disclaimer201
Legendary
Offline
Activity: 1526
Merit: 1001
|
|
March 05, 2012, 06:40:58 AM |
|
After reading Mt. Gox terms of service over and over again, it is probably easier to just describe it like this:
"We do as we please with your account, but if you play nice we might send your held currencies to a bank account upon termination. We also reserve the right to change our mind at any time." That's pretty typical of terms of service. That's why it's very important to distinguish what the terms of service say and what a company actually does. Mt. Gox's terms of service claim to allow them to steal someone's Bitcoins, but they certainly don't have a policy of doing that. (Nor could they actually get away with it if they tried.) Quoting their ToS in response to a question of whether Mt. Gox actually has a policy of rejecting "tainted" Bitcoins is spectacularly unhelpful. The question is -- what would Mt. Gox actually do if someone deposited Bitcoins traceable to the Linode theft into their account. And my hope would be that they might notify authorities or notify the depositor, but they most certainly would process that deposit normally, absent some evidence the depositor was involved in the theft somehow. Almost anything else destroys the usability of Bitcoins. If I have to worry that my Bitcoins might become unspendable in the future, how can I accept them as payment? +1
|
|
|
|
disclaimer201
Legendary
Offline
Activity: 1526
Merit: 1001
|
|
March 05, 2012, 07:45:50 AM |
|
After reading Mt. Gox terms of service over and over again, it is probably easier to just describe it like this:
"We do as we please with your account, but if you play nice we might send your held currencies to a bank account upon termination. We also reserve the right to change our mind at any time." That's pretty typical of terms of service. That's why it's very important to distinguish what the terms of service say and what a company actually does. Mt. Gox's terms of service claim to allow them to steal someone's Bitcoins, but they certainly don't have a policy of doing that. (Nor could they actually get away with it if they tried.) Quoting their ToS in response to a question of whether Mt. Gox actually has a policy of rejecting "tainted" Bitcoins is spectacularly unhelpful. The question is -- what would Mt. Gox actually do if someone deposited Bitcoins traceable to the Linode theft into their account. And my hope would be that they might notify authorities or notify the depositor, but they most certainly would process that deposit normally, absent some evidence the depositor was involved in the theft somehow. Almost anything else destroys the usability of Bitcoins. If I have to worry that my Bitcoins might become unspendable in the future, how can I accept them as payment? This is pretty clear, but you're stopping halfway through your reasoning: it's not like you have a choice in the matter. Given the existing information out there (the universal ledger, aka the block chain), and given a public list of fraudulent transactions, the"cleanliness" of a batch of coins can be computed fairly simply unless it's been laundered extensively. As to a public registry of fraudulent fraudulent TX, it's only a matter of time, and I suspect the claims made there will be reputation weighted. A bitcoin business, such as an exchange can decide to accept your coins or not based on how "clean" they are. Whether you like it or not, whether this destroys bitcoin fungibility are both completely irrelevant: you can't prevent it from happening. The only way would be if cheap, large scale laundering operations start to crop up. And even those aren't easy. Okay, if this shall be inevitably the case I will leave the bitcoin project sooner or later. I'm guessing sooner. Eventually, with all that risk and technical verification that will need to be involved by everyone, it means there will be no future for BTC and I won't continue to invest in something that has no future.
|
|
|
|
JoelKatz
Legendary
Offline
Activity: 1596
Merit: 1012
Democracy is vulnerable to a 51% attack.
|
|
March 05, 2012, 08:28:13 AM |
|
A bitcoin business, such as an exchange can decide to accept your coins or not based on how "clean" they are. Whether you like it or not, whether this destroys bitcoin fungibility are both completely irrelevant: you can't prevent it from happening. I think there's a lot I, and others, can do to prevent it from happening. The first thing is to make stakeholders understand that this is a huge threat. The second thing is to come up with better responses that don't involve tainting coins. (Which, from the evidence I've seem so far, seems to be what Mt. Gox is doing. So kudos to Gox.)
|
I am an employee of Ripple. Follow me on Twitter @JoelKatz 1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
|
|
|
wareen
Millionaire
Legendary
Offline
Activity: 910
Merit: 1001
Revolutionizing Brokerage of Personal Data
|
|
March 05, 2012, 08:31:02 AM |
|
Whether you like it or not, whether this destroys bitcoin fungibility are both completely irrelevant: you can't prevent it from happening.
Okay, if this shall be inevitably the case I will leave the bitcoin project sooner or later. Just because you can't prevent something from happening doesn't mean it is inevitable! Sure, if Bitcoin businesses and individuals started to check for the reputation of coins they receive then there's little you can do about it but I highly doubt this will happen. It is simply too much of a hassle to do this in a sensible way. Amongst other things, you'd have to establish a reputation infrastructure, a dispute resolution process and of course you have to get it supported by the standard client. Also, what if the coin reputation service goes down or is DDoSed? Do you suspend the Bitcoin network? I honestly don't see that happening - especially with Bitcoin often being used in an automated fashion this becomes much too much of a hassle. Also I really hope that with multisig / two-factor authentication becoming established, we won't see many large thefts in Bitcoinland anymore.
|
|
|
|
disclaimer201
Legendary
Offline
Activity: 1526
Merit: 1001
|
|
March 05, 2012, 08:39:23 AM |
|
Whether you like it or not, whether this destroys bitcoin fungibility are both completely irrelevant: you can't prevent it from happening.
Okay, if this shall be inevitably the case I will leave the bitcoin project sooner or later. Just because you can't prevent something from happening doesn't mean it is inevitable! Sure, if Bitcoin businesses and individuals started to check for the reputation of coins they receive then there's little you can do about it but I highly doubt this will happen. It is simply too much of a hassle to do this in a sensible way. Amongst other things, you'd have to establish a reputation infrastructure, a dispute resolution process and of course you have to get it supported by the standard client. Also, what if the coin reputation service goes down or is DDoSed? Do you suspend the Bitcoin network? I honestly don't see that happening - especially with Bitcoin often being used in an automated fashion this becomes much too much of a hassle. Also I really hope that with multisig / two-factor authentication becoming established, we won't see many large thefts in Bitcoinland anymore. Agreed. Let's hope it is too much of a hassle. But let's hope MtGox, who is by far the biggest and possibly indispensible exchange, sees it that way also.
|
|
|
|
JoelKatz
Legendary
Offline
Activity: 1596
Merit: 1012
Democracy is vulnerable to a 51% attack.
|
|
March 05, 2012, 10:17:47 AM |
|
Now let's move on and talk about a technical solution. I don't think there's a technical problem. What problem do you think needs a technical solution? If you mean working on a way to help thieves more easily make their coins untrackable, you're way off track. Dollar bills are quite trackable, every one has a serial number on it, and they don't have this problem. Bitcoins should not need to optimize themselves for thieves and money launderers but should instead optimize themselves for use by honest folk.
|
I am an employee of Ripple. Follow me on Twitter @JoelKatz 1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
|
|
|
muyuu
Donator
Legendary
Offline
Activity: 980
Merit: 1000
|
|
March 05, 2012, 10:23:46 AM |
|
Anything adding an extra layer of complexity is a massive NO-GO for bitcoin IMO.
You have to take into account that there are hundreds of ways such a system would be gamed. A complexity arms race is the least thing bitcoin needs.
For example: order of transactions within a block is not deterministic. I can have a clean account with, say, only freshly mined coins, and a tainted account. I give you the clean address and you accept the payment by some automatic means of checking taint. Then I immediately transfer a boatload of highly tainted coins to this address. Both transactions happen in the same block and you cannot reliably tell which happened first. Your account is now highly tainted, you may just have lost a lot of value if untainted coins have a big premium due to this system. Then you have to add even more delay to the already high delay there is to have a proper number of confirmations, and you really cannot have an automated system.
Off the top of my head I can think of dozens of attacks.
I wouldn't work in a system like this. Not while I still have coins.
|
GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D) forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
|
|
|
payb.tc
|
|
March 05, 2012, 10:41:53 AM |
|
Bitcoins should not need to optimize themselves for thieves and money launderers but should instead optimize themselves for use by honest folk.
i disagree that something as neutral as money should be biased towards any specific kind of person. i do agree that as you say, this is not a technical problem.
|
|
|
|
wareen
Millionaire
Legendary
Offline
Activity: 910
Merit: 1001
Revolutionizing Brokerage of Personal Data
|
|
March 05, 2012, 11:53:17 AM |
|
Anything adding an extra layer of complexity is a massive NO-GO for bitcoin IMO.
You have to take into account that there are hundreds of ways such a system would be gamed. A complexity arms race is the least thing bitcoin needs.
+1 As soon as there's such a mechanism, stolen coins will find a way to avoid being detected, there's just no way you can do that 100% reliably. This would only result in a great big mess - people wrongfully accusing others of having their coins stolen (even if it was a regular payment or donation) just to get them into trouble, people fighting over evidence and reputation, online wallet services getting into trouble because some think their acceptance policies are not strict enough, tainting coins of innocent others in the process, people flooding donation addresses with tainted coins,... Also, what would be the next step? Refuse blocks from "shady" miners who include transactions with tainted fees? We really don't need that - fighting Bitcoin thefts at that level is just not the way to go. You'd only make it a bit harder for Bitcoin thieves at the cost of making Bitcoin a much more miserable experience for everyone else! Oh and I'm not trying to talk anybody out of implementing such a system, please go ahead and do it, just don't expect it to become widely adopted. Even people thinking such a system would be a good idea in principle are likely to disagree on the details, fighting and lobbying for their favored policies, etc... In the end, it would have been much more effective to just make two-factor authentication easy to use for everyone.
|
|
|
|
|
Raoul Duke
aka psy
Legendary
Offline
Activity: 1358
Merit: 1002
|
|
March 05, 2012, 05:07:58 PM |
|
Who cares?... A coin is a coin is a coin, just like a dollar bill is a dollar bill is a dollar bill, with or without coke on it.
|
|
|
|
muyuu
Donator
Legendary
Offline
Activity: 980
Merit: 1000
|
|
March 05, 2012, 06:19:21 PM |
|
Who cares?... A coin is a coin is a coin, just like a dollar bill is a dollar bill is a dollar bill, with or without coke on it. That was the point...
|
GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D) forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
|
|
|
Micon
Legendary
Offline
Activity: 1232
Merit: 1014
FPV Drone Pilot
|
|
March 11, 2012, 06:02:00 AM |
|
1) product idea: "level of taint on my bitcoin" site, with a formula to determine level of taint, how many transactions ago, etc
2) I agree, Gox or any other exchange shouldn't judge your coins, a coin is a coin and it's a brutal, unforgiving system but that's what it has been created here / can't police the coins.
|
|
|
|
LightRider
Legendary
Offline
Activity: 1500
Merit: 1022
I advocate the Zeitgeist Movement & Venus Project.
|
|
March 11, 2012, 06:26:55 AM |
|
Since last week, we've been completely consumed with evaluating, discussing, debating, planning, etc, ways in which we can do better. This was a learning experience for us and Linode will only improve because of it. Hoping to have an announcement soon covering the results of these efforts. http://forum.linode.com/viewtopic.php?p=49004#49004Apparently they're still dealing with it internally.
|
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
March 11, 2012, 08:24:23 AM |
|
Since last week, we've been completely consumed with evaluating, discussing, debating, planning, etc, ways in which we can do better. This was a learning experience for us and Linode will only improve because of it. Hoping to have an announcement soon covering the results of these efforts. http://forum.linode.com/viewtopic.php?p=49004#49004Apparently they're still dealing with it internally. I wonder if this could become a sort of marketing tool: - bad security incident happens to company
- company gets negative press, loads of it
- company acts responsibly and betters itself, improves security
- company shines, gets new customers who think company must now be very secure
it worked for mtgox I myself didn't even know of linode before. If they act correctly now, I might even consider them next time I look for a VPS provider -> successful marketing.
|
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
Killdozer
|
|
March 11, 2012, 08:36:30 AM |
|
I myself didn't even know of linode before. If they act correctly now, I might even consider them next time I look for a VPS provider -> successful marketing. If you should learn anything from this incident is that you shouldn't keep any big amounts of coins on a vps, linode or not.
|
|
|
|
ThomasV
Legendary
Offline
Activity: 1896
Merit: 1353
|
|
March 11, 2012, 09:30:51 AM |
|
I myself didn't even know of linode before. If they act correctly now, I might even consider them next time I look for a VPS provider -> successful marketing. If you should learn anything from this incident is that you shouldn't keep any big amounts of coins on a vps, linode or not. +1 If all you need is to accept Bitcoin in an e-commerce, then you do not need to leave your private keys on the server. For example, you can use a deterministic wallet to generate your addresses without the private keys. If your server needs to send bitcoins to customers (which was the case for bitcoinica and slush's pool), it is probably not reasonable to use a VPS, especially if large amounts are involved.
|
Electrum: the convenience of a web wallet, without the risks
|
|
|
kano
Legendary
Offline
Activity: 4620
Merit: 1851
Linux since 1997 RedHat 4
|
|
March 11, 2012, 09:37:27 AM |
|
...
I myself didn't even know of linode before. If they act correctly now, I might even consider them next time I look for a VPS provider -> successful marketing.
You'd trust a company that had a hidden backdoor? (yes that description is correct, it did not show up for the logs for slush and was either unknown by the person he contacted originally or the access was hidden by them) As I said early on, I think they deserve to go bankrupt and be done with. Not a chance in hell I'd trust them for anything.
|
|
|
|
notme
Legendary
Offline
Activity: 1904
Merit: 1002
|
|
March 11, 2012, 06:01:09 PM |
|
I myself didn't even know of linode before. If they act correctly now, I might even consider them next time I look for a VPS provider -> successful marketing. If you should learn anything from this incident is that you shouldn't keep any big amounts of coins on a vps, linode or not. +1 If all you need is to accept Bitcoin in an e-commerce, then you do not need to leave your private keys on the server. For example, you can use a deterministic wallet to generate your addresses without the private keys. If your server needs to send bitcoins to customers (which was the case for bitcoinica and slush's pool), it is probably not reasonable to use a VPS, especially if large amounts are involved. Public addresses are derived from the private key, so deterministic wallet is not the solution. However, you are correct that you don't need the private keys. You can simple keep a buffer of a few thousand address in your db that match private keys you store in a safe location.
|
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
March 11, 2012, 06:04:07 PM |
|
Public addresses are derived from the private key, so deterministic wallet is not the solution. However, you are correct that you don't need the private keys. You can simple keep a buffer of a few thousand address in your db that match private keys you store in a safe location.
I think electrum has implemented a solution where the addresses can also be derived from a seed.
|
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
|