A glorified online wallet. The owner operates from his mom's basement, and hopes he can attract depositors with vague references about an interest. Is this guy for real ?

At the very least, I would expect a bitcoin bank to prove it's liquidity by proving it owns million dollars worth of bitcoins, as it's own capital. I would also expect a staff of economists, banking professionals, and IT experts.
A "degree is in International Business" just doesn't cut it pal, sorry. You need to prove you have actually managed the wealth of others. You need to prove you or your staff understand risk management, accounting, hypothecation and collaterals, financial law, computer security etc.
Only then I could begin to believe you are actually capable of producing interest for my money, and not leave me goxed with my dick in my hand when a run on the deposits or fraud happen.

I don't believe smartcards will be any more secure than a password protected wallet.dat.
Once you enter your PIN, the trojanized client takes over the communication with the smart card, and instructs it to sign a transaction that empties your wallet to the hacker's address. Since you have no control on the amount that the smart card is signing away, there's no way you can prevent it or detect it, and it's equivalent to a trojan stealing your wallet.dat and password.

The hacker does not care about your private key, what he needs is the ability to impersonate you, that's why it is essential that a dedicated hardware wallet has it's own secure display and keyboard, with which you can verify the paid amount and a user friendly representation of the payee address.

Generating keys on an offline machine is probably the best solution at this point, but you will have to eventually need to connect to the network and spend, right ? Maybe you could split them in small amounts and have a paper version that you can scan and spend. Overall, not very user friendly.

It's certainly a flaw, a major one. Is it a mortal flaw ? I don't know. It's the same flaw that killed gold as a viable medium of exchange. If the current monetary system of the US would suddenly require 70% of the energy production to stay secure, how do you think the society will react ?
I'm not saying security is bad, I'm saying that Bitcoin pays a hefty price for it's security, up to the point where it doesn't really make sense to want it as a replacement for the current monetary system. At least the executive bonuses at AIG go into nice looking palaces and generate employment. Bitcoin's overhead goes into killing the planet.

I don't think you understand fully the problem two-factor authentication solves. It's impossible to create a client that uses two factor authentication, once you are "authenticated" to the local client and it proceeds to decript your wallet, your bitcoins are available to the attacker. What I am proposing is NOT two factor, but an embedded wallet that handles the private key operations and minimal user input using secure hardware. Using a pin to unlock the device is purely optional, to prevent from physical theft.

Two factor is usable for authenticating against PayPal/MtGox online wallets, assuming you trust them to handle security better than your own computer.



The embedded wallet makes an encrypted backup each time you connect it to your computer. You can easily arrange online backup. The backup is encrypted with a key that you can read of the wallet's display, write on a piece of paper, and store it in a safe place.
Sure, you can loose that too, but it's a practical solution that actually works. Your solution "just keep your computer safe and make plenty of (safe) backups" is simply not practical for 90% of the people out there, because securing your computer has a tremendous learning curve. Securing a piece of paper on the other hand is something people do pretty well, see paper money.

The 1 million $ goes straight into the central bank's account as minimal reserve. The private bank has no money to lend out. In order to reach it's 9 mil $ allowance, the private bank must attract 9 million $ of deposits. For these money they must pay interest to the depositors. Only then can they start borrowing out money. Their actual profit is the spread between the deposit and credit interests, probably 10-15% with your figures. They need to pay staff, cover the risk of non-payment, cover the costs of the deposit insurance scheme (FDIC) etc.

A private bank cannot create more money directly, they are bound by accounting laws just like a regular business. The banking system as a whole creates deposit money, but banks still have to compete among each other to attract depositors.

You are mostly correct in your calculations. Comparing BTC to a real currency is good thought experiment that proves it's a flawed, wasteful concept.

It seems easier to implement an embedded wallet that plugs into USB and stores the private key. The device has a small LCD screen and an "Approve" button. When you spend something in your bitcoin client the transaction is sent to the USB device for signature. The USB device checks the amount to be spent, and prints to the user the net amount to be spent: Pay 20B ?
Upon pressing Approve the transaction is signed with the private key and sent to the client for broadcast into the network. There's no way rouge software to fake the displayed amount or the Approve button.

Such a device would cost 10-20$ in large quantities and would be practically impossible to hack.
http://www.mini-box.com/picoLCD-20x2-OEM

Don't forget the currency exchange spread, and the forex risk you accept (if you sell for GBP and buy for USD, it might make you an initial profit, but not if the GBP drops in relation to the dollar).
A bit of arbitrage would make the market look more professional, and provide liquidity to other BTC-currency pairs. Expect the arbitrage windows to drop to pennies pretty soon.

I hope they are at least using InnoDB tables...

Venezuela is a profoundly state planned economy. I assume the regulation are a form of capital control to avoid massive foreign currency leaks from the country and to discourage imports. Regardless if it's implemented as a cap on domestic credit cards or as cap on the amount of foreign currency that's being sold to the population, the primary problem stems from the fact that the government wants control over foreign currency/imports. The result is that black market $ or Eur is more expensive than official exchange rate, that's why a 400$ credit card is worth 800$.

To bypass the limitation you need to:
1. Find a cheaper way to buy $s of the black market (they have probably explored this so it's unlikely)
2. Earn bitcoins in the local venezuelean economy.
3. Put a BTC bounty on Chavez' head and be a free nation again (risky)

http://www.economist.com/blogs/freeexchange/2010/06/capital_controls

Secondary meaning: being hacked as a result of using a single weak password on every site.

1: Fucking Sony leaked all my fucking data to fucking hackers which stole my identity ! The hackers used my PayPal account to trade drugs and now I'm looking at 1 to 3 without parole ! Fucking cunts !
2: Goxed in the ass, lmao

Silk road much ? You are utterly incoherent.


The Bitcoin block chain, as a dictionary of strings that hash to values with many leading zeros, has no cryptographic significance. It's a dumb bruteforce that does not "break" anything. It's not applicable to other forms of "256 bit encryption", which SHA256 is not anyway.

Can we have one where Mark unveils to Adam the master plan for goxing `em ?

If I were to plot the evolution of money it would be this:

1. Commodity money: gold, bitcoins; massively deflationary, prevent the economy from growing and reaching it's full potential, by artificially clamping the aggregate demand. Everybody is worse off and poorer, huge resources are wasted for acquiring an otherwise much less useful commodity. Decentralized, cannot be manipulated, but creates a self-enforcing plutocracy - the holders of the commodity.

2. Government-issued fiat. Solves the primary flaw of scarce commodity money and allows for real economic growth and improved welfare. Entirely dependent on the moods of the rulers. History has shown that both tyrants and democratically elected rules will abuse the money creation privilege, either for building palaces or for getting themselves reelected, and print much more than the economy needs, therefore stealing wealth from everybody. This is what various non-functional states like Zimbabwe have.

3. Independent central bank that loans money into existence. The prevalent system nowadays, far better than the preceding ones, but with it's unique flaws. The government can't print it's own money and is just another borrower competing along side private productive entities. In theory this should reduce it's appetite for money - it has to give it back. If too much money is loaned into existence and creates inflation, the central bank should, again, in theory, hike the interest rates and diminish everyone's appetite for money thus controlling inflation, wile allowing the money supply to grow as the economy grows.
In practice this system creates multiple instances of moral hazard:
  a. the central bank will always print more money to help private banks who are overexposed - for fear it might bring about meltdown
  b. the parliament, as the central bank's overseer, will always pressure it to go for low interest, low unemployment policies at the expense of inflation
  c. the government's appetite for money is not curbed; banks would much rather borrow the government that take risks with productive business
Overall, the system allows private banks to profit at the expense of the society because they have a key position where they can blackmail both the public and the politicians with systemic collapse. Massive misappropriation of resources ensues, skewing the price signals of the free market, various bubbles occur etc.

The Bitcoin crowd is still at point 1. entangled in a matrix scheme disguised with elementary economic fallacies.
The Oz guy wants us to go back to point 2., and watch our leaders print all our wealth away.
The current model 3. is clearly wrong.

I think it's time to start working on number 4:

4. Decentralized democratic fiat currency. Printed to the benefit on democratically elected charities, so as to target zero long term deflation/inflation, and circulated through a Bitcoin-like open network. Banks are not involved in creating the base money supply - they and their depositors are entirely responsible for the risk the take on when expanding M2. Governments have no say either, and are responsible to the voters when the debt spirals out of control.

I apologize to the TL;DR low attention span crowd.

So instead of the government steal the money through inflation or forced exchange for drachmas, you propose they should voluntarily give up their money now to the holders of bitcoins. Brillant !

There was no implicit or explicit contract for mtgox to act as a password manager and protect you login credentials for other sites. A great number of sites store plain text passwords and a huge number store plain or salted md5 passwords. From an industry best practice point of view, MD5-crypt passwords are regarded as secure without bogging down the authentication server.
Sites do get hacked and do suffer from inside jobs. It's entirely your fault if you chose weak passwords AND reuse them on other sites. mtgox can only be liable for the damage on the system they control; as it seems there's no damage, all balances will be untouched.


Accidentally leaking someone's email is not and cannot be a crime. An email address is public by definition. Sending spam is a crime in some legislations, but to pin that on mtgox would mean to prove they intentionally and malevolently shared the email list with any spammers.
Is it a bad way to treat your customers ? Sure. Can they press criminal charges or request compensation ? Nope.

What damage ? When the exchange reopens you will find your $ and BTC balances untouched. The most you could claim is that you were denied service for a few days.
The whole debate about force majeure would excuse mtgox from loosing your funds to hackers, at which users could claim mtgox did not do it's best job to secure the service. It would really for a court to decide, but only if funds were lost. For example if the rollback did not happen, it would apply to the original owner of the 500.000 BTC.

Since no funds were lost (the small withdrawals that lead to negative balances will be covered by mtgox), but only imaginary profits, the whole debate is baseless. The profits were never yours to begin with. You have no proof you actually bought 250.000 at 0.01 $/BTC. None whatsoever. You would be thrown out of any court.

Say the hacker redirects the mtgox site to an identical clone, duplicates everyone's $ balance and password, and post a price of 0.0000001 USD/BTC. If everyone rushes to buy a total of  1 billion bitcoins worth a total of 100$, do you think mtgox should be liable for the 18 billion USD "loss" the traders incurred at current market prices ?

As long as your money is in the mtgox system, it's their rules and their site. No contractual obligation exists if you simply saw some numbers on your computer screen that might have looked like you were suddenly rich. It might have been hackers, dead pixels, or ghosts. No one knows until you get the money in you bank account.

It's only from the kindness of their hearts that mtgox give you details about what actually happened with the site. For all you know, they could claim the story in the first paragraph: you were trading on a hacker site, domain system is not 100% reliable, we don't owe you nothing; sue ICCAN and ask for a better DNS system.

Maybe because they are heavily vested in precious metals and are experiencing a mild cognitive dissonance ?

Off-topic: liquid zeolite