to shoehorn my idea for a gradual upgrade into it.

There is also an interesting attack in which it might be possible to steal really old bitcoins. Bitcoin relies on ECDSA, a public key signature algorithm. A wallet ID is essentially a public key. The technology for breaking these algorithms improves over time. Key lengths will also grow over time. But if a really old wallet has a bunch of bitcoins that haven't moved in many years, it might be possible that the key for that wallet would be broken and someone forge a transaction to steal those coins. Actively moving bitcoins will not have that problem so much because new wallets (with appropriate key lengths) are constantly being created and bitcoins moved out of old wallets.

The current run-up of bitcoin prices is also interesting. Personally, I'm taking it upon myself to convince as many people as possible to allow transactions in the form of bitcoins to try to justify the value in the block chain. The more ways there are to exchange bitcoins for goods and services, the more value anchors there are. More value anchors will reduce volatility. Since bitcoins are currently fairly easy to exchange for more widely accepted currencies, I think the risk to a business owner for accepting them is fairly low if you convert them to a more widely accepted currency fairly quickly. As more of your suppliers accept bitcoins as well, you can shift that strategy slowly and cautiously.

All the people getting together mining rigs are doing bitcoin a lot of harm right now. If you really want to invest in bitcoin, encourage people to accept them, or start businesses in which you accept bitcoins. You aren't going to get rich mining.

And for people 'buying in'. Be extremely cautious. All the money you're dumping in could go 'poof'. Do not invest any money you wouldn't put in slot machine. Risk and reward generally go hand-in-hand. And the rewards have been ridiculously high for people who bought in in the not so distant past. The corresponding risk is very great.

ComputerScientist: No reason to respond to your commentary, as I said before, there has been essentially no substance. The "confused" block chain idea is a straw man. Invalid blocks will always be rejected by honest clients, no matter if someone is able to overpower the miners for a short time.

ComputerScientist, I do agree with a significant part of what you're saying, specifically the notion that market manipulation may be a motivator for an otherwise irrational attack - in fact, with the DDoS on MtGox we have pretty much already seen this to be true.

On the other hand, regarding your example of 123,900 versus 123,000, the system is already designed with a clearly defined methodology for competing with conflicting branches of the block chain and no human interaction, let alone consensus, is necessary to solve this. Attacks on the network of the "confusing the block chain" type are fairly limited to denial of service and the failure to include transactions in blocks. In any such case, you could expect blocks lacking important transactions, rather than fraudulent ones, and that's not a reason to roll blocks back. You can't create a block with invalid transactions, nodes won't even pay attention to it.

I am not sure anyone buying in really thinks in terms of a $190 figure as you have calculated. I suspect the thought process that goes into jumping on board now goes something like "Wow, this is neat, and I am one of the first people to know about this before everyone else, so it's an opportunity for me to speculate and profit". With the obvious volatility, nobody is putting money into Bitcoin as a major store of value. They are seeing wide swings in the price, and thinking about the chances of a many-fold short-term gain coupled with a significant risk - exactly the same way they might see a trip to a casino.

I am not sure I'm looking for an apology for not being impressed that you are basically name-calling here. You clearly have a brilliant mind and an enormous capacity to think and persuade - so why do you need to muddy that up by calling people unsophisticated and child-like? This is just being a bully for no good reason, and works against your efforts to persuade others to respect you and your opinion.

Cent25: The vulnerability is in the integrity of the block sequence, not the integrity of the blocks.

First country to offer a bitcoin like currency backed by fiat gets my money (maybe a EU dropout?).

While the bitcoin solves some of the problems of traditional currencies, it also obviously creates some new problems of its own. So while its flaws may be minor compared to currencies like, federal reserve notes, gold, etc, that doesn't necessarily make it strong enough to stand on its own (independent of government blessing, physical presence, or truly widespread usage). In the spirit of the notion of "checks and balances", a dual approach is needed.

The perfect is the enemy of the good and, without some influential player to provide the anchor of "good enough", no digital currency can ever be trusted to ultimately and unequivocally succeed against its brethren.

An invalid block will be rejected, along with all subsequent blocks in a given chain, by an honest node. Also assuming your attack involves permanently overpowering the miners, the best that can do is shut down the network until honest miners regain control. The confusion idea is a non-issue.

The $700,000 figure for hardware alone is about right at the moment, because difficulty has not caught up to market price yet. Once it does, assuming the price holds steady, we're talking about something closer to $7 million. That means you're having to muster funds for about 15% of the value of *ALL* bitcoins in existence, just to buy the hardware to mount a temporary attack.

Of course, at 7 million custom hardware is much more feasible. But the market is incentivizing that for honest miners, so there's no reason to think they won't do it first.



Disclaimer: By providing links to other sites, FatWallet.com does not guarantee, approve or endorse the information or products available at these sites, nor does a link indicate any association with or endorsement by the linked site to FatWallet.com.

Thanks for visiting FatWallet.com. Join for free to remove this ad.

TRUSTe online privacy certification

While FatWallet makes every effort to post correct information, offers are subject to change without notice.
Some exclusions may apply based upon merchant policies.
© 1999-2014