that is good news! glad to hear Davout is involved. we haven't heard from him around these parts for quite a while but know that he is dedicated to Bitcoin!
Jav, you've been an honest an great worker for the community. please don't leave us completely.
|
|
|
sounded like someone with a French accent. Mark? ![Wink](https://bitcointalk.org/Smileys/default/wink.gif) i'm really impressed that Mark has continued to move forward with mtgox and innovations despite all the pressures, hacks, complaints, and adverse events over the last year. i think Mark has nerves of steel and turns out to be just the kind of person we needed to run mtgox.
|
|
|
uh oh, Phinneaus is back in detective mode again. ![Grin](https://bitcointalk.org/Smileys/default/grin.gif)
|
|
|
this would be so sweet if it turns out to be something serious. that i doubt unfortunately.
Geithner, Hank Paulson, Chris Dodd, Bernanke are all criminals and should serve time in Federal Prison for crimes against US citizens. i can only dream.
|
|
|
The next time one of you gets an opportunity to explain Bitcoin to Peter Thiel, please give him more of a "big picture" view of things, and don't let him go astray down the primrose path where people still think of Bitcoin and Gold as "one or the other" sort-of-things, when in fact each has unique properties, and its own part to play in a larger, overall vision.
Fellowtraveler - your post regarding gold and bitcoin was one of the best I've seen. Really well stated, and absolutely correct. Gold and Bitcoin are both valuable due to their specific attributes, some of which are in common and some of which are unique between themselves. Far from being mutually exclusive, they are beautifully complimentary, and anyone who understands the reasons gold is "real" money ought to understand (with a bit of explanation) why Bitcoin is also real money, and vice versa. yeah, i remember Fellowtraveler making a key argument last Spring on a podcast about the "liquidity" of Bitcoin. he actually uses the term in an incorrect manner if you're thinking in financial terms but i understood him quite well in meaning that Bitcoin can move around the globe seamlessly and instantaneously without friction. i like his way of thinking and totally agree.
|
|
|
If you can implement a true elliptic curve threshold signature system, that would be very impressive. It allows t-of-n signatures with the result being a regular ECDSA compatible signature. There are also algorithms that allow for dealer-free secret sharing, that is, N participants create shares in a key that allows them to group sign a message, but nobody ever has the ability to sign entirely by themselves. Kind of a more scalable CHECKMULTISIG.
Myself and justmoon have explored this topic a little, but the algorithms published in the literature are extremely complicated.
as i recall eto's implementation is an m-of-n whereas you recommend a t-of-n. could you explain the difference other than you imply its not a true elliptic curve threshold sig system? more random?
|
|
|
Good choice. Congratulations.
|
|
|
No one will insure a speculative asset like Bitcoin. Can you imagine the liability if the price spiked to 100 just before a heist?
|
|
|
Matthew,
are u claiming he performed the hack and stole all the coins or that he just has a few that somehow he suddenly got a hold of?
He seems to be a moron (look up the posts by Maria or himself) but it could be an act. He IS the first person to receive the stolen coins and within seconds of receiving was posting that he received them and their spot value. That's highly unlikely for an unconnected party, no? well, no, i don't think so. Extravagant seems to be the first.
|
|
|
Matthew,
are u claiming he performed the hack and stole all the coins or that he just has a few that somehow he suddenly got a hold of?
|
|
|
Armory allows a watching wallet but requires satoshi to be open
|
|
|
i've been thinking the same thing. you need to move this to Hardware.
+1 do you have a sense about how widely MPBM is being adopted? are you pleased with its functionality? I'd estimate that there are around 10-30 installations right now, and no, I'm not really pleased with it's functionality yet. It probably outperforms the standalone software solutions from the FPGA board vendors, but is nowhere near where I want it to be. This is why I'm currently rewriting it from the ground up, for both better performance and greater flexibility. The new version won't have a configuration file any more, instead it will be configured through a web interface. any estimate of when the rewrite might be ready?
|
|
|
you know, the capabilities of this wallet are mind boggling to even those of us who've been around for a while and especially those of us who don't have the theoretical background for these elliptical curves.
once you get the basic security and functionality bugs out it would help to point us to tutorials as to how to better understand whats going on and how best we could use it.
your seminars have been a good start.
|
|
|
I'm just plucking up enough courage to transfer my entire savings balance over to Armory (right now it's inside an encrypted Truecrypt file, on an encrypted disk, such a PITA when I want to spend something). It's not a massive amount (close to 200BTC, I've been a bit spend happy lately ![Cheesy](https://bitcointalk.org/Smileys/default/cheesy.gif) ), but more than I'd like to lose. The silly thing is I know it'll be fine, and I have paper backups should something go wrong, but there's always that little niggle telling me to wait ![Cheesy](https://bitcointalk.org/Smileys/default/cheesy.gif) Rolo, don't rush yourself. If your coins are already offline, you are in no hurry to switch. But arguably, you are right: you have a paper backup, what could go wrong? ![Smiley](https://bitcointalk.org/Smileys/default/smiley.gif) The best thing thing to do is delete the offline wallet and restore from paper backup. It'll calm your nerves a bit, knowing that you are using the exact same wallet you'd be using if something went wrong and you had to restore again (but they are the same, I promise). And also load the offline wallet and online wallet and generate about a dozen addresses on each. Verify that the generated addresses are the same. Once you see that, hopefully that that niggle will go away. Then as extra credit, move a couple BTC to it, and transfer 0.1 BTC to yourself a couple times using the USB key. Even though I wrote the program, it still felt a little bit like magic that it works. But it's easy to get used to ![Smiley](https://bitcointalk.org/Smileys/default/smiley.gif) I went for the reckless approach and just transferred it straight over ![Wink](https://bitcointalk.org/Smileys/default/wink.gif) I feel....liberated ![Cheesy](https://bitcointalk.org/Smileys/default/cheesy.gif) you should be ok. from my limited testing i haven't found any serious bugs.
|
|
|
our gov't stores gold at Fort Knox (allegedly) or in the basement of the FRBNY inside vaults with security guards, etc.
our banks store their fiat cash in vaults with similar heavy security.
Bitcoin cash needs to be stored in a likely manner.
|
|
|
I just want to note that after MtGox got severely hacked, it became one of the most secure Bitcoin exchanges out there.
Exactly how have you made the assessment of the security of the Mt. Gox platform that allows you to make this claim? Their word that they rewrote the code for it from scratch, closed down all access they could, and are now storing most coins in offline storage. Also them putting limits on all withdrawals, requiring some type of ID for anyone wishing to withdraw substantial funds, and being the first to use two factor authentication. Plus the part about them still being the top exchange by volume by far, and yet not being hacked since that last incident almost 9 months ago. Also, I wouldn't be surprised if a lot of the common sense ideas everyone uses now (cold storage, withdrawal limits, two factor option) were things people didn't care about until MtGox incident, and which they got from MtGox since then. I wouldn't be surprised if Bitcoinica came up with new security procedures that everyone else six months from now would look back on as a no-brainer, and at the very least this would emphasize the urgency of implementing multi-sig security, whereas without it people would have greeted the change with a "meh." In fact, I'd go as far as to say we were about due for another major security breach to get people to learn more about or invent better security measures. The more that happens during Bitcoin's development stage the better. i agree with this.
|
|
|
i would hold off on the congrats to Zhou until he actually delivers the coins. that is a lot to deliver.
We are not discontinuing the service. Trading, deposits and withdrawals will all go back to normal in a few hours (once our new Bitcoin server has caught up with the current block). We are honoring every single withdrawal request, large or small. No account had any balance deductions resulted from this incident. glad to hear you reiterate this.
|
|
|
i would hold off on the congrats to Zhou until he actually delivers the coins. that is a lot to deliver.
|
|
|
Yea, that is a reason to remain 'low profile'. But the faucet...yea, that just doesn't make sense. 5, 20 or 100 coins, grabbing from the faucet will hurt the end game.
Now we are getting somewhere. Hacker works for the CIA? Or, more likely, hacker works for a large bank or collection of banks? Stealing from the faucet is terrorism, plain and simple. Call the federales. The last few replies mention allinvain and CIA - anyone seen allinvain? hmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm Couple of ways to look at it. One Allinvain worked for the CIA and wanted to make it look like there was a "huge bitcoin" loss or two the CIA off'd Allinvain since nobody has heard from him in what like a thousand years? Or taken him to the brig off at sea.... no, he's been posting regularly over in the Hardware section in the Ztex thread i believe.
|
|
|
given today's Linode heists of Slush, Gavin, and Zhou i predict Armory is going to enjoy great success.
Yeah, I noticed that today, though I haven't been following the discussion. I noticed slush using the term "cold storage," which probably refers to some custom-scripted offline wallet solution. I wonder if I should somehow tie in the phrase "cold storage" into the Armory description: I assume it's the same thing... yeah, cold=offline. eto, will Armory's offline main wallet run on Windows Vista?
|
|
|
|