I now understand that BitCoin is actually an experiment to teach people basic economics and why many of today's rules and institutions (e.g., banks) exist. Sorry for criticizing it. BitCoin is an awesome educational tool.
Bitcoin is not money on the bank, but cash. If your wallet is stolen, the bank will not refund you, either. You can, however, go to the police and that is what the victim here is doing as well. There is, of course, a much lower chance of catching the thief than there would be with real cash.
Exactly, make sure the only copies of the wallets with your money are on non-networked, non-running hardware, preferably just straight up storage media, and secure it physically. You can make it as secure as you can possibly make anything. Hell, you could even get it insured.
I have spent very little time thinking about bitcoin, so I really am not qualified to say anything for or against it - however I have a question that seems ridiculously obvious:
WHY would you implement the digital version of cash, as it seems you just stated -- WHY would you create a digital currency with no ability to really track and disable and refund?
Kind of the whole point of digital currency is to evade tracking. A currency that is truly anonymous is more generally useful than one that isn't. The same features that make it easy to steal also make it easy to spend.
The US government won't let you leave with more than $10k in physical cash without "declaring" it, but declaring exposes you to likely theft by the government in the form of civil forfeiture or tax seizure, as does carrying it past TSA. Your bank won't let you wire-transfer large amounts without having to file a bunch of CTRs, again exposing you to potential legal liability. Making transactions in smaller amounts to avoid notice of the big amounts - even if you're doing so to avoid private thieves - is a federal crime called "structuring". Credit card companies solve some of the problem but can randomly "put a hold" on your funds without your consent.
Digital cash is trying to fill the role that cash used to fill before the War On Some Drugs made everything insane. Back when the government printed $500 bills and $1000 bills and it wasn't deemed "suspicious" to use them. In the modern age, digital cash promises to let us buy things around the world, "no questions asked", without banks and governments and other middlemen getting in the way.
This is one of the casualities of the Bitcoin monetary policy.
(Obviously I'm simplifying, your money gets pooled with others and deposits and withdrawls happen from a pool of money, you don't get your own money back when you withdraw, but lets compare two hypothetical banks with only 1 customer each)
A dollar denominated bank takes your money and invests it. They use it for mortgages, or they put it in bond markets or equity markets. They make a profit. Some of that profit gets returned to you as interest. They also provide for safe keeping of the money. With interest rates near zero, we forget this, but thats the real reason for a bank. If it was just a safe place to keep money, we'd be paying them.
A Bitcoin bank couldn't work. You give them some Bitcoins. They transfer them to dollars, make some investments. Now you go to withdraw some money and they have to sell the investments. Since Bitcoins are deflationary, they can not make you whole without incurring a loss. There is no money to be made in operating a Bitcoin bank and giving interest so long as the exchange rate of Bitcoins to the real world keeps going the way its going. Everyone should just sit on their bitcoins and hold them.
Now if you just want to make a safe deposit box for Bitcoins, that's would work. And you would have to pay a fee. But there is a difference between a bank account and a safe deposit box, and I don't see bank accounts working with bitcoin any more so than they would have worked based on tulip bulbs in the 80s.
What you described is not how banks or money work.
Below is an entertaining, albeit slightly alarmist, educational video on how the money system works today. This should be required viewing for anyone considering using money:
I don't want to risk wasting 45 minutes listening to a crackpot, and honestly, there are quite a few indicators for lunacy in the first few minutes. Can you give a few bullet points to help me decide if it's worth to watch?
I haven't checked the video (can't watch it here), but there are indeed many misconceptions about how the banking system operates.
In particular, banks do not lend out deposits, at least not in any meaningful way, and the so-called money multiplier is non-existent.
To get up to speed on such things, I would recommend the blogs of economics professor Bill Mitchell. His style is a bit rambling without much polish, since he writes one entry every day, but I found it very worthwhile for getting a deeper understanding. Consider looking for entries with "money multiplier" in the title in the index here: http://bilbo.economicoutlook.net/blog/?page_id=1667
It talks about the history of banking and the fractional reserve system, the difference between commercial and central bank money.
What most people don't realize is that banks don't have to actually have the money they lend out. That's the basis for our monetary system and while it has nice qualities, like spurring innovation, there are some undeniable drawbacks.
The point is that is a little bit harder and more traceable than having to manage files(all your money) yourself. There is at least a semblance of security and the bank/govt will make good if someone breaks into the bank and steals all the cash there.
Banks are regulated by law and have the funds insured by FDIC. i.e even if the bank goes belly up, the FDIC will make sure the depositors get the money. With BitCoin, how do you trust a bank? Even if it's just by word-of-mouth trust, eventually the bank will be taken over or run by non-trustworthy people. The threat of federal prison keeps most real banks honest. Nothing like that exists in the BTC world.
Well, ultimately what you're saying is that you trust the FDIC more than you trust any given bank. That's nice, but it begs the question:
- Will the FDIC fulfill its obligations at all times?
- How does the FDIC have the resources to do so?
- Does the presence of the FDIC lead to better or worse behavior among banks?
It's especially interesting to look at the issue of non-trustworthy people. When S&Ls were semi-deregulated in the early 80's, they got extra FDIC protection and were allowed to lend to a wider variety of projects. Suddenly, the credit decisions of the bank didn't matter, because the FDIC backstopped their deposits. And that attracted some really non-trustworthy people.
Wikipedia says the total cleanup cost was $87.9 billion, which discounts the opportunity cost from building pointless malls and empty offices. Can you imagine a BitCoin-based system ever hitting that level of losses?
I agree that circulation of currency/commodities is necessary for a healthy economy. I don't agree that we're better off having value stolen from our currency by inflating it for the sake of "incentive".
How many joe sixpacks actually spend their money as quickly as possible because they're afraid of inflation? Hopefully it never comes to that.
> Deflationary spirals are no fun.
$5/gallon of gas and $7/gallon of orange juice are no fun either.
>If you think that is honest behavior, then bury all your money for 10 years and then try to spend it. Suprise! You've been robbed.
That does induce people to spend,invest or save(savings in banks are loaned out to others by the banks) which drives the economy.
The problem with bitcoin right now is that it's being thought of an investment to hold on to, instead of a currency that must be exchanged for goods.
Imagine if the dollar was appreciating in value big time every week and month. People would stop spending and just hog them. The economy as we know if might collapse and lead to a full blown depression.
> instead of a currency that must be exchanged for goods.
My prediction is the bitcoin market will correct itself, as markets without interference do. Bitcoins are intrinsically worthless, like the USD, unless it can be exchange for goods/services.
> Imagine if the dollar was appreciating in value big time every week and month.
As long as a central banking authority (Federal Reserve) can legally make dollars from thin air, this will never happen.
The problem is that people are using BitCoin as a 'Get Rich Quick' scheme instead of a currency. While this does drive adoption, some lives may be destroyed on the way because of market manipulation by malicious parties. How many legitimate transactions are happening compared to transactions with an intent to hoard BitCoins for future gains?
> Banks are regulated by law and have the funds insured by FDIC. i.e even if the bank goes belly up, the FDIC will make sure the depositors get the money. With BitCoin, how do you trust a bank?
There were banks before the FDIC and people trusted them. The threat of insolvency can (but doesn't always) keep them honest.
True, but atleast the banks were real physical places with real people at the helm. It is really hard to trust anything over the internet these days,except if one of the big financial players like Citibank or someone like Amazon starts a bitcoin bank.
AFAIK any of the online banks could be running out of a hole in the wall in Ukraine or Nigeria. Even paying online sites with credit cards is risky these days with the rampant fraud etc, I wouldn't trust anything online only enough to entrust my money unless backed by a big player.
> except if one of the big financial players like Citibank or someone like Amazon starts a bitcoin bank.
That's part of how the market solves this sort of problem, traditionally. When trustworthiness is especially valuable, brands develop that have it. One way to bootstrap the process is to start with an existing brand that has it, like American Express. Companies that want to be seen as trustworthy can also do things like offering money-back guarantees and putting money aside in an escrow account held by a third party.
It's interesting to consider why that is. I could start a BitCoin deposit insurance company, for example: you'd pay me X% of your balance each month, and I'd make you whole in the event of fraud.
Of course, I'd want all sorts of regulations on how you set this up; I might sell you some kind of extra-secure system for managing your balance, for example. At that point, the market would basically be putting a price on BitCoin security.
Obviously, my deposit insurance scheme could go broke, if I price it wrong. That's theoretically a risk with SIPC. It's not a risk with the FDIC, since that is ultimately backed by the government's ability to print an unlimited amount of money.
So it might make more sense to say that deposit insurance is a feature of unstable currencies: if anyone's dollar-denominated debt can be 100% guaranteed by the government, then the value of everyone's dollar-denominated assets will face an inflation tax to pay for this guarantee.
Maybe I'm missing some detail of the scheme you're proposing, or have some fundamental misunderstanding of bitcoin, but if bitcoin is anonymous and untraceable, how do you prevent insurance fraud?
Wouldn't this also defeat the purpose of BitCoin in the first place? And by "purpose" I'm referring to the whole "anonymous, untraceable" aspect of it. It's very much like cash - it's anonymous, yes, but also if it gets stolen there's not much you can do about it.
The thing I find more dangerous than that is anyone with your wallet.dat file can go and do whatever with your account.
There really should be additional checks. Having to sign your transfer requests and allow people to impose a voluntary delay on their transactions to allow time for cancellation would help significantly.
My wallet is on an IronKey - in order for me to use it I have to plug it in and decrypt it. I also backup my wallet on a NAS server but the wallet is encrypted with GPG.
Where do you back up your GPG private key? Where do you store the passphrase for the key? It's a long chain of vulnerabilities in any well architected system that must be addressed. This seems acceptable for a big company, but for an individual to have to go through all these steps just to protect their money seems arduous.
Not if you have a secure means of input in your OS. OSX does, for instance, you can turn it on in the Terminal application and no loggers will see what you type.
Unless they install as a kernel extension, then you're screwed. But that requires a password.
of course. But now we're talking something significantly more complicated than a keylogger, and more fragile as it probably relies on glitchy behavior.
Seems fairly inevitable: if I sat by the window of my house, talking to anyone who walked by about having a large cache of money, which it was clear was also in my house... well, I would probably want to do one or all of: (a) invest in some quality locks; (b) stop talking about it; (c) keep my money somewhere else
Correct me if I'm wrong, but given the P2P nature of bitcoin, wouldn't it effectively give someone interested in malicious activity a list of target IP addresses? In theory he could set up his own P2P, watch for large transactions, and then he has an ip running a bitcoin client who (potentially) has a large wallet.
Then it's just a matter of running common exploits (or new ones, if you have them) in order to access the machine and the bitcoin wallet.
I've thought about that as well. But I would imagine if you have the technical chops to do that (I'd be interested in seeing a distribution of Mac/Linux/Windows users for BitCoin as well), you'd have the technical chops to get more money from other ways than stealing a few bitcoins. That said if I were a botnet master I'd put in some code to search for a wallet as a 'bonus'.
No, you can make a receiving address without ever connecting to the network. Current clients won't do so (that I'm aware of), but it's entirely possible.
The main reason though is that new addresses aren't broadcast. The only time you know their location is when they send, and only if you were watching their traffic / the traffic of all nodes they sent to.
That's the account record of the address that supposedly stole the huge amount of bitcoin. The maximum balance I see it have is 400 blocks. Is it missing from the record or is a bitcoin block larger than 1 BTC?
This reminds me of the "come from" statement. COMEFROM is a long-running joke, it's a flow control statement which is intentionally confusing. It works like a GOTO but backwards. There is no indication in the area being jumped from that flow control is about to go somewhere else in the program. https://secure.wikimedia.org/wikipedia/en/wiki/COMEFROM
I think, when parts of your currency start to resemble any part of INTERCAL, you have a big problem :-)
This guy's experience reads like something out of a William Gibson novel. If BTC takes off, I wouldn't be surprised if the world got several orders of magnitude nastier, malware-wise. If the value of breaking into someone's machine is not merely the computer's connectivity or, worse, information to enable identity theft but actual, untraceable value-holding currency, you know the incentive to compromise computers is going to skyrocket.
Funny. More seriously, this reminds me of the difference in deterrence value between Lojack and The Club:
Lojack makes it little less likely that any particular car will get stolen but increases the likelihood that a car thief will be caught.
The Club basically says, "Go steal someone else's car."
"Driver carries no cash" is well intentioned but says, "Go rob someone who does have cash." It has a local deterrent value perhaps, but is of limited value as a deterrent from robbing people who drive delivery trucks.
All of this gets me wondering? Does UPS still do COD? And if so, do they accept cash?
The worst part of this is how irreversible it is. With a bank you might be able to get it back, with cash nobody can just siphon the actual paper money remotely, but with bitcoin you're out of luck.
I'm not sure that's true. As I mentioned in another comment, the CHAPS payment system doesn't allow transactions to be reversed, and the other major system in the UK, Faster Payments, I believe has a 24 window for banks to request a reversal, usually in case they transmit something by mistake.
Honestly, I think we place too much faith in banks sometimes.
In the US, consumer liability for fraudulent withdrawals from bank accounts is generally limited to $500 by federal law, provided that the consumer detects the fraud and notifies the bank within 60 days. The bank is responsible for the amount in excess of $500. Many banks even have a policy to refund the entire amount fraudulently deducted.
Traceability in the real world banking institutions has its advantages. As a business owner I've once had a mistaken transactions that resulted in erroneous withdrawal of +10,000 from business bank account. A phone call to the bank and a bit of investigation fixed things and I don't think the bank was out any money either, it was just a wrong account number issue.
With bitcoin, things are not at all reversible.
Also I expect bitcoin to be shutdown because it could be a great way to fund terrorist activities. (There are major federal investments in anti-money laundering systems that monitor bank transactions, bitcoin transactions operate outside of this system and thus will be suspect.)
I think a better word is "traceable". Presumably with CHAPS one can find out who the money went to, and other mechanisms can come into play to get it back.
Bitcoin, though, is supposed to herald the awesome future of totally anonymous, totally untraceable transactions in which once your money's gone, you're fucked.
Only if it hasn't been transferred elsewhere and laundered and whatnot. Then all the bank is doing is penalizing its other customers to make you whole.
There's some capacity for error or crime built into the numbers as they stand. This means that the bank is more-or-less insuring against those things. All customers reap the benefits of insurance, because the benefit is the security, not the restitution.
I've witnessed stacks of cash far in excess of that.
However, when it is done, there is usually a fair bit of armament around the cash, and the kinds of people that keep that sort of cash on hand are also not the sort you want to commit an amateur robbery against.
Doubly so in the UK. Here, the police can presume without proof (and have done so) that any cash in excess of GBP1000 is the "proceeds of crime", and the onus is then upon the owner of the cash to prove that it isn't.
Sounds like a convenient rule for law enforcement to incriminate people when they have a "hunch" about their illegal actions.
When I was 12 y.o. I had that sort of money in my bedroom (years of saving money from my paper route job, and factoring inflation). Of course, I could prove that it was mine, but it seems like the bar is somewhat low if it's set at GBP1000. It's the kind of money that you use to pay to rent a cottage for your vacations, not ludicrous drug-traffic amounts ...
But what would be the other options for a normal user? You could completely hand over your wallet to someone else, but that sort of defies the point of Bitcoin: they could log transactions, be raided by authorities, etc. You could store your wallet in a way that's physically secure (say, on a flash drive), but this just requires the hacker to insert software that waits until you try to spend some of that bitcoin. You could maintain many separate wallets on separate flash drives, so you would only lose part of your savings to this sort of attack, but that is inconvenient.
The only solution I'm coming up with would be to hand over control of your wallet to an anonymous-yet-trusted third party who's hidden behind Tor or such. The difficulty is in finding (or creating) an anonymous-yet-trusted party in the first place.
The design of BitCoin only includes very weak anonymity. A medium-to-large scale network analysis could most likely break any anonymity people thought they had.
And there really can't ever be one. A bank requires some way to offset risk (insurance, etc); If it gets robbed, the insurer pays out; In this case, an insurer would need to physically keep more bitcoins than the insured on hand in order to handle a payout situation. Since bitcoins can't be 'printed' like dollars, there's no way to simply have an 'FBcIC' without allowing them to substitute something for those bitcoins in a payout situation (e.g., the USD cash value).
For a bunch of DIY hackers, I'm sort of surprised you guys are so willing to hand your money and control over its security over to the government and financial institutions. Then again, I was a computer security guy for the government and online financial institutions, so I guess I'm comfortable with my ability to protect my (very very small amount of) money, or I'm just more cynical about them.
Western Union is irreversible, and would probably have been shut down if it wasn't so well-established. Most other US payment systems are reversible, which is why you have holds on getting the money out of those systems - they want time to detect fraud and reverse the fraudulent transaction. This requirement for reversibility seeps through the system, which makes anonymity very difficult, and causes a lot of friction on anything that changes a reversible payment into a non-reversible payment, since that's where you eat the fraud. Now you know why it's hard to get cash equivalents out of the system, especially to a remote party.
The point here is that once the money is in a non-reversible network, you can accept a payment and know that it's good very very quickly. If you make bitcoin reversible, you might as well just use one of the old payment systems, where the money might disappear later (and you'll be out your privacy, goods, cash and services), or you'll be paying transaction fees based on your charge-back rates, and unable to charge more for the reversible payments than the non-reversible ones due to contracts you have to sign to be part of the payment network - and thus the non-reversible payers subsidize the reversible payers. What a racket.
As we used to say, "there's no good guys in payment processing, only bad guys and less-bad guys".
Sounds to me like a BTC bank should be set up, with corresponding accounts. Instead of 'you' holds all your BTC, your BANK holds most of your BTC in a secured location, and you can make withdrawals to your account on demand.
Of course, this would effectively require an insurance corp also set up in such a fashion that integrity of the bank could be configured.
He then proceeds to say that he backed up his unencrypted wallet to "dropbox, wuala, and spideroak", which doesn't strike me as extremely clever when you're talking about something in the half a million price range.
On the other end it's a good cautionary tale. I'm quite curious about this bitcoin thing, but this reminds me I definitely don't want to secure all my money myself without any insurance or guarantees. A stupid mistake and shazam you lost all your money.
Regarding the issue of whether the application should encrypt the wallet by default, it'd probably be a good thing to have but I'm not sure it would have helped in this case. The wallet would have to be decrypted in order to mine or execute any transaction and the attacker was obviously targeting the bitcoin wallet specifically, so it could just have installed a keylogger or whatever to catch the passphrase, like they do with banking sites (or wait until the walled is decrypted and dump it then, or install a backdoored version of the bitcoin client...).
Bitcoin is a Thesis of one Guy. Its great in many ways but in terms of Softwaredesing and Engeniering at least the Client sucks. I've the Auther had knew it would be blowing up like this he would probebly have build something better.
Its Open Source and you can interact via JSON so it would be that hard to build a good client that does this kind of stuff.
I doubt that encrypting the wallet on the HD would have helped much. It sounds like allinvain's computer was compromised. The attacker could have copied the decryption key when it was used legitimately by allinvain.
I don't see why a hacker would do this. They've already broken the law so this just increases their chances of being caught. If they wanted to be "nice", they could just have stolen fewer of the bitcoins.
It seems to me that Bitcoin requires an actual wallet. A physical device that will store your "money" ie. verifiable account info, the way a general purpose computer is storing it now.
I just got hacked - any help is welcome!
allinvain
June 13, 2011, 08:47:05 pm
Hi everyone. I am totally devastated today. I just woke up to see a very large chunk of my bitcoin balance gone to the following address:
1KPTdMb6p7H3YCwsyFqrEmKGmsHqe1Q3jg
Transaction date: 6/13/2011 12:52 (EST)
I feel like killing myself now. This get me so f'ing pissed off. If only the wallet file was encrypted on the HD. I do feel like this is my fault somehow for now moving that money to a separate non windows computer. I backed up my wallet.dat file religiously and encrypted it but that does not do me much good when someone or some trojan or something has direct access to my computer somehow.
The transaction sent belongs rightfully to this address: 1J18yk7D353z3gRVcdbS7PV5Q8h5w6oWWG
Block explorer is down so I cannot even see where the funds went.
I tried restoring an earler backup of my wallet but naturally that does not work because the transaction has already been validated.
Needles to say I feel like I have lost faith in bitcoin.
Anyone have any ideas what I can do besides just jump off a bridge?!
---------------
[snipping out posts that don't contribute much]
---------------
Re: I just got hacked - any help is welcome!
June 13, 2011, 09:05:04 pm
allinvain
First thing that I noticed is that my slush's pool account got hacked into and someone changed the payout address to this:
15iUDqk6nLmav3B1xUHPQivDpfMruVsu9f
I then changed the password and proceeded to run some antivirus and anti malware scans. Some stuff was found, but they were all cleaned up and they were all in my windows user profile temp dir which I deleted all the temp files. God I can't even type properly. Sorry folks I'm a bit emotional now.
I then left another virus scanner running and went to sleep. When I woke up I check my bitcoin wallet. I leave the client running to help the network, and I notice -25,000 (and a transaction fee) gone.
Fuck, I really should've moved the coins to a vmware linux session I have running. But the question is was it already too late? Could someone had my access to my wallet.dat for a long time and now just decided to "cash out"
It's not really $500,000 though is it? As soon as you exchange a small amount of that into dollars you crash the exchange and the value drops significantly. I'd estimate it at about $30,000 worth.
On June 12th, $3,5M were exchanged on MtGox. For 8 of the last 10 days, the daily volume has been above $1M. I think that you could get these $500K in small chunks in a few days, provided you do it full time.
Without an unbiased third party auditing of their accounts I would be loath to place too much trust in data they themselves produce to say how awesome they are. Especially with such a significant amount of capital allegedly at stake and nothing to lose for bending the truth.
Granted the market is easy to manipulate with small transactions that can start large swings; as well it would be difficult to find a buyer if you wanted to liquidate a lump sum of this size without a solid discount.
That said, I think you're overstating the impact this would have. The recent downswing from ~$30 to ~$10 in a period of a couple days was speculated to be due to MtGox consolidating 20 times this amount.
Without knowing how much real backing the exchanges have it's hard to get a figure on what effect a large dump would have on the market. Additionally, you'll get shock dumpers who do a run on the exchange once they see value erosion. $30,000, although fabricated, feels right. Although i'd add that's probably an upper bound rather than expected value.
The Merchant trade in Europe came up with three valued things:
1. Corporations
2. Insurance
3. Banks
Those three items are related to one another. While its true that due to the anonymous nature BitCoin is biased towards illegal mafia-like formation of banks and such for illegal activities as soon as legal activities start using them as trade banks, insurance, etc will form as a nature evolution.
IMHO the shadiest side of the bitcoin daemon is that it discovers peers by connecting to an irc channel. Just like a typical virus botnet handles command and control. Connecting these two uses of IRC is pretty obvious, and then you get a virus that attacks windows machines running bitcoin and steals wallets.
