great analysis kiba! Thanks for starting this discussion. Bounties for exposing security vulnerabilities is an excellent and very creative idea! Where do I pledge or send bitcoins to? How will the review committee that evaluates any claimed vulnerabilities be structured/governed? How to ensure that coders who contribute changes to bitcoin source code don't secretly deliberately include faulty obfuscated code so that they can fix their broken code to collect the bounty (or avoid similar other conflicts of interests)?
Err, just start a bounty thread?
|
|
|
Or maybe just saw the crap going around him and decided he is an anarchist.
Using that guy as a sacrificial lamb isn't exactly what I called, anarchistic. Unless, he agreed to cover for the real leaker.
|
|
|
This is not reality. If government could enforce laws there would be no drugs, no murder, no theft. These things plainly exist. Government cannot enforce law, but only uses it as a pretense to capture adversaries and control those who produce for them. This may be important when considering security. Also there is no monolithic government, but only individuals who are acting in their interests or out of fear.
Updated my analysis.
|
|
|
Bradley Manning may simple just be a fall guy, scapegoat, or framed by the real leaker...who may never be caught. Anyway, it's all speculation.
A top secret anarchist cabal penetrated the US government. It's simple really.
|
|
|
We should be doing something to get a full security audit done on bitcoins. Something we can point to that is third party and not connected to bitcoin in any way. Now who do we contact to get this done?
I don't have money but I think we should set up a bitcoin bounty for security, like I been suggesting everywhere. It will be a start.
|
|
|
Sorry for being too lazy to read all previous posts...
But has anybody actually proposed using bitcoin algorithms to create decentralized DNS to Peter Sunde yet ?
People already put up links about BitDNS.
|
|
|
Engaging in wikileaks before Bitcoin has a chance to unfold its wings may kill it.
It may allows us to unfold our wings. Beside, what is done, done. Bob182 already talked to a person within the wikileak organization. But there are much safer route to unfolding our wings.
|
|
|
Please note, this is a revised version of an email that I sent to a guy who know something about security.
-------------- 1. Who are our adversaries?
Corporations who have their business destroyed by bitcoin competition, or in the process of getting destroyed. Government who are keen to control their economy through central banking.
2. What are their capabilities?
Security and cryptanalysis knowledge. Nation-state level resources. Ability to use force and threats to keep people in line.
3. What are our countermeasure?
Network effect; strength in number. Promoting, and growing the economy.
Security and cryptanalysis knowledge. Constant discussion about security.
Decentralization effort such as BitDNS. I open sourced my prediction market; however, we do not have open source exchange markets and other critical infrastructure.
The head cannot be easily cut off. The authority will find it difficult to haul away Satoshi Nakamoto, but it cannot be said the same for other people. Already growing the number of hacker who know how bitcoin work and can improve it.
4. Measures we could take:
Create a dedicated tiger team whom jobs is to find security flaws within the network.
Offer security bounties as incentives.
Open source key infrastructure such as trading sites.
Create protocol documentation.
"Kill switch" for bitcoin banks system. (Really, it mean that everyone who hold bitcoin balance on the behalf of somebody else.)
|
|
|
If bitcoin has some flaw, then we need to resolve it now.
I suggest assembling a tiger team or make security bounties or do both. But, you have to remember that the security of the network also come from the strength of people running it. So, wikileaks might add more legit computing power rather than cheating nodes, or not. It's hard to know. Brute-force attacks are least likely. We probably have some bugs lurking in the system.
|
|
|
Success is not guaranteed; access risk; act wisely; remember knowledge gaps.
It's funny to see a miniarchist libertarian say "Bring it on" when anarchists like me are advising cautions.
It look like I am right, people throw cautions to the wind.
|
|
|
So maybe a leaderless organization is the better direction for WikiLeaks to go? Opinions?
There's alway a leader of some kind. It might be a person with a high reputation.
|
|
|
ames. Of course they have to be new names that were not in earlier blocks. BTW, I created a stub of a document on the wiki for this concept if anybody is interested in filling out some more details of this idea in terms of a formal spec: http://www.bitcoin.org/wiki/doku.php?id=bitdns_draft_0_1I'll see what I can contribute to filling this out, and I'm thinking of bumping this idea up on my own priority schedule for perhaps writing an application to do this. It sounds like something to really get my teeth into even though I got a couple of other good ideas I'd like to try. Besides, it sounds like there is some real interest to get this going sooner rather than later among many in the Bitcoins community. I am using this document as the BitDNS bounty's protocol document.
|
|
|
That artwork has come together nicely. I wish I could draw like that. I can do technical drawing but not artistic stuff.
I like the Bitcoin gyroscope (or whatever it is) above the whiteboard. Is that a pencil or cigarette in her mouth?
A....USB drive! And the whiteboard is actually a monitor. Maybe I should put some stuff in there...
|
|
|
2. What's stopping us? Let's just implement them BOTH immediately. We obviously have the knowledge and expertise to get the job done. Let's just get the job done already.
For some reason, we lack programming manpower. Nobody is doing an android client, for example.
|
|
|
Ignore all the fuss about traitors, terrorists, and other distorting comments. Those people don't understand it, don't repeat them.
Security is not made by invading foreign nation and inadvertently increasing heroin production in the process, inadvertently killing more Americans through heroin overdose...
|
|
|
Since I woke up, I been hard at work cleaning the image up and practically redrew some of the features such as the eyes. If you had been keeping my artwork through out the evolution, you would have notice the cleanness and sharpness of the face compared to the scan. So here's my work for today, which had been resized from its ungodly large scan: http://www.bitcoinservice.co.uk/files/17Price is 0.10 BTC.
|
|
|
If not, then someone would leak it.
We can't have this for the community do we? It's more fun to think of Satoshi as the awesome badass hacker with a secret mission to destroy money monopoly rather than just an ordinary hacker who got a really good idea how to destroy money monopoly and decided it would be risky.. hmm....
|
|
|
Latest report:
Begun 9 days ago. Total expense: 3.83 USD Total pageviews: 68,790 impressions Total clicks: 38 CPM: 0.06 USD CPC: 0.10 USD CTR: 0.06
|
|
|
Just woke up...
Update complete.
|
|
|
Lot of little Davids versus a few Goliaths. What can the worst happen?
|
|
|
|