CH

October 22, 2014

Technical Flaws in Early Ether Wallet Implementations

Filed under: Uncategorized — @ 12:00 a.m.
Technical Flaws in Early Ether Wallet Implementations

It's hard to tell if this is intentional or accidental:

The payment has already been registered by the website and we can proceed to download the wallet file. @abarkn1

Securing one's wallet requires that one generate keys offline and away from any meddling fingers. This is because nobody can be trusted to generate your keys for you, as you must also trust them to not run away with your money.2

Charitable interpretations:

  • the software that is Ether is too raw for end users
  • it might be brought to market before it's robust enough to survive

If the software is too raw for end-users, who are the target users? Nominal "cryptocurrency application developers"? There are none such who are inadequately technical to use alpha-grade software3. If the software is not robust enough to survive the harsh light of day, consider it stillborn and walk away. The Spartan (myth?) of leaving new children on the back porch to demonstrate fitness carries within it a grain of knowledge for those who can tease it out. Bitcoin is so strong that even crippled by Satoshi4 and the power rangers5 it's still strolling around the net, making a mockery of the best moles in the business of compromising open-source cryptography software.

The uncharitable interpretation:

  • No software beyond some rudimentary key generation algorithms have been written6

The Ether developers appear to be doubling down on the guaranteed premine scam. In addition to all of their own vaporware cryptocurrency they'll fabricate and dump directly into their pockets, they've now committed to fabricating another epic pile and dumping those into the pockets of those foolish enough to preorder a cryptocurrency7.

Footnotes:

1

A handle which is intended to stand for Andreas Brekken but I can't help reading as "a barking", and appending amusing strings.

2

Interesting stories from early BTC days still float around of a gentleman who would generate "extra large" GPG keys - for other people. He's not around anymore, as sharing keys doesn't fly with people who understand how this shit works and care that it be handled correctly. "You're using one of those weird large keys? And you BOUGHT it?!" Trading wallets, while not unheard-of, is pro-grade cryptocurrency stuff.

3

There are plenty of chumps, however, who are inadequately technical to understand the braindamage of purchasing keys, and are dropping their lifetime savings into a lotto ticket in hopes of striking the "next Bitcoin".

4

Ne'er have I seen such a marriage of quality technical vision and flawed execution. Perhaps there's something to that Application Architect role I keep hearing about…

5

You assholes get no such praise.

6

Go read their blog. It's full of lulz about getting multiple applications running on the same machine and client interoperability issues BEFORE THEY'VE PUBLISHED A SINGLE LINE OF CODE.

7

All one can really do is shrug and chuckle. If the words "preorder a crptocurrency" don't bring a smile to your face and make you chuckle a little bit, what the fuck are you doing reading my blog? Shouldn't you be reading bitcointalk.org and wasting your money on dice sites with statistically verifiable -EV experiences for the trivial having?

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Reply

« veh patch: overall improvements --- CORRECTION: multiple channel patches for irc/logbot »