Bitcoins are not, in practice, fungible

[marcus_of_augustus]

Bitcoins are amoral, like all technologies, and monetary instruments.

They do not know that they are stolen or not stolen .... it is a human problem not a technology problem.

[1713583802]

1713583802

[1713583802]

1713583802

[Lupus_Yonderboy]

Because following tainted coins thru the block chain to the same pool to get laundered is oh so hard. You get away with it for a brief amount of time and then it gets noticed, especially with them there hefty fees. I remember a lot of concern in the gpumax thread when people were concerned pirate was using it for nefarious ends, however he apparently cleared all that up satisfactorily. Miners tend to be decent folk, in general, and while you will always have mercenaries that only want to get paid, let a pool start intentionally laundering stolen coins and don't be surprised if a lot of people suddenly shun it.

At the end of the day, it does not matter what you or I think should or should not be accepted by individuals. It is up to them. Every person that uses Bitcoin should have the freedom to choose whether or not they want to deal with stolen property. They should also have the freedom to choose what value they would place on coins that have a questionable history. Or any other coins for that matter. It is not up to me to determine what level of taint is/is not acceptable. That is an indvidual's choice.

[disclaimer201]

Because following tainted coins thru the block chain to the same pool to get laundered is oh so hard. You get away with it for a brief amount of time and then it gets noticed, especially with them there hefty fees. I remember a lot of concern in the gpumax thread when people were concerned pirate was using it for nefarious ends, however he apparently cleared all that up satisfactorily. Miners tend to be decent folk, in general, and while you will always have mercenaries that only want to get paid, let a pool start intentionally laundering stolen coins and don't be surprised if a lot of people suddenly shun it.

At the end of the day, it does not matter what you or I think should or should not be accepted by individuals. It is up to them. Every person that uses Bitcoin should have the freedom to choose whether or not they want to deal with stolen property. They should also have the freedom to choose what value they would place on coins that have a questionable history. Or any other coins for that matter. It is not up to me to determine what level of taint is/is not acceptable. That is an indvidual's choice.

"It is not up to me to determine what level of taint is/is not acceptable. That is an indvidual's choice." Very true. It may become your problem when a major exchange doesn't accept your coins though. This is my only concern. Maybe ~40000 coins are not such a big number and it will all be dilluted and go away soon to be forgotten. Once I see more threads in the forum about "MtGox froze my account and took my coins" I'd get worried though. Not for my personal risk of ever being in that position but the long-term implications for Bitcoin's reputation. I believe for it to become more than a toy for nerds, it will have to grow slowly in popularity. I doubt it will if things get too complicated or there is even a risk to lose money for obtaining tainted coins.

[matonis]

Coins don't have a questionable history, people do. A coin, is a coin, is a coin.

Have you ever held a gold coin in your hand and wondered who's hand has held the same gold in the past? Were you concerned whether or not it was Hitler, Joan of Arc, or Alexander the Great?

+1

[muyuu]

Have you ever held a gold coin in your hand and wondered who's hand has held the same gold in the past? Were you concerned whether or not it was Hitler, Joan of Arc, or Alexander the Great?

Wish I had such an old gold coin  must surely be worth more than the gold alone.

[Lupus_Yonderboy]

Because following tainted coins thru the block chain to the same pool to get laundered is oh so hard. You get away with it for a brief amount of time and then it gets noticed, especially with them there hefty fees. I remember a lot of concern in the gpumax thread when people were concerned pirate was using it for nefarious ends, however he apparently cleared all that up satisfactorily. Miners tend to be decent folk, in general, and while you will always have mercenaries that only want to get paid, let a pool start intentionally laundering stolen coins and don't be surprised if a lot of people suddenly shun it.

At the end of the day, it does not matter what you or I think should or should not be accepted by individuals. It is up to them. Every person that uses Bitcoin should have the freedom to choose whether or not they want to deal with stolen property. They should also have the freedom to choose what value they would place on coins that have a questionable history. Or any other coins for that matter. It is not up to me to determine what level of taint is/is not acceptable. That is an indvidual's choice.

Hidden in plain sight today does not equate hidden in plain sight tomorrow. Things change. Meaningless transaction fees now aren't so meaningless in the future.

I agree. Bitcoiners should have the freedom to choose, and they do.

Coins don't have a questionable history, people do. A coin, is a coin, is a coin.

Have you ever held a gold coin in your hand and wondered who's hand has held the same gold in the past? Were you concerned whether or not it was Hitler, Joan of Arc, or Alexander the Great?

Humans have a love affair with the criminal element throughout history. I imagine a coin directly linked to an early Bitcoin theft may pay for a college education in the future, if you can prove it.

Unlike any other currency in all of human experience, a bitcoin's entire history from the time it was minted (mined) all the way until it reaches my hand, is available. Dealing in stolen property rewards the thieves who stole it, and not only hurts the person it was stolen from, but the community as a whole. Unlike others, I actually have a conscience and choose not to help promote a culture where we encourage theft of others' property.

As a community, we actually have the ability to de-incentivize theft. For the first time in history we can actually identify every piece of currency in a theft and render them valueless. Granted people will still steal for the lulz, but most steal for profit. But as a community we will not, because of greed. The hope that some of those ill gotten gains will flow through our hands, that the thieves involved in those heists will grace our businesses or buy our goods, when in reality they usually just try to cash out.

And you wonder why many in the wider world view this place as a wretched hive of scum and villany. Bitcoin: the currency of choice for thieves, drug dealers, and gun runners. Bitcoin: a ponzi scheme, a scam. All these things are said about us on the wider 'net. These perceptions are what inhibits widespread adoption. Eventually, without new blood, the Bitcoin ecosystem will grow stagnant. It is apparent that many do not care. That is their decision, of course. My personal decision is not to promote theft and corruption.

[Polvos]

You are exactly talking like the authoritarian politicians who are in charge in my country. They use all kind of excuses trying to approve remakably unconstitutional laws. Terrorism, black market, sexual aggressions. All are excuses in order to make laws to gain control over the citizens.

Of course you are free to accept one coin or another as you are free too to chose who you are selling things to. But bear in mind that I am free to fight to whoever claim that fungibility of money is over. And I will with all the forms this awesome money offers me.

Sorry if I'm not clear because english is not my native language.

[muyuu]

Unlike any other currency in all of human experience, a bitcoin's entire history from the time it was minted (mined) all the way until it reaches my hand, is available. Dealing in stolen property rewards the thieves who stole it, and not only hurts the person it was stolen from, but the community as a whole.

This is because bitcoin is not really a currency like any other. It's a cryptocurrency. All efforts to make it less like a normal currency will make the system harder to understand to new adopters, who would then be wise not to enter something they don't understand.

Unlike others, I actually have a conscience and choose not to help promote a culture where we encourage theft of others' property.

You do come across like a self-righteous twat.
Haven't seen anyone encouraging theft or a culture of theft.

What we don't want is an arms race between people who want their BTC anonymous and those who want to be able to pinpoint the origin of all transactions down to every person. We also don't want to have to deal with a purity measure in BTC and I don't want the risk of having BTC confiscated because of actually buying and selling in BTC.

As a community, we actually have the ability to de-incentivize theft. For the first time in history we can actually identify every piece of currency in a theft and render them valueless. Granted people will still steal for the lulz, but most steal for profit. But as a community we will not, because of greed. The hope that some of those ill gotten gains will flow through our hands, that the thieves involved in those heists will grace our businesses or buy our goods, when in reality they usually just try to cash out.

You don't seem to understand that this comes at the total expense of centralisation and debunking yet another one of bitcoin's main tenets: anonymous money and transactions.

The obvious alternative looks a lot better to me: don't get your BTC stolen. This was perfectly feasible in the Linode case, you just keep your private keys private. I can have sympathy for Slush since he had tight margins and no capability to run operations in a different way. So let's say he had a significant pressure to run things the way he did. But Zhoutong? he was just reckless. Hope they both learnt their lesson and we can move on.

And you wonder why many in the wider world view this place as a wretched hive of scum and villany. Bitcoin: the currency of choice for thieves, drug dealers, and gun runners. Bitcoin: a ponzi scheme, a scam. All these things are said about us on the wider 'net. These perceptions are what inhibits widespread adoption. Eventually, without new blood, the Bitcoin ecosystem will grow stagnant. It is apparent that many do not care. That is their decision, of course. My personal decision is not to promote theft and corruption.

This is all about "feelings" and nothing about logic.

Again, nobody is promoting theft and "corruption" (whatever you mean with that).

If something is going to thwart growth, that is destroying anonymity of transactions and fungibility. Bitcoin has the word "coin" in it because it strives to be anonymous. You may want to rename it to bitcredit if you intend to stamp people's real names in transactions or have them give their ID on request, as if it was a credit card.

[amencon]

The blockchain doesn't tell you much of anything as far as the "moral" history of a bitcoin.  I'll give you the benefit of the doubt and just assume you really haven't thought your position through very well.

Not every theft will be reported, and if "stolen" coins are treated differently, then many coins not stolen will be branded as such (remember allinvain? Did anyone ever even prove they were stolen for sure?  That was one widely publicized theft of the hundreds of thousands that have no doubt occurred).  

Who is the governing authority that makes the declaration of which coins are "dirty" or not?  What about all the other "immoral" transactions in a bitcoins history?  Who will be recording all that down so that you can devalue those coins too?  The whole thing is an exercise in futility.  At best it will be meaningless with the exception of giving you an excuse to feel morally superior.  A coin is a coin, sorry.

[disclaimer201]

I'm sure everyone here is in favor of trying to find out who stole bitcoins and trying to hinder thieves from stealing again. The question is how to best do that without screwing up the system?

Tracking and tainting are two entirely different things. There will always be people who are careless with their security because they chose comfort and handability over security. They need to protect themselves better from thieves, which will get a whole lot easier when we have multi-signatures very soon.

Blacklisting coins and addresses is a futile task and will use up the already scarce resources (time, programming effort, knowledge, money) that is needed to make bitcoin more user-friendly and understandable to outsiders in order to reach widespread adoption. For a currency that is already highly volatile like BTC, without such acceptance, itself including the reliability that one bitcoin is worth one bitcoin everywhere, BTC will always remain a marginalised hacker currency.

Personally, I don't want bitcoin to be a toy for a few nerds. If I see that the community splits up and people will invent a complicated system of tracking, tainting and laundering you can go and play around with that shit yourselves.

I'm afraid if I was the Federal Reserve Bank, I would have wished for exactly (!) such an event as this theft to cause confusion, insecurity and a split-up of the community into two divisions. With a little 'luck', bitcoin will be destroyed in the process or massively hindered to grow to become a mainstream currency.

When I read about some of the self-proclaimed knights for justice on this forum I can only say please have a little more foresight and think through the midterm- and longterm consequences. We should use the time to work on some more useful applications for BTC instead.

[Lupus_Yonderboy]

Unlike any other currency in all of human experience, a bitcoin's entire history from the time it was minted (mined) all the way until it reaches my hand, is available. Dealing in stolen property rewards the thieves who stole it, and not only hurts the person it was stolen from, but the community as a whole.

This is because bitcoin is not really a currency like any other. It's a cryptocurrency. All efforts to make it less like a normal currency will make the system harder to understand to new adopters, who would then be wise not to enter something they don't understand.

Really? *That* is your argument? You don’t want it to be too hard for new adopters? What about the “better security” that people have to have on their systems in order to (supposedly) prevent theft? Is that easy for new adopters?  You know what they do understand? They understand all the high profile thefts and scams that continually plague us. They understand that every time a bunch of bitcoins get stolen that the mantra is always “should’ve had better security.” They understand that not one single solitary person has ever been brought to justice for stealing or scamming bitcoins. Those are usually amongst the first things they learn about Bitcoin from the wider ‘net, long before they get to learning how to actually using it.

Haven't seen anyone encouraging theft or a culture of theft.

The absolute willingness to traffic in stolen property as well as the full throated defense against any possible action that might harm thieves or return the ill-gotten gains to their original owner is tacit approval of their actions. The continual blaming the victim mentality for all crimes also indicates approval of the criminals’ actions.

What we don't want is an arms race between people who want their BTC anonymous and those who want to be able to pinpoint the origin of all transactions down to every person. We also don't want to have to deal with a purity measure in BTC and I don't want the risk of having BTC confiscated because of actually buying and selling in BTC.

People who have adequately protected their anonymity should not be affected by enhanced scrutiny of the block chain. If they were not sufficiently protected then they should have had “better security”.
Whether or not you want to deal with purity, others will. If you choose not to perform due diligence, then you can deal with the consequences. Almost every single gas station in the US checks their bills with a counterfeit pen. Those that do not are soon out of business.

As a community, we actually have the ability to de-incentivize theft. For the first time in history we can actually identify every piece of currency in a theft and render them valueless. Granted people will still steal for the lulz, but most steal for profit. But as a community we will not, because of greed. The hope that some of those ill gotten gains will flow through our hands, that the thieves involved in those heists will grace our businesses or buy our goods, when in reality they usually just try to cash out.

You don't seem to understand that this comes at the total expense of centralisation and debunking yet another one of bitcoin's main tenets: anonymous money and transactions.

There is no centralization. Users should be free to determine if they want to deal in stolen property (and to what degree.) Transaction details of all the major thefts are widely publicized and available. There should be no central anything. The user should be the one to choose which addresses or transactions they find suspicious.
Also, Bitcoin by default is not anonymous. You have to work very hard to make it so. So hard, in fact, that you

make the system harder to understand to new adopters, who would then be wise not to enter something they don't understand.

We wouldn’t want to make it harder for new adopters now would we? That would scare them off. Or something.

The obvious alternative looks a lot better to me: don't get your BTC stolen. This was perfectly feasible in the Linode case, you just keep your private keys private. I can have sympathy for Slush since he had tight margins and no capability to run operations in a different way. So let's say he had a significant pressure to run things the way he did. But Zhoutong? he was just reckless. Hope they both learnt their lesson and we can move on.

Yes because they chose to get their btc stolen. Oh wait, they “should have had better security”. It’s like a Pavlovian response around here when dealing with thefts. “I feel bad and all for the victim, but really, if they just had better security, none of this would have happened.” Horseshit. There isn’t enough security out there to protect a hot wallet from a truly determined group of hackers. Not at any amount of money that normal people/businesses can afford, and probably not enough protection for those that can afford it at anything less than bank grade security (if then). So the ‘better security’ idea that continually gets pushed around here is nothing more than a canard.

And you wonder why many in the wider world view this place as a wretched hive of scum and villany. Bitcoin: the currency of choice for thieves, drug dealers, and gun runners. Bitcoin: a ponzi scheme, a scam. All these things are said about us on the wider 'net. These perceptions are what inhibits widespread adoption. Eventually, without new blood, the Bitcoin ecosystem will grow stagnant. It is apparent that many do not care. That is their decision, of course. My personal decision is not to promote theft and corruption.

This is all about "feelings" and nothing about logic.

Again, nobody is promoting theft and "corruption" (whatever you mean with that).

If something is going to thwart growth, that is destroying anonymity of transactions and fungibility. Bitcoin has the word "coin" in it because it strives to be anonymous. You may want to rename it to bitcredit if you intend to stamp people's real names in transactions or have them give their ID on request, as if it was a credit card.

As has been discussed many times, Bitcoin is not inherently anonymous. You do people a disservice by making them think so. Tracking tainted coins does not attach real names to transactions. If it did catching thieves would be easy. So please stop being disingenuous.

[disclaimer201]

Leaving 43000 bitcoins in unencrypted wallets at an inexpensive hoster is in fact very careless. So, yes - people who hold other people's coins need more security if they want to be responsible for third parties values. With normal safety measures I think most people will be secure enough to hold their own BTC. Encrypt your wallet, have a firewall and virus scanner, spyware detector, keep some backup on a usb stick - such stuff is fairly easy for most users in order to protect their own money. Multi-signatures will probably also help a great deal soon.

If you are holding other people's coins in the thousands and are unable to encrypt your wallet, whole different story.

We don't have to dumb everything down to make BTC more mainstream but coin origin shouldn't be something to deal with at all times. I can't remember when I last checked my banknotes for authenticity. In fact, I hardly ever use cash anymore. If individuals are willing to check their transactions for purity in order to decline stolen coins, it's a good thing. If they are not, they are not. And who's to blame if they don't know how to even do that. I'm sure a lot of people who also have no clue how to track satoshies will take their coins. If word spreads that there is even a chance MtGox takes your coins as you have no idea how to even look for taint, I'm certain the market will take care of the problem.

Actually, I think the whole thing will be forgotten soon since I doubt MtGox will scare away their customers for X% tainted coins. 40k coins aren't much compared to the millions anyway.

[Lupus_Yonderboy]

You are wrong. I abhor theft. Yet, I oppose a blacklist. I honestly feel that any blacklist will only serve to hurt regular users, and create a situation where malicious individuals can take advantage of the blacklist to cause more damage.

In other words, I think the negative unintended consequences of a blacklist outweigh the potential positive consequences.

By the way, I didn't arrive at this conclusion lightly. I spent a lot of time considering it after the allinvain theft. In fact, I can link you to some posts where I defended a the idea of a blacklist rather fervently.

https://bitcointalk.org/index.php?topic=16457.msg238345#msg238345
https://bitcointalk.org/index.php?topic=16457.msg238369#msg238369
https://bitcointalk.org/index.php?topic=16457.msg238376#msg238376
https://bitcointalk.org/index.php?topic=16457.msg239655#msg239655

And several more posts in that thread and others.

But then I thought about it, and realized how this blacklisting could be abused to cause more harm than good. If I could snap my fingers and return all the stolen coins to their rightful owners, I would gladly do it, but I am against a blacklist.

Perhaps services will spring up that maintain lists. The more accurate ones will largely agree with each other, inaccurate ones or ones not kept up to date will fall by the wayside. Feedback loops can be introduced for those who feel their coins are wrongly listed. In all cases the lists should be advisory with specific reasons posted for each entry, with the end user deciding whether or not they want to use the data. I have no intention of runnning such a service, but I am positive someone can make a working business model. After that, let the market decide. Will people try to spam/abuse such services? Absolutely. That's why the good ones that can effectively filter and correctly identify suspect transactions will succeed, and the other ones will fail.

I also don't understand how calling for more secure practices from users equates to approval of theft or blaming the victim...

Because the standard line is "Should've had more security" and then everybody goes on like nothing happened. Ho-hum, another large theft, wasn't my coins, you just should've had better security bro. It's your fault the coins were stolen, b/c you didn't have better security. Sorry about your loss. And now I will completely ignore where those coins went and look the other way as the thief sends me those stolen coins for whatever good/service I am selling.

People use the 'better security' excuse as a cop-out. It lets them place full blame on the victim while letting the thief get away scott-free. Letting the thief spend their coins wherever they want is fencing stolen goods and tacit approval of the theft. And the 'a coin is a coin' thing is also a moral cop out. If Al-Qaeda bought a backpack nuke w/ bitcoins and used it, I damn sure wouldn't use any of those coins. I can't speak for anyone else's conscience, but I can speak for mine.

Just answer what would be done in one example.

Someone steals coins robs a bank and then uses them the cash for a local anonymous purchase. This is many users primary motive for using Bitcoin cash, privacy from anyone who might be interested in how you spend your money. They time the purchase so it occurs immediately after the theft. Let's say the transaction was for several ounces of gold. So, the theft is finally reported, and now the coins serial numbers on the bills are blacklisted. But they are no longer in the possession of the thief, he has traded them to an innocent individual for several ounces of gold. Yet, this innocent individual has no way to prove that he isn't the thief, he used Bitcoin cash specifically to keep the transaction private and required no information from the individual purchasing the gold (the thief). In this situation, a blacklist hurts an innocent man as his gold is gone and his coins are cash is now worthless. So, due to a blacklist, the thief has injured two individuals instead of one. The innocent individual could return the coins cash to the original victim of the theft, but how do we prove that the victim didn't arrange the "theft" to purchase some gold and get his coins cash returned after the fact? In either case, someone is getting hurt.

You can have the same potential abuse with cash, and banks will absolutely blacklist serial #'s they know were stolen. The quick answer is only do business with trusted parties. We can sit here and make conjectures about "If x, y, and z conditions are all fulfilled, then some innocent person will get hurt." People are going to get hurt regardless of what you do or do not do. Blacklists help make sure less people overall get hurt. Removing profit incentive from thefts will greatly lower the rate of thefts. Of course thieves will attempt to find a way to make their thefts profitable even quicker, but it will help deter most large thefts (unless those are just being done maliciously).

Some of the properties of Bitcoin are useful for some individuals, these properties come with the responsibility to protect yourself from theft. What's so hard about accepting that and understanding that maybe it's not for everyone. I personally don't expect Bitcoin to become the reserve currency of the world or anything like that. But it has some very specific advantages over other currencies, and people who appreciate those advantages don't want to give them up in exchange for some pretend theft protection. I say pretend, because I don't think a blacklist will protect people from theft, and certain users won't care if they receive blacklisted coins or not, i.e. criminals.

It is this attitude that will relegate Bitcoin to being nothing more than a marginalized hacker currency. Only those who can deploy large byzantine security solutions should be able to have bitcoins without fear of them being stolen.  Any security a user can implement can be overcome by a determined enough person or group. And most security isn't going to help if someone knowledgeable has physical access to your server (*cough* datacenter employees *cough*) --but TPM looks interesting. Of course this does not mean that security should be forsaken entirely, but neither is it the end-all be-all everyone tries to make it. Good security + blacklists can do a lot to cut down on theft.

Also, precisely what advantages of Bitcoin are being given up here? Being easily stolen and fenced? I don't expect Bitcoin to ever be the world's reserve currency either, or even 1% of US GDP, but the perception out there is that Bitcoin is the currency of choice for thieves, drug dealers, gun runners, and all other sorts of ne'er do wells. I am quite frankly surprised they haven't thrown child pr0n at us yet. Every large scale theft that hits the news reinforces that opinion of us. Which sucks b/c this technology has the chance to be so much more.

[kjj]

Perhaps services will spring up that maintain lists. The more accurate ones will largely agree with each other, inaccurate ones or ones not kept up to date will fall by the wayside. Feedback loops can be introduced for those who feel their coins are wrongly listed. In all cases the lists should be advisory with specific reasons posted for each entry, with the end user deciding whether or not they want to use the data. I have no intention of runnning such a service, but I am positive someone can make a working business model. After that, let the market decide. Will people try to spam/abuse such services? Absolutely. That's why the good ones that can effectively filter and correctly identify suspect transactions will succeed, and the other ones will fail.

Yes.  Because that is exactly how it worked when the spam fighters had the exact same idea.   

[reg]

to holiday and kjj, generally I think holiday is thinking along the correct path for the future of BTC and kjj has single-handedly converted me to multisig. But consider this, the largest hacks have occurred via online services and exchanges. These have shown fundamental flaws in security and their resolution has strengthened BTC. However no-one has any real idea who perpetrated these acts and there effect was to undermine confidence in BTC. If they are thieves there is nothing practical we can do if we want to maintain anonymity (I think that is essential to safeguard the individuals freedom in finance). If they are agents of an existing authoritarian agency they will be UPSET that the attack did not greatly undermine BTC prices. Adopting similar systems of control and monitoring that exist in fiat currencies plays into their hands and should be avoided.  BTC will be fine if users adopt appropriate strategies 1) do your best to secure and diversify your own BTC's. 2) avoid exchanges that control you or your funds. 3)sleep with both eyes open.  reg.

[DeathAndTaxes]

People use the 'better security' excuse as a cop-out. It lets them place full blame on the victim while letting the thief get away scott-free. Letting the thief spend their coins wherever they want is fencing stolen goods and tacit approval of the theft. And the 'a coin is a coin' thing is also a moral cop out. If Al-Qaeda bought a backpack nuke w/ bitcoins and used it, I damn sure wouldn't use any of those coins. I can't speak for anyone else's conscience, but I can speak for mine.

Why would your conscience be affected by what currency was used for in the past?  Its asinine but it explains a lot.

You do understand that if you go to a bank and get one a hundred different bills the odds are some of those in the past were used for just to pay for just about every evil in the world from human trafficking, to murder for hire and arms sales to child porn. 

With modern currency they have a relatively short lifespan but very old gold coins were probably involved in one (or a couple dozen) slave trades during their time in active circulaiton.  Should most ancient gold coins be melted down or blacklisted because they have the taint of slavery, genocide, rape, pillaging, etc?


Does it affect your conscience that you may be passing along "bad" money everyday?
Or is this moral poutrage merely limited to Bitcoin?

[DeathAndTaxes]

3)sleep with both eyes open.  reg.

I tried that but then I was so tired I fell asleep during the day and got robbed.

[muyuu]

Saw this paper, Lupus? http://fc12.ifca.ai/pre-proceedings/paper_84.pdf

How do you feel about their proposals to IMPROVE anonymity by mixing/laundering coins? from an academic paper no less?

Only lunatic and authoritarians think it's a good idea to control every little monetary exchange made by people. Money doesn't commit crimes.

[Lupus_Yonderboy]

Because the standard line is "Should've had more security" and then everybody goes on like nothing happened. Ho-hum, another large theft, wasn't my coins, you just should've had better security bro. It's your fault the coins were stolen, b/c you didn't have better security. Sorry about your loss. And now I will completely ignore where those coins went and look the other way as the thief sends me those stolen coins for whatever good/service I am selling.

People use the 'better security' excuse as a cop-out. It lets them place full blame on the victim while letting the thief get away scott-free. Letting the thief spend their coins wherever they want is fencing stolen goods and tacit approval of the theft. And the 'a coin is a coin' thing is also a moral cop out. If Al-Qaeda bought a backpack nuke w/ bitcoins and used it, I damn sure wouldn't use any of those coins. I can't speak for anyone else's conscience, but I can speak for mine.

I think you take this to the opposite extreme though. The thief is always the aggressor, but people need to be responsible for their property. This is why we have locks, security systems, etc. How can I feel bad for everyone who has their coins stolen when I've taken the steps to protect mine? At some point you have to realize that you need to be responsible with your own property instead of relying on everyone to protect you.

Security = proactive. Blacklist = reactive. Which method is preferred? Which method should we be pushing users towards? Why would I bother with the reactive one when I can help prevent people from having their coins stolen in the first place?

I'm not saying forego personal security and rely solely on a blacklist. There is no reason you can't do both. A blacklist is also proactive in that it removes much of the profit motive from theft. As an anaolgy, an off duty cop in a bank lobby is both proactive and reactive. He will help deter most casual bank robbers, but he is there to respond against determined attackers. Security is never 100% effective, somebody will always find an exploit. And in Bitcoin world this means the victim will be blamed for not having enough personal responsibility to get better security.

You can have the same potential abuse with cash, and banks will absolutely blacklist serial #'s they know were stolen.

I've never seen anyone checking serial numbers on cash, ever. Perhaps banks do, and maybe this is how it will play out in the Bitcoin world. Banks (exchanges) will check, merchants and users won't.

They don't always know , but if they just got a shipment of new bills in, they do. Also in the event of a ransom situation they always write down the serial numbers. A better analogy would be the way the US system handles counterfeit notes. Merchants check most bills they get and any that fail the pen test are refused. If any get through and the merchant tries to deposit them, the bank confiscates them and they are a loss on the business for not doing its due dilligence. The same thing if a person tries to deposit them into their personal account. A blacklist for stolen coins would pretty much be the same thing. Failing to check for validity is not the fault of the bank(exchange), but that of the business/end user. Especially since it can be seamlessly integrated into the client. And before the peanut gallery chimes in, yes I know bitcoins can't be counterfeited.

The quick answer is only do business with trusted parties.

Yes, as I expected. Well, this is why I use Bitcoin. So...

Meaning use a system like bitcoin-otc or somesuch. While I have never been there I would be extremely shocked if SR didn't have at least some kind of informal trust system. So if you are doing business with people that have no references anywhere, then don't be surprised if those transactions don't always turn out satisfactorily. Also, how does your purchaser know that you just didn't steal the gold that you are selling to him, or that you will even send him that gold?

People are going to get hurt regardless of what you do or do not do. Blacklists help make sure less people overall get hurt. Removing profit incentive from thefts will greatly lower the rate of thefts. Of course thieves will attempt to find a way to make their thefts profitable even quicker, but it will help deter most large thefts (unless those are just being done maliciously).

I think the thieves will just find new ways around the blacklist. The silk road, for example. I'm sure those people could care less about any blacklist, that should be obvious. It will also create a black market for blacklisted and clean Bitcoins, and then we get all the wonderful things that come with a black market...

There is a black market for counterfeit US bills too, ones that no bank will take, drug dealers will etc etc. Not so different. I hate to keep going back to that analogy but it is pretty apt.

It is this attitude that will relegate Bitcoin to being nothing more than a marginalized hacker currency.

The attitude that I want financial privacy? Why use something as volatile as Bitcoin otherwise?

Is that the only reason for people to use Bitcoin? If so, then we just need to stop wasting resources on trying to get any normal users to start using Bitcoin. Because whether or not it is true, the public perception is that if you need 100% financial privacy, it is usually for something illegal.

Only those who can deploy large byzantine security solutions should be able to have bitcoins without fear of them being stolen.

Well, as I've pointed out several times, there are new features that will make security quite simple for the average users. Multi-sig functionality in the default client, and Armory offline transactions. One of them is working and available today! And let's not forget, this is all beta software.

Awesome. If it is all beta software, then there is no harm in trying out a blacklist feature. If it works, great! If not, well its just beta software and we'll drop that feature in the next revision (and yes I already use Armory)

Any security a user can implement can be overcome by a determined enough person or group. And most security isn't going to help if someone knowledgeable has physical access to your server (*cough* datacenter employees *cough*) --but TPM looks interesting.

With multi-sig I could give you my computer containing my unencrypted wallet, and you won't be able to steal my coins. 

Multi-sig is definitely a huge step in the right direction. Most users don't have access to a secure offline computer to sign all of their transactions though. Is there a solution that would have helped Slush or Zhou out? Meaning multi-sig with businesses that need to do instant payouts. And yes, I know Zhou really did need 'better security' in the 1st place.

Also, precisely what advantages of Bitcoin are being given up here?

Financial privacy.

How? Nothing new is in the block chain that wasn't already there. If this stripped anonymity then it could be used to identify thieves, but it cannot. If your transactions were private before, they still are. Enhanced scrutiny of the block chain does not change this. If your transactions cannot bear close examination via the block chain, then you never were private.

[Lupus_Yonderboy]

People use the 'better security' excuse as a cop-out. It lets them place full blame on the victim while letting the thief get away scott-free. Letting the thief spend their coins wherever they want is fencing stolen goods and tacit approval of the theft. And the 'a coin is a coin' thing is also a moral cop out. If Al-Qaeda bought a backpack nuke w/ bitcoins and used it, I damn sure wouldn't use any of those coins. I can't speak for anyone else's conscience, but I can speak for mine.

Why would your conscience be affected by what currency was used for in the past?  Its asinine but it explains a lot.

You do understand that if you go to a bank and get one a hundred different bills the odds are some of those in the past were used for just to pay for just about every evil in the world from human trafficking, to murder for hire and arms sales to child porn. 

With modern currency they have a relatively short lifespan but very old gold coins were probably involved in one (or a couple dozen) slave trades during their time in active circulaiton.  Should most ancient gold coins be melted down or blacklisted because they have the taint of slavery, genocide, rape, pillaging, etc?


Does it affect your conscience that you may be passing along "bad" money everyday?
Or is this moral poutrage merely limited to Bitcoin?

The main one for me is knowing. You can't pick up a bill, or a piece of gold, and know its entire history. Bitcoins are different, because you can know every transaction they have ever been in. That's not a bug, that's a feature. You are, of course, free to ignore it and not use that feature, but that doesn't keep it from being there. To me, accepting and using money that has been involved with a theft is wrong. Obviously there are many people here who think that handling stolen property is just dandy. That is perfectly fine, but I do not have to do business with them. There is no law stating that I must accept their coins, at any value. I can establish my own criteria with whom I conduct transactions. If that criteria includes vetting the history of their money to satisfy my conscience, then c'est la vie.

"A coin is a coin" is often a moral cop out (for those that have them) because it lets a person ignore the possibility that some of the coins in their wallet are only there because they were stolen from somebody else. It lets them turn blind eye to the possibilty that their profits may be because somebody else is suffering. Of course there are people whose morals allow them to simply not care if coins are stolen, and others such as the original thief that are simply amoral.

Tell me, if gpumax paid you 15 btc tomorrow, and you found 10 of them came from slush's theft, would you give them back to slush?