Pages:
Author

Topic: I'm dumping Nxt and here's why you should too (Read 21319 times)

legendary
Activity: 2506
Merit: 1030
Twitter @realmicroguy
February 15, 2015, 03:37:19 PM
All the ones scrubbed out are the ones who have actually lost 'mindshare' as they are no longer considered relevant.

What is considered 'relevant' has a tendency to change over time and is highly subjective.

Goldcoin has a series of workshops and conferences scheduled for 2015 and a new client pending release. Feel free to scrub it out, but the rumors of our death have been highly exaggerated. Tongue
you sure have your hands full handling the massive volume,
the marketcap represents only the lost coins so it cant fall lower

what was your highest ranking ever 14?

The marketcap represents the total coins in circulation times the coin price. This number can always move higher or lower. I'm not sure about the all-time highest ranking.

Our new java client will be released this month after more than a year in development. It will be an improvement over the current bitcoin client, and I believe will be well received by the altcoin community, since the client will also support other coins. In addition, we have a series of workshops and conferences scheduled to take place in South Africa this year.

I suspect that our volume will increase after the market has had a chance to digest this fundamental growth in the currency.
NWO
sr. member
Activity: 392
Merit: 250
Break it up children. Obviously I made the right decision (as NXT is now below 0.00005). Stop bringing this thread up from the dead every few weeks.


/Thread
legendary
Activity: 1512
Merit: 1004
blah blah blah, another pathetic troll

who is in his mind would tell everyone his gonna dump before he did it

best conclusion ever.
The point.
newbie
Activity: 14
Merit: 0
blah blah blah, another pathetic troll

who is in his mind would tell everyone his gonna dump before he did it

best conclusion ever.
full member
Activity: 227
Merit: 103
Have faith.
All the ones scrubbed out are the ones who have actually lost 'mindshare' as they are no longer considered relevant.

What is considered 'relevant' has a tendency to change over time and is highly subjective.

Goldcoin has a series of workshops and conferences scheduled for 2015 and a new client pending release. Feel free to scrub it out, but the rumors of our death have been highly exaggerated. Tongue
you sure have your hands full handling the massive volume,
the marketcap represents only the lost coins so it cant fall lower

what was your highest ranking ever 14?
sr. member
Activity: 342
Merit: 250
If Gavin commits some malicious code to steal bitcoin's in the next core release we can go after him.

No, he will say that the key was compromised and he didn't know about that.

Exactly !

What said they were the problem when they found the malleability bug ? They said the exchanges are to blame because you could see it else where that this was not the right transaction.

So if they had such a good development system how could they missed that bug ?

Was it originally meant to be a feature, or was it a bug?
hero member
Activity: 574
Merit: 500
I was just about to post that I was pretty sure you hadn't read the paper!  Cheesy Sorry, was 2-3 pages behind.
hero member
Activity: 658
Merit: 501

Blackbox testing, heuristic analysis... there are a lot of ways to do audit without making humans to read the code.

Yes , agreed , but they aren't being done with NxT, when this and jeff's helpful suggestions should all be done .

This isn't some game for the iphone store ... we are talking about fintech with millions of dollars at stake. Where are your standards?


My next post addressed compiling from scratch issue. Hash is not useful, I give you 1 hour before responding to the next your post. Take this time to read the paper of Nick Szabo I linked above.

ok, I will read it an get back to you.
legendary
Activity: 2142
Merit: 1010
Newbie
Now you are conflating internal and external processes. Additionally, ignoring my repeated statement of fact that few people in the real world compile from scratch .

Allowing users the ability to confirm a hash is useful.

My next post addressed compiling from scratch issue. Hash is not useful, I give you 1 hour before responding to the next your post. Take this time to read the paper of Nick Szabo I linked above.
hero member
Activity: 658
Merit: 501
Deterministic jars give 0 (zero) benefit because decompiled binary can be compared to the code produced by compiling and decompiling source code.

Now you are conflating internal and external processes. Additionally, ignoring my repeated statement of fact that few people in the real world compile from scratch .

Allowing users the ability to confirm a hash is useful.


legendary
Activity: 2142
Merit: 1010
Newbie
We shouldn't rely on audits from others, but we are forced to in the real world. Don't tell me you do a thorough audit and compile from scratch every bit of open source code on your computer with every version. No one does that except Richard Stallman, and I am sure even he skips an audit or compile from source every now and again.

Blackbox testing, heuristic analysis... there are a lot of ways to do audit without making humans to read the code.
legendary
Activity: 2142
Merit: 1010
Newbie
So your logic is that it is best to act shady as hell to insure that your potential users are sufficiently paranoid and perform more audits? Or is their some special degree of heightened paranoia you deliberately try to instill with your users to add greater security? I assume this fringe benefit outweighs all the advantages of transparency, Really???

No. Don't distort my position, just read what I wrote upthread.


With regards to reproducibility, there are many different things we could be discussing here but I will take a stab at what I think you are referring to and why Jeff is still right:

Yes, I understand using separate compilers on different platforms can result in different class files. wouldn't it be a good idea, since you are working with Java, that you coordinate and use the same platform and compiler to create a deterministic jar so you can have the added benefit of reproducibility and verification?

Deterministic jars give 0 (zero) benefit because decompiled binary can be compared to the code produced by compiling and decompiling source code.
hero member
Activity: 658
Merit: 501
It would be great and ideal if everyone compiled from source and performed security audits with every version.

You are wrong if you rely on audit of the others (as was suggested by Jeff). If you want to know why, just read Trusted Third Parties Are Security Holes by Nick Szabo.

We shouldn't rely on audits from others, but we are forced to in the real world. Don't tell me you do a thorough audit and compile from scratch every bit of open source code on your computer with every version. No one does that except Richard Stallman, and I am sure even he skips an audit or compile from source every now and again.
hero member
Activity: 658
Merit: 501
People think that a non-anon dev won't try to scam them and in the end we get an insecure system.

So your logic is that it is best to act shady as hell to insure that your potential users are sufficiently paranoid and perform more audits? Or is their some special degree of heightened paranoia you deliberately try to instill with your users to add greater security? I assume this fringe benefit outweighs all the advantages of transparency, Really???


Java code doesn't need reproducibility. Jeff showed that he understands nothing in Java, this automatically reduces value of his advice to zero.

With regards to reproducibility, there are many different things we could be discussing here but I will take a stab at what I think you are referring to and why Jeff is still right:

Yes, I understand using separate compilers on different platforms can result in different class files. wouldn't it be a good idea, since you are working with Java, that you coordinate and use the same platform and compiler to create a deterministic jar so you can have the added benefit of reproducibility and verification?
legendary
Activity: 2142
Merit: 1010
Newbie
I understand you, but I'm not sure that trusting a dev because he is known is a good layer of security.

It's not and Nick Szabo explains why. Bottom line of the current discussion is already obvious: non-anon devs is bad because people trust them.
legendary
Activity: 1225
Merit: 1000
So you agree in an utopian fantasy world AND in the real world?
No, I agree with you conceptually if that reality existed, but it doesn't.

Sorry for playing games with you, but now I can conclude that you don't agree in the real world to this bold part
Quote
the background of the developers can give us some understanding of their technical proficiency -> So does the quality of the code they write

This means you agree to this:

Quote
the quality of the code of the developers can not give us some understanding of their technical proficiency in the real world

which is pretty bold

I don't understand why this is so complicated for you to understand.

It would be great and ideal if everyone compiled from source and performed security audits with every version.
In reality, this doesn't happen, even if 100% of the users are capable of this task. Thus we have to implement other means and layers of security to bolster up the inadequacies of the end user security.

Understand?

I understand you, but I'm not sure that trusting a dev because he is known is a good layer of security.
legendary
Activity: 2142
Merit: 1010
Newbie
It would be great and ideal if everyone compiled from source and performed security audits with every version.

You are wrong if you rely on audit of the others (as was suggested by Jeff). If you want to know why, just read Trusted Third Parties Are Security Holes by Nick Szabo.
hero member
Activity: 658
Merit: 501
So you agree in an utopian fantasy world AND in the real world?
No, I agree with you conceptually if that reality existed, but it doesn't.

Sorry for playing games with you, but now I can conclude that you don't agree in the real world to this bold part
Quote
the background of the developers can give us some understanding of their technical proficiency -> So does the quality of the code they write

This means you agree to this:

Quote
the quality of the code of the developers can not give us some understanding of their technical proficiency in the real world

which is pretty bold

I don't understand why this is so complicated for you to understand.

It would be great and ideal if everyone compiled from source and performed security audits with every version.
In reality, this doesn't happen, even if 100% of the users are capable of this task. Thus we have to implement other means and layers of security to bolster up the inadequacies of the end user security.

Understand?
legendary
Activity: 2142
Merit: 1010
Newbie
Its being done before and after. Are you suggesting there is no value in investigating mistakes or crimes after they happen?

People think that a non-anon dev won't try to scam them and in the end we get an insecure system.


That is one method, amongst many, in our tool chest for auditing code.

Java code doesn't need reproducibility. Jeff showed that he understands nothing in Java, this automatically reduces value of his advice to zero.
legendary
Activity: 1225
Merit: 1000
So you agree in an utopian fantasy world AND in the real world?
No, I agree with you conceptually if that reality existed, but it doesn't.

Sorry for playing games with you, but now I can conclude that you don't agree in the real world to this bold part
Quote
the background of the developers can give us some understanding of their technical proficiency -> So does the quality of the code they write

This means you agree to this:

Quote
the quality of the code of the developers can not give us some understanding of their technical proficiency in the real world

which is pretty bold
Pages:
Jump to: