|
Someone versed in ECC timeline should sift through the appropriate meeting minutes on certicom site, perhaps they already hint at how parameters were chosen.
|
|
|
|
I would trust Free Software / Open Source code written by the NSA or some other government agency long before trusting any propriety software particularly that written by Microsoft or Apple.
Ironically there is a far greater chance of an NSA backdoor in propriety software from Microsoft or Apple than in SE Linux or Security Enhancements for Android.
The latest revelations makes either choice unwise. The NSA cannot be trusted to be acting in good faith in ANYTHING it produces. Mathematicians/engineers who have done this kind of subterfuge should be deeply ashamed with themselves, producing error-ridden material and/or knowingly broken mathematics as your "best effort contribution to human progress" is about as low as you can go on the scientific ethics scale. Articles also mention hardware backdoors and other weaknesses being implanted by the NSA agents. This is in addition to purposefully weakened crypto standards, examples of Windows OS backdoor (_NSAKEY), backdoored "standard" PRNG (dual_EC_DRBG), etc. It appears that NSA is not in the business of national security, but in the business of mass surveilance and subversion of good, public crypto. Their "recommendations" of any specific constants or crypto techniques should be seen in this light. I don't think they particularly care about Bitcoin - they might if it ever becomes significant in the international trade - but Bitcoin may become a collateral damage if secp256k1 was in any way influenced by the NSA shills at SECG. If secp256k1 does not include nothing-up-my-sleeve numbers, we have every reason to ask for an expert review. |
|
|
|
|
Bitcoin uses standard, NIST (and likely NSA) recommended curve parameters. Are these chosen based on some rationale, or just chosen, ahem, randomly by, ahem, unknown people? Was there any obvious danger in using different constants?
|
|
|
|
|
ECDSA curve parameters in Bitcoin are standard ones, recommended by NIST. I wonder where they came from. Is there any rationale behind these particular constants, or they magically appeared out of nowhere, akin to dual_ec_drbg?
|
|
|
|
Go make your own crypto then? See? It's difficult.
Making good crypto is difficult. The majority of people today do not use cryptography intentionally at all. Bad crypto is better than no crypto, with added benefit of straining the resources of the mass-surveilance machine. |
|
|
|
Most of you are by now hopefully familiar with the latest revelations of the U.S. government agencies planting backdoors in software, hardware, and 'standard' algorithms; stealing and using corporate encryption keys; intercepting, decrypting, and storing SSL traffic. Read here, for example: http://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption#odni-responseTime after time we were told to avoid attempts to develop own crypto methods and instead use published standards. There are compelling justifications behind this advice. Standardized crypto, on the other hand, obviously enables standardized, automated surveilance by a sufficiently powerful agency that has either built subtle weaknesses into the standards, or has discovered them later on. The surface of their attack is small and well defined, and resorces at hand are enormous. In a security-through-obscurity world, this universal threat would be eliminated, as no agency has sufficient resources to figure out each and every implementation - no matter how clumsy the implementations are. This would require lots of manual labor, and would in effect force them to use resources for targets that are actually of the national security interest, instead of spying on everyone and everything, inevitably leading to the abuse of collected information for the non-national-security purposes. What the free world needs now is the popularization and proliferation of a variety of cryptographic, steganographic, and security techniques, DIY projects, and generally a crypto culture. We should avoid mainstream, standardized solutions, and always opt for the new and obscure, preferably with a DIY mods. If you feel you need to establish a secure channel of communication - why, just build one as an appropriate mix of code, steganography, encryption, one-time pads, fragmentation, etc. If you don't feel you need secure channels - why, still use any of the methods just for the spamming pleasure. |
|
|
|
Just read this disturbing article, based on recent leaks from Snowden: http://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryptionThe article talks about the NSA responding to the rise in popularity of internet encryption by, among other things, deliberately weakening the algorithms in use to give themselves a back door to decrypt data. Bitcoin relies on SHA-256, originally created by the NSA. Perhaps there is a weakness that an organization with the resources of the NSA is able to exploit. If so, that would explain why the major governments around the world seem to tolerate bitcoin. They know they can break it whenever they want. Preferable after the cartels and terrorists get comfortable and start relying on it. What exactly are you thinking of when you write "exploit" or "break"? There is no encryption in Bitcoin. There is nothing to "break". They certainly have backdoors in most software, open source included, and in most hardware. All they could do with an undisclosed weakness in sha256 is to start mining faster. Why would they care about being able to mine faster? If they know of a weakness in ECDSA, they could spend my coins. Again, why would they care? |
|
|
|
Help me understand this. Assume no mining is done. I could still broadcast a transaction from Mars, right? It would take several minutes to get to Earth, and terrestrial miners would then include it whatever block they are working on. Once the block is made and broadcast, I would receive it with a delay, and would be able to check the validity, broadcast it locally, etc. Where is the problem?
Assuming you have no problems paying for the intersteller bandwidth and waiting an extended amount of time there is no problem. But as you can imagine it would be kinda dumb to record the payment for every cup off coffe on Mars, on the Earth blockchain. Instead it is highly likely Mars would develop an alt-coin. Transactions between blockchains would be rare but could be accomplished. Most people probably never would do it directly rather they would rely on a broker agent who has both access and funds on both chains. Say you are no Mars and wanted to buy some land on earth. All your currency is in Mars coins and the land cost 100 BTC. You would find a broker who would give you an exchange rate, say 18 MRC for 1 BTC which includes their fee/markup. You would pay the broker 18,000 MRC, they would pay the land owner 100 BTC. The broker could prove the transaction was completed by giving you the tx id from the "EarthCoin = BTC" blockchain. While it would be possible to use a single blockchain across vast distances it really would make no sense. Given the improved utility it is highly likely other currencies would be created to better serve the needs of the users. We may even see the same thing on earth with a lot of mundane tx going off blockchain. This could be in the form of private ledgers or in the form of alt-chains which serve specific niches or even geographies. Don't spill the beans... this will be a business oportunity some day. Interplanetary cross-chain brokerage. |
|
|
|
Well, which function to use on a certain exchange is an age old discussion. For me the last price at the exchange (which exchange?) is the best indicator for what the price will be in the near future. Just make transparent where the data comes from. There is a relatively large spread on some - virtex, for example. Last price fluctuates several percent simply depending on the last trade being a fill of a buy or a sell order. What Jan describes sounds better, if I understood it correctly. |
|
|
|
Can we please have redesigned graphs? Here are examples of what could be improved, mostly related to readability:
Clearly it is per month. And the graphs aren't that bad for a quick look. You have just demonstrated the problem. It is not per month, it turns out it is per day. And average person cannot see right away if we are talking millions or tens of millions or hundreds of thousands in this pile of digits: 37049113.99417443 - they need to stare it into pieces. Common sense, it doesn't take a PhD in graphic design. |
|
|
|
Can we please have redesigned graphs? Here are examples of what could be improved, mostly related to readability:  |
|
|
|
|
Help me understand this. Assume no mining is done. I could still broadcast a transaction from Mars, right? It would take several minutes to get to Earth, and terrestrial miners would then include it whatever block they are working on. Once the block is made and broadcast, I would receive it with a delay, and would be able to check the validity, broadcast it locally, etc. Where is the problem?
|
|
|
|
Quite the opposite. I understood your op and in my opinion your ideas destroy the essence of what is right about bitcoin.
It does not mean I misunderstand you because I disagree with you.
Moreover, the ideas in OP are justified by a nonexistent problem. |
|
|
|
If you want stability, don't pick an extreme. Maybe the cost to extend the average person's life by one year?
Much better. |
|
|
|
in my opinion you have two choices, which were already discussed several times:
A: bring bitcoin to sucess and play within the rules
or
B: give a fuck on the rules and bitcoin will stay in the shadow forever
i would take A. but also A has some great benefits and takes alot power from the modern banking system.
Also note that, given A, you can still choose to do B. Just like government fiat - it still works great for illegal purposes. Therefore, option A is a win for everyone. |
|
|
|
I may have months where I transmit nothing and other months where I transmit literally $1000's of dollars.
You've already capitulated on a matter of arguable fact. You have conceded that such activity meets the legal definition of money transmission. I feel this is a strategic mistake. Via legal precedent, taking on unsophisticated adversaries, as well as venue shopping, the 'legal system' will incrementally expand their side of the story, leaving the only available activities (i.e. still legal) as mere vaporous scraps. This is correct. |
|
|
|
Use the ambient light sensor please. It makes no sense to fade at noon in the Sahara.
yes i completely agree. i made a usability study in the sahara. all bitcoiners there agreed that it does not improve scanning accuracy. I was there, and I should add: it did not degrade scanning accuracy either.  |
|
|
|
|
I haven't thought this through, but would it make sense to include fiat amounts in the transaction history? I mean the actual historical worth, not the based-on-today's-exchange-rates worth. If you are already storing transaction data locally, adding this field would be trivial. If you are pulling the list from the server based on address(es), it might be too much work.
|
|
|
|
The Sound of NEFTIn the window of my office I have an empty barrel of black NEFT. Twice a day it makes a clicking sound, in the morning when it heats up, and in the evening when it cools down. It is the bottom of the barrel that makes the sound when the pressure goes up and down. (You need to keep the lid on and closed tightly). The barrel I have has a small dent close to the bottom, so I don't know if this happens with all barrels. This is the NEFT sound!Whenever I hear it I think about NEFT  Crazy idea for marketing? A Clockwork Vodka. Oranges of that kind were marketed successfully. |
|
|
|
Communist hat? I think not.
OK, that part was just meant to provoke a response from those who define communism in different terms from mine. Having lived under a communist party rule, and having never been involved with the communist party in any way, I like my definition better. But we stray from the topic. Again, as others have pointed out, with fiat we have practically infinite, monopolized supply of money. With Bitcoin, we have a fixed, democratic, consensual, and mathematically exact supply. Distribution of wealth in these two scenarios has a different meaning, and straight-forward comparison is meaningless. I fail to see a problem. Bitcoin works and allows me to represent, store, and exchange value in ways never before possible. Alice, Bob, Satoshi, and Mugabe can do with their coins as they please, and Gaddafi may have taken half a million brain-walleted coins with him into the grave. Seriousy. It's not like you'd have a clue. Some people do have lots of coins, some people did have lots of coins, and yet here we are, and world hasn't ended. |
|
|
|
|
Show Posts
