Amazon has been fighting collection of state sales taxes in states where it doesn't have a physical presence so expect them to lobby hard against this.  The good news is that although it is incorrect (and as pointed out above it isn't a new tax) most people will perceive it as a new tax.  The speaker of the house has indicated not supporting it.  Combine big internet companies being against it, the speaker not supporting it, and "new taxes" it likely will die ... this year.  Sadly I feel it is only a matter of time.

If it passes ... yes however it is most like 237 tax jurisdictions. Don't forget taxes depend not just on the state but the city/county as well.

On edit:
Actually I was wrong there are 11,000 distinct taxing jurisdictions in the US however many have opted to not assert that authority (for example in VA all county/city sales taxes are 1%) so there are "only" 237 different tax rates in the country.   However that could change at anytime, a city/county in VA feeling budget shortfall could opt to raise sales tax from 1% to 1.5%.  It gets worse when you consider that some states tax different products at different rates and some exempt some types of products.  Of course there is no standardization.  One state might tax food at a lower rate, while another might tax all sales the same, while another might exempt medicine and food, and still another only exempt some types of food, and yet another tax food at a lower rate and exempt medicine. 

The number of permutations is utterly mindboggling which is why the moratorium passed to begin with.  The "idea" was that states could work together to consolidate and reduce the tax collection burden (imagine 27 states opted for the same rate and exemptions).  Somehow that has changed to ... we won't make it any easier (so same problem still exists) we will just burden small businesses with it.

If it didn't make sense 15 years ago it doesn't make sense today.

Think of the words as larger numbers.

Imagine a combination lock (like on a bike) with digits 0 to 9. 
How many possible combinations are there if the lock has two digits?  10^2 = 100. 
How many possible combinations are there if the lock has three digits?  10^3 = 1,000.
How many possible combinations are there if the lock has four digits?  10^4 = 10,000.
How many possible combinations are there if the lock has five digits?  10^5 = 100,000.

128 bit = 2^128 ~= 10^38

So you could write a random key as 128 binary digits or 38 decimal digits.  Either one is just as strong.
However you notice the larger the numerator (10 vs 2) the smaller the exponent needed for equivalent security (38 vs 128).

So what is we used a much larger number .... we would need less digits.  Right? 

Electrum's words are a set of 1626.  If you prefer think of them as numbers

1= hello
2= dog
....
1626 = xray
(note this isn't actual word list)

1626^12 ~= 10^38

128 bit = 2^128 = 10^38 = 1626^12 = x^y (where there are an infinite number of x & y values possible)

How you choose to represent it doesn't change the entropy of the value anymore than representing 123 as the words "one hundred and twenty three" makes it any more or less secure of a 3 digit decimal combination.

 

Will be a long time before the next milestone.

I am unsure of the reason my guess is that 128 bit seed makes printing or memorizing an paper backup easier.  Would be nice if the wallet had a user defined seed size.

Still I would have no concerns about a 128bit random key.  The effective key strength of 256 bit ECDSA keypairs (the difficulty in finding a private key given a 256 bit ECDSA public key) is 128 bits.

128 bits while not "beyond the thermodynamic limit" is considers but pretty much all cryptographic experts to be beyond what is feasible to brute force (and yes that includes the effect of Moore's law in our lifetime).  AES-128 has been designated sufficient to safeguard classified material by NIST.  NIST sets cryptography standards for US agencies.


Yes the private keys (for actual bitcoin addresses) are always 256 bits. That is part of the protocol spec and thus not a decision for client developer.  However as indicated above ECDSA 256 bit only has 128 bits of preimage resistance anyways.   

This is a very good point.  A non trivial number of coins have been collectively lost over the years due to the "gotchas" inherent in a RBOK (random bunch of keys) wallet.

Just some examples:
a) failing to make a backup
b) failing to keep backup current and exhausting the keypool
c) forgetting or losing passphrase and not having a paper backup
d) encrypting a wallet and not making a new backup (encrypting results in keypool being flushed and old backups out of date)

Nobody tries to "guess" a private key.  Brute forcing private keys is for all intents and purposes infeasible.  256bit is a large number (likely a quadrillion, quadrillion times times larger than you "think" it is).

http://www.schneier.com/blog/archives/2009/09/the_doghouse_cr.html

Unless you are worried about attackers building computers from something other than matter and existing in something other than space the attack vector isn't to "guess" your private key/seed it is to GAIN ACCESS to your private key/seed.


Your coins will be stolen if the attacker GAINS ACCESS TO the private keys.  For unencypted wallets this means access to the wallet file.  For encyrpted wallets this means the wallet file and the passphrase.  If the passphrase is weak the attacker may be able to brute force it.  There is no likely scenario where an attacker would gain access to only some but not all of the random private keys but would gain access to the seed and thus all private keys.

Deterministic or random once the attacker has the decrypted wallet file, you should assume your funds will be lost.  It is your job to ensure the attacker never gains access to the wallet (deterministic or random).

Now if you employ a second wallet (say offline "cold storage") it should use keys which are unrelated to the first wallet.  This applies regardless of if you use a random or deterministic wallet.

That would up the stakes but as you point out, PayPal will have buyer return it you will get it back with damaged hologram.  Buyer will claim it was intact when he sent it.  Seller will claim it was damaged when it was received. 

At which point as you said it becomes he-said she-said.  The bad news is that a single seller will attract multiple scammers so while someone might win the first one dispute, the subsequent cases (by different scammers) are going to suddenly start looking bad for the seller.


Now if PayPal gave sellers an option to require the item be returned NOT to seller but to PayPal (or a third party contracted by PayPal) for inspection well that would be a foolproof system.   Sadly PayPal doesn't offer that as an option. 

If they did the combination of:
a) sold unfunded
b) tamper resistant packaging
c) user providing photo of received contents
d) inspection by third party in case of disputes

would be pretty much the holy grail.


I have heard examples of it going either way:
Scammer claims to have gotten a brick, returns a brick and wins dispute.
Scammer sends a brick, claims buyer is lying, and wins dispute.

Buyer always has upper hand unless they are using PayPal funds because they can dispute it again with credit card company.

Probably not.  Blockchain credentials "probably" refers to http://blockchain.info eWallet.

If you can determine the passphrase your coins are lost unless the passphrase is very weak or you know the majority of the passphrase.  The wallet is resistant to brute force attacking and there are (for obvious reasons) no backdoors or overrides.  Strong encryption means strong encryption.

Example:
"Dispute: Not a described. Seller claimed he would fund the cert with x Bitcoins but he did not.  I wish to return this worthless cert as it is not as described.  Please help me PayPal I feel the seller is trying to take advantage of people.  I will gladly pay return shipping"

I feel it is dangerous to be advertising a "safe" method of selling on ebay, especially in the noob forum.  While it certainly is safER than do an online transaction it is hardly safe.  Even if you win the dispute, the scammer can just have the credit card company chargeback the funding transaction, and PayPal will reverse it on you in response.  Buyer's protection doesn't cover chargebacks related to "not as described".


https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=ua/UserAgreement_full#11. Protection for Sellers.

It isn't scamproof (nothing is except maybe shipping goods AFTER getting bitcoins .

ebay allows dispute "not as described".  Ebay will allow the buyer to send the goods back and then will get a full refund.

Pay
Receive
Send photo
Transfer BTC
Dispute
Get money back.


Buyers have been abusing "not as described disputes" for years.  Usually it justs the seller the sale (plus expense and hassle of return, funds on hold, etc).
https://www.paypal-community.com/t5/How-to-use-PayPal-Archive/Buyers-abusing-quot-not-as-described-quot-to-force-refund-when/td-p/15414

It isn't a threat.  Fees for Bitcoin are likely to remain low.  Any attacker with >51% of hashpower can do a lot more than destroy coins at high cost.  Any attacker with less can't materially change the amount of Bitcoins.

Bitcoin fees have averaged 0.03% of value transferred.  Velocity (annual transaction volume / money supply) is ~10 and unlikely to be higher.  Let say Bitcoin stabilizes with fees at ~0.1% of volume transferred.  Then an attacker with 50% of hashpower could destroy 10*50%*0.1% = 0.5% of the money supply each year.  An attacker with less hashing power would have even less effect.

Now a small annual reduction in money supply has no detrimental effect but even if you think it does it would take 20 years to destroy just 10% of the money supply and 60 years to destroy 25%.  It is a complete non-issue.  Only the stupidest attacker in the world (who also has millions of dollars a year to burn) would engage in an attack like this and it would have absolutely no effect.

If 10% of the money supply was destroyed the exchange rate would rise ~10%.  With 8 digits of precision it would take centuries to raise the valuation of Bitcoin so high as to make transaction unweildly and if/when you did the protocol could be forked to add another 8 digits of precision.  In the process the "attacker" would massively increase the wealth of Bitcoin holders who don't destroy their coins.

Given the volume of deals and other economic activity which occurs on this forum compromising an account is a potentially lucrative attack.  Where there is the potential for profits, attacker are soon to follow.  I hope the mods/admins strongly consider upgrading the forum to allow the use of 2FA. Google authentication is one easily implemented option and is based on the open standard RFC6238.  Services like DropBox & LastPass are Google authentication compatible.

http://en.wikipedia.org/wiki/Multi-factor_authentication
http://en.wikipedia.org/wiki/Google_Authenticator
http://tools.ietf.org/html/rfc6238

One example of a recent compromise:
https://bitcointalk.org/index.php?topic=199747.20

I use 2FA for all exchange accounts (both personal and company) as an added layer of security despite using large unique random passwords for all websites.  An attacker could do good damage to my reputation and result in financial losses for other forum members if they compromised my account identity.

In this modern age simple passwords don't provide the level of security they once did.  One should adopt secure practices like using unique passwords (don't repeat across sites), ensure passwords are not on any known/compromised password list, and ensure passwords are long with sufficient entropy.  However these measures only provide protection against indirect attacks where attacker attempts to brute force (to include dictionary attacks) the password.   With users adopting longer more complex passwords and sites getting better as hashing and salting password lists this attack vector is becoming harder and less common.  The more direct attack is to steal the password through 0-day exploits, malware, or phishing sites.  The only true defense against that is a second factor.

You can't.  That is the security of Bitcoin.  Only the holder of the private key can spend the funds.  If you could "get" the private key you could "get" the private key for MtGox cold storage address and help yourself to thousands of coins.

You had 2FA enabled on your exchange accounts right?*

* (Of course not the question was rhetorical for any noob reading every single one of these stories has the same thing in common - no 2FA).

A script reviews the open orders and notifies staff on issues.  Any expired order needs manually processing.  Normally we will honor orders even expired ones if the price is roughly the same, but we reserve the right to refund an expired order as our trading engine doesn't execute hedging sell orders until an order is funded.  

I thought it was going to have something to do with the Kobayashi Maru scenario.

That will never happen, ever on any asset/currency.  Someone is ALWAYS looking for a quick buck.  People "flip" stocks, cars, houses, foreign currency, precious metals, etc all looking for a "quick buck".  There never has been, nor ever will be a market where someone isn't looking for a quick buck.  So if that is the gold standard log out, give away all your fiat, BTC, and anything which can be traded and revert to barter.

IF someone held 10,000 BTC for over 4 years through multiple bubbles and busts why would they just dump them on the market.  The price they got them at doesn't matter.  If your grandfather bought 100 oz of gold when it was only $50 would you sell it for $100 just because you got it cheap?

1000 BTC a day wouldn't even affect the market anymore.  Mr early adopter could sell a thousand BTC a day in 10 days without causing waves and thus maximize the price obtained.  Why would he do otherwise?

Still even if he did 10,000 BTC dumped on the market right now would only drop the exchange rate 7%.  There are only some many cluelessly stupid early adopters holding massive amounts of wealth in BTC that foolishly crash the market.  Once they do it is done and the coins move to smarter, stronger hands.