Well $390K plus electrical costs but the larger issue becomes the 2nd round of Avalon, plus BFL first batch, plus any other competitors.  You could see that $390K worst case scenario jumped to something more like $39M over the course of a year.  Remember the first batch is the hard part.  Once production gets ramped up the sky is the limit.  Also it is a sort of sales race as each new miner reduces the value of future sales thus for all competitors the best option is to sell as many units and quickly as possible.

Still I think you may be right I think many miners will hold at least some portion of their coins but I also think you are significantly underestimating the worst case scenario.

Really so it would be better to see their product instantly become worthless, sales plummet to zero overnight, and all miners revert to using (cryoptographic flaw enhanced) GPU?  That is better than a (essentially 0.0%) chance that Bitcoin will switch to a new algorithm.  Note the clumsiness of the saying "Bitcoin will switch".  Is Bitcoin a person?  a corporation?  Who exactly would switch?  EVERYONE?  Nobody would decide to keep using "original bitcoin".  Imagine the confusion and chaos if for example MtGox supported original Bitcoin but bitpay supported "new bitcoin" and there were two incompatible forks of the reference client each supporting one version of the protocol and users had coins on both versions with initial balances at the point the blockchain permenently and irrevocably split.  Think that chaos might be bad for Bitcoin?  Think that might be worse than the non-problem of miners calculating hashes faster?

The hashing algorithm isn't going to change.  Anyone who understands the decentralized consensus that is Bitcoin understands that.   A flaw which allows someone to hash 1000x, 1,000,000x, hell 50 quadrillion times faster presents absolutely no risk to Bitcoin.  It simply means everyone will end up using the "flaw" (either back on CPU/GPU/FPGA or on some future ASICs) and difficulty will increase by an equivalent amount.  

True but there will be a very large incentive for an ASIC developer to release a chip which takes the crytographic flaw into effect.  Until that happens you could see (hypothetically) a period of time where the average GPU can out hash a high end ASIC. 

Well no.  Lets ignore that SHA-256 is a hash not encryption and thus with infinite amount of time and infinite amount of energy you can't "decrypt" SHA-256.

Still 256 but keys are sufficiently large that even at the thermodynamic limit (i.e. a theoretically perfect computer) there is insufficient energy and matter in our solar system (i.e. kill everything and convert the entire solar system into a super computer which uses the complete output of our star until it dies) to even .... COUNT to 256 bit, much less perform any complex calculations.  It is possible that encrypting algorithms will be compromised due to undiscovered flaws which allow attackers to perform attacks at faster than brute force but 256 bit keys will not be brute forced.

For information on the energy requirements (using an as on yet not invented perfect computer) required to count to 2^256 ...

http://www.schneier.com/blog/archives/2009/09/the_doghouse_cr.html

Nobody is going to accept PayPal/CC for any significantly sized amount of BTC because to engage in reversal fraud is pathetically easy with those payment methods.  Also I would point out brokerage and forex accounts generally don't allow funding by credit card.

I wouldn't recommend investing in mining without being willing to do significant (as in a dozen hours or more) of independent research of profitability.  If you aren't willing to do that then most likely you are just going to lose money trying to get into mining.  ASICs will arrive eventually and when they do will turn your FPGA investment into an obsolete piece of garbage almost overnight.

I would point out only BitMinter and P2pool offer both 0% fee to miners and payout all transaction fees collected.  Not really sure why anyone uses anything else?  Maybe they don't want to get too many coins.

For mining purposes MD5 being "cracked" wouldn't prevent it from being used a proof of work.  It is unlikely SHA-256 will ever be replaced as the proof of work algorithm in Bitcoin (this is different than the hashing algorithm used in address creation).

For example say an cryptogrpahic flaw was found that would allow one to find SHA-256 collisions 1000x faster than brute force.  Ok everyone uses it and difficulty rises by 1000x.  Difficulty is a completely arbitrary construct.  Difficulty 20M on unhacked SHA-256 vs difficulty 20B on "hacked" (1000x faster than brute force) SHA-256.   Who cares?  People stopped using MD5 because one could find a collision faster than brute force this is bad for things like securing passwords or validating encrypted packets.  In Bitcoin mining we are attempting a brute force attack. Rather than looking for a specific collision we are looking for a hash which is below a completely arbitrary number.  If it gets easier to to that difficulty will rise and the completely arbitrary number (the target) will be smaller/harder.

To change the mining algorithm would be a hard fork.  It is unlikely anyone would get enough support for a change like that.  Miners and merchants will continue to use the "real" Bitcoin fork.

I may have overspoke I don't want to define the role of another company but with the "BTC to email" option I would assume that is an off exchange transaction. 

The off exchange market is much larger than many people realize.   Someone looking to buy or sell a large quantity (>1000 BTC) will find that due to lack of slippage an OTC transaction with a trusted counterparty makes more sense.  Generally when someone is looking to buy 10K BTC or more they get to know the other party so I have spent considerable time emailing and talking with potential clients.  There is a growing interest from non-traditional money (i.e. those people who have no interest in mining, or a certain darknet marketplace).  While I never ask "how much do you make?" or "what is your net worth?" you get an feel for someone finances on how they deal with money.  In FC4B we have clients who are freaking out because a $400 ACH is a day late.  We have also had direct buyers be willing to post six figure wires a couple days early because it was easier for them to get it done that day.  The later aren't people building mining rigs in their garage. 

We (Tangible Cryptography LLC) sell about 10K BTC a week in direct off exchange sales.  Our highest volume week was closer to triple that.  I have learned indirectly through clients that there are about three or four other entities which can handle transactions in the >1000 BTC range.  So what is total OTC volume (to include other direct sellers like BitInstant)?  It is hard to guess but I wouldn't be surprised if it is more than 40K to 60K BTC per week.

No and it never will.  A change like that would require literally 100% support of all users as it would be a hard incompatible fork. 

No need to use tiny decimals though.   5 mBTC vs 0.005 BTC.   5 uBTC vs 0.000005 BTC.  It is possible people will call these by slang or informal names.  i.e. millies of mikes.   

Transaction fees.  Fees as a % of total miner compensation have already risen from 0.0% to ~1% to 2% of miner total compensation.

ING doesn't have business checking accounts.

Idiotic was harsh.  I am glad you are taking security seriously.  However compared to a true 2FA system the system is going to leave keylogged users vulnerable.  Even with just an email compromised user depending on how active the user is if the user's email is compromised an attacker could still pull off an attack.  Your right though it is better than nothing.  It does prevent pure password re-use attacks and session stealing attacks (which the way some exchanges have poorly implemented 2FA don't).


I would rethink Google Authenticator.  It doesn't really require any technical skills.  A user with smartphone and the ability to install an app is all that is necessary.   Pretty much user proof at this point.   

1) User installs GA app.
2) USer clicks on new site (on the app)
3) Users is directed to scan GA barcode (displayed on your website) with the smartphone.
4) Done. 

All the hard work is done on your end (generating & recording the GA secret keys, providing user with barcode, calculating current code and comparing to user provided value.  For the user it is copy code on phone to web form.

Still if you want to go SMS that is a valid option IMHO.  Personally I don't see any security flaws (not for the amounts users are likely to be protecting).  I did some testing with this provider and it might meet your needs.  They can set you up with a trial account with some free SMS for development.

http://www.cdyne.com/api/phone/sms/

My guess ...



My alternate theory is that the percentage of intelligent people on slashdot is actually very low.  For a while this was hidden because the few true experts outshined the mobs of non thinkers.  Some time ago slashdot hit that tipping point where it kinda became pointless.

First.  There is no such thing as "hoarding", it is a pejorative from a society focused on consumerism.  The term you are looking for it "SAVING".  People have saved throughout history.

The "millionaire problem" is self correcting though.  If demand doesn't materialize at the same rate because the economy expands slower because people aren't engaging in as much commerce then the rise in the exchange rate will slow.  People will save less as expectations are lowered to match reality.  Hypothetically say over the next 3 years Bitcoin exchange rate "only" rises from ~$14 to $20 it likely will affect your mental outlook.  

How about https://bitinstant.com

If you have a MoneyGram location (CVS, Walmart, etc) you can buy them with cash the same day.

Wants has nothing to do with it.   "I'll pay you to do something I CAN'T".  I can't repair my own heart so I will gladly pay a surgeon to do it for me.   The surgeon is more effective at fixing hearts than doing accounting so even if he could learn accounting it is more efficient for the surgeon to pay an accountant.   Both the accountant and the surgeon benefit.  I also benefit because the surgeon has devoted more time to the biz of heart fixing by NOT learning accounting.   That means I am less likely to die on the operating table.  Specialization is what has led to prosperity for the human race.  Even tasks that anyone could do ... say taking out the trash we benefit by paying someone to do it.  If I am a good at a particular skill  then global prosperity is maximized by me spending time completing that skill.  The janitor takes out the trash and that means 10 more minutes a day I can be writing code.   


TL/DR: Your a moron.

Eventually it would be nice for scripts like this to work their way into the clients.   "It appears you wallet has become fragmented.  Would you like to consolidate some coins.  The coins will be unavailable until confirmed".

Anything that reduces the size of the pruned database is a positive.  It would be optimal if miners could detect these types of transactions (where the size of the output is smaller than the size of the input) and allow them as space allows even with no fee. 

EVERYONE (including miners) benefits from reducing the size of the pruned database.

Mike has some good points but there is one fundamental difference with Bitcoin.  It can't be reversed, it can't be frozen, it can't be suspended.

What makes this issue so much tougher to fight is merchants are held hostage to third parties (i.e. banks, payment processors, credit card issuers, and service providers) who don't provide adequate tools to prevent fraud.  When the merchant doesn't prevent fraud (with nonexistent tools) it becomes the merchants fault.  Wow what a great system.

For example if I receive a bank wire the bank "could" provide me the phone number on the account.  Or for privacy reasons provide me a bank phone number and extension, which when I dial gets relayed to the account number on the account.    I get a wire, I do a call back verification and find out "WTF? You wired me money for an iPod cause a guy on craigslist told you too?".  I hit the (currently nonexistent) return button, indicate fraud, and the wire gets returned to customer with any fees PAID BY THE IDIOT CUSTOMER not the innocent merchant!

Another thing which "could" be done is change the way bank wires are originated.  Customer enters the routing and account number and the bank website (because banks are sharing this info) displays the business name, contact information, and a custom message from the business



Even better since accounts are just numbers and can be up to 30 digits long (ACH or IBAN) Banks could allow businesses to generate a single use address with a custom message (i.e. internal order number, account number, purpose of transaction, warnings, etc).  Funds sent to the single use account number get swept to the business main checking account.  Once used once any funds sent there get bounced back as undelivered.

None of this is science fiction. It could be done today, hell it could have been done 20 years ago.  However banks have no reason to improve security.  They don't lose anything.  That is the problem with monopolies.  From the banks point of view security is currently "good enough".  Real security is expensive and the banks are paying for the costs of inadequate security.   It is just like credit cards (although to a lesser extent) the current model removes all responsibility from the customer AND banks and places it on the merchant (who is the least equipped to prevent fraud).

How does Bitcoin change that?  Well one being an open network it allows the development of the security tools banks never will.  The other aspect that changes is it makes the customer responsible for their own action.   Instead of merchants being given an impossible task to prevent all fraud (with incomplete information) and paying all the cost the responsibility is shared and real tools can be developed to protect both customers and merchants.

Anything except pay your debts, keep your word, show some personal responsibility, hold down a job, maintain a relationship, or follow through on your "goals" (term used loosely).

Yes anything other than that.