Pages:
Author

Topic: How is it going? (Read 4605 times)

legendary
Activity: 1862
Merit: 1114
WalletScrutiny.com
October 09, 2012, 10:33:03 PM
#34
We have seen many examples where so called secure systems have been hacked. All it takes is one disgruntled employee.

To suggest that we would be careless enough to set up operations where "all it takes is one disgruntled employee" is simply insulting.

If you propagate the notion that nobody can run a secure service on the Internet (meaning something other than a one-man shop) then you are playing in the hands of the incumbent players (banks).

Additionally, the damage caused by accepting double-spent coins from a compromised BCCAPI server can be greater than whatever amount is stored in a hosted wallet.


Impressive! You claim to be a service provider and with your immature biased blabla you managed to land on my ignore list together with your service after just some 5 posts that I read. Congratulations, you are number 7 on that list.
ffe
sr. member
Activity: 308
Merit: 250
October 09, 2012, 09:19:43 PM
#33
We have seen many examples where so called secure systems have been hacked. All it takes is one disgruntled employee.

To suggest that we would be careless enough to set up operations where "all it takes is one disgruntled employee" is simply insulting.

If you propagate the notion that nobody can run a secure service on the Internet (meaning something other than a one-man shop) then you are playing in the hands of the incumbent players (banks).

Additionally, the damage caused by accepting double-spent coins from a compromised BCCAPI server can be greater than whatever amount is stored in a hosted wallet.


A compromised BCCAPI cannot double-spend. It cannot sign transactions because it doesn't have the keys. It could re-send the same transaction but that is pointless. It could lie to the client about a balance but that is quickly discovered.
legendary
Activity: 1221
Merit: 1025
e-ducat.fr
October 09, 2012, 08:11:13 AM
#32
We have seen many examples where so called secure systems have been hacked. All it takes is one disgruntled employee.

To suggest that we would be careless enough to set up operations where "all it takes is one disgruntled employee" is simply insulting.

If you propagate the notion that nobody can run a secure service on the Internet (meaning something other than a one-man shop) then you are playing in the hands of the incumbent players (banks).

Additionally, the damage caused by accepting double-spent coins from a compromised BCCAPI server can be greater than whatever amount is stored in a hosted wallet.
Jan
legendary
Activity: 1043
Merit: 1002
October 09, 2012, 07:48:29 AM
#31
...
(Sure, paytunia is no option. I fully agree on that.)

I fail to see why a BCCAPI spinner would be an option (the servers can be compromised and lead you to accept double-spent coins) and why paytunia would not (our servers have never been hacked and we are a registered business).

To make bitcoin grow stronger entails accepting diversity in design architecture and implementations. I will not issue any definitive opinion on any implementation until bitcoin reaches mass adoption.
I don't want us to derail this thread with pros/cons of various services, and I don't want to throw mud,  but I'll have to defend myself here.
I agree that a compromised Spinner server can lie about your balance. The damage is limited and once this happens everyone will know pretty quickly.
However, the difference is very simple: With the Spinner, whoever controls the server cannot run away with the coins.

Using the "our servers have never been hacked" argument is lame and you know it. We have seen many examples where so called secure systems have been hacked. All it takes is one disgruntled employee.

I am all for diversity, and I think we should focus on making the Bitcoin pie larger instead of fighting over the scraps. I would much rather read a thread where Paytunia describes why the service is secure (is there a firewall, is there cold storage etc) instead of spending time arguing in threads meant for something else. 
legendary
Activity: 1221
Merit: 1025
e-ducat.fr
October 09, 2012, 07:20:49 AM
#30
Well, of course I respectfully disagree.

SPV clients like Bitcoin Wallet can be instant-on. They are not today because the programming involved is tricky and not completed yet. But we'll get there eventually. I already find Bitcoin Wallet to catch up plenty fast enough if I enable the "sync on power" option, I think in future Andreas will make this option on by default so all users benefit. It means typically the client is only a few hours behind. And of course you can spend without being fully caught up to the chain head.

The primary remaining issues are reliability (if you connect to an overloaded peer sync can be very slow), storage costs (this can be solved quite easily), and bandwidth consumption, the fix for which is largely implemented by Matt and just needs review+merge+people to upgrade.

Running SPV on a phone is by far the hardest solution to make work well. It is also theoretically the best in terms of security, privacy and how closely it matches Satoshis vision of a truly P2P system. I think once the remaining performance problems are solved there won't be much incentive to use other types of wallet.

Any solution which involves keys being stored on the server is a non-starter for me. There have been too many cases of wallets hosted by third parties getting hacked. Not to mention the legal issues.

For me the Schildbach-Client was a no go for its heavy data usage. How can this theoretically be brought down to some one digit MB per month?

I see the privacy benefits now but what else would put the Schildbach client ahead of the Spinner approach?

(Sure, paytunia is no option. I fully agree on that.)

I fail to see why a BCCAPI spinner would be an option (the servers can be compromised and lead you to accept double-spent coins) and why paytunia would not (our servers have never been hacked and we are a registered business).

To make bitcoin grow stronger entails accepting diversity in design architecture and implementations. I will not issue any definitive opinion on any implementation until bitcoin reaches mass adoption.
legendary
Activity: 1526
Merit: 1134
October 09, 2012, 03:25:05 AM
#29
There are two ways you can cut data usage. One is to enable "Sync on power" in the preferences window, you can do that right now. It means it'll catch up with the chain at night when you are charging the phone and have your home wifi available.

A better way is using Bloom filters. See this thread from 2011 where I introduce the idea:

https://bitcointalksearch.org/topic/rfc-requirements-for-headers-only-client-7972

It has since been implemented by Matt. With Bloom filtering you can select any arbitrary point on the bandwidth usage/privacy spectrum. If you don't mind remote nodes learning some subset of your addresses you can reduce bandwidth usage down to the minimum theoretically possible - just transactions that send money to/from your wallet plus the headers (a few megabytes of data per year).

In the likely event that you'd prefer remote nodes to be somewhat fuzzy about what you own and you have bandwidth to spare, you can use a filter that has false positives (it matches more than it needs to). It means downloading some data you then throw away but the privacy is better.

Clients can select the FP rate of their filters depending on things like wifi vs 3G vs LTE, battery usage, how much data quota you have left, etc.
legendary
Activity: 1862
Merit: 1114
WalletScrutiny.com
October 08, 2012, 06:42:41 PM
#28
Well, of course I respectfully disagree.

SPV clients like Bitcoin Wallet can be instant-on. They are not today because the programming involved is tricky and not completed yet. But we'll get there eventually. I already find Bitcoin Wallet to catch up plenty fast enough if I enable the "sync on power" option, I think in future Andreas will make this option on by default so all users benefit. It means typically the client is only a few hours behind. And of course you can spend without being fully caught up to the chain head.

The primary remaining issues are reliability (if you connect to an overloaded peer sync can be very slow), storage costs (this can be solved quite easily), and bandwidth consumption, the fix for which is largely implemented by Matt and just needs review+merge+people to upgrade.

Running SPV on a phone is by far the hardest solution to make work well. It is also theoretically the best in terms of security, privacy and how closely it matches Satoshis vision of a truly P2P system. I think once the remaining performance problems are solved there won't be much incentive to use other types of wallet.

Any solution which involves keys being stored on the server is a non-starter for me. There have been too many cases of wallets hosted by third parties getting hacked. Not to mention the legal issues.

For me the Schildbach-Client was a no go for its heavy data usage. How can this theoretically be brought down to some one digit MB per month?

I see the privacy benefits now but what else would put the Schildbach client ahead of the Spinner approach?

(Sure, paytunia is no option. I fully agree on that.)
legendary
Activity: 1526
Merit: 1134
October 08, 2012, 06:22:58 PM
#27
Well, of course I respectfully disagree.

SPV clients like Bitcoin Wallet can be instant-on. They are not today because the programming involved is tricky and not completed yet. But we'll get there eventually. I already find Bitcoin Wallet to catch up plenty fast enough if I enable the "sync on power" option, I think in future Andreas will make this option on by default so all users benefit. It means typically the client is only a few hours behind. And of course you can spend without being fully caught up to the chain head.

The primary remaining issues are reliability (if you connect to an overloaded peer sync can be very slow), storage costs (this can be solved quite easily), and bandwidth consumption, the fix for which is largely implemented by Matt and just needs review+merge+people to upgrade.

Running SPV on a phone is by far the hardest solution to make work well. It is also theoretically the best in terms of security, privacy and how closely it matches Satoshis vision of a truly P2P system. I think once the remaining performance problems are solved there won't be much incentive to use other types of wallet.

Any solution which involves keys being stored on the server is a non-starter for me. There have been too many cases of wallets hosted by third parties getting hacked. Not to mention the legal issues.
legendary
Activity: 1221
Merit: 1025
e-ducat.fr
October 08, 2012, 06:03:34 PM
#26
Jan and Goonie deserve a lot of respect for their developments.

However, payment speed is of the essence while on the go, so I don't think (after careful testing) that mobile apps that hold keys or block headers in the device are suitable for widespread usage, going forward. Paytunia mobile brings the benefits of instant on and faster response time.

We (paymium, of which I am a co-founder) released an HTML 5 version of paytunia.com (namely m.paytunia.com) to complement our paytunia app on Google play and to make sure iPhone lovers can use it too (since the iOS paytunia app got kicked out of the AppStore by Apple).
A shortcut on the mobile desktop is all it takes to have the same experience as an app.
Keys are strored securely on our servers and the block chain is always up to date ("instant on" applications).

Same is true for our Instawallet app (check out the new home page of instawallet.

The number of active users of our services is around 20 000 and ramping up fast.
legendary
Activity: 1862
Merit: 1114
WalletScrutiny.com
October 08, 2012, 05:57:34 PM
#25
Hmm … now that I think about it:
Spinner needs a simple API. getBalance(address), maybe getHistory(address) and send(signedTransaction).
Without looking in the code I assume all this is publicly available even without Spinner, so I could have a website that uses your Spinner-server making you believe to have 10,000 wallets more and the numbers you named are actually addresses you ever received via the public getBalance API.

Anyway you should have a pretty clear picture of how many wallets are daily active, weekly active and monthly active although a sample of some 800 users is most likely not sufficient to get a consistent picture.
hero member
Activity: 483
Merit: 551
October 08, 2012, 04:40:58 PM
#24
Quote
Quote
  • Cannot say about installs with actual BTC in them, as I would feel myself bad eavesdropping on peoples "bank accounts".

Adding a report-balance functionality to Bitcoin Wallet would indeed be more than rude so I hope that what you actually meant to say is that you do not have these numbers.

Yes, I don't have these numbers and no reason to collect them.
legendary
Activity: 1862
Merit: 1114
WalletScrutiny.com
October 08, 2012, 04:33:16 PM
#23
Time for an update as requested here: https://bitcointalksearch.org/topic/m.1256522
  • Total installs to date: 2444
  • Active device installs: 1402 (people who did not uninstall it again)
  • Total installs with actual BTC in them: 870 (This is the one that really matters)

Cool, thanks for the detailed info Smiley
If you happen to have trend graphs of the charged wallets or a grand total of Ƀs Spinner is being trusted with, I would be very curious to see these Wink

Thanks for your numbers. Here are Bitcoin Wallet numbers:

  • Total installs to date: 18016 (plus several hundreds from the downloads page)
  • Active device installs: 5513
  • Cannot say about installs with actual BTC in them, as I would feel myself bad eavesdropping on peoples "bank accounts".

As you might guess from what I said above, I see no problem in stating what Jan stated above at all. Telling that x wallets hold 1 Satoshi or more is only stating that these people actually have and maybe use (certainly used) an account as opposed to had an account that they maybe used or not.

Spinner has a technical necessity for "eavesdropping" and adding a report-balance functionality to Bitcoin Wallet would indeed be more than rude so I hope that what you actually meant to say is that you do not have these numbers.
hero member
Activity: 483
Merit: 551
October 08, 2012, 04:23:31 PM
#22
Time for an update as requested here: https://bitcointalksearch.org/topic/m.1256522
  • Total installs to date: 2444
  • Active device installs: 1402 (people who did not uninstall it again)
  • Total installs with actual BTC in them: 870 (This is the one that really matters)


Thanks for your numbers. Here are Bitcoin Wallet numbers:

  • Total installs to date: 18016 (plus several hundreds from the downloads page)
  • Active device installs: 5513
  • Cannot say about installs with actual BTC in them, as I would feel myself bad eavesdropping on peoples "bank accounts".
Jan
legendary
Activity: 1043
Merit: 1002
October 08, 2012, 02:23:29 PM
#21
i wanna revive this thread and ask jan to please update his numbers.

also, i saw that the app by andreas schildbach has 10000-50000 downloads in the google app store in the last 30 days. thats ten times the number it shows for spinner and would mean it has more installations than all other alternative clients combined. is that true? is there any way to get accurate numbers on this?

What an excellent idea. The number listed does not list installs for the last 30 days, but the (very inaccurate) total installs to date.
Being the publisher of an app allows you to get pretty accurate numbers of device installs from Google Play.
Here is what I reported April 13:

...
  • Total installs to date: 816
  • Active device installs: 503 (people we did not uninstall it again)
  • Total installs with actual BTC in them: 303 (This is the one that really matters)
...

The page: https://play.google.com/store/apps/details?id=com.miracleas.bitcoin_spinner
reports 1000-5000 installs today. The accurate numbers are:
  • Total installs to date: 1501
  • Active device installs: 918 (people who did not uninstall it again)
  • Total installs with actual BTC in them: 562 (This is the one that really matters)
The numbers have nearly doubled over less than four months. Not bad everything considered. The UI is not really sexy, but it's fast, secure, and easy to use.
Time for an update as requested here: https://bitcointalksearch.org/topic/m.1256522
  • Total installs to date: 2444
  • Active device installs: 1402 (people who did not uninstall it again)
  • Total installs with actual BTC in them: 870 (This is the one that really matters)
legendary
Activity: 1526
Merit: 1134
July 11, 2012, 03:16:40 AM
#20
Given that Bitcoiners are sufficiently spread out that they don't meet in person very often, and shops that accept Bitcoins are rare, the numbers being posted here are actually pretty high.

Blockchain download and management has become more robust over time for anything based on bitcoinj, but there is still quite some improvements left to make.
hero member
Activity: 483
Merit: 551
July 11, 2012, 02:16:26 AM
#19

The blockchain never completed with this application. Now I think it was be unrealistic to hold 2gb on my phone.

Which version did you try (or how long ago)? It does not hold 2 GB but only approx 20 MB (headers only).
sr. member
Activity: 369
Merit: 250
July 11, 2012, 01:43:06 AM
#18
Fornit asked me to post download statistics here.

As of today, Bitcoin Wallet has been installed 12640 times (not counting re-installs or updates), but only 3588 are still active.


I have used all mobile wallets available, at the time anyway.

The blockchain never completed with this application. Now I think it was be unrealistic to hold 2gb on my phone.

Paytunia I had high hopes for but booted out on my model of phone. filled a bug report to them and recieved no response.

Bitcoin spinner was nice, but after coins were deleted from a family members phone (from a friend knowing what apps would not be needed for them, shhesh) I saw this as impractical for new users. I would use this myself in a flash.

Blockchain app is what I use now. very elegant. makes things all nice and linked aswell.
Jan
legendary
Activity: 1043
Merit: 1002
July 10, 2012, 08:14:34 PM
#17
recently found bitcoin spinner for my android google cell..

I like it the most..

I like the backup and restore functions, but they are not well documented.. 

Mind you Im sure its easy, but needs a tiny bit more..  Im hesitant to try it..

If you do not trust the backup/restore functionality try it with 0.1 BTC or ask some of the other 500 forum members who use it.
Back to topic.
Jan
legendary
Activity: 1043
Merit: 1002
July 10, 2012, 08:12:13 PM
#16
recently found bitcoin spinner for my android google cell..

I like it the most..

I like the backup and restore functions, but they are not well documented.. 

Mind you Im sure its easy, but needs a tiny bit more..  Im hesitant to try it..

I am soon going on vacation and have been thinking about a small project to do. Now, my wife has declared that there will be no coding going on.
Reading your post gave me this brilliant idea. My project will be to make a BitcoinSpinner guide. I'll make a PDF that will link from BitcoinSpinner's Settings -> Help option. It will basically be a HowTo describing best practices on how to secure your coins using BitcoinSpinner.
I'll throw in a section describing my motivation to make BitcoinSpinner as a free service that costs me $130 to keep alive every month and countless hours.

 
hero member
Activity: 770
Merit: 500
You're fat, because you dont have any pics on FB
July 10, 2012, 06:07:13 PM
#15
recently found bitcoin spinner for my android google cell..

I like it the most..

I like the backup and restore functions, but they are not well documented.. 

Mind you Im sure its easy, but needs a tiny bit more..  Im hesitant to try it..
Pages:
Jump to: