Gmaxwell proves Craig Wright is a fraud

[YarkoL]

Craig was building PGP from source himself at the time. It would have included any new/experimental versions of the cipher suites. At the time, he was working with encryption. Go check his Usenet posts.

Supposing you were right, You don't find it odd that he generated
first one key with the exact same hash preference that GnuPG used
at the time, and then, on the very next day, happened to change
his preferences to the exact same order that was introduced later
into the GnuPG codebase as default?

I'd say that was a remarkably prescient feat, or perhaps GnuPG
developers simply adopted his approach, him being a genius whiz and all.

[Preclus]

Craig was building PGP from source himself at the time. It would have included any new/experimental versions of the cipher suites. At the time, he was working with encryption. Go check his Usenet posts.

Supposing you were right, You don't find it odd that he generated...

I had not looked at the GnuPG source when I wrote that comment. I knew he was building from source. When I looked at the source back in time and the spec, it was clear the hashes were not experimental, they were part of the standard hashes. If you want to see the hashes Mr. Wright generated himself, under his own name, they are littered around the web with date stamps that can't be modified.

I am taking the information in context. I have seen his blog post referencing bitcoin from Jan 2009. It has no evidence of being backdated as I am looking at the version stored in the web archives when the page was crawled in prior years. His blog post from Jan 2009 specifically references the beta of bitcoin "going live tomorrow" and "Some good coders on this. The paper rocks.".

The archive of the "bitcoin launch" post has been removed from the normal places on the web as attempts have been made to delete it.

But a little work digs them up with dates.

The "bitcoin launch" post dates from Jan 2009. It was subsequently modified/removed in 2015. Mr. Wright did not state he was even involved in that project in the post. It just shows that he knew of bitcoin before it launched.

The post was crawled in 2014 and there is evidence of it being there in 2013. If you want to see them yourself, go ahead. Here is the archived post from "2 Jun 2014 02:28:10 UTC"

http://archive.is/oe1fh

If you don't believe that is the date (as the dates presented in the top are a bit confusing), this should clear it up:

http://archive.is/http://gse-compliance.blogspot.com.au/2009_01_04_archive.html

The post is near the bottom with the version archived from 2 June 2014 and the version that was updated in 3 Oct 2015 where he removed the "bitcoin launch" section.

Additionally, look at this page and search for "bitcoin"

https://archive.is/offset=2060/gse-compliance.blogspot.com.au

You will find:

original 17 Oct 2013 08:55:10 from
http://gse-compliance.blogspot.com.au/2009/01/bitcoin.html


which says a page was found by the crawler on his blog with a publish date of Jan 2009 and with the page name of "bitcoin.html". That link was archived by the crawler on 17 Oct 2013

Now, in 2013, did Mr. Wright go create a page called bitcoin.html and add it to his Jan 2009 blog entries? The number of entries did not change.

If the "bitcoin launch" page existed in Jan 2009, would you still say he faked it? Or would you say "it still doesn't say he was involved in the creation of it".

That blog has now been completely removed.

[gmaxwell]

Craig was building PGP from source himself at the time. It would have included any new/experimental versions of the cipher suites.

It wasn't even _in_ the software until a year later; by "the software" I mean the actual commit that introduced that selection. Building from source wouldn't have done it, because it wasn't in the source.

Someone can customize their pref hashes; sure; but managing to predict the exact selection and order that the software would use later?  While also, later that day, building another key that was bog standard for the time (1024 bit DSA, normal flags) and making that one public.  Come on.  The forged blog posts should have been enough.

[Preclus]

It wasn't even _in_ the software until a year later; by "the software" I mean the actual commit that introduced that selection. Building from source wouldn't have done it, because it wasn't in the source.

Someone can customize their pref hashes; sure; but managing to predict the exact selection and order that the software would use later?  While also, later that day, building another key that was bog standard for the time (1024 bit DSA, normal flags) and making that one public.  Come on.  The forged blog posts should have been enough.

To start with, I see no reason why someone wouldn't generate PGP keys with two different pieces of software. Especially if one was run under Windows and one under a variant of Linux. The "entropy" post made my Mr. Wright that contained a PGP key talks about "/dev/random" and such showing he was working on a Unix (Linux) variant.

However, there is an argument I find more compelling that things have been backdated.

And that is the blog post from 2008.

Specifically, this one:

https://archive.is/HWfzH

which was grabbed by the crawler in March 2014.

It contains a PGP key with this up front:

"Version: SKS 1.1.4
Comment: Hostname: pgp.mit.edu"

The article stating there may have been backdating states that the key was not in the blog post in 2013 because there was a Google Reader cache version found that showed it was likely modified in 2013. I can't find a Google Reader cache version like that as the Google Reader product was discontinued by Google and the archive they have doesn't appear to have much as far as the web goes.

But ignoring that, the key says "Version: SKS 1.1.4".

That shouldn't have been there until 2012. Specifically:

https://lists.nongnu.org/archive/html/sks-devel/2012-10/msg00010.html

The crawler grabbed it March 2014 so the key would have had to been edited in earlier than March 2014. And I agree that is a sign that posts were modified after the original publish date.

As Mr. Wright and his partner have/had a long background in computer forensics, this will be one tangled and extremely messy pile of spaghetti either way.

My personal belief is that it is him, along with his partner, and the rest of the developers. And I believe the launch post was an unedited post. And I believe the bitcoin community will rally around trying to discredit him as the founder at any cost. But I will also take the facts as they come out. And they will, one way or the other.

[Karartma1]

So he wanted his five minutes of widespread reputation but as soon as the story went public he got raided by the australian police. It seems clear that this guy is not Satoshi but I'm wondering why all this making by Wired and gizmodo? I don't think this is only to sell more copies or to get more traffic.
I'm really curious about what will happen to this poor new "oswald", if you know what I mean.

[Preclus]

You can see the Crypto mailing list archive with the bitcoin 0.1 announcement here:

http://www.metzdowd.com/pipermail/cryptography/2009-January/date.html#15029

You can also see a post from Dave Kleiman some days later:

[heise online UK] Secure deletion: a single overwrite will do it   Dave Kleiman

So, as a member of the mailing list, he was certainly at least aware of bitcoin at its launch.

Mr. Wright was a partner with Mr. Kleiman on the paper they were discussing at the time.

Specifically, the Crypto group post Kleiman was responding to stated (among other things):

"Craig Wright, a forensics expert, claims to have put this legend finally to rest. He and his colleagues ran.."

So, Mr. Wright, undoubtedly, was also at least aware of bitcoin at its launch date.

The original version of bitcoin was developed under Windows. Mr. Kleiman was named a MVP for Windows - Security in 2007 and wrote a number of books on Windows development and security. The Satoshi key referenced by the article was generated under Windows, according to
the description. Mr. Wrights posts mostly deal with Linux.

[rtrtcrypto]

Oh, cut me a break, welcome to IGNORE list. Jesus, some people on this forum are just mentally insane. There can't be another explanation for this level of denial and paranoia.

It wasn't even _in_ the software until a year later; by "the software" I mean the actual commit that introduced that selection. Building from source wouldn't have done it, because it wasn't in the source.

Someone can customize their pref hashes; sure; but managing to predict the exact selection and order that the software would use later?  While also, later that day, building another key that was bog standard for the time (1024 bit DSA, normal flags) and making that one public.  Come on.  The forged blog posts should have been enough.

To start with, I see no reason why someone wouldn't generate PGP keys with two different pieces of software. Especially if one was run under Windows and one under a variant of Linux. The "entropy" post made my Mr. Wright that contained a PGP key talks about "/dev/random" and such showing he was working on a Unix (Linux) variant.

However, there is an argument I find more compelling that things have been backdated.

And that is the blog post from 2008.

Specifically, this one:

https://archive.is/HWfzH

which was grabbed by the crawler in March 2014.

It contains a PGP key with this up front:

"Version: SKS 1.1.4
Comment: Hostname: pgp.mit.edu"

The article stating there may have been backdating states that the key was not in the blog post in 2013 because there was a Google Reader cache version found that showed it was likely modified in 2013. I can't find a Google Reader cache version like that as the Google Reader product was discontinued by Google and the archive they have doesn't appear to have much as far as the web goes.

But ignoring that, the key says "Version: SKS 1.1.4".

That shouldn't have been there until 2012. Specifically:

https://lists.nongnu.org/archive/html/sks-devel/2012-10/msg00010.html

The crawler grabbed it March 2014 so the key would have had to been edited in earlier than March 2014. And I agree that is a sign that posts were modified after the original publish date.

As Mr. Wright and his partner have/had a long background in computer forensics, this will be one tangled and extremely messy pile of spaghetti either way.

My personal belief is that it is him, along with his partner, and the rest of the developers. And I believe the launch post was an unedited post. And I believe the bitcoin community will rally around trying to discredit him as the founder at any cost. But I will also take the facts as they come out. And they will, one way or the other.

[notbatman]

Quoted from one of my threads:

There is nothing about banks that "suck". ...

I think it's clear where his loyalties lay.

[QuestionAuthority]

For all future sleuths attempting to dox a fraudulent Satoshi: just ask them to move a half million btc around from their original stash as proof. If they can't, they're full of shit.

[NorrisK]

For all future sleuths attempting to dox a fraudulent Satoshi: just ask them to move a half million btc around from their original stash as proof. If they can't, they're full of shit.

That will be quite difficult for Satoshi himself as most of his alleged  coins are spread around a ton of wallets right? The best and only sure way is by signing a message with the original key.

[QuestionAuthority]

For all future sleuths attempting to dox a fraudulent Satoshi: just ask them to move a half million btc around from their original stash as proof. If they can't, they're full of shit.

That will be quite difficult for Satoshi himself as most of his alleged  coins are spread around a ton of wallets right? The best and only sure way is by signing a message with the original key.

Bullshit, when I was mining I had maybe 50 wallets going at once. They certainly could do it. In fact, I think anyone that keeps all their btc in one wallet on one computer is as big an idiot as one that keeps all his fiat in one bank.

[BCEmporium]

I've no doubts Craig is an old bitcoiner, older than myself, but not Satoshi.

[junglist.massive]

they should fight with szabo on a rign and make strem by streamium

[Syke]

There is nothing proving any key was backdated. Starting in 2005/2006, it became clear that SHA1 was weak and that alternatives should be used.

So Satoshi knew SHA1 was weak, so he generated 2 keys. He used the weak key publicly, and didn't use the strong key. How does that make any sense to you?

[Gleb Gamow]

There is nothing proving any key was backdated. Starting in 2005/2006, it became clear that SHA1 was weak and that alternatives should be used.

So Satoshi knew SHA1 was weak, so he generated 2 keys. He used the weak key publicly, and didn't use the strong key. How does that make any sense to you?

Both keys were stored in a lockbox locked via a skeleton key hidden under a rock near Satoshi's front door of his home.

[Sir_lagsalot]

Craig = Satoshi.  You can't fake most of the facts, and most of those facts fit.  AND the amount of innacurate information, exageration and FUD being propogated is growing so exponentially it is ridiculous.  This is all just conspiracy theory nonsense and drama because "Satoshi" was more fun to believe in as a purely idealistic vision - than to look at through the lens of reality.

Sort of like the whole Jesus concept.  If Jesus really were to come back, today, the first thing religion would do is beat the crap out of him and nail him up to another cross all the while screaming hysterically that he was an fraud.

LOL - same thing going on here.... Seems tech weenies are still just a step evolved above the apes, even with all your loft idealistic talk.  Your "Tech Jesus" has returned, and you scream to crucify him  Flippin monkeys.  Just when you think there is actual evolution occurring.  ROFL

LOL LOL - Oh the Hysteria

I think you're Craig wright

Stop defending the lying piece of shit, we all know he's lying. Sure, he has some compelling evidence, but deeper research into that evidence shows that it's fake.

You... Calling us tech weenies? Nice work, Jr member

There is nothing proving any key was backdated. Starting in 2005/2006, it became clear that SHA1 was weak and that alternatives should be used.

So Satoshi knew SHA1 was weak, so he generated 2 keys. He used the weak key publicly, and didn't use the strong key. How does that make any sense to you?

Both keys were stored in a lockbox locked via a skeleton key hidden under a rock near Satoshi's front door of his home.

Wait... What?

[5w00p]

There is nothing proving any key was backdated. Starting in 2005/2006, it became clear that SHA1 was weak and that alternatives should be used.

So Satoshi knew SHA1 was weak, so he generated 2 keys. He used the weak key publicly, and didn't use the strong key. How does that make any sense to you?

Both keys were stored in a lockbox locked via a skeleton key hidden under a rock near Satoshi's front door of his home.

Wait... What?

Ha-ha, you just got GG'd.

[Soros Shorts]

To start with, I see no reason why someone wouldn't generate PGP keys with two different pieces of software. Especially if one was run under Windows and one under a variant of Linux.

Usually people take great pains to sync up their PGP keys across all their machines if they plan on actually using them. Otherwise if they received an encrypted file what should they do? Take the file to each computer and keep running gpg until they got to one that decrypted properly? Lol.

Besides, even if 2 keys were owned by the same person using the same friendly name for both is pretty retarded.

[TPTB_need_war]

Look at Nick Szabo's reaction when she asked, "Who are you...?" and they pan the camera over to her... I think he smelled the bullshit way in advance or he knows more than what

he is revealing. I still think Nick is one of a group of people making up the Satoshi Nakamoto team... how ironic that Craig Wright ends up in that panel. I guess we will never know.

I just hope we will know before this person die, I would want him/her to receive all the accolades they deserve.  

Yes I was watching the video for the same reason.
I looked at Szabo to see his reaction.He showed a very light smile and then covered his mouth with his hands.It was kind of bizarre.

My immediately prior installment in this journey was about Turing-completeness, so it is highly relevant to note that Nick Szabo just demonstrated to me that he is lacking knowledge about Turing-completeness compared to this Craig Wright that some are claiming might be Satoshi.

At roughly the 17 minute mark in this conference video, Wright correctly explains that due to unbounded recursion, the Bitcoin block chain scripting is effectively Turing-complete. Afaics, he is entirely correct and Nick Szabo is wrong, because although the scripting language stack can't loop within one transaction, one can use multiple transactions to simulate looping. This is precisely the point I made in my recent post wherein I explained that under composition it is impossible to prevent unbounded recursion and thus unbounded entropy. Review the Dr. Suess proof of Turing-completeness. It doesn't matter what the called script answers, the calling script can always change the outcome. If you have the ability to store state on the block chain across multiple invocations of a script, then the block chain becomes the stack. Nick Szabo just demonstrated to me that he isn't as smart as I thought. Dr. Wright makes a relevant point that many people these days seem to forget that in machine code there is no virtual machine that controls what the instruction set can do in terms of which memory it can treat as a stack. Bitcoin's script instruction set can be viewed as machine code w.r.t. to its ability to read and store state any where in the memory space of the block chain UTXO.

What Dr. Wright meant when he said, "the looping function is actually separate from the loop itself ... that would assume the only way of devising code would be to put it directly in the script". Szabo made really stoopid statement implying that the language can only be Turing-complete if the script stack is, but he completely fails to realize that the block chain is state and thus can be an orthogonal stack. And most definitely then you can loop. When I say "loop", I mean in the sense relative to the block chain as the stack, so I do not mean that any one transaction can loop. Yet such a distinction is arbitrary any way, because I can have a client interacting with the block chain causing it to loop.

Here is more about conjecture about Craig Wright being Satoshi:

http://www.wired.com/2015/12/bitcoins-creator-satoshi-nakamoto-is-probably-this-unknown-australian-genius/

http://www.theguardian.com/technology/2015/dec/09/bitcoin-creator-satoshi-nakamoto-alleged-to-be-australian-academic

http://www.theguardian.com/technology/2015/dec/09/bitcoin-founder-craig-wrights-home-raided-by-australian-police?CMP=twt_a-technology_b-gdntech


Edit: and add Gregory Maxwell (nullc) to list of people who don't understand Turing-completeness:

   He's discussion at the All Star Panel, was very odd, and not in any way lucid or clear. Here is /u/nullc take on a transcript I made. https://www.reddit.com/r/Bitcoin/comments/3w027x/dr_craig_steven_wright_alleged_satoshi_by_wired/cxsfy8p

[TPTB_need_war]

Checkmate Mr Wright.

https://www.reddit.com/r/Bitcoin/comments/3w027x/dr_craig_steven_wright_alleged_satoshi_by_wired/cxslii7

If anything, that proves it is him. Specifically, the argument is this:

"PGP key.. its metadata contains cipher-suites which were not widely used until later software."

Craig was building PGP from source himself at the time. It would have included any new/experimental versions of the cipher suites. At the time, he was working with encryption. Go check his Usenet posts.

Any chance of a bit more info on that? Hadn't bothered looking at this after the presses previous Satoshi screwups but it's starting to get interesting.

Start by searching for "Craig Wright AES" in Google Groups (old Usenets posts)

As a followup, the argument that the preferred hashes "weren't added" to GNUGPG until after 2009 is meaningless. Read RFC 4880:

https://tools.ietf.org/html/rfc4880#section-9

That is the RFC from November 2007. Now look at section 9.4, the preferred hashes. Hash algorithms 1 through 11 are in there. They are not experimental, they are standard hashes.

GNUPGP was just one of a number of OpenPGP implementations. PGP itself dates back to 1991. OpenPGP to 1997. Looking at the preferred hash list is meaningless.

Cheers, not about to jump to any conclusions on it but FUD free facts are much appreciated.

Were hash algorithms 1 through 11 added to any well known OpenPGP implementation before 2009?

All software would have supported it, and it even would have been possible to manually force GPG into creating a key with those preferences in 2008.

But we already have a key for Satoshi. Everyone knows that it's accurate. It was created on Oct. 30, 2008, and it used the default GPG cipher preferences at the time.

Now we're asked to believe that Satoshi had a secret additional key also created on Oct 30, 2008, but it used the default cipher preferences of today's version of GPG. Why would Satoshi create two keys on the same day with different cipher preferences (one of which is conveniently the default for modern GPG versions), and keep one totally secret? It's theoretically possible, but it makes no sense. By far the most likely explanation is that it was back-dated (easily possible with stock GPG) in order to trick gullible people into believing that this person is Satoshi. The other "evidence" is similarly worthless: Satoshi never used satoshin@vistomail.com (only satoshi@vistomail.com and satoshin@gmx.com), and the blogs were obviously back-dated as well.

I am very disappointed in the community for (largely) being fooled by this obvious imposter.

But it would be crazy if he really holds seveal hundred thousands of bitcoins, which ATO might be going for now.

ATO was investigating/working with Craig in parralel.  #1 - because of the bitcoin phenomena, as a gov't they have the responsibility to set the correct precedent.  Craig was starting up a huge bank.  Doing it properly also - sort of like Circle in the U.S. (by that I mean that Dynarius Bnk was being set up according to proper rules/regs.)

If you read one of the referenced transcripts, you will see that as the discussion/decision regarding the "Nature of Bitcoin" decision was evolving - you will see that teh very real possibility that one outcome would be that a REFUND from Gov't to Craig/Dynarius was a real possibility.  You will also see that they not only supported the advancement of the bank, they wee working very hard to get through the mandatory process of setting a firm foundation/definition of how to treat bitcoin - so that they could free up Craig to continue the project as quickly as possible. (READ the transcript - it is all there)

But unless I missed something, at no time was there a realization by ATO that Craig was actually Satoshi.  They were dealing with Huge amounts of Bitcoin, but they were looking at it as investment, trying to figure out what it meant to transfer say 30,000 Bitcoins from Wallet 1 to Wallet 2, and if that defined a change in ownership, how that applied to tax, cross border transactions etc.

WHEN the Craig = Satoshi news broke, they realized that the guy they had been working with was MUCH bigger (in potential amount of bitcoins) than they had previously been aware of.

Craig has now already pretty much concluded his "negotiations" with ATO to a degree that his future activity with the previously undisclosed bitcoins is now covered/protected by the conclusion of previous negotiation.

But of course it is never as simple as one thinks when dealing with Governments, and now Craig is based in London, with moves to Iceland.  Could be ATO is simply "making a show", or it could be they are feeling hoodwinked.

Craig does have a law degree

The "Satoshi stash" is probably now protected legally, and available to openly be used to supply all the necessary reserves for his new Bitcoin bank.  Just a thought

It wasn't even _in_ the software until a year later; by "the software" I mean the actual commit that introduced that selection. Building from source wouldn't have done it, because it wasn't in the source.

Someone can customize their pref hashes; sure; but managing to predict the exact selection and order that the software would use later?  While also, later that day, building another key that was bog standard for the time (1024 bit DSA, normal flags) and making that one public.  Come on.  The forged blog posts should have been enough.

To start with, I see no reason why someone wouldn't generate PGP keys with two different pieces of software. Especially if one was run under Windows and one under a variant of Linux. The "entropy" post made my Mr. Wright that contained a PGP key talks about "/dev/random" and such showing he was working on a Unix (Linux) variant.

However, there is an argument I find more compelling that things have been backdated.

And that is the blog post from 2008.

Specifically, this one:

https://archive.is/HWfzH

which was grabbed by the crawler in March 2014.

It contains a PGP key with this up front:

"Version: SKS 1.1.4
Comment: Hostname: pgp.mit.edu"

The article stating there may have been backdating states that the key was not in the blog post in 2013 because there was a Google Reader cache version found that showed it was likely modified in 2013. I can't find a Google Reader cache version like that as the Google Reader product was discontinued by Google and the archive they have doesn't appear to have much as far as the web goes.

But ignoring that, the key says "Version: SKS 1.1.4".

That shouldn't have been there until 2012. Specifically:

https://lists.nongnu.org/archive/html/sks-devel/2012-10/msg00010.html

The crawler grabbed it March 2014 so the key would have had to been edited in earlier than March 2014. And I agree that is a sign that posts were modified after the original publish date.

As Mr. Wright and his partner have/had a long background in computer forensics, this will be one tangled and extremely messy pile of spaghetti either way.

My personal belief is that it is him, along with his partner, and the rest of the developers. And I believe the launch post was an unedited post. And I believe the bitcoin community will rally around trying to discredit him as the founder at any cost. But I will also take the facts as they come out. And they will, one way or the other.

Thank you for the sleuthing. Maxwell has demonstrated on occasions that he doesn't do thorough enough analysis to question his own biases and lashes out at others.

Theymos how about the possibility (and almost a certainty) that Satoshi isn't one person and that this Craig Wright is asserting his role. He mentions working in a group on research and also mentions having other "beta coders" involved.

I haven't researched the case enough to form an opinion on the likelihood he is a scammer or other motive.

Readers make sure you read my prior post as well. I posted twice just now.