jubalix
Legendary
 Offline
Activity: 2618
Merit: 1022
|
 |
June 24, 2013, 01:37:12 PM |
|
Let's say the IRS wants to be able to confiscate bitcoins from tax evaders. So they go to the US courts to get this. A judge ends up ordering the bitcoin.org dev team to include a government backdoor so the IRS can take funds away from those who don't pay taxes.
The devs would be forced to comply right?
Pieter and Wladimir are not US citizens, so a US judge can't order them to do anything. If I was ordered to insert a backdoor, I'd just resign as lead developer and find something else to work on. But this whole scenario sounds like a paranoid delusion; has there EVER been a case where a judge has ordered a software developer to do anything other than stop distributing their software (because of some copyright or patent issue) ? Not so sure you need to be US citizen, extradition is the favored tool theses days, even by other means, eg Assange. Also I think that various protocols, and programs have been ordered modified by Judges, though mainly in patent suits, though this prism thing is perhaps a more pertinent example. If a program was somehow effect on national security I think Judges may order the programer change it, or face contempt. Sorta like journalist who elect to not give up their sources. They don't get to go, oh well I'm not a journalist any more, or working for this paper/story. I disagree with all of this by the way, but never underestimate how flexible the law is against the individual in the hands of the Government. |
|
|
|
|
|
|
|
|
|
|
|
|
Unlike traditional banking where clients have only a few account numbers, with Bitcoin people can create an unlimited number of accounts (addresses). This can be used to easily track payments, and it improves anonymity.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
jgarzik
Legendary
Offline
Activity: 1596
Merit: 1091
|
|
June 24, 2013, 02:22:03 PM |
|
|
Jeff Garzik, Bloq CEO, former bitcoin core dev team; opinions are my own.
Visit bloq.com / metronome.io
Donations / tip jar: 1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
|
|
|
jubalix
Legendary
Offline
Activity: 2618
Merit: 1022
|
|
June 24, 2013, 03:21:44 PM |
|
not sure this guy understand bitcoin, eg I skim read his paper http://www.weis2013.econinfosec.org/papers/KrollDaveyFeltenWEIS2013.pdfas he appears to completely miss the re-target function of bit coin to make it easier to mine if hash leaves, he also fails to make connection that specialization by asic miners does not equal distribution increase, in fact, quite the opposite ,eg now we are seeing usb miners, and one person noted that almost any heat producing need could also be mining. more complex computer chips has been coupled with more uptake. |
|
|
|
jgarzik
Legendary
Offline
Activity: 1596
Merit: 1091
|
|
June 24, 2013, 05:59:34 PM |
|
While I agree with you on his paper, please keep that separate from his blog post, which directly addresses $subject. |
Jeff Garzik, Bloq CEO, former bitcoin core dev team; opinions are my own.
Visit bloq.com / metronome.io
Donations / tip jar: 1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
|
|
|
piotr_n
Legendary
Offline
Activity: 2053
Merit: 1354
aka tonikt
|
|
June 24, 2013, 08:00:26 PM
Last edit: June 24, 2013, 08:13:59 PM by piotr_n |
|
call me a guy with a tinfoil hat again, but as a guy who spent a big part of his life coding C, I dare to say that it is fairly easy to sneak into such a big source code a backdoor, i.e. in a form of some exploitable stack overflow.
if the attacker is smart, it is as simple as changing one innocent character, at some place in the code he's made, to hide the actual purpose though still suggesting just a mistake.
like putting "," instead of ".", "O" instead "0" or "l" where you needed "1"... I've wrote so much code in C that I could think of tons of expressions that would actually work completely different than one thinks they do at the first sight.
this is especially dangerous when they have just included a few tens of pull requests, so no sane person is really going to go carefully through all of them.
corrupting binaries would be the most stupid way to go, since this one can be actually found quite easily, thanks to bitcoin's fine gitian building solution.
|
Check out gocoin - my original project of full bitcoin node & cold wallet written in Go.PGP fingerprint: AB9E A551 E262 A87A 13BB 9059 1BE7 B545 CDF3 FD0E
|
|
|
Zeke_Vermillion
Member
Offline
Activity: 94
Merit: 10
|
|
June 24, 2013, 08:26:46 PM |
|
The government doesn't need a backdoor. They can walk in the front door, ie, the open transaction ledger. Also, if a particular actor wanted to influence the course of any open-source project, he could simply join the project and contribute code (assuming some degree of subtlety in crafting pull requests, of course). The beauty of the process is that harmful contributions are weeded out, and if the worst-case scenario comes to pass, the project can be forked with a new lead developer.
|
|
|
|
|
ShadowOfHarbringer
Legendary
Offline
Activity: 1470
Merit: 1005
Bringing Legendary Har® to you since 1952
|
|
June 24, 2013, 08:51:56 PM |
|
call me a guy with a tinfoil hat again,
You are a guy in a tinfoil hat. Again. it is as simple as changing one innocent character, at some place in the code he's made, to hide the actual purpose though still suggesting just a mistake.
like putting "," instead of ".", "O" instead "0" or "l" where you needed "1"... I've wrote so much code in C that I could think of tons of expressions that would actually work completely different than one thinks they do at the first sight.
Thanks to code analysis tools (and there are many powerful, free & extremely expensive commercial ones) plus git, such a mistake can be easily spotted. Remember that you don't review whole code at once (large). You just review latest changes (small). if the attacker is smart,
There are many smart (and i even dare to say: genius) people looking for backdoors in the Bitcoin code , so that wouldn't be very smart to add backdoors, even if you are a genius yourself. |
|
|
|
piotr_n
Legendary
Offline
Activity: 2053
Merit: 1354
aka tonikt
|
|
June 24, 2013, 09:23:34 PM
Last edit: June 24, 2013, 09:39:09 PM by piotr_n |
|
I'm just saying.
feel free to get adventage of whatever tools you find useful to find it, but trust me, if I had an actual incentive and a proper access, I bet I can beat them all, starting from the most expensive ones. it's just a matter of time
people indeed is a harder part, though as I said, ppl ale subjective to different illusions that you can use in a source code.
especially those ppl who don't care, because they have such a great tools
|
Check out gocoin - my original project of full bitcoin node & cold wallet written in Go.PGP fingerprint: AB9E A551 E262 A87A 13BB 9059 1BE7 B545 CDF3 FD0E
|
|
|
piotr_n
Legendary
Offline
Activity: 2053
Merit: 1354
aka tonikt
|
|
June 24, 2013, 09:44:08 PM |
|
The government doesn't need a backdoor. They can walk in the front door, ie, the open transaction ledger.
the thing is that walking in the front door each time they'd like to check is just to expensive. plus some people have guns |
Check out gocoin - my original project of full bitcoin node & cold wallet written in Go.PGP fingerprint: AB9E A551 E262 A87A 13BB 9059 1BE7 B545 CDF3 FD0E
|
|
|
nqzdepofltr
Newbie
Offline
Activity: 8
Merit: 0
|
|
June 25, 2013, 07:02:55 PM |
|
1. Bitcoiners would find an alternative wallet without backdooring
2. The official bitcoin wallet is open source, so one could remove the backdoor
|
|
|
|
|
|
