Bitcoin Forum
November 09, 2024, 12:23:22 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 »  All
  Print  
Author Topic: What if the devs are ordered by a US judge to include a government backdoor?  (Read 3046 times)
Revelation 22:13 (OP)
Newbie
*
Offline Offline

Activity: 33
Merit: 0



View Profile
June 04, 2013, 09:18:52 AM
 #1

Let's say the IRS wants to be able to confiscate bitcoins from tax evaders. So they go to the US courts to get this. A judge ends up ordering the bitcoin.org dev team to include a government backdoor so the IRS can take funds away from those who don't pay taxes.

The devs would be forced to comply right?
tutkarz
Hero Member
*****
Offline Offline

Activity: 546
Merit: 501


View Profile
June 04, 2013, 09:32:14 AM
 #2

Let's say the IRS wants to be able to confiscate bitcoins from tax evaders. So they go to the US courts to get this. A judge ends up ordering the bitcoin.org dev team to include a government backdoor so the IRS can take funds away from those who don't pay taxes.

The devs would be forced to comply right?

no because most of the world will simply not use such a client.

Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1010


View Profile
June 04, 2013, 09:33:27 AM
 #3

Let's say the IRS wants to be able to confiscate bitcoins from tax evaders. So they go to the US courts to get this. A judge ends up ordering the bitcoin.org dev team to include a government backdoor so the IRS can take funds away from those who don't pay taxes.

The devs would be forced to comply right?

Open source software makes it so that every change is visible.  

Currently the Bitcoin-Qt/bitcoind release is signed by the Bitcoin Foundation ... which means the release won't work for Windows 8 and Mac users (as an update) unless Bitconi Foundation signs it.   This makes it difficult for some other dev team members who are not a party to this hypothetical IRS backdoor demand to be able to release updates to the client without this backdoor themselves.   It would probably have to be a fork with a different name (and signed by some other organization).

But the developers don't have final say as to what changes are accepted for the Bitcoin protocol.  It is the economic majority who decides:
 - http://en.bitcoin.it/wiki/Economic_majority

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


Revelation 22:13 (OP)
Newbie
*
Offline Offline

Activity: 33
Merit: 0



View Profile
June 04, 2013, 09:34:17 AM
 #4

Let's say the IRS wants to be able to confiscate bitcoins from tax evaders. So they go to the US courts to get this. A judge ends up ordering the bitcoin.org dev team to include a government backdoor so the IRS can take funds away from those who don't pay taxes.

The devs would be forced to comply right?

no because most of the world will simply not use such a client.
But bitcoin.org would be forced under court order to offer it?
tutkarz
Hero Member
*****
Offline Offline

Activity: 546
Merit: 501


View Profile
June 04, 2013, 09:35:23 AM
 #5

Let's say the IRS wants to be able to confiscate bitcoins from tax evaders. So they go to the US courts to get this. A judge ends up ordering the bitcoin.org dev team to include a government backdoor so the IRS can take funds away from those who don't pay taxes.

The devs would be forced to comply right?

no because most of the world will simply not use such a client.
But bitcoin.org would be forced under court order to offer it?
then someone else will take the lead

mezzomix
Legendary
*
Offline Offline

Activity: 2730
Merit: 1263


View Profile
June 04, 2013, 09:45:45 AM
 #6

Let's say the IRS wants to be able to confiscate bitcoins from tax evaders. So they go to the US courts to get this. A judge ends up ordering the bitcoin.org dev team to include a government backdoor so the IRS can take funds away from those who don't pay taxes.

The devs would be forced to comply right?

no because most of the world will simply not use such a client.
But bitcoin.org would be forced under court order to offer it?
then someone else will take the lead

In other cases the people were ordered to not talk about this change. People from unaffected countries have to review the patches, find the backdoor and publish this information.

Signed binaries is a bad idea in this case, because there is a central instance that control a BLOB and is not allowed to talk about the details. Almost no chance for the user of this signed binary to find the backdoor.
apetersson
Hero Member
*****
Offline Offline

Activity: 668
Merit: 501



View Profile
June 04, 2013, 10:39:11 AM
 #7

you would not necessarily know that there is a backdoor.

standard procedure is a NSL that prevents you from even mentioning the existence of the order.

the us gov also reserves the right to control the content of all .com/.org/.net domains.

therefore it is essential that the source and corresponding binaries are matching up and as many people as possible are watching the source closely.

also if you see gavin blinking -. ... .-.. that should give you a hint.
Loozik
Sr. Member
****
Offline Offline

Activity: 378
Merit: 250


Born to chew bubble gum and kick ass


View Profile
June 04, 2013, 10:45:31 AM
 #8

Let's say the IRS wants to be able to confiscate bitcoins from tax evaders. So they go to the US courts to get this. A judge ends up ordering the bitcoin.org dev team to include a government backdoor so the IRS can take funds away from those who don't pay taxes.

The devs would be forced to comply right?

Would the judge pay the devs for the backdoor programming from his own pocket?
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470
Merit: 1006


Bringing Legendary Har® to you since 1952


View Profile
June 04, 2013, 10:48:30 AM
 #9

you would not necessarily know that there is a backdoor.

For an experienced programmer who reviews Bitcoin code on a daily basis it should be trivial to spot such a backdoor.

Git is such an extremely powerful tool to review exactly who does what and when. It will be almost unfeasible to put a backdoor in Bitcoin, currently.

jackjack
Legendary
*
Offline Offline

Activity: 1176
Merit: 1280


May Bitcoin be touched by his Noodly Appendage


View Profile
June 04, 2013, 10:53:39 AM
 #10

you would not necessarily know that there is a backdoor.

For an experienced programmer who reviews Bitcoin code on a daily basis it should be trivial to spot such a backdoor.

Git is such an extremely powerful tool to review exactly who does what and when. It will be almost unfeasible to put a backdoor in Bitcoin, currently.
This

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
jaywaka2713
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250


aka 7Strykes


View Profile
June 06, 2013, 03:59:46 AM
 #11

Also, if such a backdoor exists, you would need 51% of the network to upgrade to the bugged software for it to actually be implemented. The bug would be found before then.

jl2012
Legendary
*
Offline Offline

Activity: 1792
Merit: 1111


View Profile
June 06, 2013, 05:55:21 AM
 #12

Let's say the IRS wants to be able to confiscate bitcoins from tax evaders. So they go to the US courts to get this. A judge ends up ordering the bitcoin.org dev team to include a government backdoor so the IRS can take funds away from those who don't pay taxes.

The devs would be forced to comply right?

The devs are not forced to comply because they can simply abandon the project. They have no obligation to contribute to the project.

If the government want to add a backdoor, they can always hire a programmer to work on that. They can also confiscate the bitcoin.org and put their version of bitcoin there.

However, people can still contribute to the original bitcoin project anonymously, e.g. through TOR network. In that case, a hardfork will happen: the original bitcoin and censored bitcoin

Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
drawingthesun
Legendary
*
Offline Offline

Activity: 1176
Merit: 1015


View Profile
June 06, 2013, 07:12:27 AM
 #13

you would not necessarily know that there is a backdoor.

For an experienced programmer who reviews Bitcoin code on a daily basis it should be trivial to spot such a backdoor.

Git is such an extremely powerful tool to review exactly who does what and when. It will be almost unfeasible to put a backdoor in Bitcoin, currently.

Its less about the source code itself but more about the Bitcoin binary that everyone is downloading. I understand a lot of people watch the code but how many people are comparing the compiled binary to what the code is on Github?

If they put a backdoor into Bitcoin it will be in the binary only and it will never be in the source code. (The binaries are built by people, and are not automatically generated from the Github source.)

Who is comparing the compiled binary to the binary that should exist if compiled from the source code. Does anyone even check this? Is there a chance the binary we all have sitting on our computers is slightly modified from the Github source code?
e4xit
Sr. Member
****
Offline Offline

Activity: 302
Merit: 250



View Profile
June 06, 2013, 07:52:22 AM
 #14

Why dont you have a look  Cheesy

Not your keys, not your coins.
CoinJoin, always.
Sukrim
Legendary
*
Offline Offline

Activity: 2618
Merit: 1007


View Profile
June 06, 2013, 08:02:25 AM
 #15

Check out gitian and build your own binaries.

https://www.coinlend.org <-- automated lending at various exchanges.
https://www.bitfinex.com <-- Trade BTC for other currencies and vice versa.
drawingthesun
Legendary
*
Offline Offline

Activity: 1176
Merit: 1015


View Profile
June 06, 2013, 08:57:11 AM
 #16

Check out gitian and build your own binaries.

But how would I confirm that the official binary is compiled from the source on Github? Little point in running my own binary if 95% of all the nodes are from the official website and have a backdoor.
jackjack
Legendary
*
Offline Offline

Activity: 1176
Merit: 1280


May Bitcoin be touched by his Noodly Appendage


View Profile
June 06, 2013, 09:54:46 AM
 #17

Check out gitian and build your own binaries.

But how would I confirm that the official binary is compiled from the source on Github? Little point in running my own binary if 95% of all the nodes are from the official website and have a backdoor.
Build with same versions of g++ and qmake, same architecture, same dependency (if any, I don't know) and compare
Maybe I forget something to check

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
scintill
Sr. Member
****
Offline Offline

Activity: 448
Merit: 254


View Profile WWW
June 06, 2013, 10:07:54 AM
 #18

Check out gitian and build your own binaries.

But how would I confirm that the official binary is compiled from the source on Github? Little point in running my own binary if 95% of all the nodes are from the official website and have a backdoor.

How will you confirm?  With gitian, like he said.  I admit I don't know much about it either, but this is near the the top of the page of the first Google result for "gitian":

Quote from: http://gitian.org/
Gitian uses a deterministic build process to allow multiple builders to create identical binaries. This allows multiple parties to sign the resulting binaries, guaranteeing that the binaries and tool chain were not tampered with and that the same source was used.

The official binaries are built this way, so you can build your own and verify that you get the exact same binary.  That is how you will know the official binary is really built from the public sources.

1SCiN5kqkAbxxwesKMsH9GvyWnWP5YK2W | donations
jackjack
Legendary
*
Offline Offline

Activity: 1176
Merit: 1280


May Bitcoin be touched by his Noodly Appendage


View Profile
June 06, 2013, 10:12:23 AM
 #19

Bitcoin uses gitian? Great

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
drawingthesun
Legendary
*
Offline Offline

Activity: 1176
Merit: 1015


View Profile
June 06, 2013, 11:30:37 AM
 #20

Check out gitian and build your own binaries.

But how would I confirm that the official binary is compiled from the source on Github? Little point in running my own binary if 95% of all the nodes are from the official website and have a backdoor.

How will you confirm?  With gitian, like he said.  I admit I don't know much about it either, but this is near the the top of the page of the first Google result for "gitian":

Quote from: http://gitian.org/
Gitian uses a deterministic build process to allow multiple builders to create identical binaries. This allows multiple parties to sign the resulting binaries, guaranteeing that the binaries and tool chain were not tampered with and that the same source was used.

The official binaries are built this way, so you can build your own and verify that you get the exact same binary.  That is how you will know the official binary is really built from the public sources.

Ah thanks, so the official binaries are built this way? Thats good to know. If we can verify the binaries then getting a back door in will be extremely hard if not impossible. Smiley

Life is good again!
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!