Bitcoin Forum
June 16, 2024, 08:48:36 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: « 1 ... 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 [407] 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 ... 800 »
8121  Bitcoin / Bitcoin Discussion / Re: Move the decimal place! (Is it possible?) on: September 14, 2012, 07:19:05 PM
Just switch your client to report values in mBTC.  Done.
Hey I am selling this steam game for 2,000 mBTC.  Anyone want it?

To change the value of Bitcoin would require increasing the supply (i.e. turn every BTC into 10 BTC).  That is simply never going to happen.  Not today, not next year, not ever.  While in theory it "could" happen (any change could be made to Bitcoin with enough of a consensus) you will never find the consensus necessary.

8122  Bitcoin / Development & Technical Discussion / Re: Size of BTC blockchain centuries from now... on: September 14, 2012, 07:13:11 PM
I expect that in 200 years 10 terabytes of storage will cost a few pennies.

Okay, I should have been more accurate in forming my thought.
Besides, just storage... there is bandwidth, HD (device speed), probably RAM is somehow also intertwined to search the transaction history, etc...

All of which have been doubling in terms of x/$ for decades now.  While they don't all follow Moore's law exactly they are all exponential.  It is inconceivable that 50 years from now RAM, storage, computing power, and internet connectivity bandwidth won't be many magnitudes higher than today both in absolute terms and in performance per dollar.

Still as SgtSpike pointed out there are lite-nodes which don't require the complete blockchain.
8123  Other / Beginners & Help / Re: I need specifics to minig with my machine, Lenovo Ideapad Z570 on: September 14, 2012, 07:08:47 PM
Thank you you have finished my fruitless efforts.

So, If I understand this right. It is basically a lottery so I could technically solve the problem? But I only get like 1 entry where if I have a bad ass computer I might get to put 100 entries in the lottery?


Skeeter

Yes although due to the "lottery effect" most miners participate in mining pools where they split the reward when a block is found by any of the members.  To answer your second question.  Correct however the scale is likely a little off.  It would be more like you get 1 lottery ticket and a high-end rig get 40,000 lottery tickets and the biggest mining farms get 20 million lottery tickets. Smiley
8124  Other / Beginners & Help / Re: I need specifics to minig with my machine, Lenovo Ideapad Z570 on: September 14, 2012, 07:03:19 PM
You don't.  CPU mining is dead, and your laptop doesn't have a compatible GPU.  Even if it did given the specs of most laptops you could expect to earn maybe a cent ($0.01) worth of Bitcoins a day by spending far more than that in electricity.

Mining either requires high end GPU (and preferably a lot of them in a special built "rig") or dedicated hardware (FPGA and ASICs).  The days of just gabbing any computer off the shelf are long gone.  Mining is far more competitive now.
8125  Bitcoin / Development & Technical Discussion / Re: Size of BTC blockchain centuries from now... on: September 14, 2012, 06:17:51 PM
In 1980 a 26 MB hard drive cost ~$5,000 (or $193,000,000 per TB).
Obviously angry birds isn't viable.  I mean who is going to spend a couple hundred dollars in storage on a free game. Smiley
8126  Economy / Service Announcements / Re: Bitmit - Bitcoin shopping mall (Translators wanted) on: September 14, 2012, 06:08:41 PM
A feature I would like to see is a "sweep" option.   Set a Bitcoin address and funds are transferred there.  Could have a min amount (possibly user set).  Similar to how mining pools work.
8127  Bitcoin / Bitcoin Discussion / Re: A plea to exchanges ... lets do 2 factor right! on: September 14, 2012, 05:46:05 PM
As Bitcoin continues to grow in popularity that is an unreasonable demand.  It may be a good practice to personally protect your wealth but an exchange should expect that a portion (probably a majority) of its users are logging in from a Windows machine.  I would point out that session jacking isn't just a windows issue.  There are exploits in MacOs, iOS and Android OS as well.  Users logging in from public wifi risk MITM attacks regardless of the OS.  Cross Site Script vulnerabilities in browsers, extensions, and plugin (java) are generally speaking OS agnostic.
8128  Bitcoin / Bitcoin Discussion / Re: A plea to exchanges ... lets do 2 factor right! on: September 14, 2012, 05:21:13 PM
Well, with no OTP on login or a jacked session it is not unfathomable that the account could be used to trade away all the funds from the account over a series of trades when withdrawing is protected with OTP.  

You probably are right and I likely understated that risk.  Still the far easier and more direct attack is to simply to withdraw the funds.    Not requiring OTP on that highest risk transaction is a vulnerability. 

For highest security OTP should be on both the login and withdraw.  Optimally the user should be given the choice. Still if an exchange had limited resources offering OTP only on login is worse IMHO than offering it only on withdraw.  The reason is that OTP on withdraw means 1 OTP = 1 withdraw.  Having it at login means 1 OTP = unlimited access to site including withdraws until session expires.

Security is always a tradeoff; an exchange could require a unique GPG signed message for every user actions (login, trade, cancel trade, change info, download history, withdraw, etc). Most users would not want that level of security.  So the goal becomes the most security for the acceptable amount of complexity.   The withdraw is the point of highest vulnerability.  If an attacker can withdraw BTC, he can steal quickly and with little chance of getting caught.  That action, having the highest risk of being fraudulent should require explicit (not implicit from the session login) authentication.

8129  Economy / Trading Discussion / Re: Anybody knows why BTCs are going up so quickly today? on: September 14, 2012, 04:47:38 PM
One Word. Magic.



(seriously though is someone actually KNEW why the price is spiking they wouldn't tell you.  they would either be buying or selling.  Even more seriously Magic.)
8130  Other / Beginners & Help / Re: got 6 posts but cannot post anywhere else on: September 14, 2012, 03:23:53 PM
It takes a few minutes.  The system "graduates" noobs like every 15 minutes or something like that. 
8131  Bitcoin / Bitcoin Discussion / Re: Old Fashioned Bank Heist: are the Exchanges Protected? on: September 14, 2012, 03:03:55 PM
Lets not talk smash and grab. What about the newer trend of kidnap a family member or wife, or even the person themselves and force the turnover of the wallet or private keys or a transaction for their release.

This is much more likely, especially as the value climbs.

It's also much "safer" than a typical kidnapping extortion as no one has to make a pickup of the cash or whatever. they simply verify it via the blockchain from anywhere and tell you where they stashed the person or body.

That isn't limited to exchanges though.  Why kidnap the family member of an exchange operator?  He/she may not even have access to the full value of wallet(s).  It would essentially be theft/embezzlement by the operator.  As exchanges get large enough hopefully they will adopt policies and procedures that make that impossible.  I mean if an operator can steal client funds to pay a kidnapper they can just as easily steal client funds to start a new life in the Caribbean. Smiley  

The method of payment shouldn't change the target of kidnappers.  The target of kidnapping paid in BTC are probably going to be the same as the targets of kidnapping paid in USD.  Any rich person can acquire enough BTC to pay a ransom.  Bank managers tend not to be targeted for ransom specifically because "their" bank holds a lot of cash.  Kidnappers are looking to add complications.   Find someone rich, take their love one, get paid (in USD, Gold or BTC).  

I do agree that Bitcoin (sadly) has certain properties which make it ideal for paying a kidnapping (or shipping piracy).  I expect it is only a matter of time before that headline is on every news site in the world.
8132  Bitcoin / Pools / Re: Pool Operators - PLEASE BAN & BLOCK GPUMAX getwork/proxy access to your pool on: September 14, 2012, 02:44:58 PM
Funny how everyone is blasting Graet because he is the only pool operator to actually take a stance

While I don't think I blasted Graet as I pointed out if he simply said "no or sorry it isn't worth the effort" that would be fine.  His pool (private property), his rights, his choice. 

The thing drawing the ire is the dubious counterarguments.  Acting like he needs legal action to choose who he lets connect to his pool.   Then pretending that GPUMAX is only loosely associated with Pirate.  That people are jumping on it as a result of guilt by association or some kind of mob justice.

The absurdity of those rebutalls is well .. annoying. I am done but I will leave this:
http://www.corporationwiki.com/Unknown/Unknown/gpumax-technologies-llc/101278778.aspx

Priate (aka Tredon Shavers) is one of three direct owners of GPUMAX.  It is insulting to pretend otherwise.
8133  Bitcoin / Bitcoin Discussion / A plea to exchanges ... lets do 2 factor right! on: September 14, 2012, 02:37:14 PM
Having 2 factor checked only at login is a security issue.  Please consider following MtGox's lead and properly secure withdraws with an explicity authentication.

Having 2 factor at login is "good" (certainly better than no 2 factor) but it still leaves the user vulnerable to session jacking where the attacker can impersonate the already authenticated user.  For sites that allow 2factor to be disabled from an authenticated session without a final 2factor verification a simpler attack is possible where the attacker simply disables 2factor from an active session and locks the user out.

Example session jacking attack:
Quote
User who has a strong password and OATH (2factor) device logs into exchange.  User is prompted for 2factor code, and authenticated.  Unknown to the user his system is compromised and is monitoring browsing activity looking for logins.  The trojan notifies the attacker that the user has an authenticated session.  Attacker uses the trojan and authenticated session to exchange all USD for BTC and withdraw all BTC to attacker's address.  This action can be nearly invisible to the user.   The user's session is stolen and the attacker impersonates the user when making the withdraw.  To the exchange server everything appears as genuine browser actions from an authenticated user from their IP address.  The speed of the attack is only limited by the exchange servers processing.  The user can be logged in looking at $18,000 USD and 2,000 BTC and then an AJAX refresh occurs and user is looking at $0 USD and 0 BTC. Looking in the activity history the user will see trades and withdraws that occurred seconds prior which appear to have come from him.

Eventually this WILL happen; it isn't a matter of if but when. When that happens it will undermine confidence in users.  "See even WITH strong passwords AND 2 factor AND a reputable exchange with partial cold storage you can still lose everything in a second".  

MtGox's setup with a complete security center and ability to configure multiple OATH devices for various options is ideal but it is also a lot for a smaller exchange to take on.  

The simplest fix (more like a patch) is to just limit 2factor to withdraws (and removing/updating 2 factor and editing/adding pre-saved withdraw options).  Obviously changing 2factor should always require 2 factor verification.  While in theory if 2factor is limited to just withdraws an attacker could force a user to sell (and attacker ensure he has the highest bid) however max loss would be the % difference in the bid ask spread.  (i.e. user sells $1,000 worth of BTC and only gets $997 worth of USD).  It is a pretty weak attack vector and certainly less profitable than session jacking.  The largest attack vector is removing funds from the exchange account moving the 2factor to that action hardens it.

A better solution would be to have multiple choices on 2factor configuration page.
  • No 2 factor
  • 2 factor on withdraw
  • 2 factor on login
  • 2 factor on login & withdraw
8134  Economy / Scam Accusations / Re: Scammer - HashKing on: September 14, 2012, 04:04:49 AM
Way to miss the point.

If the post you deleted was:

I love rainbows how about you?

do you think you would  be getting a scammer tag?  No?  Can you think of any reason why you might be getting one?



8135  Bitcoin / Pools / Re: Pool Operators - PLEASE BAN & BLOCK GPUMAX getwork/proxy access to your pool on: September 14, 2012, 04:02:53 AM
Which I think it a .... load.  So ozcoin supports suspected botnets?  trojan horse infected miners?  Does it wait for a court order signed by a judge before kicking malicious users.
8136  Bitcoin / Pools / Re: Pool Operators - PLEASE BAN & BLOCK GPUMAX getwork/proxy access to your pool on: September 14, 2012, 03:57:15 AM
Now without any legal justification you are asking pool operators to block a Bitcoin business that has done nothing wrong apart from paying miners a few days late a couple of times and being associated with this Pirate fellow.

Um isn't that kinda minimalizing it.  Pirate owns GPUMAX, he always had.  He never hid that fact.  Not sure what "legal justification" has to do with it.   Pirate has no legal right to connect to your pool (private property).  You don't need any legal justification to tell a third party they can't connect to your server.  Do you require a court order to kick botnets from your pool?  I mean a pool is private property why hide behind a need for "legal justification"?

If you answer is no ... why not just say no. Pretending Pirate, the same guy who defrauded millions, doesn't own and profit from GPUMAX is kinda lame though.   I mean if nothing else the fact that he has absolutely no ethical standards should make people at least question if it is a good idea for a significant fraction of global hashing power to be in his (indirect) hands.  Right?

BTW: Never invested or lost anything in Pirate stupidly transparent ponzi scheme and have little symathy for those who did despite the overwhelming evidence that it would end exactly how it ended.  None of this has anything to do with getting funds back from victims or seeking vengance.  It is about pools not associating with a known scammer (possibly the biggest one in Bitcoin history).
8137  Economy / Currency exchange / Re: You've got PayPal? I'll sell you Bitcoins. on: September 13, 2012, 09:45:38 PM
Just beware their seller protection isn't bullet proof. 

"Mr. PayPal LoweryCBS mailed me an empty box".
or
"Mr. PayPal the item LoweryCBS mailed me was materially different than as described I would like to return it <after transfering the funds>".
8138  Bitcoin / Mining speculation / Re: Is mining bound to be impossible once all BTC's are being circulated? on: September 13, 2012, 09:43:28 PM
Yes there will always be a need, but in order to fill that need there needs to be an incentive... need. If new fees are imposed on transactions to subsidize miners then wouldn't there have to be a huge amount of liquidity in the economy and just generally more transactions? Otherwise there wouldn't be enough fees to cover the amount of dedicated miners.

Now you see why Satoshi used a subsidy to bootstrap the economy.  You can also see why the subsidy can decline.  Remember Bitcoin is a work in progress (BETA) so nobody has all the answers.

Today if there was no subsidy for miners to make the same (in USD terms) would require a fee of roughly $2.67 per tx.  Ouch obviously not viable (still cheaper than WU though Smiley ).   The good news is that roughly a year ago the cost per tx would have been ~$6.00 per tx and roughly 3 years ago the cost would have been closer to $50 per tx.

http://blockchain.info/charts/cost-per-transaction?timespan=1year&showDataPoints=false&daysAverageString=1&show_header=true&scale=0&address=

If tx volume continues to increase then the unsubsidized cost of the network gets cheaper per tx.  

VISA processed roughly 80 billion tx last year.  If Bitcoin was someday 10% of the size of VISA that would be ~8 billion tx annually.  At an average tx fee of $0.01, it would be the cheapest global payment network and would produce ~$80 mil per year in revenue for miners.  Today with a subsidy of 50 BTC miners are compensated ~$28 mil annually at current exchange rates.  Will Bitcoin grow that large?  I don't know just pointing out that a small fee on a lot of tx can result in a very large number.
8139  Other / Beginners & Help / Re: Need some knowledge on: September 13, 2012, 09:10:03 PM
sorry to hijack, but is there a reward at half block? like when the full block is completed?

this is what i was wondering as well because i was told that the value of BTC would double at the half block. and if im not mistaken i think the full block is completed at 21 million BTC. its that or a half block is marked by the number of transactions.

Some incorrect terminlogy being used.

A block is solved roughly once every 10 minutes.  Unconfirmed (pending) transactions are hashed together and included in the block being solved.  When the block is solved (a very difficult math problem) the block becomes gets added to the end of the blockchain (a historical record of all blocks solved and all tx recorded).  Currently the blockchain contains 198,637 blocks.  The process of solving blocks has been happening continually since the genesis block (block #0 created by Satoshi) roughly four years ago.

Miners are provided a subsidy for solving a block.  The subsidy is (and has been) 50 BTC per solved block.  At block 210,000 the subsidy will be reduced to 25 BTC per block and it will continually halve every 210,000 blocks (~ every 4 years).  The reduction in the subsidy is well known (known since before the first block was produced) IMHO it is unlikely to surprise the market.  Just because the subsidy is cut in half doesn't mean the value of each coin will double.  
8140  Bitcoin / Bitcoin Discussion / Re: 1BR: Should the block reward be 50 BTC for ages? on: September 13, 2012, 08:32:37 PM
It seems to me that u r right. So there is no way to change Bitcoin. Any changes will likely lead to a fork.

Well Bitcoin is what a majority (preferrably a near consensus super majority) say it is.  There already has been one hard fork to the protocol.  The fork which is known as Bitcoin is what people say it is.  It is just for something as controversial as changing the minting rate it is unlikely you will ever get enough of a consensus to pull it off.

The worst case scenario would be two incompatible forks both supported by a sizable fraction of the bitcoin "community" (merchants, exchanges, developers, miners, users).   The confusion and chaos would likely undermine both chains.

Pages: « 1 ... 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 [407] 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 ... 800 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!