Watch for limit orders not being executed when they should be, or delays before trade execution. That's an indication of front-running.
Hmmmmm. I hope this thread isn't related... |
|
|
|
Very cool!  Looks like he has put further development on hold, due to the heavy cost of building prototypes. It's a CE115 based design, and those chips aren't cheap! I wonder if the design is compatible with a smaller chip ... That's a very good question indeed, especially since I seem to recall that an appropriately-compiled version of my modifications to your original miner just fits on the EP4CE75 at a claimed 100 MHash/sec (with something like 97% usage, IIRC). I assume the EP3C80 would give similar performance too. Edit: I'd have mentioned this before but I've been distracted and the cost saving isn't really enough. Edited to add:I saw that earlier. In theory, the FPGA synthesis tools automatically carry out optimisations like that for you; they optimise logic in a fundamentally different way to OpenCL compilers. Not sure how true this is in practice. |
|
|
|
For a fixed money supply, the rate of average price deflation depends on investment. Let's say that investment drops to zero, and consumption = production. There is no deflation at that point.
So if there is ever "too much" deflation, then investment will die down and drive down the rate of price deflation.
Why? More specifically, you seem to be assuming that the proportion of currency in circulation to currency squirreled away for another day will remain the same, and I see no reason why that should be the case with a deflationary currency. Amusingly enough, bitcoin today is inflating at a furious rate, roughly 40% per year. Clearly the rampant speculation of today has nothing to do with deflation.
Surely if anything it's deflating - the price of goods in bitcoins has decreased over the last year. |
|
|
|
They're not even remotely equivalent for the Spartan 6 series. The good news is that Spartan-6's LUTs are 6-input rather than 4-input, and that registers aren't as closely tied to LUTs which means you don't waste as many LUTs. The bad news is that the number of actual 6-LUTs is only 2/3rds of the number of equivalent "logic cells" they advertise, and of those only half have the carry chains required to use them as adders, and I don't think they can calculate more than a single bit of an addition per LUT (unlike the ALEs on Altera's recent Stratix FPGAs), and they lack the small local-ish RAM blocks that are used as shift registers on the Cyclone IV. Basically, you're going to have fun fitting the design into anything smaller than the XC6SLX100, and unfortunately FPGAs that big aren't supported by Xilinx's free WebPack tools. The number of LUTs and registers might look like it'll fit with some cramming on the LX75, but you'll be constrained by the number of adders required. As for the LX45 - no chance as far as I can see, not even close to enough LUTs. |
|
|
|
It's called interest. It's a feature of all loans. The rates would reflect deflation.
Of course, you'd have to pay interest on your loans on top of the increases in the amount you owe due to deflation which puts up the cost of borrowing quite a bit. Not to mention that Bitcoin would have to deflate by several orders of magnitude at some point if it were ever to support a substantial proportion of world trade, and there's no realistic way to pay back a loan that's increased by that much. In general people will always have to eat, drink, wear clothes, get to work, educate their children, etc. Consumption will always exist. There's a time preference for now vs. later.
Yes, which is why most of the population doesn't actually benefit from deflation. The real problem is investment in research and development, capital expenditures, etc. There's no incentive to spend money on better ways to produce food and clothes, more effective means of transport, etc... |
|
|
|
In that case though, I don't understand what the advantage is? Other than being an overly complicated way of forcing a secure password.
If someone has cracked a website and gotten the password database, then that database will include the shared key; and the attacker can just enter that shared key into their copy of the two factor authentication software.
Protection against password sniffing is already provided by SSL isn't it?
Protection against password sniffing is provided by SSL so long as the end user's machine isn't compromised. That's the main threat these devices are designed to protect against. (Though as I've said, YubiKey do have a HSM of some kind you can store the server copy of the shared key in to protect it when your server gets compromised. I've no idea if Mt Gox are planning on using one.) |
|
|
|
Someone actually managed to hack into my Linux box yesterday through some SSH hole. Luckily I didn't have my wallet sitting around. I'm amazed that the hole was there by default (I installed SSH and figured it would only work for my username).
The only one of my Linux machines that got hacked was hacked in a similar way, except it was a VPS and my mistake was not realising that HyperVM was sneakily resetting my root password to the provider-set default of "changeme" behind my back. (Surprisingly, even then it seems it took several days for anyone to actually brute-force their way in.) |
|
|
|
By saying "my linux box just got hacked, and now I'm going to get sued", he also pretty much said:
"I downloaded something from an untrusted source, intentionally set it to executable, and then intentionally executed it. I gave the hacker your money. Now I am going to get sued because I am an idiot."
There have been Linux security vulnerabilities before, you know. As in bona-fide, open the wrong webpage and get instantly hacked vulnerabilities. In fact, most of the security issues in programs like Flash and Firefox apply just as much on Linux as on Windows these days, it's just that no-one really bothers to target Linux desktops. Bitcoin seems like a very worthwhile reason for some hacker to change that. |
|
|
|
It is very simple to match http logins with IP addresses.
This doesn't work if you've got a CSRF vulnerability in your website. Since it's the victim's browser carrying out the request on behalf of the attacker, no unusual IP addresses show up in the log. In fact, it's actually impossible to prove that a CSRF vulnerability hasn't been exploited from server logs, which is one of many suspicious things about MagicalTux's recent statements. (You can look at the referrer header, but there are ways for the attacker to blank this out, and many users' browsers don't send a referrer anyway.) |
|
|
|
It seems to be a symmetric key instead of an asymmetric key. Perhaps I'm misunderstanding, but doesn't that defeat the purpose? We're just storing another password?
Most two-factor authentication schemes do use symmetric keys - it's the only way to create authentication codes that are actually short enough to type manually, I think. Even YubiKey is symmetric crypto. They're mainly designed to protect against password sniffing, though some have special hardware crypto modules that the server can store its copy of the shared secret in securely. |
|
|
|
Your math is off by a bit because you can't split cores. If a core takes 75K LE, you don't get three of them by joining 2 chips with 120K LE each. You get 2.
So, 27 chips would give you 2.7 Ghash/sec instead of 4.3 Ghash/sec. I don't know how that factors into your projections.
In theory it might be possible to fit another half-core in each chip doing a hash every 2 cycles and hit 4 Ghash/sec total, but it'd be far from trivial to achieve. |
|
|
|
- You are not sure if your bitcoin will keep its value in the future (yes, it contradicts number 1 but that's it).
That's part of the problem, actually - there's no contradiction between the early adopters getting rich and bitcoin failing to keep its value in the future. All that's required for them to get rich is for the price to go high enough for long enough and with enough BTC-USD trading volume. Once that's been managed, the whole thing can fail spectacularly and they'll still have a small fortune if they've played their cards right. In fact, it's possible the process of them cashing out will be partly what triggers the whole thing to fail spectacularly. |
|
|
|
Nobody is mining on testnet?
Maybe tesnet bitcoins will have a real value... after all they are really needed for testing purpose
They're fairly easy to mine, I think; I've got about 150 or so I mined for my own testing purposes a couple of days ago with a tiny amount of mining power. Waiting for confirmations is a tad tedious though. |
|
|
|
While in theory Bitcoin isn't tied to any central authority, the reality was/is that its only usage - besides buying some alpaca socks and heroin - was through trading on these exchanges. There was/is nothing "decentralized" about Bitcoin when all you do is pass through through Mt. Gox or Tradehill.
Supposedly, even the buying of illegal drugs like heroin was dependent on Mt. Gox, with sellers pricing their goods in USD and using scripts to automatically update the BTC price. The whole thing is astoundingly centralised. |
|
|
|
Purchasing power of the blacksmith is only greater if he spends his savings. If he doesn't spend his savings, everything works the same but with slightly different price levels. If he spends his savings he can buy stuff. Duh.
Not that simple. The problem is that if he saves in the short term he can increase his overall spending power significantly in the longer term, so he has no incentive to spend money now rather than later. 1. He is in a good market position; competition will quickly move to erode his advantage and he will spend profits to become more competitive, thus this situation is temporary
You're assuming perfect competition of a kind that doesn't exist. In particular, setting up a competitor has high initial costs in terms of equipment and land, which acts as a barrier to entry. What makes it worse is that anyone with the money to fund this also has the option to just sit on it and watch their spending power grow in the same way as the original blacksmith, so it's only worth it if their expected return is greater than the amount of money they'd get for just doing nothing. |
|
|
|
Because they are having a hard time setting up a system that doesn't.
Seriously, you were one of the few voices of reason on the forum, what happened. Don't go crazy on me.
I think what Bit_Happy was saying must just've aligned with your own biases up until now... there was nothing "voice of reason" about using emotive language comparing the Mt Gox incident to wildfires, for example, but that post was encouraging people to stick with them whereas this one wasn't initially. |
|
|
|
But sometimes the free-market will save also... as suddenly those who make good sites are at a competitive advantage.
That's the trouble - it won't and it hasn't. As an end user, you can't actually tell how secure one website is over another. There's no way of spotting whether there's a daft SQL injection or XSS attack somewhere on the website, or the admin has set his or her password to "iloveyou", or if they've given database access to some auditor with insufficient security, or how effective their detection of suspicious activity is, or how well they're storing passwords. Most people don't even have the knowledge to spot the obvious externally-visible things like a lack of protection against CSRF attacks. (Mt Gox failed at pretty much all of these except for the "iloveyou" one.) What's more, even when evidence of a security breach does come to light most people don't seem to care. Look at all the people on this forum who still trust Mt Gox more than they trust any of its competitors despite all the evidence about its lack of security. |
|
|
|
One thing that came to mind is why they used "domainsbyproxy" for their domain, but yet post full names and profile on forums. :/ Confusing.
Good question. If you don't use domainsbyproxy you do get all sorts of annoying spam and scams, including printed-and-mailed fake invoices from scammers, but I can't imagine that was enough of a reason for them to do it. |
|
|
|
I'm sure you know that source code doesn't depends on archs, as archs are handled by compilers.
LOL *rolls on floor laughing*. That's a good one! You do realise that we're talking about kernels here, right? Compilers don't know about page tables, or context switching, or power management, or interrupts (on most platforms), or any of a number of important architecture-specific things that kernels need to manage. The code to handle this is in the architecture-dependant arch/ directories of the Linux kernel. (I believe the BSDs handle the seperation between architecture-independant and architecture-specific code differently. Never used them though.) I ported android to the vending machines. And if you have a barely knowledge of how android is structured, you would know how complex is this task. Obviusly I was not alone.
Android is not Linux. Developing Android drivers and porting it to a new hardware platform is not that similar to developing Linux drivers and porting that to a new platform. Android's based on the Linux kernel, but it has enough fundamental changes to the driver APIs that they're not really compatible. |
|
|
|
I'm in no way discrediting TradeHill.com - I use them all the time myself, and I think they are great. Just pointing out that if you are getting bargains there (or anywhere else right now), it is because of all the stolen coins.
Only in a very indirect sense. There's almost certainly a lack of liquidity at TradeHill - they're not much easier to get money into than any other bitcoin trading website, and a lot of traders have their cash stuck in MtGox - so that will almost certainly affect the prices. (Also, I'm a bit twitchy because I've seen some really, really weird pro-MtGox posts in the last few days.) |
|
|
|
|
Show Posts
