CH

March 19, 2014

Webwallets Will Always Fail - Fr33aid's wallet robbed, Blockchain.info complicit in 2FA compromise

Filed under: Uncategorized — @ 12:00 a.m.
Webwallets Will Always Fail - Fr33aid's wallet robbed, Blockchain.info complicit in 2FA compromise

In the "too derp to be true" category today, someone breached the two-factor authentication securing the webwallet of a nonprofit incapable of operating their own. Blockchain.info reset their two-factor auth, which should demonstrate to anyone who still thinks that keeping bitcoins with someone else is a good idea ever.

Don't get me wrong - it's a crying shame that people who want to make the world a better place are getting fucked like this. Next time a non-profit you know is beginning to dabble in the cryptocurrencies, put them in touch with me and I'll be more than happy to walk them through what's necessary to secure a wallet and back it up robustly.

Fr33 Aid’s wallet had 2 Factor Authentication enabled prior to the theft, and we are actively working with blockchain.info to investigate how it happened. They have been very responsive, and we expect to be able to update this post with more information soon.
Update #1: 10:45 am PDT, 19 March 2014
See embedded video below confirming I set up the new address using both a different device and wallet program than I had used previously.

Update #2: 12 noon PDT, 19 March 2014
Today I was able to access Fr33 Aid’s blockchain.info wallet for the first time in a few days, as their wallet functionality was out of service during that time. I had previously turned on logging, and in checking the log I discovered that a Blockchain.info Admin had approved a 2 Factor Authentication reset on Sunday, about a day after the request was made and about an hour before the settings were accessed and wallet was updated and bitcoins stolen. I was the only person with access to Fr33 Aid’s wallet, and I did not request the 2FA reset. I understand from Mandrik at Blockchain that the 2 IP addresses used for these activities (185.21.188.146 and 77.247.181.162) were both Tor exit nodes.

The lessons of counterparty selection must be driven home again and again. This time with the cane - for these silly non-profiteers are now operating in a space where the free market can operate upon them. High-falutin' morals are all well and good when ones' assets lie secure in a bank vault in America, protected by all that protects the derpy capital of the communist state, but operate with the same lax attitude towards security in Bitcoin, and watch your coins get ripped from your hands and end up with a new master, more worthy of their service.

Some Bitcoin commandments:

  • trust not to webwallets
  • place no value in security that involves thy phone
  • select thy counterparties with the utmost of care
  • maintain thy toolchain thyself
  • take prophylactic measures in any risky scenarios

Be careful out there…

The Tragedy of Remote Hands - 'Canadian Bitcoins' robbed of 143.94฿

Filed under: Uncategorized — @ 12:00 a.m.
The Tragedy of Remote Hands - 'Canadian Bitcoins' robbed of 143.94฿

Someone robbed CB of 143.94฿, by essentially phoning in and asking the data center operation staff to reset their hardware into a mode allowing for open access.

Having worked with a few actual data centers with actual servers in them1, I can attest to the typical competence level of their staff. Generally, the folk on the floor in these operations are only recently not burger flippers, punk rock musicians racking boxen to pay the bills, or young folk who've tripped and fallen into a lucky thing.

The tragedy of 'remote hands', as we call them in the trade, is that as soon as they've achieved a base level of competence one of the big data center operators swoops in and sucks them out. The DC spends all this money on the kids first round of mistakes and then Microsoft or HP or Amazon or Google spots their virgin Linkedin profiles2 and moves in for the kill, thus leaving the operators of important technical equipment bereft of humans able to swing through the rigging competently.

This brings us, ONCE AGAIN, to the importance of counterparty selection in Bitcoin. Your hosting operator is a counterparty in Bitcoin, if you intend to keep coins on a server in their shop.

Perform the dilligence which is due.

Footnotes:

1

Not to imply a great number of said, but you know. A few, nevertheless.

2

First you realize Linkedin's a thing, then you realize that you're meat for the auctioning.

The Satoshi Dice Contract

Filed under: Uncategorized — @ 12:00 a.m.
The Satoshi Dice Contract

Published with permission. Signatures may be hard to verify as the text was ripped from the Wayback machine and rapidly brutalized to fit through my absurd blog engine.

–—BEGIN PGP SIGNED MESSAGE–—

Hash: SHA1

–—BEGIN PGP SIGNED MESSAGE–—

Hash: SHA1

INITIAL PUBLIC OFFERING AGREEMENT #3

This INITIAL PUBLIC OFFERING AGREEMENT (the "Agreement") is made and entered into as of August 19, 2012, by and among SatoshiDice, an unregistered corporation, collectively represented by the entity evoorhees (GPG fingerprint 91A1 C2DC 46AF 4B74 4EF9 E025 0272 EF6F D370 840C) and MPEx (GPG fingerprint 8DDE 8C2B 4DE2 278A 95C3 D65B 9214 FC6B F1B6 9921), an unregistered corporation. Certain capitalized terms used herein are defined in Section 1 of this Agreement.

RECITALS

WHEREAS, the entity named asserts sole and unlimited authority to represent the corporation named in all matters ;

WHEREAS, MPEx customarily operates during the course of its virtual business the infrastructure allowing the virtual trading of virtual shares of unregistered corporations for a virtual currency known as Bitcoin ;

WHEREAS, the parties intend in this Agreement to set forth the principal arrangements between them regarding the Initial Public Offering ; and

WHEREAS, the parties hereto have determined that in order to accomplish the objectives of the Initial Public Offering and to facilitate the consummation thereof, it is necessary and desirable to enter into the agreements and understandings set forth herein ;

NOW, THEREFORE, in consideration of the premises and the representations, warranties, covenants and agreements herein contained, the parties hereby agree as follows :

  1. DEFINITIONS.

"Bitcoin" and "BTC" mean the virtual currency so known.

"Bitcoin Address" means one address issued by the Bitcoin client which can be used to securely sign documents.

"GPG" means the Gnu Privacy Guard software.

Net Profits here mean profits after explicit SatoshiDice development and Marketing costs (such costs, if any, will be described monthly in the Profit and Loss Statements). SatoshiDice does not pay salaries to any party, so no salary will be taken out of Net Profits.

"Profit and Loss Statements" means a statement that lists as a lump sum all Bitcoin income during one calendar month (including non-BTC revenue converted at then prevailing BTC rates) as well as a reasonably detailed break-down, then as a lump sum all expenditure during that same calendar month (including non-BTC expenditure converted at then prevailing BTC rates) as well as a reasonably detailed break-down, thus showing the net result of each calendar month.

The WOT means the Web Of Trust as maintained on bitcoin-otc.com, or at any such place that it may in time be moved.

  1. THE INITIAL PUBLIC OFFERING.

2.1. Transactions Prior To The IPO. Subject to the conditions hereof, SatoshiDice and MPEx shall use their reasonable best efforts to consummate the IPO, as follows :

(a)SatoshiDice, though its acting representative, will cause this exact Agreement to be signed as a clearsigned GPG document and forward this signed document to MPEx ;

(b)SatoshiDice, through its acting representative, will create a special online Google Doc spreadsheet where Profit and Loss Statements will be published and owners of SatoshiDice shares will have the right to access this spreadsheet at any time ;

(c)SatoshiDice, through its acting representative, will publish retroactively Profit and Loss Statements for the months of July, June and May 2012 ;

(d)The owners of SatoshiDice will create the entity named and verify their identity and beneficial ownership of SatoshiDice to multiple third parties, who then will reflect this by creating relationships of trust between their own accounts and the entity ;

(e)SatoshiDice, through its acting representative, will for the duration of time after announcement of the IPO but before actual listing visibly link this page from their main page;

(f)MPEx, upon receipt of the aforementioned signed document will clearsign it and publish it on a separate page on the MPEx website, and will make reference to this page in relation to SatoshiDice ;

(g) Upon publication MPEx will inform its market makers, preferred traders and other significant investors of the opportunity of investment.

2.2. The Terms of the IPO.

(a)The representatives of SatoshiDice have elected to divide SatoshiDice into 100`000`000 (one hundred million) equal non-voting shares with a total equity value of 10`000 BTC (0.0001 BTC each). In the event of liquidation or breach of this Agreement they solemnly promise and warrant to repay all investors holding shares at this minimum value. The representatives of SatoshiDice solemnly promise and warrant never to issue more shares on any other venue nor in any way to dilute existing shareholders at any point in the future. All future share issuance will be made only a) subject to approval by MPEx and b) at a price no less than the higher of the 1 day average price and the 30 day average price then current on MPEx ;

(b)Based on their knowledge of the company and its assets, as well as on evaluation of market demand, current profitability and projected evolution, the representatives of SatoshiDice have elected to offer in this IPO a total of 10`000`000 (ten million) shares, as follows : one block of 2`000`000 (two million) shares at a price of 0.0032 BTC each ; one block of 5`000`000 (five million) shares at a price of 0.0034 BTC each ; one block of 3`000`000 (three million) shares at a price of 0.0037 BTC each. These blocks will be offered as follows : the first will go up for sale on August the 24th, midnight GMT ; the second on August the 25th, midnight GMT ; the last on August the 26th, midnight GMT.

(c)The representatives of SatoshiDice warrant that no further shares will be offered by them for a period of 30 days from the date these offered shares are sold. The representatives of SatoshiDice further warrant that they will never sell more than half the total shares.

(d)The representatives of SatoshiDice solemnly promise and warrant that they will not introduce their own or any other party's private expenses into the expenses of SatoshiDice, that all expenses charged against SatoshiDice will exclusively reflect expenditure in good faith resulting from the operation of its business and that all money taken out of SatoshiDice by them will be in the form of dividends, paid fairly to all shareholders by proportion to the shares they hold.

(e)The representatives of SatoshiDice solemnly promise and warrant that complete and accurate Statements of Profit and Loss for each calendar month will be published by them no later than by the fifth day of the new month. Under exceptional circumstances and for good cause the publishing of the Statements of Profit and Loss can be deferred no more than once in a calendar year so that the Statement of Profit and Loss of one month is published together with the Statement of Profit and Loss of the next month. Due to the nature of SatoshiDice, all site earnings are verifiable using blockchain analysis.

(f)Immediately upon publication of each Statement of Profit and Loss SatoshiDice will pay to shareholders as dividends a fraction of no less than 100% (one hundred percent) of the Net Profits, if any.

(g)In the event of the sale of SatoshiDice or voluntary liquidation thereof, all proceeds will be distributed fairly to all shareholders by proportion to the shares they hold.

(h)In case of a monthly loss (which will occur occasionally due to the nature of statistical variance of bets), the loss amount will be carried over to the next month’s profits when calculating Net Profits.

2.3. Conditions Precedent to Consummation of the IPO. The obligations of the parties to consummate the IPO shall be conditioned on the following :

(a)That in between the time SatoshiDice has satisfied the conditions laid out as per 2.1.a, b, c and d above and the time set for the IPO there elapse at least 5 (five) full days ;

(b)That no third party has offered verifiable proof as to the inaccuracy or incompleteness of the published statements and that no market makers, preferred traders and other significant investors of MPEX have publicly proffered doubt as to the accuracy or completeness of the published statements ;

(c)That no third party has come forward to claim with credible proof that this listing infringes their ownership rights over any portion of SatoshiDice ;

(d)That none of the signatures used in the creation of this document have expired or have been caused to become invalid or repudiated ;

(e)That the entity created to represent SatoshiDice will attain a total WOT score of no less than 5 (five) from no less than 2 (two) well known and respected community members.

(f)That SatoshiDice has paid MPEx all fees, costs and expenses resulting from the preparation of the IPO, as agreed upon in the Ancillary Agreement.

  1. INDEMNIFICATIONS AND LIMITATIONS OF LIABILITY ; REMEDIES.

3.1. Neither MPEx, SatoshiDice or their respective Owners, Directors, Agents or Partners assume any liability for any losses suffered or alleged to have been suffered by any third party as a result of the execution of this Agreement. All third parties are to make their own determinations, satisfy their own due dilligence policies and assume for themselves any and all risks involved. In particular compliance with any laws, rules or regulations in effect in any jurisdiction where a third party may find itself is entirely the responsibility of that third party – neither MPEx nor SatoshiDice make any guarantees or representation as to the legal status of this Agreement in any third party's jurisdiction.

3.2. BUYER BEWARE. SatoshiDice shall be considered a high-risk speculative investment. Past performance of the site, and of profitability, is no guarantee of future performance or profitability. Value of SatoshiDice ownership shares may rise or fall over time and the entire venture may become worthless.

3.3 At no point shall the obligations of the entity named arising from the execution of this contract exceed the entity’s interest in SatoshiDice.

3.4. Neither the entity named herein nor any other person or entity shall be liable or responsible for compensating any shareholder for any value lost by a depreciation in the value of shares of SatoshiDice.

3.5. The liability of any person or entity party to this contract, either direct, indirect, incidental, tortious, punitive, exemplary or otherwise shall in no case exceed such sums as may be proven that person or entity has in fact received through the working of this contract. Signatories and investors agree to indemnify and hold harmless any party from any claims that may exceed such sums.

3.6. Should SatoshiDice fail to execute this Agreement, as for instance by but not limited to breaching 2.2.e above, MPEx will notify the named individuals of their breach and may, at its sole discretion, suspend SatoshiDice from trading thus activating the liquidation of SatoshiDice.

  1. MISCELLANEA

4.1. All SatoshiDice websites, databases, trademarks, brand names, and other intellectual and/or real property are owned exclusively by SatoshiDice.

4.2. This contract is the sole and complete agreement between the parties. It may not be modified by third parties, irrespective if said parties should style themselves "court of law", "judge" or otherwise.

4.3. This contract is protected as copyrighted material. It may not be reused by different parties without the express permission of MPEx.

–—BEGIN PGP SIGNATURE–—

Version: GnuPG v2.0.17 (MingW32)

iQEcBAEBAgAGBQJQMYXtAAoJEAJy72/TcIQMSqYH/iDen1+BLMypKToqfHpJRkdo
gHfwsTzXSFGCVYFw13S7aDEXc79rOgngFi03WTvr0RRrk1Uah+2h7KhxCFJbf3L2
YqBWcm1t67JE8pr97ZcTRC8bKFgAR8+nH+D8Og4CggkU3vqIkBenFCsDVv02Ev5R
s/+9UdcxN+h+D3wpeaogy01AkSsA2mlk0BrpErX3CVkcEdOlam608CNFFw6FMyc0
6wsAvmarMvI9ah2GUyCHM8Acd+YR+vgz0NdAwqagEqVOaX3q2AlkXh/FpqImKbhc
abPvERsjBSRPTgU+6tYo0oyImvA+WLVS5q8+khXfE6QyGEKdlJtIWj68jxU8hKc=
=FMK8

–—END PGP SIGNATURE–—

–—BEGIN PGP SIGNATURE–—

Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBAgAGBQJQMYc+AAoJEIpzbw4vt7RSzXEP/RwSD+AgcOIlzvf99YQkyTcX
ngf7J2xUihviMP8Al9SFy6dDAZK0kiClB0OIj3FrcQsVkgdz8flUmv1+k7n/6+Y1
dd2AQsI9lvDsn0nW4pu8fYoCPn6uxur494V7LqFlWMteBnIG/8vbVmXX5Xr02XZa
psDsqb4SxaoXpAFc3cXACMUW2rWB+78I2TIc60GIlOKnMqj5sqZp08dw4DhPfl0h
VepNvYC7wUUaIUPsnGVTaT3PQWVy+HSyaX0d3ZEH4TypJLcMiAf/o77PoejbPyJD
TFm829yOAN7MJHNuJbZ4tHgaBLPtvYDMZNDSmIHTjo6vwCIdpWoFNqxRaNxMyzby
ABaHmpeOjuM1LI13LvETd0LSzxM57v44ouffocFTWXqC3nkK0ruo0+xbvG0O+ere
qwskkEnvjBzd5jF4ORjl/PTGOCqJ1/8XyaohDbnSRQsfEjx9tjV1tEhzNlHlUOh9
W27eIznLpxr4LfTsURm6BjR5CE/AFjitzt8sFBwCsucFNFM1tMKOfm+oiM02klos
dl/FeEM0rl5cHkfHYY6WtqHifYCjem9fppIWajwxq03OWsq21SSOLI+sSV51rGmS
xyHRhexM2rPHgWG42KQwSQO2jnA5OYb4/c7DnqBahRPNWZQ+90fvJzPlElL0llwN
ez7CfK6oeOoqTF4BdgWJ
=y7jD

–—END PGP SIGNATURE–—

March 18, 2014

The SEC doth breach itself upon the rocks of MPEx, and Popescu himself

Filed under: Uncategorized — @ 12:00 a.m.
The SEC doth breach itself upon the rocks of MPEx, and Popescu himself

Today Mircea Popescu posted an email exchange between himself and individuals claiming to represent the United States' Securities and Exchange Commission. I have no reason to suspect that these individuals do not in fact represent the SEC. They contacted Popescu, asking for every document related to individuals trading the virtual company Satoshi Dice, and everything related to Erik Vorhees' involvement in the operation. Popescu responded by asserting that the SEC must step in line with the GAO and the Fed and accept that they have no domain over Bitcoin operations.

Popescu's attitudes towards the USG are well known, and this confrontation has been brewing for a very long time. Examine ye the founding documents of MPEx, wherein it is stated that The Exchange intends to vacate any jurisdiction that gives it any problems. This exchange is merely the latest salvo in a war that has been going on for decades between the free market forces of intelligence and cryptography and the communist forces who seek to increase the number of complacent idiots under their domain from whom to extract resources.

While the mathematical arm of the States nailed the mysteries of modern crypto long before the RSA gang, luckily for everyone, such discoveries cannot actually be kept secret, as smart individuals exposed to the same problem sets will eventually develop similar solutions1. When the private-sector cryptographers caught up with Tyrant's stable of domesticated mathers, the United States imposed the hilariously stupid export controls around crypto under which every American labors today2. These controls were and are the nonsensical kind that comes out of the Communist state when it starts to grasp at the remaining straws with which it prays to yoke its citizens. For instance, while it's not legal to export the digital codes necessary to encrypt and decrypt messages strongly, one can simply print the source code out in machine-readable fonts and carry that anywhere in the world, scanning it back in on the other side (assuming, of course, that you don't have one of those diddled scanners as what won't let you scan a dollar bill)3.

Until just recently, the oppressor had only contemplated the risk of its enemies communicating without the risk of eavesdropping. That's scary enough for the totalitarian - the idea that people can plan and conspire in secret, and it can have no insight into their machinations is anathema to its notions that all citizens must spy on each other, and all infrastructure must be compromised so that that special class of citizens so empowered by the government may spy on anyone at any time. For the Nazis, and the old Russians, both the peer-to-peer spying and the top-down spying were necessary, as technology had not progressed to the point where all lives were an open book for the gaze of the Investigatory Tyrant.

But! Crypto frees us from the Investigatory Tyrant4. Free and private communications allow us to make plans the government cannot preempt and foil. Drug dealers know this, and they churn through cheap plastic phones, creating a fog of noise that can be darn difficult to penetrate if they know what they're doing5. We've had the tools for lo these past decades to foil government investigation of our affairs - should we but bother to implement the required measures6.

Satoshi's gift was to bring the strength and (theoretic) impregnability of a good modern crypto implementation to the financial toolchain, thereby freeing us from the Inflationary Tyrant. Thou art no doubt familiar with the work of the Investigatory Tyrant, thanks to Snowden and the EFF and company, but who is this Inflationary Tyrant?

They are but two sides of the same Communist coin. You must allow the Investigatory Tyrant complete control of the fiber, so that they may find and kill terrorists. You must allow the Inflationary Tyrant to control the monetary base, so that it can print the dollars necessary to flatten out the business cycle. Never mind that the threat of both terrorism and the business cycle are non-things. Terrorism is simply war - but Americans hate thinking about going to war against a religion or ideology. The business cycle is a good thing, driving out the incompetent and rewarding the diligent7. This coin is of the communists, as the terrorists are a lie to put spy-cams in your bathroom, and the business cycle a lie to redistribute wealth from those who increase the size of the pie to those who've done nothing to deserve anything (unless you're of the bent that simply being born is sufficient justification for my paying for your McDonald's and cable television).

Inflation, though! Is it not measured scientifically? Do we not know that the inflation rate has held stable at 4-5% for lo these many years? Are we to distrust every number that comes from the government?

Well, friends, those numbers come from the government itself. Those numbers are predicated on lies like "consumers can substitute ground beef for prime rib, so we'll calculate how much it costs to feed them on ground beef instead of prime rib this month to make the numbers look better". Americans are taught to trust the numbers from the government that determine at what rate it can borrow funds - a rate it keeps artificially low by a number of clever hacks8.

Inflation's bad, mkay? It robs from ants and redistributes to the grasshopper. If a dollar today buys you a kumquat, and that same dollar a week from now only buys you 8/10th's of a kumquat, you are obliged to get that money out of cash and into hard assets that resist the inflationary forces of evil as quickly as possible. People hate hearing this. "But nobody thinks that way, benkay!" They tell me. Sure - the people at the bottom have no idea what a dollar is, or that it will be worth 95% of itself next year; not consciously at least. Talk, though, to someone with 10 grand in the bank, and they'll let you know how uncomfortable they are watching the market go up and their 10k remain 10k. While they don't understand immediately that their dollars tomorrow are worth less than their dollars today, they do understand that their dollars will be worth more if they buy Pepsi rather than holding cash9. This flight towards a "hard currency" - eg a thing whose value does not deteriorate like a car - drives all US wealth into the stock markets and hard assets to protect itself from the predations of inflation.

And by the way, none of these assets are as remotely useful as cash. Gold is a pain in the ass to actually hold, being heavy and requiring safes and beyond a certain threshold goddamn vaults. Property is a goddamn nightmare, imposing a maintenance tax of at least whatever you've borrowed to acquire the house in question. Stock in real companies is basically the only bastion left to the savvy investor, but what investor is actually savvy? How is one to determine that Pepsi has enduring value but that Facebook is a scam without having been through an internet bubble or three?

Let's not even get into the challenge of predicting the future value of an asset whose revenues are booked in a currency the value of which decreases at every time step. It's an accounting nightmare, I tell you!10

Satoshi changed this equation. No government can debase my bitcoins. I can always look at my wallet and say to myself: "Self, we own this fraction of the monetary base in today's terms, and this other, smaller fraction of the monetary base that will ever exist." Such claims cannot be made about fiat currency. For one, nobody knows how many dollars exist in the world11, and furthermore one can never trust the government to not simply double the number of dollars in circulation, thereby halving the value of your savings (provided you were stupid enough to actually keep them in cash)12.

UPDATE: Mircea Popescu points out that in that particular nightmare scenario, ones' hard assets will increase in value by 2x, which you'll get taxed upon. This being the real crime of inflation under a regime that controls both the currency and the exchanges. If they can track your assets, they can figure out when you're beating them at the inflation game, and they'll ruin you just the same. This is one more reason Bitcoin is a gamechanger and why the fiat state will never be able to run these scams ever again. Capital will simply flee to the hardest, most fungible shit around. That shit may run on C++ written by NSA plants working at Google, but it's still a rock-solid protocol with better-than-fiat-chances of preserving your capital in any significantly inflationary regime.

Satoshi gave us more than just the uninflatable monetary base, though. He gave us the uninterdictable money too. If you want to move 100,000 USD from one part of the world to the other, your options are: bearer bonds; transmitting the money via the traditional finance system, or physically derping the cash from location a to location b13. Satoshi gave us the freedom to move unlimited quantities of cash from any owner to any other owner in the world. This blows the United States pretentions of ability with regard to defunding terrorist organizations entirely out of the water. Bitcoins are literally uninterdictable. The "community" (and when I say "community" I mean specifically plants from the United States "security" apparatus, engaging in nefarious activity to palp the testicular fortitude of the people who matter and actually set policy in Bitcoin) has tried on occasion to erode the fungibility of Bitcoins - failing every time utterly spectacularly.

Put the two freedoms above, and compute what we get. Our first freedom, not new, but unused by nearly all: public/private key encryption. Freedom of communications. Freedom the second, new and almost entirely uncharted: freedom of transmitting value from any point to any other point. Freedom the third, also new and also uncharted: freedom from inflation. These three freedoms together give us freedom from the Tyrant of North America.

Interlude: The Curious Case of Satoshi Dice

Satoshi Dice: a virtual company implementing a dumb-dumb gambling mechanism. "Here are a list of addresses to which you can send coins. Here are their payout rates. Feel free to check these claimed payout rates in the blockchain. Send coins to the 1.01X address, get 1.01X what you sent back, 98% of the time14. House take was 1%.

Profits were great. Erik Vorhees (an America, a point that will become relevant later) bought it from its original creator, and shortly thereafter listed it on the Bitcoin Exchange of Record - MPEx. It did fantastically well for its investors, returning huge piles in dividends, and not collapsing into a valueless hole like so many other bitcoin "stocks". It was entirely auditable on the blockchain - provably fair gambling! Another novelty in the world.

Most importantly to our story, its shares traded on MPEx. It paid dividends on MPEx. When it was acquired, the acquisition transpired through MPEx and shareholders were paid out entirely fairly (a first in the history of Bitcoin).

The SEC was fated to cotton on - Vorhees being an American, and American institutions being dumb enough to get in front of the Bitcoin train, expecting to stop it15. Mind you, they go after Popescu and Dice (a 15MUSD acquisition, if memory serves), instead of prosecuting the LIBOR scam. They are redressing no wrongs with this action - they simply seek to find a new bum into which to insert their soldering iron in search of new areas in which to flex their muscles.

Unfortunately for them, they're going after the hardest target in Bitcoin16. A target that expressed its wilingness to move to the darknet should the need arise, and over the past year the technical sophistication to continue trading through DDOSes, survive social engineering attacks and actually effect the move when it comes time.

So there's no real news, other than that the United States is about to beach itself on the reef of Bitcoin, although perhaps a more accurate metaphor is that the SEC is stepping in front of a train.

Footnotes:

1

Consider the difficulty of coming up with a brand new thing like asymmetric cryptography as a function of time. A long time ago, when computers were expensive and the knowledge of the maths behind crypto largely held captive behind the walls of TLAs, the cost to the market of inventing something so new and different from previous things as modern cryptography would have been astronomical. So expensive in fact, that only the government with its infinite supply of fake money could actually go to the trouble of finding all the mathy folks and locking them up together with no expectation of ROI (do not fool yourself, the secret discovery of these techniques was for the Tyrant merely a happy accident - the same kind of happy accident that Ycombinator et. al. are in search of in reproducing the Dropbox "success" [or the Facebook "success", for that matter]. Let's just find all the smart, motivated people, stick 'em in a room, and throw 80K at each set of three. Surely some of them will come up with something worthwhile! Some of them surely do, for as long as your quality control remains robust, but the moment you begin down that long slide to mediocrity that inevitably happens once you've exhausted that oh-so-limited pool of actually competent people, your odds of "striking it rich" begin to drop much faster than anyone in the Reddit brigade wants to acknowledge. The Reddit brigade of course feasting daily on the notion that a "pivot" is a thing in business, that a "startup" is merely a matter of "iterating rapidly" on some "good idea", praying that we achieve "product-market fit" before the dumb money runs out and we all have to go get real jobs again).
As time progresses, technology improves society-wide, and the knowledge undergirding that tech spreads to more and more people. As ideas copulate in the minds of the brilliant, and the creative ones generate new ideas out of the old ones, recombining them in the highest form of evolution, the cost to the market of discovering that forbidden fruit falls, and falls, and falls (compare, for instance, the cost to build a web app today compared to the cost of building a web app in the heyday of the American dot-com boom).
UPDATE: The gent in question to discover the RSA algo was Clifford Cocks. Thanks, MP!

2

In my humble and poorly-informed opinion, we can pinpoint the date at which the USG sealed its fate. It was when they decreed that Americans were not allowed to export cryptography. It has always been an impossible rule to enforce, and its idiocy has been demonstrated time and time again. For instance, whenever an American flies their laptop to a foreign country.

3

A side anecdote! My firm is currently sheparding an application into the iOS App Store that implements professionally robust cryptography (or will ship with robust crypto, once we finish ripping out the, ah, shall I say "proof-of-concept" implementation extant in the codebase) into the Apple App Store. We have advised the firm who owns this piece of software to budget a full month for complying with the US Department of State regulations around crypto exports (as the app will be available internationally), and to spin up a relationship with a legal firm that handles these sorts of things. This is, after all, life under communism - nothing is simple, there are an infinite number of rules which one must follow at all times, the non-compliance with which of any one implies the threat of imprisonment and thermo-rectal cryptanalysis.

4

One must trust the operational security of your counterparties, but that's de rigeur in the Bitcoin space already.

5

Typical techniques in this area include requisitioning the phones of girlfriends of colleagues, employing junior associates to make the coded communications, utilizing the rapidly-obsoleting-and-yet-for-some-reason-still-around-pay-phone, and probably for the smart ones GPG over email.
Although not, I should add, entirely impenetrable. Graph analysis can still tell the practitioner truly interesting things about any set of cell devices if the transmission rates are high enough, but good luck hiring the people who can do that to bust your typical brick-shifting gang in the inner city. The cops already know when the shipments are coming through anyways, and taking their cut anyways. Like they'd let the nerds in on that scam!

6

Granted, Datstoievsky will tell you that your keys are worthless as you generated them on a Macintosh, and that you cannot possibly actually trust your hardware to encrypt the things you want it to encrypt without actually transmitting that to the feds as well. And he's absolutely correct! Apple ships you a live operating system not for any nefarious reason, but to make your life easier. The thing is, when you trade ease of use for security, you do not get security any more - the NSA plants at Apple did all the relevant nefarious work a long time ago.

7

Does this not make your indoctrinated brain quake? That the two things upon which the government's legitimacy rests are both complete farces? What doom doth this portend for this once grand nation that her claims to legitimacy are naught but lies spun to children in the state-sponsored daycares?

8

Allowing large banks to borrow from the Fed at 0% 0.25%, and lending to the USG at 2.5%, for one.

9

And seriously, fuck anyone without 10 large in the bank. They don't matter, economically, except as a drain on the social net.

10

Further complications of this model include the hidden welfare with which America is rife. Car companies benefit from the hidden welfare in soy subsidies that depress the price of fuel below what it should be were the free market in all its brutal glory to actually set prices for these things. And that's just one example!

11

Completely ignoring the notion of "fake" vs. "real" dollars - one cannot counterfeit a Bitcoin.

12

Mircea Popescu corrects me

13

Obviously you don't have to do it yourself, but then there are all sorts of transactional frictions for which one must account - among them getting fucking robbed.

14

This is a gross simplification. I expect to be taken to the woodshed by Bin Popescu - after which I'll update this with more concrete examples. Get off my ass! I'm on a plane with no wifi and doing this under extreme time pressure.

15

You'll note that the GAO and the Fed have both exhibited the fine sense to step out of the way of this particular train. SEC…not so much.

16

That variety speak…

March 15, 2014

You Have Not Found Satoshi

Filed under: Uncategorized — @ 12:00 a.m.
You Have Not Found Satoshi

First off, it doesn't matter.

Secondly, the base assumption should be that the human in question and all related meat-sacks are jumping on the bandwagon of temporary fame, seeking to extract something from the ever-gullible American public.

Thirdly, if you examine the methodology of the article in question and come to any conclusion at all, your method of deriving opinions from facts is completely fucked.

« Newer PostsOlder Posts »

---