Pages:
Author

Topic: 3 Bitcoin Doomsday Scenarios I can't find much discussion on... - page 2. (Read 6212 times)

newbie
Activity: 47
Merit: 0
There is no way, to know, how a private key was generated. That is just not possible. Unless we are using your favorite tool: magic.
First, a quote on magic: "Any sufficiently advanced technology is indistinguishable from magic."

So, let's start with what we know:
- The number of freely and easily available software packages that will generate a key for you
- The number of times that a download on those were recorded
- The release dates of these
- The number of hardware devices that will do the same
- The approximate number sales
- The release dates of these
- The number of total unique bitcoin addresses that had been seen transacting by each of the dates above

From that, I think we can establish a lower and an upper bound... and make a real good guess so as to the vulnerability of each wallet - from which we can guage the level of threat to the network.

Which is, in my opinion, better than that bad guy in "The Matrix"'s favourite tool: Ignorance.

And this is just measuring one metric: Key sources.
hero member
Activity: 714
Merit: 500
So, you want a secure system where nobody needs any kind of password/private key? Good luck with that.
There are already tons of projects out there do create private keys far away from the internet.
That would help somewhat.

So are you collecting statistics or metrics on how many keys were generated in this way? I know I'm not.

And I know somebody is, and that that information is both powerful and useful.

So what I'm saying is that it would probably be a good idea to make that information part of the protocol. What do you think? Can you think of any other such information that might be useful?
There is no way, to know, how a private key was generated. That is just not possible. Unless we are using your favorite tool: magic.
newbie
Activity: 47
Merit: 0
So, you want a secure system where nobody needs any kind of password/private key? Good luck with that.
There are already tons of projects out there do create private keys far away from the internet.
That would help somewhat.

So are you collecting statistics or metrics on how many keys were generated in this way? I know I'm not.

And I know somebody is, and that that information is both powerful and useful.

So what I'm saying is that it would probably be a good idea to make that information part of the protocol. What do you think? Can you think of any other such information that might be useful?
hero member
Activity: 714
Merit: 500
I say, if you can get access to all private keys, by individually hacking every machine on the world, than you don't need a 51% attack or anything else. You already control the network.
But that doesn't have anything to do, with a weakness of the Bitcoin Network. Getting your twitter password stolen from your trojan infestested PC is also not a weakness of Twitter.
Correct. But if Twitter could guard against that, it would benefit from it.

So what I'm saying is that because of how Bitcoin works, it would be even easier for Bitcoin to guard against non-Bitcoin problems, than for Twitter - because Bitcoin can get those protections built into it much easier due to the nature of its community.

My gripe is with knowing that people have thought of this, a lot, but to day very few have published any of their research. Many have gone on to create alternate cryptocurrencies, rather than waste their time discussing their ideals with the Bitcoin community. Bitcoin has a lot going for it... So, if you come across something addressing this, or someone, motivate them to spend time on it, to study it, and to publish their research or insights where the community can have easy access to it...
So, you want a secure system where nobody needs any kind of password/private key? Good luck with that.
There are already tons of projects out there do create private keys far away from the internet.
newbie
Activity: 47
Merit: 0
I say, if you can get access to all private keys, by individually hacking every machine on the world, than you don't need a 51% attack or anything else. You already control the network.
But that doesn't have anything to do, with a weakness of the Bitcoin Network. Getting your twitter password stolen from your trojan infestested PC is also not a weakness of Twitter.
Correct. But if Twitter could guard against that, it would benefit from it.

So what I'm saying is that because of how Bitcoin works, it would be even easier for Bitcoin to guard against non-Bitcoin problems, than for Twitter - because Bitcoin can get those protections built into it much easier due to the nature of its community.

My gripe is with knowing that people have thought of this, a lot, but to day very few have published any of their research. Many have gone on to create alternate cryptocurrencies, rather than waste their time discussing their ideals with the Bitcoin community. Bitcoin has a lot going for it... So, if you come across something addressing this, or someone, motivate them to spend time on it, to study it, and to publish their research or insights where the community can have easy access to it...
hero member
Activity: 714
Merit: 500
Being able to "attack" a system because you have a password/private key and really attacking it, are 2 complete separate things. If you are too stupid to understand that, than I can not help you.
Your scenarios are based on "I have infiltrated everything. I have even magically infiltrated you air-gap machines". If you could really do that, why bother with bitcoins? Just get access to all nuclear silos and threaten to bomb everyone.
So are you saying that it is impossible to combine 2 or more attack strategies in a giant onslaught?

You do raise a valid premise: Will a global currency system have any practical use in a post apocalyptic global scenario? Eg. global economic collapse, global police state, global nuclear winter, world wide killer virus outbreak, giant asteroid impact, sentient computers, etc...?

Perhaps not. But if it would, then the question is simple: What can we do now, to maximize its utility both today and at such a point in the future?
I say, if you can get access to all private keys, by individually hacking every machine on the world, than you don't need a 51% attack or anything else. You already control the network.
But that doesn't have anything to do, with a weakness of the Bitcoin Network. Getting your twitter password stolen from your trojan infestested PC is also not a weakness of Twitter.
newbie
Activity: 47
Merit: 0
Being able to "attack" a system because you have a password/private key and really attacking it, are 2 complete separate things. If you are too stupid to understand that, than I can not help you.
Your scenarios are based on "I have infiltrated everything. I have even magically infiltrated you air-gap machines". If you could really do that, why bother with bitcoins? Just get access to all nuclear silos and threaten to bomb everyone.
So are you saying that it is impossible to combine 2 or more attack strategies in a giant onslaught?

You do raise a valid premise: Will a global currency system have any practical use in a post apocalyptic global scenario? Eg. global economic collapse, global police state, global nuclear winter, world wide killer virus outbreak, giant asteroid impact, sentient computers, etc...?

Perhaps not. But if it would, then the question is simple: What can we do now, to maximize its utility both today and at such a point in the future?
hero member
Activity: 714
Merit: 500
If someone cracked the hash algorithm, or found a cheaper way to compute it, they'd make a lot of money, difficulty would go to the moon, but the rate of Bitcoin creation would not increase. Just like when ASICs came in.
Think way beyond that... if you can.

For lack of a better example: my gripe is that this is a bit like Windows 98 security: You can set a login password and it gets encrypted satisfactorily... but to bypass the login password, you simply needed to press ESC at the right time.

So, you think, if you press the right buttons, you don't need to sign a transaction with your private key?
That exactly shows, that you have no idea what you are talking about.
Not at all. "For lack of a better example" <- Did you see that, what did you think it means?

Almost like "pressing the right buttons" - I can transact using your wallet because I stole your private key the moment you generated it, so I can sign any transaction with your key. (The NSA is my side project)... I'm still accumulating keys. (And metadata on others, which is almost as good as the real thing, consdering the amount of computing power I commad...) How many keys do you think I have, by now?

See... you have no clue.

I also have backdoors installed at all the major exchanges and wallet services and I'm best friends with their cold wallet keyholders and know all about their routine, protocols and families... Oh, I almost forgot, I also have a backdoor in everyone running a client or server compiled from the github code, ready to fire it up when they send their next packet to another node... (LOL that code has been in there since v4, and nobody has spotted it yet) Also, I have a virtually unlimited budget, and have just been doing this "for fun"... you know, just in case you tried something funny, just because "Uncle Bob" told me to keep an eye on you.

So I'm keeping my finger on the trigger. If I press ENTER, everyone who co-operated with me gets filthy rich... and Bitcoin dies. (But if I do it now, something else will just take its place... just...have...to...wait..a...little...longer.... then nobody will trust crypto ever again. Yes! Like communism.)

You still have a chance to stop me...

You have nothing, no numbers, nothing, except a poor excuse: "Hey man, SHA256 is really good. Look it up. We're safe." ...Do you know how many people I talked to? Do you know how many keys I have? Do you know how much of the network I control? Do you know my endgame?

Do you want to see what a hostile takeover of the world's biggest crypto currency looks like, before you believe that it's possible?

Being able to "attack" a system because you have a password/private key and really attacking it, are 2 complete separate things. If you are too stupid to understand that, than I can not help you.
Your scenarios are based on "I have infiltrated everything. I have even magically infiltrated you air-gap machines". If you could really do that, why bother with bitcoins? Just get access to all nuclear silos and threaten to bomb everyone.
hero member
Activity: 518
Merit: 500
Hodl!
Way ahead of you dude, I just used my mind powers to put an impregnable hypnotic block on you doing this, so we're all good now.

(As long as we're allowed fictional devices to say any shit can happen)
newbie
Activity: 47
Merit: 0
If someone cracked the hash algorithm, or found a cheaper way to compute it, they'd make a lot of money, difficulty would go to the moon, but the rate of Bitcoin creation would not increase. Just like when ASICs came in.
Think way beyond that... if you can.

For lack of a better example: my gripe is that this is a bit like Windows 98 security: You can set a login password and it gets encrypted satisfactorily... but to bypass the login password, you simply needed to press ESC at the right time.

So, you think, if you press the right buttons, you don't need to sign a transaction with your private key?
That exactly shows, that you have no idea what you are talking about.
Not at all. "For lack of a better example" <- Did you see that, what did you think it means?

Almost like "pressing the right buttons" - I can transact using your wallet because I stole your private key the moment you generated it, so I can sign any transaction with your key. (Let's say I'm the NSA, or perhaps even someone more "sinister"...)... I'm still accumulating keys. (And metadata on others, which is almost as good as the real thing, considering the amount of computing power I commad...) How many keys do you think I have, by now?

See... you have no clue. You're still arguing that I dont understand how good SHA-256 is. (It's irrelevant, here!)

I also have backdoors installed at all the major exchanges and wallet services and I'm best friends with their cold wallet keyholders and know all about their routine, protocols and families... Oh, I almost forgot, I also have a backdoor in everyone running a client or server compiled from the github code, ready to fire it up when they send their next packet to another node... (LOL that code has been in there since v4, and nobody has spotted it yet) Also, I have a virtually unlimited budget, and have just been doing this "for fun"... you know, just in case you tried something funny, just because "Uncle Bob" told me to keep an eye on you.

So I'm keeping my finger on the trigger. If I press ENTER, everyone who co-operated with me gets filthy rich... and Bitcoin dies. (But if I do it now, something else will just take its place... just...have...to...wait..a...little...longer.... then nobody will trust crypto ever again. Yes! Like communism.)

You still have a chance to stop me...

You have nothing, no numbers, nothing, except a poor excuse: "Hey man, SHA256 is really good. Look it up. We're safe." ...Do you know how many people I talked to? Do you know how many keys I have? Do you know how much of the network I control? Do you know my endgame?

What I am saying is that these are metrics that we could have meaningful lower and upper bounds of... and that we can put them to work for us, beefing up protection against this very scenario.


Do you want to see what a hostile takeover of the world's biggest crypto currency looks like, before you believe that it's possible?

Would it be cheaper to just buy everyone's Bitcoins in some other currency? Doubtful... but why guess if we can try to measure. We want the best, most resilient currency, end of story, period. Right?
hero member
Activity: 714
Merit: 500
If someone cracked the hash algorithm, or found a cheaper way to compute it, they'd make a lot of money, difficulty would go to the moon, but the rate of Bitcoin creation would not increase. Just like when ASICs came in.
Think way beyond that... if you can.

For lack of a better example: my gripe is that this is a bit like Windows 98 security: You can set a login password and it gets encrypted satisfactorily... but to bypass the login password, you simply needed to press ESC at the right time.

So, you think, if you press the right buttons, you don't need to sign a transaction with your private key?
That exactly shows, that you have no idea what you are talking about.
newbie
Activity: 47
Merit: 0
If someone cracked the hash algorithm, or found a cheaper way to compute it, they'd make a lot of money, difficulty would go to the moon, but the rate of Bitcoin creation would not increase. Just like when ASICs came in.
Think way beyond that... if you can.

For lack of a better example: my gripe is that this is a bit like Windows 98 security: You can set a login password and it gets encrypted satisfactorily... but to bypass the login password, you simply needed to press ESC at the right time.

Instead it looks like you are merely a PoS shill:
I had to look up the meaning of "shill", you may find it hard to believe but there are people who have never come across that word before. I've been sending emails since 1993, and I wrote computer code before I could read or write my native language.

I'm going to go ahead and stop replying to a troll, and if it's not a troll simply someone that does not want to learn or understand. 
I'm not the troll... I'm the messenger, here to tell you about the troll under the bridge you're trying to cross... and I'm trying to gather some momentum to dry up the river so there's no need for a bridge... but I'm not getting much help, yet...

http://en.wikipedia.org/wiki/Bias_blind_spot
It's almost like: http://www.quora.com/What-are-some-stupid-things-that-smart-people-do

So everyone is *still* staring themselves blind and patting themselves on the back about the encryption. Great. My point is that it is still stored on your computer, and your computer is insecure, no matter how you cut it. There is no widespread, cleanly audited, secure bootloader in use. The moment you generate a key, you run a risk of giving it away.

Here's the news: you need more than a secure algorithm for security. Security is only as good as the weakest link in the chain.

You may say it's not a Bitcoin-problem... but if it affects Bitcoin, and the Bitcoin ecosystem can be reinforced against it, I think it should be.
newbie
Activity: 47
Merit: 0
Contribute here or make your own thread encouraging better security practices:
https://bitcointalksearch.org/topic/options-for-securing-your-bitcoin-wallet-858604

P.s... I created a poll for you so you can gather inaccurate stats that have too small of a sample size and impossible to verify since you seem to be interested.
Nice! That's more what I'm talking about.

So how big is your sample size?
8bn people
3bn "economically active" (that's around 1:3)
(technically, everyone is econmically active, because they have to eat and <1bn grows their own food... probably meaning that, on average, every working person looks after 2 non-working people...)
3m bitcoin users (that's 1:1000 of the "economically active", or 1:3000)
300k bitcointalk users (1:10 of bitcoin users, 1:10000 of the economically active, or every bitcointalk user represents a small town of 30000 people, when viewed globally...)
300 replies to your poll (lets hypothesize... so thats 1:1000 of Bitcointalk users)

But... I think it's fair to say that only concerned citizens/security conscious/technically minded/seriously interested people are active here, and they are not representative of the average user....

(So how do we correct for that.... how many of an industry, are it's early adopters and/or luminaries? 1%? 10%? 20%?)

Still, if they're not representative of the average user, that would be nice, because that would mean that this *is* the place to discuss security best practice, and to discuss what metrics are vital statistics, and how to gather them...

...But then again, the world reknowned experts are all employed and well paid, in the formal sector, and will hardly take the time to hang out here and wage small-talk with some internet forumites... instead, they are probably studying the myriad of tactics that the publishing of the Bitcoin source code has crowd-sourced... drawn into the public eye. ...And keeping their notes to themselves, because why would they share their accumulated secrets and metrics on how to get rich, with the world?

There's also the little matter of theory vs practice. Everyone knows what the right thing is to do... but if it's too much hassle, they won't do it. So I might vote on the poll "Of course I'm using a cold wallet"... meanwhile back at the ranch, a huge chunk of my money is in an exchange...

What percentage of Bitcoin's value is held in exchanges, at any one time?

Perhaps, what I propose is exploring the potential metrics that could pave the way to an API that allows exchanges and Bitcoin players to share back information... and some sort of service that will share anonymized aggregated data, without sharing anything that could negatively impact the value of those players... eg. number of transactions/day, number of user accounts, number of unique users/day, total bitcoin transaction volume per day, total bitcoin transaction volume in hot wallets, in cold wallets, threshold- and delay, in seconds, for transacting with cold wallets, number of people responsible, number of standard security protocol layers, number of obscure security layers, time to implement worst case recovery plan, number of geographically separate locations critical data is stored, do each location employ unique, isolated security from the others? etc.

Has the Bitcoin foundation considered/planned for something of the sort? Is there something like this? Is there some sort of official Bitcoin certification programme?

Obviously what would make the most sense is having this all part of the blockchain, or only putting the minimum required, if any, in there, and inferring the rest... but before that is done, it needs to make sense, and offer real value in return...
newbie
Activity: 47
Merit: 0
One of my biggest fears is that big whales gather together and decide to heavily crash Bitcoin. They do it in JP Morgan in the "normal market", this isn't any different. All it takes is a group of people with insane resources and good cooperation.
Has anyone measured the possibility of this happening? How many people are involved, and how "financially secure" are they? How much money would such an effort take? What's the worst-case scenario and what can we do today to render such an attempt harmless...?
newbie
Activity: 47
Merit: 0
Nice to review doomsday scenarios but the biggest risk, BY FAR, is that Bitcoin will drop in popularity, be forgotten, and approach $0 in value.
According to a certain theory, if 1 in 20 people know about your product, you're made and it's all downhill from there... (How many of these theories are there - and how does Bitcoin rate in each?)

We'll soon be 8bn people. (http://en.wikipedia.org/wiki/World_population) According to the World Bank, people directly involved in the formal sector is around 2bn (http://data.worldbank.org/indicator/SL.TLF.TOTL.IN). So let's say that's the "target market" - plus some. So 3bn.

Bitcoin has an estimated userbase of around 3m. That's 1:1000 total formal-sector people... not bad... and it has taken 5 years. Going on a network/exponential growth rate, it'll be at 1:20 in less than another 5... depending on how much of the news it can capture. Bigger news items = faster propagation. I don't think positive or negative matters...

So... dropping in popularity or being forgotten... seems very unlikely at the current trajectory. In fact, it looks like it will be another year or two before it *really* takes off.

The fact that it isn't backed by anything real is a major problem. In the old days, it was backed by general purpose GPU's with quantifiable market value - NASA would, for example, love to have all that horsepower at their disposal. Now it is backed by specific purpose ASICS that are useless for anything other than SHA  hashing.

In a real sense, the Bitcoin network was running on Gold and has now been replaced with Tin.
It was never backed by that, in my opinion. Rather, it was backed by the need for cash transactions over the internet. It is backed by the need for less regulation and friction in moving value around. It is backed by the need for a global, irreversable, decentralized transaction mechanism, and the medium only instilled some bias toward decentralization.

It's also backed, in part, by the promise that it will keep functioning, almost unaffected, in a global war scenario.

But because we want it to be used as a de-facto store of value, we're back at your initial point: It's backed for the most part by people's perceptions. And people don't have very good perceptions of value or currency: they think value is measured in dollars, and more is better.

So it will be very hard for the average person to grasp the concept that even though the dollar value of bitcoin might decline, at some point its purchasing power will overtake that of the dollar. So perhaps what the Bitcoin community needs the most, is a concerted and focused effort to change the trend and rather measure the dollar in bitcoins as the standard.

What it needs, is to lobby hollywood and futuristic movies, to ensure that the currency in use, in those movies, is called "Bitcoin".

But both these are somewhat off-topic. I'm interested in finding someone who has compiled many more meaninful numbers than the current most-useful bitcoin site: https://blockchain.info/charts
legendary
Activity: 1358
Merit: 1014
One of my biggest fears is that big whales gather together and decide to heavily crash Bitcoin. They do it in JP Morgan in the "normal market", this isn't any different. All it takes is a group of people with insane resources and good cooperation.
newbie
Activity: 47
Merit: 0
so to summarize..

i can't show bitcoin is weak but i'm going to ask about it at an attempt to discredit.

if people would stop responding.  this post could finally die.
Wow. Maybe I should learn a new language that is not as open to misinterpretation as English!  Huh

My summary:
I own a lot of bitcoin and want to see the value increase. Lets look at the cracks. Hey, there are some cracks nobody seems to be talking about... I wonder why. Let's ask.

PS Bitcoin's market cap speaks for itself, don't you think? I don't think it needs you to defend it.

What it needs is hard numbers and more tech. Or better ideas... but the right, experienced people, running the show. Such as this... would the same evils that have beefed up the worlds' fiat system, work for Bitcoin? I'm sure it would. Is it a good idea?



 ... Some more links for the best books on economics you've read, or even better, your take-aways from those books, might be an appropriate response to this post... (besides being off-topic)
newbie
Activity: 47
Merit: 0
Stealth Code Scenario :- 90% possible
Something I want to arm bitcoin against, hence my post!

Keeping those facts in mind note that only 1% or less of BTC users actually give a crap about the idea or technology, most just joined when they realised it could be profitable, if and when that ceases to be true,....u know it yourselves what they will do.
My suspicion too.
Some stats:
5m bitcoin users
300k Bitcointalk users, let's say 2% are active and passionately care: 6k
That's 0.001%

I think humans notoriously over-estimate their position in the world. If you are 1 in a million, you are part of a group of 8 million people, or roughly one person in a city the size of one an average province's major metropoles. Conversely, there are more than a million large cities in the world.

I am advocating that moving onwards the community be honest about our position in the world, that is the first step to making the rest of the world join us, otherwise staying in this bubble of over confident arrongance, will lead to sad results.
Amen!

Now if you had taken the time to do some research or post some relevant metrics that we can gather, this would have possibly been the first of the type of reponses I was looking for... maybe I should update the original post. I guess I'm a forum newbie... but then again, doesn't it say so on the left?!

Anyways.... thanks for futhering the discussion!
tss
hero member
Activity: 742
Merit: 500
so to summarize..

i can't show bitcoin is weak but i'm going to ask about it at an attempt to discredit.

if people would stop responding.  this post could finally die.
legendary
Activity: 1358
Merit: 1000
Pages:
Jump to: