No I don't, why do you ask?  You looking to avoid the law?  The police already after you?



He's not suggesting you use the same seed--so why do you talk about this? 

I'm glad you decided to let users pick their own seed.  If we did not complain who knows how long you would have continued with your old design?  Good luck!  I'll be surprised if you are still in business a year from now, but time will tell...

Seems wise.  But the risk of online wallets are your online provider will be compromised, while the risks of desktop wallet is that your PC will be compromised.  I do like Armory's "Deterministic" wallet however, where if you print out and save the initial seed, you can generate all private keys without having to backup the wallet every so often.  However, storing your coins on your desktop wallet does make you vulnerable to hackers, as evidenced every few days on this site when you get a user who logs in to post, for their first message, "I lost all my bitcoins due to [keyboard logger], [hack], [browser redirect, especially in Tor], etc etc etc".  Seems to me, no offense to diehard believers, that Bitcoin is still in the beta stage maybe even alpha stage.

What?  LOL I thought this was more of an adult thread...sorry I'll pass on sharing my shaving tips. 

Some gaming internet cafes use this setup.  It's pretty good except for one thing:  any personalization of drive "B", say the wallpaper or other such stuff, is lost when you clone from A.  And of course you cannot leave your data like docs, pics, etc on B since it will be wiped clean every week.

I tried to buy one bitcoin from Coinbase.com the other day, and I got the below.  Everything worked fine at first:  I had used a US proxy server to log in (as I am a US citizen living overseas, and it's always safer to use a US based proxy service as companies will often reject foreign originated incoming requests), as well as two-factor identification using my US cell phone, and I had my US bank entered into by Coinbase, after supplying them with my bank password (scary but that's what Coinbase wanted), and the transaction was initiated (it showed up as a withdrawal at my US bank the next day).  But, just today, nearly a week later, I got the below notice, cancelling this small transaction.  I think what is going on is this:  Coinbase is very afraid of doing anything with people overseas, as they are afraid of possible regulatory law violations (no doubt they are thinking of money laundering, though it's groundless for such a small amount).  It's the only thing I could think of, as (1) the amount below, 1 BTC, is not a lot of money, and (2) the price of BTC has actually dropped since I bought it, at $396.68, so it cannot be that Coinbase.com is losing money (today's price is $384.98), which is another reason offered for this behavior in the past. 

Caveat emptor.  I would not deal with Coinbase if you are outside the USA.  Even if you comply with their rules and regulations they are too afraid to trade.  Notice the bizarre language "You may have more luck trying again in a few weeks", which is an insult given the waste of time dealing with this company.  Good riddance to them is what I say.

TonyT

On Oct 15, 2014 you purchased 1.00 BTC via bank transfer for $396.68.

Unfortunately, we have decided to cancel this order because it appears to be high risk. We do not send out any bitcoins on high risk transactions, and you will receive a refund to your bank account in 3-4 business days.

Please understand that we do this to keep the community safe and avoid fraudulent transactions. Apologies if you are one of the good users who gets caught up in this preventative measure - we don't get it right 100% of the time, but we need to be cautious when it comes to preventing fraud.

You may have more luck trying again in a few weeks. Best of luck and thank you for trying Coinbase.

Kind regards,
The Coinbase Team

Yes, I'm a newbie just like you, and this is what it seems to me too.  I notice a lot of people do use "dedicated" or separated computers just for Bitcoins.  But you will find out that it takes a long time to download the bitcoin 'blockchain', if you use Armory (the best wallet for this) and, unless you use a "thin wallet" like Multibit (which is not as anonymous as Armory), if you only turn on your "dedicated" computer say once a month, you'll have a wait a long time before the "blockchain" is synchronized.  For my initial download it took 44 hours for Armory to get in synch before I could use it (but subsequent downloads only take 5 to 25 minutes, but then again I turn on Armory every day).  So if you use a dedicated Bitcoin computer make sure you turn it on once in a while. If you use Bitcoin on a Android phone, you are using a "thin wallet" so this is not important, but you are not really anonymous either.  My solution:  keep your bitcoins online with a reputable bitcoin broker (search this forum for several, I use bitstamp and some others), hope they don't go bust, and only take offline those bitcoins you intend to spend, and in small amounts that you can afford to lose.  Good luck.

Perhaps another way of looking at this problem is the gitbhub thread below.  If, as the chief scientist  G.A. claims, it was only due to the heroic efforts of two people to downgrade to a earlier version of the BTC blockchain that saved the bitcoin P2P network from disaster, then it stands to reason that bitrot could cause a repeat of this incident, in that a 'buggy' version of the bitchain is adopted (namely, one with bitrot) and if there's no heroic people to step in, the system crashes.

Another way of looking at it:  RAID systems have on rare occasions had bit rot that propagates, bringing down the whole system.  In theory this is impossible, but in practice it is not.  Might the same thing happen with bitcoin?  Time will tell.  I'll leave the last word to somebody else.

TonyT

https://github.com/bitcoin/bips/blob/master/bip-0050.mediawiki     ("Marek Palatinus and Michael Marsee quickly downgraded their nodes to restore a pre-0.8 chain as canonical, despite the fact that this caused them to sacrifice significant amounts of money and they were the ones running the bug-free version.")

How do BTC noobs catch keyboard logger viruses?  On occasion you see in the forums a post saying that somebody lost all their money from their online or offline wallet (but connected online) with a keyboard logging virus.  

I have two theories, but I need help from experts:

1) the noobs are just like the rest of the public, in that on occasion they catch viruses, don't have the right anti-virus software, and so forth, and it's just random that they happen to be BTC users, or,

2) sites that BTC users frequent are often compromised with malware, because the bad guys know a significant portion of visitors to bitcoin sites have wallets on their HD that contain bitcoin.  So bitcoin sites (including probably this one) have their DNS servers or what not compromised to redirect users to bad sites with malware and/or are constantly probed by hackers to be compromised, and so on, including perhaps the bad guys installing some sort of packet sniffer maybe at your ISP or somewhere in-between, that finds what ISP user internet address is visiting a bitcoin site, and then the bad guys attempt to breach your firewall and install a keyboard logger, etc.

I think or hope it's #1), not #2), but I get suspicious since a lot of seemingly savvy tech geeks end up with money stolen from their bitcoin wallets, so maybe it's scenario #2)?

Yes.   At worse, what the guy could do is give out the software for free, and if it works start charging for it sometime in the future, but not now.  Otherwise IMO it's a scam.

We'll let the author comment?  If he says he intends to sell this program, will you eat crow publicly?

But if bit rot can bring down a RAID system, which has redundancy built in, why do you posit it cannot do the same with the bitcoin blockchain?  Something different about how the bitcoin blockchain is signed?  Perhaps this is true, since with RAID bit rot, apparently the bit rotted image of the RAID HD is indistinguishable from the non-bit rotted image (not clear to me why, with all the parity checks in RAID, but that's what I recall reading), whereas with a P2P network you have more than one 'image' to deal with and more than just parity checks.  However, even if true, this brings up another issue: if Palatinus or Marsee tell the Bitcoin nodes:  'we are having a hard fork, use this transaction block from now on' and they upload it, and it is adopted, and it has bit rot, then what?  Or is this against the Bitcoin rules?

Unless I'm reading it wrong, it's not necessary for all copies to have bit rot, just the canonical copy that either Palatinus or Marsee had.  Perhaps you are correct if by 'downgrading' it means the existing nodes out there--the 10000 copies you mention--would, by nature of the P2P network, becomes the majority again, but it's not clear since the mere fact that Palatinus and Marsee uploaded their nodes with a post-0.8 chain made the chain unstable.  So it implies that two people--Palatinus and Marsee--had control of the entire bitcoin network by virtue of having a canonical node(s).  Thus if these two nodes had bit rot, they would break the system.  That's the implication.  And I speculate that's how in fact Bitcoin p2P works:  the people who run nodes 'know' that Palatinus and Marsee have the 'good stuff' and trust them, when there is an upgrade, to download and install the blockchain these two folk (and others trusted like them) provide.

TonyT

https://github.com/bitcoin/bips/blob/master/bip-0050.mediawiki     ("Marek Palatinus and Michael Marsee quickly downgraded their nodes to restore a pre-0.8 chain as canonical, despite the fact that this caused them to sacrifice significant amounts of money and they were the ones running the bug-free version.")

Thanks, I bookmarked this, very nice.  Do you know if these 'dice' shops publish their information like bikinishop does?  Probably so, as I doubt bikinishop does anything unique.  Further the weakest link is #3, if the client picks a seed that is provided by the site, the seed could be tainted so the first roll is always a client losing roll.  I bet most of these sites generate the client seed.  The nouce increment should change things for the second roll, so even if the first roll is tainted to always win for the house, I think if you let the nouce increment, then the numbers will be random for the second and subsequent rolls.  Thus perhaps 'let it roll' is the best advice.  In any event, I doubt if most clients of these sites check their results afterwards...as long as they did not lose too much, it's just entertainment for them.

TonyT

LOL, that's why you R Legend!  Go get 'em dooglus!

Thanks dooglus, I figured that out when our bikinidice friend replied.  

BTW if you can link to or explain (not a priority, don't feel obligated) how 'provably fair' works, in terms of mechanics, --UPDATE:  Today at 03:45:37 AM  I SEE YOU ARE ONTO THIS ISSUE, LOL! --feel free to PM/email me or post here (I have never been to a bitcoin gambling site so I don't know how the client seed is entered, that's the main thing).  I also code and know the 'big picture', such as that for a given seed, a random number generator will always generate the same sequence of random numbers.  Thus the seed, for true pseudo-random, is usually something like the system clock, which changes from time to time.  But with all these gambling sites it's hard to see whether in fact the client is picking the seed or not (I think you or was it another thread implied this?)

For example, going to https://www.bikinidice.com/user/10965 and then picking some transaction, clicking on it, gives:

$clientSeed="8136172YYo6nUvjI6NxHncXiiT786VK4YncGS88oz8TtB5yzszVdpBUF1fSFi9WCM5i1X0O62kw749i";
$serverSeed="2021184wm2C1851Lc4s21h46vyJJuziFAmA6jaZ3PH3MvGjW5hBR48GpQ8iz6YCldwH38RVF9M0YSd";
 [deleted code]

and then running this code on http://writecodeonline.com/php/ gives the expected output, as shown by bikinidice.com, proving the run was 'fair', but for one question:  how was the clientSeed generated?  This was by user 10965, who was betting once every two seconds for many minutes as this thread shows, so clearly the user 10965 was not manually typing in their seed.  Therefore, if bikinidice wanted to (and I don't know if this is the case), it could have provided "tainted" seed that is guaranteed to lose, from a simulation of the dice (roulette wheel) done before the user showed up.  It would be nice if a user could pick their own seed, input it as "8136172YY ...  0O62kw749i" and know that the roll was 100% fair.  Not sure if any dice shop does this however.

TonyT

Excellent thread, thanks to the OP.  

Two things I got from this thread:

1) Multibit, an excellent SPV client wallet (and I have it), is not as anonymous as Armory, since every send bitcoin transaction that comes from it must have come from your Internet Address and nobody elses.  I did not know that.

2) The Powers That Be in Bitcoin, and that includes their chief scientist G.A, intend as of last year (and things may have changed since then, though I doubt it) to eventually 'sell out' Bitcoin to the financial authorities, correctly perhaps surmising that for Bitcoin to grow it must become like any other non-anonymous currency, and be subject to identification of the bitcoin users, for better or worse (see the quotes from at the OP post in the beginning).  Of course the Bitcoin community can resist this for a while, by asking that Bitcoin integrate with say DarkCoin or something similar, but if DarkCoin or equivalent was outlawed by western democratic countries, then Bitcoin would have to surrender or also go extinct.  The writing is on the wall, and clear, as clear to me as it was over 20 years ago when I predicted Swiss banking would become much less anonymous, as it did.

TonyT

From your prose and sentence structure, you seem like a nice guy, possibly a college major, and not your typical bitcoin bitcon conman.  But I did notice a bit of a red flag going through this thread: something about a version number, as if you are going to sell this program of yours.  Surely You're Joking, Mr. Feynman?

https://who.is/whois/bikinidice.com

and from GoDaddy:
Domain Name: BIKINIDICE.COM
Registry Domain ID: 1877574214_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2014-09-25 15:52:29
Creation Date: 2014-09-25 15:52:29
Registrar Registration Expiration Date: 2015-09-25 15:52:29
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.480-624-2505


So you must have used a proxy server?  Strange, as I say, that you used GoDaddy, who will kick you off if they learn you are breaking US laws (that's due to their business model, nothing personal).

Not Russian.  Hmmm... Ukrainian?

TonyT

Thanks.  FYI you can "export" the log file in the latest version of Armory under the File | Export menu.  I checked it out and nothing is unusual. There are several interesting entries, on occasion it will say :2014-10-21 01:31 (INFO) -- BDM.pyc:419 - Reading blockchain, pct complete: 99.9
2014-10-21 01:31 (INFO) -- ArmoryQt.py:5997 - Dashboard switched to auto-BadConnection  <--bad connection, which means no internet, as sometimes happens for a few minutes here (I'm outside the USA), but it seems to happen at 99.9 percent complete, which leads me to think there is perhaps a "magic node" that is the last one checked for some reason, and maybe this is a bottleneck?  If an Armory developer is reading this thread they probably could confirm that, for what it's worth to them.

I think the main culprit is the 'bad node' problem, as is well known, if a node that is a peer is slow, it becomes a bottleneck.  Maybe if you exit and restart Armory you have to go through this bottleneck?

BTW, if you are a privacy freak, it might freak you out to know that when you send an Automatic Bug Report to the Armory team, says a popup screen (Help | Submit Bug...) , the log file is automatically included.  And it contains 'path' information ...C:\Users\TonyT\AppData\Roaming\Armory\ArmorySettings.txt that could in theory identify help you, since I assume the IP address is also included in the bug report.  Not a big deal for most people however.  Perhaps in future settings, just to put these privacy freaks at ease, you could replace via the program the "TonyT" in the path above with USERNAME.

TonyT

Fine and good, thanks, but consider this:  there was a 'canonical' pre-0.8 chain.  Do a 'thought experiment':  what happened if this pre-0.8 chain had bit rot?  And Palatinus and Marsee introduced it?  It would be rejected?  Then the blockchain in March 2013 would have forked, causing double spends and ruining Bitcoin forever?  Apparently, if I read Gavin Andresen's memo correctly, only the presence of a 'canonical' pre-0.8 chain saved bitcoin.  So if this 'canonical' chain was rotted, then what?  Maybe there was another chain?  Or something else?

TonyT

https://github.com/bitcoin/bips/blob/master/bip-0050.mediawiki     ("Marek Palatinus and Michael Marsee quickly downgraded their nodes to restore a pre-0.8 chain as canonical, despite the fact that this caused them to sacrifice significant amounts of money and they were the ones running the bug-free version.")