This is just another example of a frustrated user of a complicated system that leaves in disgust because of his inability to use it properly. This isn’t the fault of the user it’s the fault of the training program.
The one major difference I can see between open source systems and centrally controlled closed systems is the control of the information and user support. Both types of systems can deliver excellent quality but open source lacks a central point of instruction and authority over training for new users. This needs to change.
This ignores the root cause of the problem. It is not the user or lack of training. It is Microsoft Windows which is a propriety operating system. It is even unclear if the Yubikey (apparently incorrectly used) or the backup wallet was compromised. The reality here is that many new users will loose their bitcoins if they use Microsoft Windows as their Operating System. Two factor authentication can help but as this case sadly demonstrates it is not foolproof. At a very fundamental level a propriety operating system with over 90% market share worldwide is incompatible with bitcoin as the security of bitcoin is ultimately predicated on each individual user having complete control over their computing experience while propriety software is about the exact opposite. Be it Apple's walled garden or Microsoft's centralized control over people's computers the direction that propriety software has taken is very much about centralized control. For example with the recently released Windows 8 RT. Microsoft has complete control over which software is installed on a particular computer or device. Centralizing control over the training of new bitcoin users in order to accommodate Microsoft or Apple is simply not the answer. I use Windows and bitcoin without any problem. All of my coins are under cold storage and my mtgox account is secured by 2-factor authenication. There is noting wrong to use propriety OS. Linux looks safer simply because less people use it and it's not efficient to hack it for stealing coins. If a Linux user misuses the system (downloading warez or storing unencrypted wallet improperly), their coins will get stolen some day. By they way, I don't think mtgox and bitcoinica are running on Windows but both got hacked |
|
|
|
I think you should stop "supporting" mtgox key while you can't really support it. At least you should let users know it is not keylogger-proof |
|
|
|
So you're saying I should put my money into a state where if I want to send it to MtGox, that's fast, but if I want to use it for something else, I have to wait. I don't see why this is better than "if I want to use my money for something else, I can do so immediately, and if I want to trade, I have to wait". Given that in a healthy system most users will be using Bitcoin to buy goods/services rather than trying to exploit currency fluctuations ...
You can still use it for something else. As long as MtGox is working properly, they will send the coins in the 2-by-2 address to any address based on your instruction. The nlocktime transaction sending back to you is only an "emergency exit": if MtGox is suddenly closed, you will still get your coins back some time in the future. In 99.9% cases, you don't actually need to use this nlocktime tx. |
|
|
|
Using AVAST antivirus, so i should be safe. And i didn't download anythin last week (except by steam a game and the demo of it on the official website (Farming simulator 2013)). So that couldn't be it. But as I said, I think I stop with bitcoin. The loss is to big for me  . Maybe going to do BOINC or something, not realy sure. Have you figured out how did you lose 10BTC on MtGox? |
|
|
|
How can a acount be hacked when i use a yubikey to login.... And i have the yubikey always with me, this means blockchain.info is hacked or the yubikey of Mtgox is cracked (also seeing the large drop in bitcoin price i suspect a large bitcoin hack) Goodbeye guys, ill stop bitcoin from now on. Lost about $1000 (edit $ instead of €) No, it's your own computer got hacked. It MUST have a keylogger |
|
|
|
I tried out my MtGox YubiKey on the blockchain wallet service, and I noticed the OTP's that it generates are REUSABLE. It seems Blockchain.info is only looking at the first few letters of the OTP, as they are static, you can actually change the end of the OTP and the website will still accept it.
Doesn't sound secure at all to me.
You are absolutely correct https://bitcointalk.org/index.php?topic=64300.0 |
|
|
|
|
MtGox yubikey should not be used on anything other than MtGox. MtGox has clearly warned that.
Blockchain.info should stop "supporting" MtGox yubikey
|
|
|
|
It buys instant confirmation for the receiver if the 2-of-2 escrow with refund was staged before it was needed, since the receiver would have to know of any double-spends simply because they would have had to sign them. This is perfect for staging Bitcoins on an exchange so that you don't have to wait 6 confirmations before you can make a trade, but without the risk of them being stolen in a hack or lost due to the site going down.
How does it make a difference? I have a payment from me to {me,mtgox} and a signed payment back from {me,mtgox} to me, then when I decide to send that money to MtGox so I can trade with it, they still have to wait the 6 confirmations to be sure I don't double-spend with the refund tx. If I don't have a signed refund TX then if the site goes offline, I can't get my money back either. Use the nlocktime flag so the refund TX won't be valid before certain time in the future |
|
|
|
So this is inherently slower than 'atomic coin swap' because in the best case one needs to wait several confirmations, in the worse case one needs to wait for Tx2 lock.
That's why I think doing it on the same blockchain is more efficient |
|
|
|
Atomic coin swapping can be implemented with today-enabled features and it is inherently 100% secure.
Cross-blockchain trade requires support for 'contracts' and non-traditional scripts, and it has different security considerations:
If the bitcoin protocol were modified, we would use atomic coin swapping too. If you make it in another chain, you can make atomic coin swapping with the new hostcoin, which you need anyway to incentive miners and pay them tx fees. I definitely think that a "smart property chain" separate from the main bitcoin chain should be pursued. It helps separate purposes (currency vs. property registry) and keep property registry data out of the mainnet chain. The main practical obstacle is getting the smart property chain into the common merged-mining merkle root that pools obtain from the merged-mining daemon. If people are interested in working on a smart property chain The Right Way, let me know and we can coordinate. My smartcoin (formerly pybond) project will include some cross-chain trading support for precisely this purpose. In fact, I am seriously thinking that cross-chain trading should be prioritized over making a solution that works in the main bitcoin chain. How could you prevent double spend attack with cross-chain trading? |
|
|
|
If satoshis are in short supply you could use DeVCoin, lots of satoshis there and no ever-decreasing minting of them.
-MarkM-
There are about 1,000,000,000 shares for Apple Inc. With 1 satoshi representing 1 share, it takes only 10BTC. I don't think this would become a real problem in the near future |
|
|
|
Great! I wonder if they simply misinterpreted new laws coming into effect in Hong Kong.
Are you from Hong Kong? I can't see any regulation changes here |
|
|
|
Good news. We have a solution. Bitmit is not going to be sold. Business as usual =)
I am sorry for the insecurity this may have caused.
I think you are a Hong Kong company and I can't see any upcoming e-currency regulation here. Have I missed something? |
|
|
|
The court will sign a message, declaring a coin decolorized, and send it to the blockchain. You don't need a centralized database.
That's absurd, how will I know which key(s) belong to the court, and why will I care and how will I know who agrees? All these information could be included in the agreement of the security |
|
|
|
Guys, do you really think this guy will refund you? Don't be naivety. Did you think why his games are so cheap? I'll tell you: he's probably using stolen credit cards and/or PayPal accounts. He's probably from Vietnam after my short investigation. Anyway good luck!
Would you mind explain why you could sell the games cheaper than retail? |
|
|
|
And the nodes maintaining the blockchain will accept it why? Because the court clerk controls the majority of CPU power on the network? Because the court holds a special private key that gives it an elevated status over the rest of the network like RealSolid and his SolidCoins? What will ensure that a duly authorized court can do this, but not you or I? What happens if a court misuses its discretion, misapplies the law, or simply fat-fingers an entry and signs something it totally shouldn't have? (something today's courts manage through the judicial review process, i.e. appellate courts etc.)
If the message is embedded in a standard and valid transaction, I can't see why miners will refuse to include it in a block. If many miners do so just because they don't like the message, they would also refuse anyone's transaction because they don't like him/her. If many miners do so, that's simply 51% attack and bitcoin is fucked up How about when two different courts with equal ability to simply "sign" and "send" things into the blockchain staunchly disagree on an outcome and see no reason to stop "signing" it into the blockchain in a back-and-forth tug-of-war? Imagine people edit warring on a hypothetical Wikipedia with no 3RR (3-revert-rule) and no administrators, when does it end?
The terms of the agreement could indicate which jurisdiction it is bound to. You have a big mistake here: you compare decentralized stock exchange with a real stock exchange. However, the right comparison should be decentralized stock exchange vs. GLBSE. A decentralized exchange does everything GLBSE does, without the extra risk of hacking etc.
...and of course, without any meaningful accountability imposed on the issuers of security for the benefit of their shareholders either. By pointing out the differences between GLBSE and a decentralized exchange, you suggest your understanding is that I am describing a fundamentally technological problem and meanwhile I am describing a fundamentally sociological one that would affect GLBSE and a decentralized exchange equally. Technology ALWAYS moves faster than social norms/rules/laws, e.g. contraception, test tube baby, doping in sports, BitTorrent, child porn on TOR, and needless to say: bitcoin. Decentralized exchange (DE) is a technological advance on top of GLBSE. DE reduces the counterparty risk by removing the role of exchange operator, and does equally good (or bad) in enforcing the contract between issuers and shareholders. However, they allow people to invest in something that is otherwise impossible. The investors should balance the risk and benefit |
|
|
|
If the "crypto-assets infrastructure" offers no way for the legal system to amend the record to include decisions it considers binding, it will dismiss the whole system as a poorly-designed joke.
This is also true for the bitcoin system. No chargeback possible. Is bitcoin a poorly-designed joke? Yes, and the joke is on the system of banking and central banks. Oh, and it's not poorly designed, but of course it will need a lot of maturation to evolve and scale to their size and a lot of work to become usable in the minds of the customers they serve. (For "crypto-assets infrastructure", the court may simply declare that a colored coin decolorized if there is a fraud.)
...which of course would defeat the purpose of a decentralized stock exchange, because you'd need a centralized database to keep track of which colored coins are really colored. tl;dr: Bitcoin - viable. Decentralized stock exchange - fundamentally flawed. The court will sign a message, declaring a coin decolorized, and send it to the blockchain. You don't need a centralized database. You have a big mistake here: you compare decentralized stock exchange with a real stock exchange. However, the right comparison should be decentralized stock exchange vs. GLBSE. A decentralized exchange does everything GLBSE does, without the extra risk of hacking etc. |
|
|
|
Or By Using Litecoin We Can Save Our Crypto-Independence! Litecoin doesn't help. It modified the normal scrypt behavior for inexplicable reasons to use only a very tiny amount of memory compared to the scrypt paper recommendations. It's quite easy to throw 128k of sram on a chip and scream out one cycle/hash. You'd get an even bigger speedup over GPUs and CPUs than you get from Bitcoin. Is it possible to use scrypt with memory requirement linked to difficulty? This could be GPU and ASIC-resistant forever. |
|
|
|
If the "crypto-assets infrastructure" offers no way for the legal system to amend the record to include decisions it considers binding, it will dismiss the whole system as a poorly-designed joke.
This is also true for the bitcoin system. No chargeback possible. Is bitcoin a poorly-designed joke? (For "crypto-assets infrastructure", the court may simply declare that a colored coin decolorized if there is a fraud.) |
|
|
|
Soon all the GPU miners will be using LTC and not BTC. Only the ASIC miners will have BTC.
Your premise that one's choice of currency is based on what one can mine, and not on what has the most support among merchants, traders, and exchanges, is questionable at best. Right now BTC and LTC price is based on speculation. The difficulty of LTC will go way high and price will follow. Just watch... econ 101 supply and demand... Difficulty follows price, not vice versa. |
|
|
|
|
Show Posts
