nikileshsa (OP)
Newbie
Offline
Activity: 7
Merit: 0
|
|
May 18, 2011, 06:23:10 AM Last edit: May 18, 2011, 09:30:00 PM by nikileshsa |
|
Well. Here is an interesting article I just saw in one of the tweets..... http://www.pds.ewi.tudelft.nl/~victor/bitcoin.htmlI would be happy if this article is discussed in detail before anyone tries to take Bitcoin seriously. The authors profile is interesting.....
|
|
|
|
unk
Member
Offline
Activity: 84
Merit: 10
|
|
May 18, 2011, 06:40:40 AM |
|
yes, this is a good, balanced analysis. he outlines several denial-of-service attacks that sensitive bitcoin developers have been aware of for some time. for example, it is easy to tie up a node with incorrectly signed transactions, and it takes about ten lines of code to mount that 'attack'.
he is also right about the asymmetry of various attack vectors (though the reward for mining attempts to counteract this, albeit in a somewhat self-fulfilling way that may not be self-sustaining). and he's correct about the opportunity to aid a dos attack by forcing block-chain reorganizations strategically rather than just in the 'dumb' way to which many people casually assume an attacker will be limited.
his social point is murkier, and many here will disagree with it, but i tend to be sympathetic to it. another way to say it is that for people who don't already ideologically oppose governments (and seriously, how many people has anyone in this forum ever persuaded with his or her rhetoric?), bitcoin has to compete on fees and features. it can compete on features, but i am not sure in the end that it can compete on fees without substantial modification.
|
|
|
|
nikileshsa (OP)
Newbie
Offline
Activity: 7
Merit: 0
|
|
May 18, 2011, 06:52:51 AM Last edit: May 18, 2011, 09:31:01 PM by nikileshsa |
|
I second unk. This article is a balanced analysis and it highlights the need for a really secure virtual currency system and I am convinced that the current system is far from being secure enough to make real transactions and there is a lot of scope for improvement.
I would encourage similar balanced technical analysis to happen by experts in Systems Security research.
|
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5376
Merit: 13407
|
|
May 18, 2011, 06:54:41 AM |
|
Bitcoin is peer-to-peer in the same way as Usenet or the Internet itself. Anyone can be a peer -- most people just aren't. Anonymity can be perfect if you take the necessary precautions. It's just difficult right now. That algorithm also opens a venue for transaction chain forking attacks. Potentially, a CPU-rich well-connected peer may delay his newly created block till a competing block is received. Then, the delayed block may be concurrently released, thus creating a tie. A sufficiently CPU-rich attacker may perpetuate this tie indefinitely, potentially making the network to flip-flop between two branches of transaction history, with somewhat unclear consequences. It isn't possible to do this indefinitely unless you have more than 50% of the network's CPU power. If you've got that much CPU power, there are more damaging things you can do.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
benjamindees
Legendary
Offline
Activity: 1330
Merit: 1000
|
|
May 18, 2011, 06:55:16 AM |
|
As I see it, his claims are basically true, except for his assumptions that Bitcoin is somehow inefficient. He claims that current systems are without fees, and provide high levels of "security", "privacy" and "liquidity". And from a typical consumerist perspective, this may seem to be the case. Really the fees are just hidden. I think that if he looked into it further he would find huge costs, quite a bit of insecurity, forced-liquidity, and very little actual privacy. Let's put it this way: I might concede that Bitcoin is an inefficient way of solving the technical problem of facilitating trade; but it is an extremely efficient way of solving the political problems of facilitating trade.
|
Civil Liberty Through Complex Mathematics
|
|
|
unk
Member
Offline
Activity: 84
Merit: 10
|
|
May 18, 2011, 07:00:39 AM |
|
nikileshsa, i wouldn't go quite that far. the system is likely secure enough make payments and similar transactions. it is severely questionable as a way to make investments or savings, at present. i've linked to it before, but the analysis on fatwallet got this right: http://www.fatwallet.com/forums/finance/1090435/?start=192i strongly agree with you, however, that bitcoin needs more of a systems-security analysis. it is still a very young project and ought to be conceived as less ossified than many people in the forum currently conceive it. the software is very definitely still 'beta'. developers, users, and speculators would do well to remember that. i honestly say that only for their own sake. it's not like i'm betting against bitcoins in the main block chain. indeed, i own quite a few through mining. i am concerned, however, when i see people speak of waking up as millionaires or planning for their retirement based on similar positions. moreover, that runaway enthusiasm can very possibly end poorly for bitcoin as a technology, and the technology deserves a better chance.
|
|
|
|
kiba
Legendary
Offline
Activity: 980
Merit: 1020
|
|
May 18, 2011, 07:07:48 AM |
|
i honestly say that only for their own sake. it's not like i'm betting against bitcoins in the main block chain. indeed, i own quite a few through mining. i am concerned, however, when i see people speak of waking up as millionaires or planning for their retirement based on similar positions. moreover, that runaway enthusiasm can very possibly end poorly for bitcoin as a technology, and the technology deserves a better chance.
The way you make millions is to literally build a business in the bitcoin economy and finding niches that are profitable. That's the probably the best way to give bitcoin a fighting chance.
|
|
|
|
MoonShadow
Legendary
Offline
Activity: 1708
Merit: 1010
|
|
May 18, 2011, 07:10:21 AM |
|
bitcoin has to compete on fees and features. it can compete on features, but i am not sure in the end that it can compete on fees without substantial modification.
Really? What other method of online exchange system are you are off that can transfer an arbitrary amount of value for seven cents?
|
"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."
- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
|
|
|
MoonShadow
Legendary
Offline
Activity: 1708
Merit: 1010
|
|
May 18, 2011, 07:17:28 AM |
|
I read the article. I can't say I was impressed by his grasp of the concepts.
|
"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."
- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
|
|
|
unk
Member
Offline
Activity: 84
Merit: 10
|
|
May 18, 2011, 07:24:09 AM |
|
@creighto, that's not how people will look at it unless bitcoin becomes their operational currency, and that's a pipe dream at present. even the wildest bitcoin optimist doesn't think it will happen soon, if ever.
in the meantime, people get paid in dollars, euros, pounds, and similar currencies, and they want to buy stuff in those currencies. for them, bitcoin is a very expensive and unreliable way to do that. they face large exchange fees, unregulated and probably illegal currency exchanges like mt gox, and value that fluctuates as the result of speculation.
moreover, much analysis in the forum suffers from a us-centric view. american banks are particularly inefficient, corrupt, and old-fashioned. americans come to europe and offer magnetic-stripe cards for payments, and grocery clerks laugh at them because it reminds them of the 90s. if you're not familiar with european banking, as this dutch author is describing it, imagine that you had free american-style 'ach' push and pull payments available to you from all of your bank accounts. the average european can presently make payments online for free, in a trusted environment backed by law, to anyone, for any reasonable amount of money, very easily. (very large amounts are typically paid through swift rather than such ach-style payments, at a slightly greater, but still relatively small, cost to the consumer.) that's what most of them want to do.
similarly, the average person concerned about the inflation of their currency doesn't become an activist and try to stop all inflation. people instead simply diversify away from their currencies in their long-term portfolios, which is very easy and cheap to do. even americans have very good instruments available for this through etfs listed on the nyse.
|
|
|
|
MoonShadow
Legendary
Offline
Activity: 1708
Merit: 1010
|
|
May 18, 2011, 07:46:44 AM |
|
@creighto, that's not how people will look at it unless bitcoin becomes their operational currency, and that's a pipe dream at present. even the wildest bitcoin optimist doesn't think it will happen soon, if ever.
in the meantime, people get paid in dollars, euros, pounds, and similar currencies, and they want to buy stuff in those currencies. for them, bitcoin is a very expensive and unreliable way to do that. they face large exchange fees, unregulated and probably illegal currency exchanges like mt gox, and value that fluctuates as the result of speculation.
moreover, much analysis in the forum suffers from a us-centric view. american banks are particularly inefficient, corrupt, and old-fashioned. americans come to europe and offer magnetic-stripe cards for payments, and grocery clerks laugh at them because it reminds them of the 90s. if you're not familiar with european banking, as this dutch author is describing it, imagine that you had free american-style 'ach' push and pull payments available to you from all of your bank accounts. the average european can presently make payments online for free, in a trusted environment backed by law, to anyone, for any reasonable amount of money, very easily. (very large amounts are typically paid through swift rather than such ach-style payments, at a slightly greater, but still relatively small, cost to the consumer.) that's what most of them want to do.
Europeans, particularly Western Europeans, have a trust of government and government regulated institutions that Americans do not tend to share. I think that this faith in such social constructs is going to be tested over the next several years. And although you may not be directly charged for these transfers, there is a cost. Someone is paying for it. If it's not you, then it's likely the online vender; which is the Paypal/Credit Card model. If not, it's your government paying the costs; which means it's still you indirectly. But what is the catch? You may feel that your private business is still private because the government doesn't share it, but it's not private from your government. There may yet come a day when you regret that. similarly, the average person concerned about the inflation of their currency doesn't become an activist and try to stop all inflation. people instead simply diversify away from their currencies in their long-term portfolios, which is very easy and cheap to do. even americans have very good instruments available for this through etfs listed on the nyse.
The inflation issue is a red herring. Bitcoin inflates, and currently does so at a rather high rate. The only reason that the relative value of a bitcoin continues to rise is because the size of the economy is rising at a substantially higher rate. Honestly, I couldn't care less if Europeans use Bitcoin or not. If Bitcoin needs my advocacy to succeed, then it's already doomed to failure. There are always going to be those who disagree on anything.
|
"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."
- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
|
|
|
NghtRppr
|
|
May 18, 2011, 08:13:06 AM Last edit: May 18, 2011, 08:27:46 AM by bitcoin2cash |
|
Such a system is not “decentralized”, but more like a “replicated center” system, as there is an absolute necessity to gather all the existing data in a single point to make any meaningful operation. It's decentralized in that there is no single authority determining which transactions are valid or not. Thus, Bitcoin is only “peer-to-peer” in the sense of the British Peerage system. Bitcoin “commoners” must appeal to their “lords” who have sufficient means to judge on validity of transactions and to seal those transactions as valid, likely for a fee. In the British Peerage system, not just anyone can declare themselves a "lord". That's the exact opposite of Bitcoin where anyone can become a "lord" by simply downloading the entire block chain. Thus, for perfect anonymity, both sender and receiver have to split every complex transaction among separate pairs of throw-away identities. But at this point, transactions stop being technically atomic, in addition to the fact that the system becomes quite complicated and heavyweight. That's not an argument against anonymity. That's an argument against usability which wasn't on his list of things he was going to argue against. I would say he's moving goalposts. Here the assymetry goes the wrong way: those “honest” nodes need to burn maximum amounts of energy continuously, round the clock, 24x365, just to keep the system afloat. Not green at all! Just to keep the system afloat? No, that's a side effect. The reason why honest nodes are consuming resources is so they can make money, either through finding blocks and gaining a bounty or eventually, transaction fees. Meanwhile, an attacker may only mobilize his CPU power temporarily to carry out his deeds. What deeds? What do you think can be accomplished by controlling the network for a short amount of time? I admit that I don't know but do you? I'm not sure how fearful, uncertain or doubtful I should be without any specifics. Though, I admit "deeds" doesn't sound very pleasant. Potentially, a CPU-rich well-connected peer may delay his newly created block till a competing block is received. Then, the delayed block may be concurrently released, thus creating a tie. A sufficiently CPU-rich attacker may perpetuate this tie indefinitely, potentially making the network to flip-flop between two branches of transaction history, with somewhat unclear consequences. The key phrase is "sufficiently CPU-rich attacker" which eventually would be infeasible for just a DDoS by a single attacker. Any attack has to include some kind of discussion about incentives. If I can make 2 billion by spending 1 billion then it makes sense. If I can piss the world off by spending 1 billion, there might be better ways to spend that money from the perspective of an attacker. Otherwise, if no profit is being made, we can just wait for the attacker to run out of money and resume business as usual. Here and now (Netherlands, 2011) I enjoy an instant, secure, privacy-preserving payment system which charges no fees for domestic transfers. That's a fairly huge claim with nothing to back it up. Is he saying that the same attacker able to bring down a decentralized system somehow can't bring down a centralized one? That seems implausible especially considering that he can't even audit the code he's depending on for his alleged security. He just has to take someones word for it! Either way, a data center full of GPU miners costs orders of magnitudes higher than a few exploding yellow vans. Also, if he's not paying any fees, who is paying for the infrastructure? Most likely, he is, with his tax money or if the fees are charged to the merchants then he's paying for it through higher prices for goods and services. Few things in this world are free. Of course, "privacy-preserving" has to be false or at least qualified. Privacy from whom? If it's just from the other end of the transaction, I can do that too. I'd like privacy from everyone, including the government and all their contracting middlemen.
|
|
|
|
unk
Member
Offline
Activity: 84
Merit: 10
|
|
May 18, 2011, 08:18:38 AM |
|
The key phrase is "sufficiently CPU-rich attacker" which eventually would be infeasible for just a DDoS by a single attacker. Any attack has to include some kind of discussion about incentives. If I can make 2 billion by spending 1 billion then it makes sense. If I can piss the world off by spending 1 billion, there might be better ways to spend that money from the perspective of an attacker. Otherwise, if no profit is being made, we can just wait for the attacker to run out of money and resume business as usual.
the fatwallet link does exactly this sort of analysis. it would cost on the order of $700,000 for a competitor with a vested interest in the block chain's failure, or someone intending to profit from manipulating the exchange rate for coins in the current block chain, to launch a dos attack. that also suggests that a government - any government - could very easily stop bitcoin if it wanted to.
|
|
|
|
NghtRppr
|
|
May 18, 2011, 08:21:36 AM |
|
The key phrase is "sufficiently CPU-rich attacker" which eventually would be infeasible for just a DDoS by a single attacker. Any attack has to include some kind of discussion about incentives. If I can make 2 billion by spending 1 billion then it makes sense. If I can piss the world off by spending 1 billion, there might be better ways to spend that money from the perspective of an attacker. Otherwise, if no profit is being made, we can just wait for the attacker to run out of money and resume business as usual.
the fatwallet link does exactly this sort of analysis. it would cost on the order of $700,000 for a competitor with a vested interest in the block chain's failure, or someone intending to profit from manipulating the exchange rate in the current block chain, to launch a dos attack. that also suggests that a government - any government - could very easily stop bitcoin if it wanted to. I assume that's right now. Is there any way to extrapolate to when we're at the point that he's talking about, when typical clients can't even be bothered to listen for all transactions or scan the entire block chain?
|
|
|
|
unk
Member
Offline
Activity: 84
Merit: 10
|
|
May 18, 2011, 08:22:31 AM |
|
the cost of the attack grows linearly with mining capacity, no more. so whether it's asymmetric to value doesn't change.
|
|
|
|
NghtRppr
|
|
May 18, 2011, 08:24:37 AM |
|
the cost of the attack grows linearly with mining capacity, no more. so whether it's asymmetric to value doesn't change.
That tells me little about how much mining capacity there will be in the future and therefore how much it will cost to disrupt the network.
|
|
|
|
Timo Y
Legendary
Offline
Activity: 938
Merit: 1001
bitcoin - the aerogel of money
|
|
May 18, 2011, 08:37:14 AM |
|
The European banking system is a lot better than the American one, but that is because the EU government forces banks to be more costumer friendly, not because it's a competitive market.
This heavy regulation simply forces banks to find different, sometimes hiddens ways to cover their costs. Regulation cannot change the fundamental inefficiencies of the present banking system.
For example: bank transfers may be free in the Eurozone, but opening a bank account with any kind of extra functionality can easily incur charges of EUR 200 per year in some European countries.
Also, bank transfers are horribly slow. A bitcoin transaction takes an hour to confirm at most, an IBAN transfer can take several days. (This might change soon though because there is no technical reason transfers should take this long)
Needless to say, bank accounts can be frozen, IBAN transfers are reversible, and third parties can access information about your balance. This is just a lot harder to do than with paypal.
|
|
|
|
Grinder
Legendary
Offline
Activity: 1284
Merit: 1001
|
|
May 18, 2011, 09:12:51 AM |
|
I read the article. I can't say I was impressed by his grasp of the concepts.
I can't say I'm impressed by your refute of his arguments.
|
|
|
|
gigitrix
|
|
May 18, 2011, 09:17:15 AM |
|
Super-peers are fine when all you need is about $1000 worth of hardware (that many IT guys might have access to anyway) to be a super-peer. Anonymity is doable, just not 100% built in. I'm satisfied that the security wait time is true, but it's bulletproof as far as we know today, providing sufficient people are mining.
|
|
|
|
Timo Y
Legendary
Offline
Activity: 938
Merit: 1001
bitcoin - the aerogel of money
|
|
May 18, 2011, 09:20:52 AM |
|
I would be happy if this article is discussed in detail before anyone tries to take Bitcoin seriously in FUTURE.
No, Bitcoin is not perfectly democratic but it doesn't need to be. In fact, that would be detrimental because casual users are more vulnerable to being tricked into using a fraudulent client than expert miners. No, Bitcoin is not perfectly anonymous but most users don't need perfect anonymity. The few ones that do can approach perfect anonymity arbitrarily at a relatively low cost. No, Bitcoin is not perfectly secure but nothing in this world is. On top of its technical security, Bitcoin is also secured by the social aspect. Above all, Bitcoin is a social convention, not just a piece of software. No, Bitcoin is not safe against every conceivable DoS attack but neither is the internet itself. Conclusion: Bitcoin is far from perfect but it still beats any money that was ever invented, by far.
|
|
|
|
|