Two Feature Requests.

Secure "New Version of Multibit Available" announcements built into the main screen.
Secure "Securty Update for Multibit" that shows instead multibit, (however multibit can be still run with an override).

Secure "New Version of Java Available" announcements.  (check the version of Java running)
Secure "Security Update to Java - Must Upgrade"  that shows instead multibit, (however multibit can be still run with an override).

I don’t know how feasible such announcements would be.  However it would make me much more combatable recommending multibit to non-tech people.

beter to post on the old thread than make a new one...    I don't know why this forum has that silly warning.

While it is great that Luke has put the time into preparing these next-test builds . I just wanted to explain why the maroon pull patches are contested.



The problem is that this may (quite unlikely) correct to an unspendable address.

 

Support URI with Satoshi or Hex or (Tonal, that is just hex with funny characters).  Problem.  People want URI's to be easily human readable.



Danger of buffer overflow, (if there is a bug in the to hex code).  Virtually no real-life performance gain.



Tonal support, tonal is base 16 numbers with strange characters for the numbers higher than 9.
Problem: nobody cares about tonal other than Luke.

Um... Money is just a unit of accounting for transferring value between people and corporations.
The question is what sort of money you are using…

To be honest.... that city looks boring.

I love the minecraft cities that are more 'organic'

By default if you can steal the log of someone, you then can steal there wallet.dat. (that may or may-not be usefull, if the wallet is encrypted or not)

Thai Raw Honey is now for sale: https://bitcointalk.org/index.php?topic=68747.msg800990#msg800990

Join #bitcoin-fishmonger!  We have all sorts of fresh produce for sale!

 

Updated List of Seafood and Fresh Produce for Sale

Raw Thai Honey - https://bitcointalk.org/index.php?topic=68747

Unfortunately not
The team for btcfn has pretty much died, in the massive slow decline of the bitcoin price… Things have been slowly been starting to recover, however the passion for bitcoin in the community has for a large part, been lost.

Freenet, with the major reduction of work done by Toad, has been chugging along very slowly.  Much of my focus has shifted to CJDNS; an encrypted networking protocol, which is designed to be very fast.
I am happy to refund any of the bounty.  Or will keep it open for developers who wish to take up the challenge of developing the btcfn project.
I guess the core problem is that it has proven to be very hard to do… Once the bitcoinj project has matured into providing the functionally of a full-node, it should be much easier to integrate with the java bitcoin project.

Overall, the funds are still safe, we are looking for developers, and if anyone is interested in developing the btcfn project, you are more than welcome to contact me.

You are complexly mixing up the different concepts of 'quantity of security' and 'quality of security'

If is like having a huge poorly trained army (that may be able to defend a country from external war)...
However you need special elite forces to defend against internal and sensitive disputes (such as dealing with spy's).

By your logic, because the special forces cannot defend an entire country against an invasion, they are:


I’m arguing that more than one type of security is required…. and for defending against internal attacks, the extremely high ‘quality’ of the security that we have is a good thing.

The problem the proof-of-stake is that it requires TRUST.  You must trust the people who have large numbers of bitcoin, to be both active, and not malicious with their investment.  With the current proof-of-work… being stakeholder counts for nill… as you don’t need defence, if you are not transacting your bitcoins.


A web-of-trust, (or even a proof-of-stake, a type of web-of-trust), that provides a lower grade of security, but at a much lower cost (so we can afford a very large quantity), is good for the 2nd line of defence, that we use against 51% attacks…

However I do not agree that the proof-of-work is made irrelevant by the proof-of-stake idea.  Rather I think that they provide solutions to different problems.

The proof-of-work is very good for stopping internal attacks... It however provides no natural defence against attacks that are externally financially motivated.

It is completely reasonable that the internal bitcoin community can decided what miners they trust, and weigh their blocks more than of blocks from unknown miners.   Such a defence is called a ‘web-of-trust,’ and it provides a different quality of security to a proof-of-work.

Since the proof of work is to defend against internal attackers anyway… there is no problem in using a different type of defence to defend against externally motivated attackers.

So a proof-of-work is already secure enough to secure against internaly motivated double spends, why would an external 51% attack completely dis-credit it?
That is akin to saying “Something getting defeated by an attack that it wasn’t designed to defend against, means that the original design was faulty?”  - No it just means that the attack was out of specification.

The problem with proof-of-stake is:

1.   As proposed require a fundamental change in how bitcoin operates.
2.   The security of Bitcoin should be up to those who 'trade' bitcoin, not those who own lots of it... Holding bitcoin is always going to be safe, even under a 51% attack.  The problem lies with trading it.
3.   Why not publicly signing something saying that you own a particular bitcoin address that holds many bitcoins is not enough of evidence that you own bitcoin?

The key point should be that we build the infrastructure that doesn’t change how bitcoin works, that allows us to respond much more effectively to a 51% attack.

The two key things to do are:

1.   A standard way to produce cryptographic signatures showing who made the block.

This will allow website such as blockchain.info to check tell whom is the owner of the block in a much more secure way than just looking at the coin-bases and the IP address that the block was announced from.

2.   The hooks for user-defined checkpoint, so this later on can be used by the user to choose a chain based on any criteria they wish.

Both of these things do-not change how bitcoin operates at all (possibly the mining signature within the block will need some modification to the block format… however I’m not an expert in _how_ one would make cryptographically secure block-signatures, however, I do believe that it is useful and doesn’t change the fundamentals of bitcoin).

I think you have a large misunderstanding on how bitcoin operates.  How would you enforce this, when you want the network to remain opon for new miners?

2nd IP addresses are very very poor at identifying a node. IP black lists will never work.

Nothing... the attacker will just use bounces, many IP addresses, connect to different nodes block, or mines over TOR.  The latency for release of the attacking chain that has been mined with 51% hashing power isn't important in the long run.

A web-of-trust based system will never work without two main features:

1.   Active Human Thinking Trusted Parties.
2.   Cryptographically Secure Announcement of Trust Relationships

You cannot have a secure web-of-trust without active human maintenance… figuratively you are trading computational security through the proof-of-work.  With trust gained by human interactions.

AKA... You cannot have your cake and eat it.

Edit: I suggest that using Unique IP address would be a poor security model against a motivated 51% attack.  As it would tend to lead to many different solutions, as the attacker would also flood the network with malicious nodes.  (Remember that a 51% attacker must be externally motivated to the bitcoin network)… Therefor it is likely that the attacker would have many times the financial resources disposable than the entire bitcoin network can use to defend against it.

My proposal:

1.   Miners release signatures of their blocks by-default.  If they want to remain anon, either don’t release one… or use a new identity for every block.
2.   Bitcoin will display a warning if the current chain contains a very unexpectedly long time without any blocks from its ‘favourite’ miners.
3.   Bitcoin also displays warning when ‘favourite miner’ blocks consistently get orphaned.
4.   Upon detecting an active alternative fork, that contains many blocks made by the nodes ‘favourite’ miners, an option will be given to the user to move to the forked chain.


Edit:  By ‘Favourite’ I mean, whoever the developer of the particular client decides are trusted.
The user should be provided with a clear and simple way to change the ‘default’ favourite miners.

This has been a problem that has been on the back of my mind for a very long time also.

The core component is that this will provide a 2nd line of security against attacks based upon a web-of-trust style of security model, rather than the absolute ‘who hashes the most’ security model.

From the start-out the web-of-trust and computational problem security models have different ‘qualities of truth statements.’
The quality of the security that a cryptographic problem provides is a provable solution, which is non-relative.  All parties in the system will come to the same exact solution.  It can be summarised as the quality statement:  “This is absolutely true for everyone”
In legal terms it may be said as:  “This is true without any doubt”
This can be dramatically contrasted with the quality of the security that a web-of-trust provides.  A web-of-trust gives a relative prospective for the solution.   Each party may or may not come to the exact same conclusion, based upon whom they trust.  It can be summarised as: “This is good enough for me”
In legal terms it may be said as:  “This is true enough for my purposes”

Now…  Having such a strong truth statement comes at a much higher cost that a ‘less rigorous’ truth statement.   The cost in the case for bitcoin is that there is no ‘human’ element in deciding what chain is valid or not…. Instead it is entirely left up to ‘whoever can gather the most hashing power.’
Economically, such a high level of truth statement is affordable to protect bitcoin against internal attacks, (people within the bitcoin community).  Namely those whom want to seal through double spending bitcoins.
However, the economics doesn’t provide any natural protection against an externally motivated attacker.  The attacker whom gains the finance through taxation, or the protection of established systems that bitcoin competes with.

Much higher levels of security can be gained far more cheaply by lowering the required truth statement.
Think?  Is the precise order of the transactions important; if the network is being attacked by an attacker who stops all the transactions?

This is where casascius gets his idea of a ‘trust’ based system to protect against the 51% attack…  It is more important that we gain an “Extremely High” level of security against a motivated 51% attack, than maintain our “Extremely Strong” level of truth statement.

PS.  For a long time, I have been conceptually designing a ‘web-of-trust’ coin… However I’ve never came up with a good way to ‘issue’ the new coins… However It could work as a low-cost security backend for a pre-allocated *coin.

Having the pools include a signture within the blocks they produce is a very good starting point.

It dosn't harm the network in any-way... However makes the post 51% attack 'cleanup' much easier.

Cool look jim!

Though I do think that the wallet list is a bit busy... maybe put some stronger horizontal emphases between the elements?

Well the UK thing to do (that I have done) is to gett smashing drunk at your local with some bitcoin friends you've met on IRC.  Then spending the next day wishing you had never met them.

In Australia I guess you could have a Bitcoin BBQ, or smoke some weed and talk about how 'dope' bitcoi is (or both).  However I think the most Aussie thing to do is to buld a trading system that makes bitcoins, cheap (aka. Close to the market rate), and easy for the normal bloak to get his hand on some.

Just a group of people where we can bounce off eachother is a good start.