I thought that your point was that other nodes know nothing about the transaction - how has the attacker stopped that from occurring (i.e. the victim won't only send the tx to the attacker)?

Unless the "victim" is running some non-standard software or have been configured specifically to not broadcast tx's this should not be possible (unless you are saying the attacker owns the victims internet connection).

Actually even if they did own the victims internet connection they would still have to be rather amazing to be able to complete the 6 confirmations within one hour.

I think the simplest way at the moment would be to keep your bitcoin-qt installed after you install your new client then create a new wallet with the new client and send all your BTC (perhaps requiring a tx fee which really will be most likely negligible) to the new address in the new client.

(although I haven't read the above poster's link)

Edit: Now that I have looked at the link I don't think you want to do this as you could easily miss your change addresses (which are not so easy to find with the Satoshi client).

I'm not quite sure of the current progress but I think the best solution will probably the "colored coin" concept as it doesn't require any central authority to hold any information.

You might want to search around here for "colored coins" as they are a method by which the bitcoin blockchain itself can actually be used as a mechanism for issuing and later transferring individual "shares" (being bitcoin amounts) from an originating tx.

[mods please note the following]

The network can only be kept secure by having enough distributed hashing power that one miner (or more likely pool) simply cannot obtain more than 50% of this power.

So this ongoing hashing arms race is exactly what I assume Satoshi would have predicted (although maybe not happening as fast as it has) and I very much doubt it will stop after the arrival of ASIC.

True - but I really don't think there is going to be much alternative for the average person (who is really going to wait potentially days for their software to start working?).

Yup - very important - my math skills suck yet I am able to build a complete web site in C+ (with no scripting apart from some UI stuff) in minutes.

I was amazed to find out recently that my nephew has a Rasberry Pi when I had never even heard of such a thing before - trying to say that Bitcoin belongs to some sort of "ultra geek club" will never help the general adoption of Bitcoin - but good software will.

In regards to the blockchain download - yes that is a problem (but you can download it as a set of files and there are other clients that don't need to use it).

Do you really expect your grandmother to understand ECDSA (and I admit I have only a basic understanding of this myself) in order to hold on to her money?

(not trying to be offensive but I think it is important that we don't expect the "end users" of Bitcoin to all be so computer/algorithmically literate)

but perhaps you are instead referring to ponzi schemes

All very true - but to be a little more positive there has been quite a bit of work on improving this (multi-sig being perhaps the most significant achievement even though still not yet user friendly).

Give it some time and I think the solutions will be coming.

Personally I somehow doubt that it could ever get that far (although I would love to see it do so) - I think the best that can really be hoped for (realistically) is for Bitcoin to become a major currency for online services and virtual goods as well as a new form of stored wealth that is much more easily transacted than gold (or other commodities).

Governments (while they continue to exist) are extremely unlikely to ever give up control of their fiat currencies (or of course their taxes).

Would you prefer a picture of Bruce Wagner?

I think this is very true - and I don't think governments have anything to worry about Bitcoin when it comes to that (as average consumers are already happy to give out all of their personal information to use credit cards anyway).

I think that in many "western" countries taxation itself has been moving from income tax to consumption tax (making it more relevant how you spend your money than how you earn it) and at the same time banks have been tending to report all account tx's to tax bureaus (and will generally withhold a large percentage of interest payments without customers providing their tax reporting information).

This tends to make it actually not difficult at all for governments to tax people who convert BTC to their local currency (via a bank transfer) and looking at the identification requirements that many of the BTC exchanges are requiring I can't see how people can in any way easily avoid government scrutiny with any serious amounts of money.

Basically if you are using an exchange to convert a large amount of BTC to any fiat currency then I think the chances of avoiding detection (and thus taxation) by the government is rather small.

P.S. In regards to SR perhaps the whole "war on drugs" could simply be turned into another profitable sales tax by legalization.

This could be fairly easily added to the Satoshi client but will require an additional index (and is not currently a priority).

I have already offered a 10BTC bounty for a successful pull request (i.e. one that is pulled into the master branch by the dev team) that will accomplish this. Maybe if others want to add to this bounty we could get this feature added sooner rather than later.

The standard client cannot generate a "deterministic wallet" (the term "brain wallet" generally refers to the generation of a single address via SHA256 of a long pass phrase whereas "deterministic wallet" refers to using a seed and pass phrase to generate a series of addresses).

If you are keen to create such a wallet then you should look into using Armory or Electrum.

Interesting - I must admit I have never properly looked into the details of ECDSA before (and although my logic is good my other math is rather average).

As the Bitcoin ledger is public it of course makes sense that nothing is encrypted but instead just correctly signed.

Did you look at this link?

http://en.wikipedia.org/wiki/Elliptic_Curve_DSA

From what I've gathered it doesn't throw away those keys but after the encryption doesn't use them (at least for change addresses) either (I guess in the off chance somehow you managed to get funds sent to one of those addresses).

Okay - thanks for the clarification (still hoping that feature will be added provided you can prove you own at least one of the inputs in the tx).