Bitcoin Forum
June 17, 2024, 02:13:47 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: « 1 ... 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 [289] 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 »
5761  Economy / Service Discussion / Re: Sucker born every minute on: October 29, 2012, 03:09:06 AM
Now the idiots can have thier bank accounts cleaned out when this site vanishes with all the depositors funds.
You mean that some people would actually link this to their main checking account instead of opening a seperate one, disabling overdraft protection on it, only transferring funds into it just before sending those funds to Coinbase, and immediately moving received funds to their main account?
5762  Economy / Service Discussion / Re: A service I'd like to use if it existed on: October 29, 2012, 03:03:47 AM
If you could somehow work out a deal with ADP so that any employee of a business that they service could receive their paycheck in bitcoins it might be worth getting those licenses.

It's probably too early for that though.
5763  Other / Off-topic / Re: Roger Ver, ex-con? on: October 29, 2012, 02:17:04 AM
It's an amazing anecdote of our terrible "justice" system and the harm it does routinely to good people.
You misspelled "just us".
5764  Economy / Service Discussion / Re: A service I'd like to use if it existed on: October 29, 2012, 02:09:22 AM
Technically this is not a tough problem to solve.  however this falls squarely in the crosshairs of being a "currency exchange" if you can guarantee the recipient of the bitcoins is the same person paying the cash.  If you cannot guarantee that, then its definitely considered a "money transmitter" and thus licensing will be required in every state where you want to have customers.
That sucks. Another case of laws keeping us from having nice things.

I guess I'll just have to do things manually until someone launches BitPayroll.com.
5765  Bitcoin / Bitcoin Discussion / Re: Securing your savings wallet on: October 29, 2012, 01:35:04 AM
There is no default software on any distribution (that I've ever heard of) that executes code based on the content of incoming audio streams.
Irrelevant.

Image displaying software isn't supposed to execute arbitrary code based on the content of a JPEG file, but it still happens sometimes.

That you aren't even acknowledging the existence of an entire category of vulnerabilities does not inspire confidence.

Do we really know sound is safe? Has anyone ever tried to crash the Linux sound drivers via malicious sounds sent to the line in port? Maybe the only reason we don't think a vulnerability exists is because until now nobody has ever had a reason to look for one. Even if the sound drivers and ALSA libs are safe, there's still the matter of hardening the decoding software.

If even a task as old and well-understood as transforming a JPEG image into a bitmap can result in arbitrary code execution you can't just assume that sound is safe without at least some kind of testing.
5766  Bitcoin / Bitcoin Discussion / Re: Securing your savings wallet on: October 29, 2012, 01:04:26 AM
Zero surface for remote code execution between machines
The attack surface is  never truly zero. Would you bet your life that it's impossible to craft an audio packet that crashes the decoder in such a way to allow code execution?

That being said it's probably safer than anything in use currently.
5767  Bitcoin / Bitcoin Discussion / Re: Securing your savings wallet on: October 29, 2012, 12:07:12 AM
The answer is to find a transfer method that has higher bandwidth than QR codes.[/quote]Aren't there encoding methods with a higher limit that can be printed out?

If I was working with a savings wallet with > 10^4 USD equivalent I'd buy a printer/scanner for the offline computer and use paper to move the required data if that reduced the potential attack surface.
5768  Bitcoin / Bitcoin Discussion / Re: Securing your savings wallet on: October 28, 2012, 11:19:50 PM
Nonetheless, even if those transactions were not included, the tx to be signed could still be huge.  The transaction I referenced in my previous post was 140 kB.  Still too big for a QR code.
I think for this use case it's reasonable to look at ways to prevent the number of possible inputs from getting that large that might not otherwise be desirable.

The first thing that comes to mind is only having a single address in the offline wallet (always send change back to the same address), and combine unspent outputs after every N deposits, where N is selected to be small enough to never run into the problem you referenced.
5769  Bitcoin / Bitcoin Discussion / Re: Securing your savings wallet on: October 28, 2012, 10:34:40 PM
At this early stage in the game does Bitcoin have the ability to even come close to being a safe place for storage of large amounts of wealth?
Excluding exchange rate risk, it's perfectly safe for storage. The problem is safely moving funds out of storage without potentially exposing your private keys to malware.

Its legal legitimacy is still in question.
Depending on who you talk to this is irrelevant or even beneficial.
5770  Bitcoin / Bitcoin Discussion / Re: Securing your savings wallet on: October 28, 2012, 08:38:45 PM
If I understand you all correctly then using Bitcoin “on-line” is dangerous. You should want to keep your funds off-line but Bitcoin is on-line money. So it’s necessary to develop a good way to use completely constant on-line money while keeping it off-line to be safe. This is like a brain teaser puzzle.
There's a difference between petty cash and your retirement savings.

In the first case convienience is very important and losses, while still undesirable, are expected to occur from time to time.

In the second case no losses are acceptable.

You need different procedures for handling each case because the definition of success is different. I'm satisfied with the security of Bitcoin clients as the currently exist for storing small amounts of money that I could survive losing without taking additional security precautions. On the other hand, I see the existing clients as wholly unsuitable for safely manipulating large and critical sums of money. (not their fault - it's a hard problem that just hasn't been solved yet)

That's why I'm trying to work out now what would solve the problem in an acceptable way before I actually need the capability.
5771  Bitcoin / Bitcoin Discussion / Re: Securing your savings wallet on: October 28, 2012, 05:36:59 PM
It's even a tad more complex than that.  Without the blockchain on the offline computer, it can't verify all the information on the transaction, and it may be tricked into signing something that you didn't intend.  i.e. -- someone hacks the computer holding the wallet you use to create the transactions, and the next time you create a transaction, it will put false information in the transaction, and it will look like you are paying a 0.0005 tx fee, but it turned out to be 500 BTC fee.
If the online computer which generate the transaction is compromised it can lie about the size of the inputs and cause you to pay a larger fee than you intended, but how credible of a threat is this? The only one who benefits is miners, and would it be profitable for them to fund a malware attack when they can't guarentee to be the ones to mine the blocks containing these transactions?
5772  Economy / Service Discussion / Re: A service I'd like to use if it existed on: October 28, 2012, 05:25:41 PM
This sounds like something you'd have to talk about with BitInstant.
Any number of services could offer this, but I actually think payment processors like BitPay would be a better fit due to their business models.

BitPay receives bitcoins and pays out dollars. This means they have to route all their incoming bitcoins through an external exchange. If they also start selling bitcoins for dollars then they only need to exchange the difference between the dollar inflows and the bitcoin inflows, which means lower costs for everyone.
5773  Bitcoin / Development & Technical Discussion / Re: Effects of network propagation delay on: October 27, 2012, 09:21:36 PM
T1 refers to the output of certain previous transactions not some "current" balance of A.
Thank you. So the answer is 5.
5774  Economy / Service Discussion / Re: A service I'd like to use if it existed on: October 27, 2012, 09:13:11 PM
If the debit card has a bank account number you can tell whoever who pays your income to tranfer it to it. And in one way or the other it will have a regular bank account number, it will depend on bitinstant if it is available or not.
Sure, but there's only one back account that all the customers use behind the scenes that won't work. For a service like this to happen the service offering this would need a seperate bank account for each of their customers.

Technically that shouldn't be hard - my consumer account with USAA lets me create new checking accounts online literally with seconds so surely a business customer can get similar functionality from their bank too. The only thing that would make this service unviable would be some arbitrary regulation getting in the way.
5775  Other / Politics & Society / Re: Obama about Ayn Rand on: October 27, 2012, 09:08:12 PM
Stefan Molyneux has some very useful critiques of Ayn Rand's approach to ethics.

http://media.freedomainradio.com/feed/FDR_1506_A_brief_history_of_ethics.mp3
5776  Bitcoin / Development & Technical Discussion / Effects of network propagation delay on: October 27, 2012, 09:00:07 PM
As of block B my address A has a balance of 10 BTC.

I decide to spend some of it so my client generates and broadcasts a transaction (T1) with a 1 BTC output to destination address D and 9 BTC to change address C. At approximately the same time someone else broadcasts a transaction (T2) with a 5 BTC output to address A.

The miner which ultimate solves (B+1) includes T2 in the block but not T1 because it saw T2 first and had already started working on the block before T1 arrived.

T2 gets included in (B+1). T1 gets included in (B+2).

As of (B+3) what is the balance of address A?
5777  Economy / Service Discussion / Re: A service I'd like to use if it existed on: October 27, 2012, 08:50:40 PM
Or how about you open a bank account, find out when your employeer makes the payments and 3-4 days after that do an online bank transfer to bitinstant. Problem solved.
Thank you for taking the constructive reply. If you'd also take the time to read the post you're replying to your reply would be even more helpful.
5778  Bitcoin / Bitcoin Discussion / Re: Securing your savings wallet on: October 27, 2012, 08:42:40 PM
The online copy is where you must initiate all transfers.
I don't understand why this needs to be a hard requirement.

In theory the offline computer only needs a private key, output amounts, and output addresses to generate a valid transation. Output addresses can be typed in manually and stored in an address book. Amounts can also be manually typed in.

Sure, there's a high potential for user error doing it that way but the biggest risk (incorrectly specifing the amount for the change address output and giving away most of your savings as a transaction fee) could be removed by reusing the input address as the change address or by basic sanity checking built in to the offline program.

Edit. I just found out in a different thread that my understanding of how an input is specfied was incorrect. So now I do understand the requirement to generate the transaction on an online computer.
5779  Bitcoin / Bitcoin Discussion / Re: Securing your savings wallet on: October 27, 2012, 07:45:55 PM
I have some questions about using Armory in a fully air-gapped offline mode that are relevent to the same scenerio as the OP.

I want to store Bitcoins on a computer which, after the initial software installation and key generation, will never again communicate over a network or accept removable media.

Can Armory generate raw transactions without ever having any knowledge about the blockchain and display them on the screen as a QR code?

If it could do this, and if the QR code was formatted as a URL, it would be possible to create a lightweight web service that would accept raw transactions as a URL parameter, check them for validity, and broadcast them on the network.

Now spending funds from an offline wallet doesn't require a serial cable or a thumbdrive - it just requires a smartphone with a standard QR code reader app.
5780  Economy / Service Discussion / Re: A service I'd like to use if it existed on: October 27, 2012, 07:17:07 PM
What would you gain from such an arrangement?  Bitcoin would simply be a intermediary, added burden, etc. 
What I need is more businesses accepting btc directly.
Obviously not every participant in a market has the same needs so not everyone will use the same set of services so I don't understand the purpose of your comment.
Pages: « 1 ... 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 [289] 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!