3 Bitcoin Doomsday Scenarios I can't find much discussion on...

[dagelf]

It's not a lottery, you cannot crack my private key. This image will explain it to you...

http://nandbit.com/docs/bitcoin-sun.jpg

This is silly and proves nothing, besides being wrong: it's like saying you can't play chess simply because you can't count to 2^64. Okay, I'll be reasonable: it's like saying that because you can't contain every possible chess game in memory.

Also, you have my lottery comment out of context: If I have your private key, and you change it, then you're safe again. But you changing your private key all the time, obviously maximizes my chances of stealing it... or does it?

Come on! Catch up.

I feel like you have a lot of reading to do. If you would like to learn more about cryptography you could read this book: http://www.amazon.com/Applied-Cryptography-Protocols-Algorithms-Source/dp/8126513683/ref=sr_1_1?s=books&ie=UTF8&qid=1415981394&sr=1-1&keywords=Applied+Cryptography%3A+Protocols%2C+Algorithms%2C+and+Source+Code+in+C

Looks like a cool book.

But again... have you been living under a rock? No encryption needed to get cracked for millions of hosts to get compromised via ssh, which is also secured by various flavours of encryption, including SHA hashes... all it took was a little "bug". How many private keys got changed after that fiasco??! Did you change yours?

You realize that to do a transaction, you need to put your private key into your computer, and if you've put your key into your computer any one of around half a million or more "security researchers", software developers and potential bad guys who have touched the code resident in your computer's memory, have potentially had an opportunity to capture some part of your key in one way or another... anywhere from recording the sound your keyboard makes when you hit each key, up to the hardware or software in your keyboard, browser, OS, or that of the phone your little nephew carried in there a few moments before you did the transaction, you know, the one where he loads new "unlocked" versions of whatever on daily...

I am not poking at the absence of holes in Bitcoin. I'm poking at the holes in the slab of swiss cheese that Bitcoin lives on, and I'm saying that Bitcoin can shield itself against that, even...

Actually, I'm not even poking at it yet... I'm just asking... who has? Where are they? Where are their findings?

No, reading a computer security manual is not the answer, because the vast majority of people using bitcoin will never do that; I'm saying that Bitcoin needs an official security strategy... be it "security through obscurity", or "security through unscrupulous transparency"... whatever it is, it's going to need more of it if it's to weather the coming waves... where is it?

[1715504871]

1715504871

[1715504871]

1715504871

[1715504871]

1715504871

[1715504871]

1715504871

[dagelf]

If you really care about bitcoin security I would like to see you promote cold storage and hardware wallets.

Damn straight. More than that. I want to know what percentage of the bitcoin network is controlled by hot private keys, and what percentage by cold ones. I think it should be part of the protocol, somehow.

So how can this be measured? ...

Instead it looks like you are merely a PoS shill:

Seriously, PoS is where it's at. PoS and utility ie. fast transactions. And fairness or democratisation ie. ASIC Proof.

Oooh... wow! Taking comments, made - in computer-time-relative-terms - centuries ago - out of context, even... In April, global hashrates flipped between PoS coins like fleas on a poor old infested dog...  can't even remember I said that. And I will probably forget that I said this in a few months time, when I'm thinking about something else again...

And my short attention span is a symptom of humanity, hence the need for science, or anything useful in general, to record hard metrics on things, to make them useful, and hence my post.

I hold no allegiances to anything, except the notion that all things are variable... let's refrain from getting personal and try to navigate closer to the topic at hand, shall we?

These targeted attacks from PoS shills will not be forgotten and will come back to haunt your projects. Why don't you try and compete honestly through real development instead of creating shill accounts on bitcointalk?

I only have two accounts here... and I've forgotten the login details or pseudonym of my first.

It's not a targeted attack. Seeing as that my Bitcoins will only be worth something in a few years, and I'm frustrated at that, having more time than money, I'm staring at the cracks and sharing my thoughts. I do appreciate you trying to understand them...

[hack_]

Stealth Code Scenario :- 90% possible

Just gain access to public figures accounts , temporarily detain them and release an emergency update that fixes some flaw.

Here is why it is possible

1) The US has access to 80% of all servers public and private

2) when the need has arisen.....Have they not somehow out of the blue managed to capture anyone they want ? Be it in a day or ten years? This is a government , they make the rules.

3) with over 20 heavily funded and massively staffed security agencies including 3 military and non military ones whose single purpose in life is net dominance, you think compromising the accounts of 8 people or replacing a number of people who go by pseudonyms on the net is a difficult task?

The only reason we have not yet seen any real devastating attacks physical or otherwise is because they thus far are intrigued by the concept and do not perceive any serious threat from it.

While they may not be able to completely demolish the idea and the network, just taking the above measures or simply applying Russia like legislation will result in a collapse of the bitcoin price down to single didgits.

Do not kid yourselves that BTC is out of reach , a lot of nonsense about how it will function against governments has been spouted here by people who are either ignorant or arrogant. The honest truth is that we rely on the good graces of governments that allow us to have such freedoms else this idea would die.

Keeping those facts in mind note that only 1% or less of BTC users actually give a crap about the idea or technology, most just joined when they realised it could be profitable, if and when that ceases to be true,....u know it yourselves what they will do.

I am advocating that moving onwards the community be honest about our position in the world, that is the first step to making the rest of the world join us, otherwise staying in this bubble of over confident arrongance, will lead to sad results.

I am Ukrainian by birth, and I have lived on both sides of the divide ( west vs rest of the world) long enough to know that  even the best ideas , facts and figures fall short when a government decides to use force, let alone an informed well funded and heavily staffed government being egged on by bankers, heavy handed conservatives and Military industries.

[inBitweTrust]

Oooh... wow! Taking comments, made - in computer-time-relative-terms - centuries ago - out of context, even... In April, global hashrates flipped between PoS coins like fleas on a poor old infested dog...  can't even remember I said that. And I will probably forget that I said this in a few months time, when I'm thinking about something else again...

And my short attention span is a symptom of humanity, hence the need for science, or anything useful in general, to record hard metrics on things, to make them useful, and hence my post.

I hold no allegiances to anything, except the notion that all things are variable...

Ok, I will take your word for it that you merely have a short attention span and have genuine intentions.

Stealth Code Scenario :- 90% possible
...
Keeping those facts in mind note that only 1% or less of BTC users actually give a crap about the idea or technology, most just joined when they realised it could be profitable, if and when that ceases to be true,....u know it yourselves what they will do.

You are just pulling numbers out of thin air. I would suggest a majority of Bitcoin users care about the idea and technology from what i have seen.

let's refrain from getting personal and try to navigate closer to the topic at hand, shall we?

Perhaps we take a more constructive approach, instead of asking for statistics for something that is almost impossible to accurately determine, and instead promote better security. This will be positive for everyone.

Contribute here or make your own thread encouraging better security practices:
https://bitcointalk.org/index.php?topic=858604.0

P.s... I created a poll for you so you can gather inaccurate stats that have too small of a sample size and impossible to verify since you seem to be interested.

[Flashman]

You are just pulling numbers out of thin air. I would suggest a majority of Bitcoin users care about the idea and technology from what i have seen.

113.9% of them in fact

[Nagle]

If someone cracked the hash algorithm, or found a cheaper way to compute it, they'd make a lot of money, difficulty would go to the moon, but the rate of Bitcoin creation would not increase. Just like when ASICs came in.

[LeMiner]

I'm going to go ahead and stop replying to a troll, and if it's not a troll simply someone that does not want to learn or understand. Op has a lot of reading to do if he ever wants to even so much as have a grasp of understanding how Bitcoin works. And seeing how he if having problems at understanding even the most basic concepts I'm afraid that might take a few years.

[fenican]

Nice to review doomsday scenarios but the biggest risk, BY FAR, is that Bitcoin will drop in popularity, be forgotten, and approach $0 in value.

The fact that it isn't backed by anything real is a major problem. In the old days, it was backed by general purpose GPU's with quantifiable market value - NASA would, for example, love to have all that horsepower at their disposal. Now it is backed by specific purpose ASICS that are useless for anything other than SHA  hashing.

In a real sense, the Bitcoin network was running on Gold and has now been replaced with Tin.

[hack_]

Nice to review doomsday scenarios but the biggest risk, BY FAR, is that Bitcoin will drop in popularity, be forgotten, and approach $0 in value.

The fact that it isn't backed by anything real is a major problem. In the old days, it was backed by general purpose GPU's with quantifiable market value - NASA would, for example, love to have all that horsepower at their disposal. Now it is backed by specific purpose ASICS that are useless for anything other than SHA  hashing.

In a real sense, the Bitcoin network was running on Gold and has now been replaced with Tin.

Interesting idea, though my opinion on value is that it came initially from people who genuinely believe in the tech and the possibility of it beccoming mainstream and globally acceptable anywhere.

The rest , like me came after we heard it could actually be successful, and others came after they saw the number of zeros increase.

[Bitcoinpro]

[tss]

so to summarize..

i can't show bitcoin is weak but i'm going to ask about it at an attempt to discredit.

if people would stop responding.  this post could finally die.

[dagelf]

Stealth Code Scenario :- 90% possible

Something I want to arm bitcoin against, hence my post!

Keeping those facts in mind note that only 1% or less of BTC users actually give a crap about the idea or technology, most just joined when they realised it could be profitable, if and when that ceases to be true,....u know it yourselves what they will do.

My suspicion too.
Some stats:
5m bitcoin users
300k Bitcointalk users, let's say 2% are active and passionately care: 6k
That's 0.001%

I think humans notoriously over-estimate their position in the world. If you are 1 in a million, you are part of a group of 8 million people, or roughly one person in a city the size of one an average province's major metropoles. Conversely, there are more than a million large cities in the world.

I am advocating that moving onwards the community be honest about our position in the world, that is the first step to making the rest of the world join us, otherwise staying in this bubble of over confident arrongance, will lead to sad results.

Amen!

Now if you had taken the time to do some research or post some relevant metrics that we can gather, this would have possibly been the first of the type of reponses I was looking for... maybe I should update the original post. I guess I'm a forum newbie... but then again, doesn't it say so on the left?!

Anyways.... thanks for futhering the discussion!

[dagelf]

so to summarize..

i can't show bitcoin is weak but i'm going to ask about it at an attempt to discredit.

if people would stop responding.  this post could finally die.

Wow. Maybe I should learn a new language that is not as open to misinterpretation as English!  

My summary:
I own a lot of bitcoin and want to see the value increase. Lets look at the cracks. Hey, there are some cracks nobody seems to be talking about... I wonder why. Let's ask.

PS Bitcoin's market cap speaks for itself, don't you think? I don't think it needs you to defend it.

What it needs is hard numbers and more tech. Or better ideas... but the right, experienced people, running the show. Such as this... would the same evils that have beefed up the worlds' fiat system, work for Bitcoin? I'm sure it would. Is it a good idea?

http://www.insurancejobs.com/images/insurance-sales.jpg

 ... Some more links for the best books on economics you've read, or even better, your take-aways from those books, might be an appropriate response to this post... (besides being off-topic)

[thejaytiesto]

One of my biggest fears is that big whales gather together and decide to heavily crash Bitcoin. They do it in JP Morgan in the "normal market", this isn't any different. All it takes is a group of people with insane resources and good cooperation.

[dagelf]

Nice to review doomsday scenarios but the biggest risk, BY FAR, is that Bitcoin will drop in popularity, be forgotten, and approach $0 in value.

According to a certain theory, if 1 in 20 people know about your product, you're made and it's all downhill from there... (How many of these theories are there - and how does Bitcoin rate in each?)

We'll soon be 8bn people. (http://en.wikipedia.org/wiki/World_population) According to the World Bank, people directly involved in the formal sector is around 2bn (http://data.worldbank.org/indicator/SL.TLF.TOTL.IN). So let's say that's the "target market" - plus some. So 3bn.

Bitcoin has an estimated userbase of around 3m. That's 1:1000 total formal-sector people... not bad... and it has taken 5 years. Going on a network/exponential growth rate, it'll be at 1:20 in less than another 5... depending on how much of the news it can capture. Bigger news items = faster propagation. I don't think positive or negative matters...

So... dropping in popularity or being forgotten... seems very unlikely at the current trajectory. In fact, it looks like it will be another year or two before it *really* takes off.

The fact that it isn't backed by anything real is a major problem. In the old days, it was backed by general purpose GPU's with quantifiable market value - NASA would, for example, love to have all that horsepower at their disposal. Now it is backed by specific purpose ASICS that are useless for anything other than SHA  hashing.

In a real sense, the Bitcoin network was running on Gold and has now been replaced with Tin.

It was never backed by that, in my opinion. Rather, it was backed by the need for cash transactions over the internet. It is backed by the need for less regulation and friction in moving value around. It is backed by the need for a global, irreversable, decentralized transaction mechanism, and the medium only instilled some bias toward decentralization.

It's also backed, in part, by the promise that it will keep functioning, almost unaffected, in a global war scenario.

But because we want it to be used as a de-facto store of value, we're back at your initial point: It's backed for the most part by people's perceptions. And people don't have very good perceptions of value or currency: they think value is measured in dollars, and more is better.

So it will be very hard for the average person to grasp the concept that even though the dollar value of bitcoin might decline, at some point its purchasing power will overtake that of the dollar. So perhaps what the Bitcoin community needs the most, is a concerted and focused effort to change the trend and rather measure the dollar in bitcoins as the standard.

What it needs, is to lobby hollywood and futuristic movies, to ensure that the currency in use, in those movies, is called "Bitcoin".

But both these are somewhat off-topic. I'm interested in finding someone who has compiled many more meaninful numbers than the current most-useful bitcoin site: https://blockchain.info/charts

[dagelf]

One of my biggest fears is that big whales gather together and decide to heavily crash Bitcoin. They do it in JP Morgan in the "normal market", this isn't any different. All it takes is a group of people with insane resources and good cooperation.

Has anyone measured the possibility of this happening? How many people are involved, and how "financially secure" are they? How much money would such an effort take? What's the worst-case scenario and what can we do today to render such an attempt harmless...?

[dagelf]

Contribute here or make your own thread encouraging better security practices:
https://bitcointalk.org/index.php?topic=858604.0

P.s... I created a poll for you so you can gather inaccurate stats that have too small of a sample size and impossible to verify since you seem to be interested.

Nice! That's more what I'm talking about.

So how big is your sample size?
8bn people
3bn "economically active" (that's around 1:3)
(technically, everyone is econmically active, because they have to eat and <1bn grows their own food... probably meaning that, on average, every working person looks after 2 non-working people...)
3m bitcoin users (that's 1:1000 of the "economically active", or 1:3000)
300k bitcointalk users (1:10 of bitcoin users, 1:10000 of the economically active, or every bitcointalk user represents a small town of 30000 people, when viewed globally...)
300 replies to your poll (lets hypothesize... so thats 1:1000 of Bitcointalk users)

But... I think it's fair to say that only concerned citizens/security conscious/technically minded/seriously interested people are active here, and they are not representative of the average user....

(So how do we correct for that.... how many of an industry, are it's early adopters and/or luminaries? 1%? 10%? 20%?)

Still, if they're not representative of the average user, that would be nice, because that would mean that this *is* the place to discuss security best practice, and to discuss what metrics are vital statistics, and how to gather them...

...But then again, the world reknowned experts are all employed and well paid, in the formal sector, and will hardly take the time to hang out here and wage small-talk with some internet forumites... instead, they are probably studying the myriad of tactics that the publishing of the Bitcoin source code has crowd-sourced... drawn into the public eye. ...And keeping their notes to themselves, because why would they share their accumulated secrets and metrics on how to get rich, with the world?

There's also the little matter of theory vs practice. Everyone knows what the right thing is to do... but if it's too much hassle, they won't do it. So I might vote on the poll "Of course I'm using a cold wallet"... meanwhile back at the ranch, a huge chunk of my money is in an exchange...

What percentage of Bitcoin's value is held in exchanges, at any one time?

Perhaps, what I propose is exploring the potential metrics that could pave the way to an API that allows exchanges and Bitcoin players to share back information... and some sort of service that will share anonymized aggregated data, without sharing anything that could negatively impact the value of those players... eg. number of transactions/day, number of user accounts, number of unique users/day, total bitcoin transaction volume per day, total bitcoin transaction volume in hot wallets, in cold wallets, threshold- and delay, in seconds, for transacting with cold wallets, number of people responsible, number of standard security protocol layers, number of obscure security layers, time to implement worst case recovery plan, number of geographically separate locations critical data is stored, do each location employ unique, isolated security from the others? etc.

Has the Bitcoin foundation considered/planned for something of the sort? Is there something like this? Is there some sort of official Bitcoin certification programme?

Obviously what would make the most sense is having this all part of the blockchain, or only putting the minimum required, if any, in there, and inferring the rest... but before that is done, it needs to make sense, and offer real value in return...

[dagelf]

If someone cracked the hash algorithm, or found a cheaper way to compute it, they'd make a lot of money, difficulty would go to the moon, but the rate of Bitcoin creation would not increase. Just like when ASICs came in.

Think way beyond that... if you can.

For lack of a better example: my gripe is that this is a bit like Windows 98 security: You can set a login password and it gets encrypted satisfactorily... but to bypass the login password, you simply needed to press ESC at the right time.

Instead it looks like you are merely a PoS shill:

I had to look up the meaning of "shill", you may find it hard to believe but there are people who have never come across that word before. I've been sending emails since 1993, and I wrote computer code before I could read or write my native language.

I'm going to go ahead and stop replying to a troll, and if it's not a troll simply someone that does not want to learn or understand. 

I'm not the troll... I'm the messenger, here to tell you about the troll under the bridge you're trying to cross... and I'm trying to gather some momentum to dry up the river so there's no need for a bridge... but I'm not getting much help, yet...

http://en.wikipedia.org/wiki/Bias_blind_spot
It's almost like: http://www.quora.com/What-are-some-stupid-things-that-smart-people-do

So everyone is *still* staring themselves blind and patting themselves on the back about the encryption. Great. My point is that it is still stored on your computer, and your computer is insecure, no matter how you cut it. There is no widespread, cleanly audited, secure bootloader in use. The moment you generate a key, you run a risk of giving it away.

Here's the news: you need more than a secure algorithm for security. Security is only as good as the weakest link in the chain.

You may say it's not a Bitcoin-problem... but if it affects Bitcoin, and the Bitcoin ecosystem can be reinforced against it, I think it should be.

[turvarya]

If someone cracked the hash algorithm, or found a cheaper way to compute it, they'd make a lot of money, difficulty would go to the moon, but the rate of Bitcoin creation would not increase. Just like when ASICs came in.

Think way beyond that... if you can.

For lack of a better example: my gripe is that this is a bit like Windows 98 security: You can set a login password and it gets encrypted satisfactorily... but to bypass the login password, you simply needed to press ESC at the right time.

So, you think, if you press the right buttons, you don't need to sign a transaction with your private key?
That exactly shows, that you have no idea what you are talking about.

[dagelf]

If someone cracked the hash algorithm, or found a cheaper way to compute it, they'd make a lot of money, difficulty would go to the moon, but the rate of Bitcoin creation would not increase. Just like when ASICs came in.

Think way beyond that... if you can.

For lack of a better example: my gripe is that this is a bit like Windows 98 security: You can set a login password and it gets encrypted satisfactorily... but to bypass the login password, you simply needed to press ESC at the right time.

So, you think, if you press the right buttons, you don't need to sign a transaction with your private key?
That exactly shows, that you have no idea what you are talking about.

Not at all. "For lack of a better example" <- Did you see that, what did you think it means?

Almost like "pressing the right buttons" - I can transact using your wallet because I stole your private key the moment you generated it, so I can sign any transaction with your key. (Let's say I'm the NSA, or perhaps even someone more "sinister"...)... I'm still accumulating keys. (And metadata on others, which is almost as good as the real thing, considering the amount of computing power I commad...) How many keys do you think I have, by now?

See... you have no clue. You're still arguing that I dont understand how good SHA-256 is. (It's irrelevant, here!)

I also have backdoors installed at all the major exchanges and wallet services and I'm best friends with their cold wallet keyholders and know all about their routine, protocols and families... Oh, I almost forgot, I also have a backdoor in everyone running a client or server compiled from the github code, ready to fire it up when they send their next packet to another node... (LOL that code has been in there since v4, and nobody has spotted it yet) Also, I have a virtually unlimited budget, and have just been doing this "for fun"... you know, just in case you tried something funny, just because "Uncle Bob" told me to keep an eye on you.

So I'm keeping my finger on the trigger. If I press ENTER, everyone who co-operated with me gets filthy rich... and Bitcoin dies. (But if I do it now, something else will just take its place... just...have...to...wait..a...little...longer.... then nobody will trust crypto ever again. Yes! Like communism.)

You still have a chance to stop me...

You have nothing, no numbers, nothing, except a poor excuse: "Hey man, SHA256 is really good. Look it up. We're safe." ...Do you know how many people I talked to? Do you know how many keys I have? Do you know how much of the network I control? Do you know my endgame?

What I am saying is that these are metrics that we could have meaningful lower and upper bounds of... and that we can put them to work for us, beefing up protection against this very scenario.

Do you want to see what a hostile takeover of the world's biggest crypto currency looks like, before you believe that it's possible?

Would it be cheaper to just buy everyone's Bitcoins in some other currency? Doubtful... but why guess if we can try to measure. We want the best, most resilient currency, end of story, period. Right?