Bitcoin Forum
September 20, 2017, 10:10:46 PM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Poll
Question: Will you support Gavin's new block size limit hard fork of 8MB by January 1, 2016 then doubling every 2 years?
1.  yes
2.  no

Pages: « 1 ... 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 [1002] 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 ... 1558 »
  Print  
Author Topic: Gold collapsing. Bitcoin UP.  (Read 1977525 times)
tvbcof
Legendary
*
Offline Offline

Activity: 2268


View Profile
January 12, 2015, 10:08:22 PM
 #20021

...
(also, wtf is with this thread? it seems like five threads merged together. It's impossible to read; I never would have found this post except by pure chance.)

The thread was created for trolling (notice the title and location) and that's often what happens, but it can be hard not to slip up sometimes.


1505945446
Hero Member
*
Offline Offline

Posts: 1505945446

View Profile Personal Message (Offline)

Ignore
1505945446
Reply with quote  #2

1505945446
Report to moderator
1505945446
Hero Member
*
Offline Offline

Posts: 1505945446

View Profile Personal Message (Offline)

Ignore
1505945446
Reply with quote  #2

1505945446
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1505945446
Hero Member
*
Offline Offline

Posts: 1505945446

View Profile Personal Message (Offline)

Ignore
1505945446
Reply with quote  #2

1505945446
Report to moderator
1505945446
Hero Member
*
Offline Offline

Posts: 1505945446

View Profile Personal Message (Offline)

Ignore
1505945446
Reply with quote  #2

1505945446
Report to moderator
1505945446
Hero Member
*
Offline Offline

Posts: 1505945446

View Profile Personal Message (Offline)

Ignore
1505945446
Reply with quote  #2

1505945446
Report to moderator
Odalv
Legendary
*
Offline Offline

Activity: 1204



View Profile
January 12, 2015, 10:32:45 PM
 #20022

I think deterministic signatures are much more important than constant-time signatures (there's been a non-trivial amount of funds lost due to the repeat k-value problem but I doubt a single satoshi has ever been lost due to a genuine side-channel attack).  Someone like gmaxwell could comment better on the practical risks here…
There never has been a single 1e-8 btc lost due to reused/bad K ... in a competent implementation. The places we've seen lossage have been implementations which were horrific in other ways as well (like only having 32..48 bits of randomness total)... ultimately, if you can't generate strong random numbers you're going to be utterly screwed in any case, because your private keys themselves will be predictable. It's more important for embedded/hardware implementations which are more likely to suffer from randomness problems and are easier targets for attack. (e.g. tampering with the supply chain for all server hardware in order to backdoor Bitcoin Core is probably much less attractive than going after the supply chain for a hardware wallet). So while derandomized signing is a good practise because it aids auditability and _maybe_ reduces the space for incompetent implementations to screw up a bit, in someplace like Bitcoin Core I don't generally consider it very important (though, we did it in any case; in part to set a good example).  I had proposed the ecosystem switch to it, back around when BIP 32 was announced, but we hadn't switched to it in Bitcoin Core yet because derandomized signing basically requires replacing what OpenSSL does. (OpenSSL does have a non-standard quasi 6979 implementation in its source repository-- for a long time I'd hoped to pick that up-- but its never made it into production for some reason.)

With respect to the side-channel attacks. It seems to be impossible to convince people of the non-wisdom of running critical cryptographic software on commodity shared-hardware virtual machines; just like it's hard to convince them to stop reusing addresses.
 Especially when coupled with the fact that the parties doing this are usually handling third party funds, it seems like disaster waiting to happen in a number of respects. With flush+reload boosted side-channel attacks being successfully performed against OpenSSL for our curve with a surprisingly small number of queries, I did consider that fairly concerning.

The distinction is that getting the signing nonces right is a process that can be secured one time for all users by auditing the software; but making sure users don't deploy in a side-channel vulnerable way is something that must be done for each and every user and doesn't really scale. The possitiblity of side-channel attacks is very surprising to people so they don't tend to do much to secure against them. Better to just close the sidechannel.

(also, wtf is with this thread? it seems like five threads merged together. It's impossible to read; I never would have found this post except by pure chance.)

Bitstamp COLD wallet !!!
https://blockchain.info/address/1JoktQJhCzuCQkt3GnQ8Xddcq4mUgNyXEa

address reused endless 5 times ... and this address holds "Final Balance 125,056.91900661" BTC !!!
rocks
Legendary
*
Offline Offline

Activity: 1153


View Profile
January 12, 2015, 10:33:12 PM
 #20023

I think deterministic signatures are much more important than constant-time signatures (there's been a non-trivial amount of funds lost due to the repeat k-value problem but I doubt a single satoshi has ever been lost due to a genuine side-channel attack).  Someone like gmaxwell could comment better on the practical risks here…
There never has been a single 1e-8 btc lost due to reused/bad K ... in a competent implementation.

I am completely shocked that you of all people are making this claim gmaxwell. Reusing a K value is against the DSA signing algorithm's specifications. Reusing a K value is an incompetent implementation by definition. There have been multiple instances where BTC were lost because bitcoin client software reused the same K value for different signatures on the same address. If you do so you're guaranteed to find that address emptied fairly quickly, based on past instances it seems there there network monitors actively watching for this exact situation.
tvbcof
Legendary
*
Offline Offline

Activity: 2268


View Profile
January 12, 2015, 10:41:11 PM
 #20024

...
address reused endless 5 times ... and this address holds "Final Balance 125,056.91900661" BTC !!!

Mother of God!  Any address controlling more than 100 BTC keeps me up at night.  And I only got lazy and bumped things up to that value because BTC got into the single digit $/BTC.  It's not the crypto that bothers me as much as other more course failure modes and the desirability of distribution.

 edits - slight adjustments.

JorgeStolfi
Hero Member
*****
Offline Offline

Activity: 896



View Profile
January 12, 2015, 11:11:09 PM
 #20025

I am completely shocked that you of all people are making this claim gmaxwell.

I understood "there has never been [a loss due to reused K value] in a proper implementation".

Academic interest in bitcoin only. Not owner, not trader, very skeptical of its longterm success.
epilido
Jr. Member
*
Offline Offline

Activity: 30


View Profile
January 12, 2015, 11:13:17 PM
 #20026

...
address reused endless 5 times ... and this address holds "Final Balance 125,056.91900661" BTC !!!

Mother of God!  Any address controlling more than 100 BTC keeps me up at night.  And I only got lazy and bumped things up to that value because BTC got into the single digit $/BTC.  It's not the crypto that bothers me as much as other more course failure modes and the desirability of distribution.

 edits - slight adjustments.

[/quote

So I guess my android tablet running http://wallet.schildbach.de  with around 50 btc would give you palpitations and drive you to drink?
tvbcof
Legendary
*
Offline Offline

Activity: 2268


View Profile
January 12, 2015, 11:14:31 PM
 #20027


Bitcoin has clearly failed in an 'exchange' role as evidenced by still not needing to fiddle with the 7 tps transaction rate (1MB block size) and not being on a trajectory to need to do so any time soon.  The reason for this is abundantly clear and I've been saying so for years:  Bitcoin is simply not competitive in this role.
...
The pipe-dream of using Bitcoin as an exchange currency has unsurprisingly sucked in a school of intellectual herring, but more surprisingly also a bunch of VC predator food-chain class who I would have not expected to be such dullards. ...

Lemme just follow up on that briefly for the benefit of those here who are not so mentally adroit (e.g., cypherdoc, justusranvier, etc.)

I wrote that after reading about the BitPay layoffs.  This is an indicator that it's starting to dawn on the VC types that they've been shucked by us geeks (and the last half year of charts indicates something similar.)  It's probably not monetary loss which stings as much as being ridiculed by their peers.

Anyway, I read this as a strong alignment of the tea leaves showing that we may be in for more hard times for a while.  The low hanging fruit has been plucked.  It was fun, but now it's time to knuckle down and let Bitcoin build on it's true strength as a solid reserve currency.  I just hope it's still possible.  If it is it will be a monster pay-day for us hodlers.  If it's not, oh well...it was a fun ride.


tvbcof
Legendary
*
Offline Offline

Activity: 2268


View Profile
January 12, 2015, 11:17:28 PM
 #20028

...
address reused endless 5 times ... and this address holds "Final Balance 125,056.91900661" BTC !!!

Mother of God!  Any address controlling more than 100 BTC keeps me up at night.  And I only got lazy and bumped things up to that value because BTC got into the single digit $/BTC.  It's not the crypto that bothers me as much as other more course failure modes and the desirability of distribution.

 edits - slight adjustments.


So I guess my android tablet running http://wallet.schildbach.de  with around 50 btc would give you palpitations and drive you to drink?

ofuckyeah!  My mail on an android tablet does this (which is why I don't even do real mail on Android or Windows.)


epilido
Jr. Member
*
Offline Offline

Activity: 30


View Profile
January 12, 2015, 11:33:43 PM
 #20029

...
address reused endless 5 times ... and this address holds "Final Balance 125,056.91900661" BTC !!!

Mother of God!  Any address controlling more than 100 BTC keeps me up at night.  And I only got lazy and bumped things up to that value because BTC got into the single digit $/BTC.  It's not the crypto that bothers me as much as other more course failure modes and the desirability of distribution.

 edits - slight adjustments.


So I guess my android tablet running http://wallet.schildbach.de  with around 50 btc would give you palpitations and drive you to drink?

ofuckyeah!  My mail on an android tablet does this (which is why I don't even do real mail on Android or Windows.)



So it's confirmed,  your just crazy (or I am).  I have only ever lost coins when I was playing around with multiple wallets and trying to learn a little bash scripting when I should have been using the testnet. It's crazy to think about testing with a wallet with a few coins in it a few years ago when it was only 10 USD  total.  When I realized I had copied over the wallet file and had no backup I thought well that was a good lesson glad I didn't have more coins in that wallet.
tvbcof
Legendary
*
Offline Offline

Activity: 2268


View Profile
January 12, 2015, 11:42:03 PM
 #20030

...
the problem here is that when the price doesn't conform to ppl's expectations, low level thinkers like tvbcof & even high level thinkers like Adam ...

Say, I was just thinking, wasn't it about a year ago I was moving some of my position out of Bitcoin and into USD and gold if I could figure out an expedient and cheap way to do it and telling everyone about my plans?

Why don't you be a sport, cyph, and tell everyone here how my ass tastes?


gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 2296



View Profile
January 13, 2015, 12:10:56 AM
 #20031

I am completely shocked that you of all people are making this claim gmaxwell. Reusing a K value is against the DSA signing algorithm's specifications. Reusing a K value is an incompetent implementation by definition. There have been multiple instances where BTC were lost because bitcoin client software reused the same K value for different signatures on the same address. If you do so you're guaranteed to find that address emptied fairly quickly, based on past instances it seems there there network monitors actively watching for this exact situation.
Maybe when you find yourself shocked you should take that as a signal that perhaps you misunderstood and should read again.

"is an incompetent implementation by definition" Exactly. And if you are using an incompetent implementation you are in extreme peril no matter how many layers of cargo-cult buzzword security theatre it's author has dressed it up in.

Insecure nonce generation isn't something that happens by chance-- not for the size of the numbers involved here, it is not some random fault, not some cosmic ray event. (Okay, sure, anything can happen, but that isn't whats has actually happened).  The faults you're talking about are real but they are exclusively the result of dangerously incompetent software which would not (and in some cases did not) pass even the most straight forward review, if it were ever reviewed at all.  In most (though not quite all) cases _same_ software would still be insecure, even using derandomized DSA, because it also use the same faulty procedures to generate the private keys; which have just as strong of a requirement for randomness but have no way around it.

AFAIK, I was the first or at least one of the first persons to suggest that implementations in this space probably ought to be using derandomization, e.g. http://sourceforge.net/p/bitcoin/mailman/message/31306213/ (and many times previously on IRC and directly to implementers). I went and nagged several of the early hardware wallet vendors to go change their approach, etc.

Quote
because bitcoin client software
What you should say is dangerous, incompetent software, which likely would have (or actually did) lost the users funds in several different other ways as well.

The question I was responding to, if you can find the context in this huge thread, was on the relative priority of sidechannel resistance and derandomization in Bitcoin Core. The person I was responding to thought sidechannel attack resistance was unimportant and that randomization was important (or at least more important). I responded that relatively speaking I consider sidechannel resistance more important there: the signature randomness story isn't not a disaster in Bitcoin core, and if it were the private key generation would be just as broken or worse. This isn't the same for all applications, in some applications it matters more than others. And derandomization is prudent just out of principle, so we use it for Bitcoin Core... but comparatively speaking, given the above considerations of the two I don't consider it the more important one.

Bitcoin will not be compromised
Adrian-x
Legendary
*
Offline Offline

Activity: 1372



View Profile
January 13, 2015, 12:28:29 AM
 #20032

http://www.druva.com/blog/next-decade-storage/

Looks like storage isn't likely the biggest problem to overcome, seems there is room for innovation.

Quote from:  from the link above
Robin Harris, a.k.a. StorageMojo, peers into his crystal ball to predict what storage will be like in 2025. And, he says, the next 10 years will be the most exciting and explosive in the history of data storage.

Thank me in Bits 12MwnzxtprG2mHm3rKdgi7NmJKCypsMMQw
tvbcof
Legendary
*
Offline Offline

Activity: 2268


View Profile
January 13, 2015, 12:36:01 AM
 #20033


So it's confirmed,  your just crazy (or I am).  I have only ever lost coins when I was playing around with multiple wallets and trying to learn a little bash scripting when I should have been using the testnet. It's crazy to think about testing with a wallet with a few coins in it a few years ago when it was only 10 USD  total.  When I realized I had copied over the wallet file and had no backup I thought well that was a good lesson glad I didn't have more coins in that wallet.


Way to insecure for us purists.

  I know not what path others may choose, but for me, give me bourne shell or give me death.*

(*) ok, ok.  Almquist shell.


tabnloz
Legendary
*
Offline Offline

Activity: 962


View Profile
January 13, 2015, 02:03:10 AM
 #20034

Just saw this RT'd on Twitter.

Bryce Weiner ‏@BryceWeiner  Jan 11
It hasn't been announced yet, but it's pretty clear that @Blockstream is going to take over core development from the @BTCFoundation

cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
January 13, 2015, 02:07:58 AM
 #20035

Just saw this RT'd on Twitter.

Bryce Weiner ‏@BryceWeiner  Jan 11
It hasn't been announced yet, but it's pretty clear that @Blockstream is going to take over core development from the @BTCFoundation



Yeah, i saw that bullshit earlier. 
CCInvestor
Jr. Member
*
Offline Offline

Activity: 37


View Profile
January 13, 2015, 02:19:44 AM
 #20036

Bitcoin $250.

Over 1 year bear market.

I did not expect this but I did expect a strong correction.

Permabulls like cypherdoc and Justus Ranvier, you suck.
BlindMayorBitcorn
Legendary
*
Offline Offline

Activity: 994


View Profile
January 13, 2015, 02:21:17 AM
 #20037

Bitcoin $250.

Over 1 year bear market.

I did not expect this but I did expect a strong correction.

Permabulls like cypherdoc and Justus Ranvier, you suck.

 Sad

Forgive my petulance and oft-times, I fear, ill-founded criticisms, and forgive me that I have, by this time, made your eyes and head ache with my long letter. But I cannot forgo hastily the pleasure and pride of thus conversing with you.
tvbcof
Legendary
*
Offline Offline

Activity: 2268


View Profile
January 13, 2015, 02:22:33 AM
 #20038

Just saw this RT'd on Twitter.

Bryce Weiner ‏@BryceWeiner  Jan 11
It hasn't been announced yet, but it's pretty clear that @Blockstream is going to take over core development from the @BTCFoundation


Considering Blockstream consist of the most trusted and skilled of the core developers I already considered that to be basically the case, and would even if the Bitcoin Foundation were not a septic pit.  Not sure that I would consider any particular organization to be 'over' core development per se, but the since the core developers agragate there, if they want to carve out some space on the domain it would be my go to place for information.  Until and unless they failed and lost my trust at least.


smoothie
Legendary
*
Offline Offline

Activity: 2044


LEALANA Monero Physical Silver Coins


View Profile
January 13, 2015, 02:23:17 AM
 #20039

...
the problem here is that when the price doesn't conform to ppl's expectations, low level thinkers like tvbcof & even high level thinkers like Adam ...

Say, I was just thinking, wasn't it about a year ago I was moving some of my position out of Bitcoin and into USD and gold if I could figure out an expedient and cheap way to do it and telling everyone about my plans?

Why don't you be a sport, cyph, and tell everyone here how my ass tastes?



Link please.

███████████████████████████████████████

            ,╓p@@███████@╗╖,           
        ,p████████████████████N,       
      d█████████████████████████b     
    d██████████████████████████████æ   
  ,████²█████████████████████████████, 
 ,█████  ╙████████████████████╨  █████y
 ██████    `████████████████`    ██████
║██████       Ñ███████████`      ███████
███████         ╩██████Ñ         ███████
███████    ▐▄     ²██╩     a▌    ███████
╢██████    ▐▓█▄          ▄█▓▌    ███████
 ██████    ▐▓▓▓▓▌,     ▄█▓▓▓▌    ██████─
           ▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌          
           ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌          
    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─  
     ²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩    
        ▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀       
           ²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀`          
                   ²²²                 
███████████████████████████████████████

. ★☆ WWW.LEALANA.COM        My PGP fingerprint is A764D833.        SMOOTHIE'S HEALTH AND FITNESS JOURNAL          History of Monero development Visualization ★☆ .
LEALANA  PHYSICAL MONERO COINS 999 FINE SILVER.
 
Melbustus
Legendary
*
Offline Offline

Activity: 1624



View Profile
January 13, 2015, 02:39:28 AM
 #20040


Bitcoin has clearly failed in an 'exchange' role as evidenced by still not needing to fiddle with the 7 tps transaction rate (1MB block size) and not being on a trajectory to need to do so any time soon.  The reason for this is abundantly clear and I've been saying so for years:  Bitcoin is simply not competitive in this role.
...


I don't fully get where you're coming from on this one. Does it all boil down to your assertion that blocksize increase would have to outrun Nielsen's law in order to sustain significant transaction throughput?



Lemme just follow up on that briefly for the benefit of those here who are not so mentally adroit (e.g., cypherdoc, justusranvier, etc.)

I wrote that after reading about the BitPay layoffs.  This is an indicator that it's starting to dawn on the VC types that they've been shucked by us geeks (and the last half year of charts indicates something similar.)  It's probably not monetary loss which stings as much as being ridiculed by their peers.

Anyway, I read this as a strong alignment of the tea leaves showing that we may be in for more hard times for a while. 


It's really not uncommon for startups for lay people off. Up to half of staff is well within normalcy....not that it's good, of course, but I wouldn't read too much into letting 9 ppl out of 60 go (aside from maybe they need to hire slower/smarter).

That said, I do think a shakeout in the VC-funded side of the ecosystem is inevitable. Something like 500+ companies were founded, most probably seed/angel stage, and most are not going to get an A round. While it's going to be annoying from a headlines perspective, it's a fairly natural stage in the evolution of a hot industry, and in this case, is most certainly necessary to rebalance expectations, especially in terms of the timeframe across which mass adoption can happen.

At least Marc A. is on-point with the latter; specifically his quote that things like ApplePay will make the most fin-tech impact over the next 2-3 years, but Bitcoin will make the most impact over the next 20 years.



The low hanging fruit has been plucked. It was fun, but now it's time to knuckle down and let Bitcoin build on it's true strength as a solid reserve currency.  I just hope it's still possible.  If it is it will be a monster pay-day for us hodlers.  If it's not, oh well...it was a fun ride.



Whether reserve currency only forever or reserve with the subsequent addition of exchange, it's necessary to re-focus on the investment side for a while. Investors and speculators need to drive market-cap and hodling so that entrepreneurs have something to work with. The folks thinking that this was going to be like Facebook; ie, pegged exponential for 5 or 6 years until >1B users were doomed to be disappointed. It takes a lot more depth to reform humanity's ideas of finance and money than it does to build a gossip-sharing platform with a high virality coefficient.


Bitcoin is the first monetary system to credibly offer perfect information to all economic participants.
Pages: « 1 ... 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 [1002] 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 ... 1558 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!