The problem of stolen coins

[muyuu]

Any entity taking it upon themselves to "protect" us in that fashion should be boycotted immediately and completely.

MtGox is doing just that. Status quo. It's hard to boycott the leader and people don't give a fuck until they perceive it affects them.

[1714112399]

1714112399

[1714112399]

1714112399

[1714112399]

1714112399

[1714112399]

1714112399

[1714112399]

1714112399

[disclaimer201]

So if MtGox starts confiscating (not just putting accounts on hold for investigation) it may be time to start boycotting Gox. I don't use it anyway because I don't want to give them that kind of personal information they require and I need reliable and quick SEPA transactions. At other exchanges I trade with people directly and noone wants my private info. We need to get some more official statements from Gox concerning their actions. At the moment they simply doubt that they will receive any of the stolen coins, but sooner or later they will get there.

The example with chairs above unfortunately doesn't fit our case because chairs are not used as a currency or to exchange value. So, don't mix apple with pears or bitcoins.

[Lupus_Yonderboy]

When someone steals something the rule of law applies.  It is the responsibility of law enforcement not a currency to ensure assets are recovered and dishonest people punished.

That has nothing to do with an ad-hoc non-fungible tainted coins nonsense.

And what rule of law applies with regards to the Linode fiasco, or stolen bitcoins in general? What law enforcement agencies are involved? Where were the reports filed? Nobody is going to be prosecuted for this or any other bitcoin theft, ever. Even if Mr. Wright does manage to track down whoever was responsible for the Linode hack, there is very little that can be done. Especially if the guilty party resides in a jurisdiction such as Russia.

Not having any repercussions for stealing bitcoins only encourages more theft. You have a system where thieves can repeatedly rob the banks and suffer no consequences for it. Then you blame the bank for not having enough security. Classic. You will never gain the trust of the masses that you need in order to make Bitcoin succeed that way. Again, you are essentially asking regular people to keep their money at the First Bank of Somalia. Although at this point it may actually be safer in Somalia.

The lack of trust will be a large part of what keeps Bitcoin from ever being more than niche market for libertarians, anarchists, some geeks, and few speculators. There will never be any kind of enforcement mechanisms with regards to Bitcoin, which is why the entire market cap will never be worth more than some banker's pocket change.

[marcus_of_augustus]

When someone steals something the rule of law applies.  It is the responsibility of law enforcement not a currency to ensure assets are recovered and dishonest people punished.

That has nothing to do with an ad-hoc non-fungible tainted coins nonsense.

And what rule of law applies with regards to the Linode fiasco, or stolen bitcoins in general? What law enforcement agencies are involved? Where were the reports filed? Nobody is going to be prosecuted for this or any other bitcoin theft, ever. Even if Mr. Wright does manage to track down whoever was responsible for the Linode hack, there is very little that can be done. Especially if the guilty party resides in a jurisdiction such as Russia.

Not having any repercussions for stealing bitcoins only encourages more theft. You have a system where thieves can repeatedly rob the banks and suffer no consequences for it. Then you blame the bank for not having enough security. Classic. You will never gain the trust of the masses that you need in order to make Bitcoin succeed that way. Again, you are essentially asking regular people to keep their money at the First Bank of Somalia. Although at this point it may actually be safer in Somalia.

The lack of trust will be a large part of what keeps Bitcoin from ever being more than niche market for libertarians, anarchists, some geeks, and few speculators. There will never be any kind of enforcement mechanisms with regards to Bitcoin, which is why the entire market cap will never be worth more than some banker's pocket change.

Top of the page, it says experimental, beta.

The way with tech. means the next iteration will improve, not devolve

Banker's pocket change is decreasing .... cryptocoin tech. is increasing. Place your bets, pick your battles, we are on journey not in a war.

[Herodes]

With freedom comes responsibility. It's that simple.

Best post I've read today! Freedom over safety, always!

[disclaimer201]

Sorry, but with great power comes great responsibility!

Spins a web, any size,
Catches thieves just like flies
Look Out!
Here comes the Spiderman.

Is he strong?
Listen bud,
He's got radioactive blood.
Can he swing from a thread
Take a look overhead
Hey, there
There goes the Spiderman.

In the chill of night
At the scene of a crime
Like a streak of light
He arrives just in time.

Spiderman, Spiderman
Friendly neighborhood Spiderman
Wealth and fame
He's ingnored
Action is his reward.

To him, life is a great big bang up
Whenever there's a hang up
You'll find the Spider man.

[allten]

If I ever encountered that my bitcoins were stolen and I do not get my money's worth, I'd get straight out of bitcoin and never come back. Somehow I have the feeling, I won't be the only one with such a reaction. If this verfication is truly unstoppable and will really happen, bitcoin is doomed. The banks win. The governments win. Fire in the hole.

So, you bail if someone will not accept your tainted coins... or worse, they wait 'till  you send them before informing you the product or service you purchased will not be honored.
Now, on the flip side, would you accept bitcoins in payment if you clearly knew they were stolen?

This is nothing more than a new dynamic most of us have not thought through. Let's look at it in a positive way.
Sounds like a new service is needed where the community can watch where these coins go.
What someone or some service does with this information is entirely up to them.

how would you react if...
          you received 100% tainted coins from the source?
          or 100% tainted coins but jumped through a few addresses?
          50% tainted?
          10% tainted?
          <1% tainted?


Me personally, I wouldn't care the slightest once my coins are tainted less than 10%.

[muyuu]

If I ever encountered that my bitcoins were stolen and I do not get my money's worth, I'd get straight out of bitcoin and never come back. Somehow I have the feeling, I won't be the only one with such a reaction. If this verfication is truly unstoppable and will really happen, bitcoin is doomed. The banks win. The governments win. Fire in the hole.

So, you bail if someone will not accept your tainted coins... or worse, they wait 'till  you send them before informing you the product or service you purchased will not be honored.
Now, on the flip side, would you accept bitcoins in payment if you clearly knew they were stolen?

This is nothing more than a new dynamic most of us have not thought through. Let's look at it in a positive way.
Sounds like a new service is needed where the community can watch where these coins go.
What someone or some service does with this information is entirely up to them.

how would you react if...
          you received 100% tainted coins from the source?
          or 100% tainted coins but jumped through a few addresses?
          50% tainted?
          10% tainted?
          <1% tainted?


Me personally, I wouldn't care the slightest once my coins are tainted less than 10%.

Please, stop acting like this was a matter of personal choice. (Not directing this solely to you).

If whatever exchange you use confiscates coins with x% taint then that's the most important taint % to you. If the market starts distinguishing in taint levels, then any taint is relevant to you. If the x% of taint your exchanger thinks he's warranted to ask you questions is a loose range, then the very uncertainty will make you avoid any taint at all. Taken to the extreme the system would be so complicated a lot of people would just give up.

One has to take into account that all addresses with any number of coins are in the blockchain, you can in theory get randomly tainted in some sort of lottery, they are all public. In many cases, people advertise donation addresses and such. Any foe would be able to effectively taint these. There are dozens of implications once we break the assumption that all BTC are equal. It's a mess.

[sebastian]

amencon@page1: "Do the people that find themselves in possession of laundered stolen coins have the same opportunity to protect themselves?"

Yes:
1: Don't publish your public keys. Keep them as secret you would keep your private keys.

2: Again: Treat your public keys as they were your credit card numbers. Would you enter your credit card number at some random untrusted USD to EUR exchange? Would you give your credit card number openly on this forum? Would you give your credit card number to some random wanting to give your money?

3: Yes you can give public keys. But treat them as your credit card number. ONLY give them to trusted people. Think of trusted people as like those nice webshops that you trust and know have good reputation. You freely give your cc to them.

4: Only deal with trusted indivuals.

5: Once a key is used, consider it void. After a adress has been used for a legit transaction, NEVER ever reuse that key. NEVER ever collect
any coins that may randomly fall into that adress. Toss away the private key after the coins has been spent.
(Because the public key go into the blockchain and is published and leaked.)

6: If a public key does leak, make sure to claim all coins before any new coins appear at that adress, and then toss away the private key to the leaked public key.

7: If you get unknown coins at a adress, use a client that allows you to select coins, to make sure to only select non-stolen inputs, to claim all coins from adress.

8: If, and ever if, unknown coins ever get mixed with your own coins in some way making them unseparable without tracing you to the stolen source coin, toss all those coins overboard.

[disclaimer201]

amencon@page1: "Do the people that find themselves in possession of laundered stolen coins have the same opportunity to protect themselves?"

Yes:
1: Don't publish your public keys. Keep them as secret you would keep your private keys.

2: Again: Treat your public keys as they were your credit card numbers. Would you enter your credit card number at some random untrusted USD to EUR exchange? Would you give your credit card number openly on this forum? Would you give your credit card number to some random wanting to give your money?

3: Yes you can give public keys. But treat them as your credit card number. ONLY give them to trusted people. Think of trusted people as like those nice webshops that you trust and know have good reputation. You freely give your cc to them.

4: Only deal with trusted indivuals.

5: Once a key is used, consider it void. After a adress has been used for a legit transaction, NEVER ever reuse that key. NEVER ever collect
any coins that may randomly fall into that adress.

6: If a public key does leak, make sure to claim all coins before any new coins appear at that adress, and then toss away the private key to the leaked public key.

7: If you get unknown coins at a adress, use a client that allows you to select coins, to make sure to only select non-stolen inputs, to claim all coins from adress.

8: If, and ever if, unknown coins ever get mixed with your own coins in some way making them unseparable without tracing you to the stolen source coin, toss all those coins overboard.

1-6 seem fine
7-8 BS

If it comes to that Bitcoin is dead, again. Do you seriously think we should do that with every transaction?
Non tech-savvy people, heck even some tech-savvy people have no idea what you just wrote there, not alone a clue how to go about it. BTW to 6: "What is a private key? and where do I find it?" to 7: "Which client should I use and how do I use it?"

If you are for real here Bitcoin will never lift off to the main public, on the contrary it will become totally marginalised, ie for computer nerds only. If we want that, go ahead with 7 and 8.

If we don't, we need to make absolutely clear to MtGox and all general and potential users of bitcoin that if stolen coins are kept back from exchanges those exchanges need to face boycot or people will start rejecting BTC. This WILL be the end of BTC.

[kjj]

how would you react if...
          you received 100% tainted coins from the source?
          or 100% tainted coins but jumped through a few addresses?
          50% tainted?
          10% tainted?
          <1% tainted?


Me personally, I wouldn't care the slightest once my coins are tainted less than 10%.

I would pay a modest premium for high purity stolen coins of notable lineage in small quantities.  Like I'd probably be willing to pay 5 BTC for 1 BTC that was stolen in the latest incident, if it were 100% pure and had only a small number of intermediate wallets between, for example, bitcoinica's wallet and my own.  I suspect that plenty of other people would be willing to start a collection of famous coins too, if they could only just figure out how.

[bitcon]

seems like whenever i hear of a large bitcoin theft it always has the common factor of the coins being stored online somewhere as in an exchange, pool, etc.  don't want your coins stolen?  learn how to protect them yourself. its not that hard.   some people have just got to learn the hard way.  happened to me with paypal.  they froze my account, with thousands of dollars in it, and i don't even know if or when i will see a dime of that money. but you can rest assured that i will never use paypal again in my life.

[Raoul Duke]

seems like whenever i hear of a large bitcoin theft it always has the common factor of the coins being stored online somewhere as in an exchange, pool, etc.  don't want your coins stolen?  learn how to protect them yourself. its not that hard.   some people have just got to learn the hard way.  happened to me with paypal.  they froze my account, with thousands of dollars in it, and i don't even know if or when i will see a dime of that money. but you can rest assured that i will never use paypal again in my life.

180 days after your account gets suspended Paypal will mail you a check with the ammount that was left there. I hope you didn't use a fake address

[rjk]

The problem is that it is too hard to distinguish between Bitcoin being a currency or a commodity. If it were a currency, then you couldn't ask innocent persons that had obtained tainted BTC by trading to just give it up to the authorities.

If it were a commodity however, you could theoretically be charged with receiving stolen property, and possibly be compelled to return the coins. The main problem is that people don't know (and can't be expected to know) whether the coins they are getting are tainted before receiving them. Further, since they are often paid for in goods or non-refundable payment methods, they wouldn't want to give them up without some kind of compensation.

[Bro]

what is happening is definite proof that bitcoins are a commodity not a currency.

[kjj]

what is happening is definite proof that bitcoins are a commodity not a currency.

[Citation needed]

[cbeast]

what is happening is definite proof that bitcoins are a commodity not a currency.

[Citation needed]

Calling Bitcoin a commodity and going through the logical hoops is akin accepting to the Celestial Spheres theory of cosmology during the Dark Ages. It's probably the best we're going to get until people stop believing in the "Invisible Hand" and other dogma created by our monetary based society.

[ctoon6]

what is happening is definite proof that bitcoins are a commodity not a currency.

bitcoin is neither currency or a commodity. it is simply a construct created by a system where proof of work is associated with numbers that are assigned to asymmetric keys. It is nothing more than a number assigned to a key that you created, which in turn is nothing more than random "data" given meaning by another system called cryptography. This is different in that given one of the smallest chances possible to be had, you could just steal every coin ever made. Although that is a very very very x10^100^100 small chance(perhaps not that big/small, but you get the idea).

it also does not matter if it is currency or a commodity. it is exchanged or given for other "stuff". a name is only intended to give it legal ground, and for my purposes, i frankly don't give a fuck, and neither should anyone else that lives in the real world, or wants to live in a free and more fair and just world. And in reality, the only reason we have this overly bloated legal system is so that it is impossible to live lawfully and to ensure that already established corporations can continue to exist.

And stolen coins are not "stolen", they were "donated" (sometimes involuntarily). It was always your choice to have them open and accessible to others on the internet. If you did not know that going in, im sorry but you are in idiot. In fact, you should ALWAYS expect to have all your coins taken at almost all times. Just not as much if you keep them offline. if you do not want your coins stolen, don't give them to other people to keep for you(or even to just hold), that's a fools game. What if your precious online wallet service got attacked by an employee and emptied all the online coins and a large chunk of the cold storage?(just for kicks, they destroyed them, because i doubt you could really get away with it, given proper security procedures, and you never know if they even have any)

It has been awhile since i was last active on this forum, and it has just fallen to utter idiocy. People actually support keeping coins in the hands of larger companies, where in fact that is where they are the least secure if you are technically competent to keep several backups on several different offline medias. bitcoin is broken if one day it is impossible to run a node yourself. Because the minute i am forced to keep coins in an online wallet, ill just stop using bitcoin and use cash.

Well that's my rant, take it with a grain of salt.

[amincd]

bitcoin is broken if one day it is impossible to run a node yourself. Because the minute

i am forced to keep coins in an online wallet, ill just stop using bitcoin and use cash.

Not being able to run a node yourself doesn't mean you would need to use an online wallet. There are intermediate solutions that wouldn't require giving a third party control of your bitcoins, ranging from storing only your private keys and relying on a third party for block chain data, to a 'Simplified Payment Verification' node, where you store your private keys, all of the block headers and only the merkle branches containing the hashes of the transactions you need to verify.

Re: The problem of stolen coins

We can't avoid the fact that bitcoins allow a level of traceability that's greater than cash. I like the analogy Gavin Andresen gave:

http://www.americanbanker.com/issues/177_10/bitcoin-digital-currency-bank-risks-1045734-1.html?zkPrintable=1&nopagination=1

"The best way to think about Bitcoin anonymity is to imagine a world where the serial number of every bit of paper currency was tracked," Andreson wrote in an email. "Banks would broadcast to the world, 'Somebody just got five $20 bills, with these serial numbers.' "

This gives those parties that exchange large numbers of bitcoins, like MtGox, the opportunity to help discourage bitcoin thefts and identify their perpetrators. I think it's unlikely that they're going to do nothing given the power they have to not allow their service to be used to sell stolen bitcoins and make bitcoin crime more difficult to profit from.

That being the case, the situation I think most people want to avoid is one where all bitcoin users need to have a registry on hand that lists all the bitcoin transactions that major exchanges consider to be thefts, and only accept bitcoins that don't trace to them.

To avoid such a situation, while still putting up some obstacles for thieves, I think the exchanges should follow a policy like this:

1) Declare that any deposit of bitcoins that trace back to a bitcoin theft (originally stolen bitcoins) will not be accepted, and will be sent back to the sender, up until six months after the theft, and the deposit, along with the IP address and exchange account information of the depositer will be reported to the police in the jurisdiction of the victim.

2) Declare that any deposit of originally stolen bitcoins, by someone using a known public proxy or TOR exit, could be confiscated, and the deposit, along with the IP address and exchange account information of the depositer will be reported to the police in the jurisdiction of the victim.

3) Declare that any deposit of originally stolen bitcoins, more than six months after the theft, will be accepted, but the deposit and the depositer's account information will be reported to the police in the jurisdiction of the victim.

This would result in the following:

People would be discouraged from using proxy IPs and TOR when accessing the exchanges, since doing so could result in bitcoins they're depositing to be confiscated if they trace to a heist.

People would not need to have a registry of 'hot' bitcoin-transactions to cross-reference before accepting bitcoins, since receiving originally stolen bitcoins wouldn't mean they would forever be unable to sell them.

Those who steal bitcoins would have a lot more difficulty laundering for six months after the crime than if the exchanges had no six-month non-acceptance period. This increases the chance that stolen bitcoins are recovered.

[Soros Shorts]

Somehow I think we should stay away from a solution where some central authority has the ability to arbitrarily devalue any individual's collection of coins. Today, it may just be stolen coins that get tainted. Tomorrow, coins could become tainted by activities related to terrorism, child porn, prostiution (which BTW is legal in many jurisdictions)  and who knows what else? Who has the right to declare that a crime has taken place involving a certain set of coins?

I think the effort should be focused on giving people the right tools to keep their coins safe - not on rerieving stolen coins after the fact.