It is only off-topic because Tradehill does not use MD5 Hashing, I can't find what hashing they do at the moment.

However, if the database is compromised somehow, account locks after failed login attempts won't help much. That is why you need to choose a secure (likely hard to remember) password. It doesn't matter how convoluted the hash function is; attackers will have the time to do a dictionary attack on their own machines.

That said, (salted) hashing of the passwords is better than storing them in clear-text. It means that most users have time to change their passwords once they learn about the breach. Hopefully Tradehill won't have such a breach.

You did mention having a back-up copy of your passphrase. If the passphrase is strong enough, deleting it can be almost the same as deleting the encrypted data itself.

If you don't have a backup copy (which goes against the idea of a smart card as far as I can tell), you loose your wallet and coins.

The client really needs to support different wallets with varying degrees of security. Note there is no reason only one client can be used. Though, for pre-compiled binaries, one of the "official" clients is probably a good idea.

I don't think this is a great idea. I read the terms and conditions for entry: they are allowed to reject your idea/concept and promptly introduce a similar product or service. Now, understanding that nobody really "owns" ideas, this may not be a problem for a bitcoin-related pitch.

The problem is that the dragons want exclusive deals. They will ask if it is patented. They will ask if the presenters themselves have any sales. Of course, presenters looking for ASIC funding won't have sales (unless they sell FPGAs using the same circuitry first). For the proposed "EasyCoin" Payment processor, they will balk at releasing the source code to allow competition. They likely won't understand that the success of the project hinges on being open and accountable to the public.

Repeats can happen in a secure, randomly generated password. For many passphrases, I have started using 32 random hex digits (128 bits of entropy). With only 16 symbols, each symbol is repeated, on average, twice. I did that calculation after noticing that one of my passphrases was actually missing one of those 16 symbols.


That password is no longer secure because it has been published and may now be in a password-cracking dictionary.

It is probably an NP-Hard problem like the traveling salesman problem. The Software has to decide which traces to place where to get the shortest routing (allowing higher clock speeds). If lots of forking is involved, CPUs may be better at it (I don't know).

I don't think I have heard of GPU-accelerated compilers yet.

I don't suppose the rules for generating a bitstream are documented?

I don't think it is exactly rocket science. It would be of comparable difficulty to writing a compiler. Obviously from the CPU time used, these tools brute force many possibilities.

If I was going to print them, I would probably boot from read-only media on a machine without network connectivity. My statement about less than 1MB of memory implies the printer does not have network connectivity either.

For the dot-matrix, there is the possibility of lifting the image from the ribbon, but it gets recycled/reused within minutes. A Laser printer may have a similar problem with the drum, but those tend to have over a MB of memory anyway.

This is what the GNU AFFERO GENERAL PUBLIC LICENSE was written for.

I agree some kind of payment processing service is needed. I also share the concern that once realized, it may not be much better than PayPal. A community organization I am involved with has started using PayPal simply because of the merchant services they provide.

From my point of view, PayPal has all of the funding difficulties Bitcoin does: I actually read the card-holder agreements. I refuse to use a credit card. The terms for online banking require me to install an anti-virus: something I consider a potential security risk, and a waste of CPU time. I can't really use PayPal, even if I did agree to their PayPal User Agreement.

No. HTML is a document mark-up language based on SGML. IMO converting web-browsers into Operating Systems is not progress. HTML and Cascading style sheets were never intended exclusively for gui rendering. My favorite web-browser (lynx) is text-based, but has been stuck at about HTML 3.2 because it does not implement the Document Object Model (also used for stylesheets.) That browser uses external viewers for displaying things like images and video. This is a lot more convenient and secure than running a proprietary video player from the website you are visiting (every website using flash and silvelight video).

One other point: Client-side scripting takes control from the user. Before I can trust the EMCA Script in a web-page not to send my information to parts unknown, I have to review the source-code. Not user-friendly at all; as I have to check every time I load the page.

If everybody uses that strategy, the grid will have problems. I suppose if solar power is flooding the grid while everybody is using AC, it may even out. I live 55 degrees north. Not everybody has AC.

MD5 hashes are no longer cryptographically secure. If you were indeed using an old password hashed with MD5, the attacker could have generated a collision without guessing your password. However, it is usually easier to guess the password. If you generated the password yourself without using a random number generator, your password may not be as strong as you think it is.

Edit: looks like you still have to have knowledge of both messages to generate a collision.

The capital costs for generating your own power are high. If you want to run your miners 24/7, you need excess generating capacity and large batteries (or just run off the grid at night).

Trying to run off of solar power makes ASICs or FPGAs cost-competitive with GPU mining: I estimate a machine drawing 600Watts 24/7 would need a 3000W solar system. The reason you need the excess capacity is to make sure the batteries fully charge during the day.

Another option would be to monitor the power coming from the solar array and doing automatic load shedding if the power output drops. That would mean you mine a lot more blocks during the day.

I trust all my printers with less than 1 MB or memory

Sending a wallet via e-mail is a bad idea. You even explain why in your post, except you forget that your ISP, the recipient's ISP, and any government wiretappers can also spend the coins.

Bitbills are similar, but the secret is hidden until revealed. Unfortunately the average user can not redeem them at the moment.

None of the above.

Two of my expected bitcoin failure modes are listed, but not the one I think is most likely: we will learn how insecure the average computer really is. Until now, they was no direct way to steal money from somebody's equipment.

Aside: I have noticed that over the past few years, the big computer companies don't sell computers anymore: they sell "solutions". "Computer" has become synonymous with "machine running Ms Windows" with all of the extra hardware that implies.

I think in most jurisdictions, promising goods and services you know you won't deliver is considered fraud. It does not matter if these "goods" are recognized as a currency or not. I am using that reasoning to avoid the bitcoin ponzi scheme (I think participating in a ponzi scheme, disclosed or not, is illegal in my jurisdiction).

I think in the US they consider wire fraud more serious because it happens remotely and as such is scary.

I think some things standard on other sites are just security theater: Like "login seals" tied to browser cookies.
Or maybe, even CAPTCHAs you have to type in every time you log in.

Edit: 600 seconds is too short a time-out, IMO. It may not be too bad resetting every time you do something though. On this forum, the default 60 minute timeout logs you out, even if you are in the middle of browsing the forum.

I like that you now have a published mailing address. I can send you my public key fingerprint (CBDE CFB6 BB6A 2BB5 FDE1 01C5 3CF6 0C5E 1CFD A27B) out-of-band now.

Is trading possible with EMCA scripting disabled? I found I was not able to get your banking information without enabling scripting.

I haven't looked at the specs, but don't most chips require the interface pins to be held below the supply voltage? I am concerned that if you bring down one board, you may bring down all the boards using the same back-plane. Using the USB interface as a buffer should work though.