Doesn't Electrum already have cryptoransom prevention built in? you need to prove you have backed up your seed before it allows you to create a new wallet, and your wallet needs to be passworded? Implement these features as standard into the default client and you have a wallet which the funds cant be stolen from and a backup that can be recovered from. Plus we have the Trezor coming out soon which will hopefully come with plenty of hardware wallet competition soon, another saving grace. Why are we even having this discussion with the little old lady story in an attempt to give it significance?
Topic: Mike Hearn, Foundation's Law & Policy Chair, is pushing blacklists right now - page 11. (Read 84394 times)
November 15, 2013, 06:18:13 AM
November 15, 2013, 05:36:32 AM
They wasn't built in to protocol to let some corrupted dick head in washington to decide which bitcoin is good on bad ? lolol first update you will have to register voluntary secound update if you not registered yours coins are automaticli tinted lolo. But you know whan? if bitcoin miners are so retarded, to want do j,ob for some corrupted oficials in washington(FED )then let them. We see how fast bitcon network will go back to cpu minig.
November 15, 2013, 05:23:36 AM
Oh dear, a centralized institution thinking about protecting the stupid masses from some imaginary threat by implementing freedom-reducing actions. What a surprise. 
It has been pointed out several times in this thread already: the most effective way to combat fraud and things like cryptolocker is increasing the general amount of knowledge about security among users. Unfortunately that involves trusting in peoples ability to learn and think for themselves. Not a very popular stance today.
So yeah I just want to echo the general sentiment here: even though this may be just a call to discussion, I feel this idea needs to be opposed vehemently. I just want to add that there are no political solutions, only technological ones. That's where the focus should lie.
It has been pointed out several times in this thread already: the most effective way to combat fraud and things like cryptolocker is increasing the general amount of knowledge about security among users. Unfortunately that involves trusting in peoples ability to learn and think for themselves. Not a very popular stance today.
So yeah I just want to echo the general sentiment here: even though this may be just a call to discussion, I feel this idea needs to be opposed vehemently. I just want to add that there are no political solutions, only technological ones. That's where the focus should lie.
November 15, 2013, 05:14:21 AM
Why do it in secret?
I believe the thread was originally posted in the open on the membership forums.
November 15, 2013, 05:01:44 AM
While I genuinely appreciate community feedback, I dislike the misleading title of this thread. It's one individual's opinion and it may not even be actionable.
Committee chairs, just as board directors, are free to have their own opinions on issues. It doesn't automatically imply that it is the policy of the entire Foundation or even that the Foundation has in a mandate in that particular area. Just as forum members here disagree and debate, the members of the Foundation have similar disagreements and debates on a consistent basis. In the end, we represent the makeup of our membership and you can see from the latest election results that it is a wide variety of opinion.
Committee chairs, just as board directors, are free to have their own opinions on issues. It doesn't automatically imply that it is the policy of the entire Foundation or even that the Foundation has in a mandate in that particular area. Just as forum members here disagree and debate, the members of the Foundation have similar disagreements and debates on a consistent basis. In the end, we represent the makeup of our membership and you can see from the latest election results that it is a wide variety of opinion.
Why do it in secret?
November 15, 2013, 04:59:02 AM
While I genuinely appreciate community feedback, I dislike the misleading title of this thread. It's one individual's opinion and it may not even be actionable.
Committee chairs, just as board directors, are free to have their own opinions on issues. It doesn't automatically imply that it is the policy of the entire Foundation or even that the Foundation has in a mandate in that particular area. Just as forum members here disagree and debate, the members of the Foundation have similar disagreements and debates on a consistent basis. In the end, we represent the makeup of our membership and you can see from the latest election results that it is a wide variety of opinion.
Committee chairs, just as board directors, are free to have their own opinions on issues. It doesn't automatically imply that it is the policy of the entire Foundation or even that the Foundation has in a mandate in that particular area. Just as forum members here disagree and debate, the members of the Foundation have similar disagreements and debates on a consistent basis. In the end, we represent the makeup of our membership and you can see from the latest election results that it is a wide variety of opinion.
November 15, 2013, 04:38:33 AM
This is just the beginning.
Satoshi would be ashamed.
Satoshi would be ashamed.
its so sad too, because Satoshi reached out to Mike to get him more involved (as I understand it). Now he appears to be looking to effectively kill the whole thing.
Q: I'm not technically savvy, but wouldn't the solution be CryptoLocker counter-measures on client computers?
A: (Mike's own words) "That's certainly a solution yes, but unfortunately it's sort of like saying the solution to burglary is having locks ondoors and windows, so we don't need the police."
And this guy is important for bitcoin? SMDH.
(edit: source: https://jumpshare.com/v/FCGnW40vMhG8ETE8i57h?b=rJU3YwFcBYWUD5X0bbqR)
It's more like saying you should put a lock on your bicycle.
If you don't have a lock on your bike, someone will steal it. Guaranteed. So people put locks on their bicycles. It's cheap, simple, easy, and everyone does it. And as a result you can be relatively secure riding your bike around and leaving it locked and unattended.
Of course, bikes still get stolen every once in a while, and do the cops care? Pretty much they don't give a shit.
November 15, 2013, 04:28:31 AM
It seems the problem is that the users have control over address generation. But I constantly see in various Bitcoin FAQs on the web that it's good practice to use a new address every time. This seems like a constant source for problems. Couldn't the protocol be amended so that each address is only good for 2 transactions? 1 incoming and 1 to spend it? This would render this whole issue moot. Or am I missing something?
That's not very good either since it breaks Bitcoin in a different way.Satisfying the conditions of the appropriate script must always be both necessary and sufficient to spend an output.
Could you please explain this further?
I'm under the impression this is how the client currently works. It spends the entire sum of what's in the address, sending the desired amount to a target address and the change to a new address. Wouldn't it make sense to make that behavior part of the protocol, so that when a sum is spent, that address is then null?
November 15, 2013, 04:07:29 AM
If the foundation chooses to support this idea, it will be the day when Bitcoin splits.
If that happens, then...
OH BABY, I'M SOOOOOOOOOOOOO GONNA FORK IT AGAIN !
November 15, 2013, 03:52:18 AM
Cryptlocker just shows how people have no idea about security. So many people have so little clue that cloud backup is the only solution for most people.
Hint: Get all your relatives using crashplan, I don't care if the NSA looks at their photos its better than keeping all your digital photos on a single spinning disk.
Hint: Get all your relatives using crashplan, I don't care if the NSA looks at their photos its better than keeping all your digital photos on a single spinning disk.
November 15, 2013, 03:49:18 AM
Mike's core concern, based on the thread on the Foundation forums, is that Cryptolocker is a serious problem, and because it's such a demonically simple way to extort cash from people, it's going to become a huge problem. There will be many, many copycats soon, and you get enough non-techies getting ripped off and having their first experience with bitcoin this way, and suddenly govs around the world become very hostile to bitcoin (vs barely caring about it, and figuring out how they feel about it as is the case now). And then (or perhaps before), you can kiss any hope of business acceptance of bitcoin (something we all dream of, I'd imagine, so that we can transact in bitcoin without having to resort to exchanges) goodbye.
Here's a thought - why don't people keep their virus definition files up to date? Microsoft deserves a huge amount of blame for leaving their OSes unprotected for such an incredibly long time, but windows 8 actually does include Microsoft Security Essentials for free.
Anyway, how many people have actually gotten the cryptlocker virus? I think it's pretty unlikely that this will be anything more then a fringe thing affecting people who probably don't have any valuable files anyway, because they don't even know how to use their computer. A virus writer will have to be extremely selective in targeting people if they don't want their virus to end up in virus definition, which in turn means not very many people will be effected. If they try to spread it all over the place it'll end up blocked everywhere, which in turn, again, means no one gets it.
I had a friend call me and tell the story of a small company (20 PCs) catching cryptolocker and needing bitcoin from him. It is a problem and it could become big. Unfortunately it also is a problem for Bitcoin (by association). The answer to this threat however, does certainly not lie in trying to render Bitcoin payment less attractive for those criminals. It lies in tightening your security and making regular backups... which you should do anyway.
The reason why Cryptlocker is putting people in misery is not too much Bitcoin, but too little, and too late, Bitcoin should have been invented right at the beginning of the internet.
Cryptlocker relies on some command and control servers on the botnet to send it the public key, the reason botnet exists? It doesn't cost any energy to send spam E-mails, which is exactly how Cryptlocker spreads. Bitcoin, created to thwart the botnet, shows how useful hashcash is, and how irresponsible the E-mail providers are. Responding to ransomware threat by proposing to regulate Bitcoin is another step towards the wrong direction.
And we should really regulate RSA, really really should do that, Ransomware will be useless without it.
November 15, 2013, 03:43:29 AM
I had a friend call me and tell the story of a small company (20 PCs) catching cryptolocker and needing bitcoin from him.
What if the virus just destroyed all his files?
Why does his business have no backup solution?
I can catch cryptolocker right now and everything will be back to normal in 10 minutes. Just because of other peoples stupid I will not be happy my Bitcoin becomes listed and compromised.
Now is the age of backups and security, tell your friend and that grandma from earlier, their files are gone! Deleted! Make up a story that cryptolocker has actually deleted the files and wants money even though the files are forever gone.
People need to start learning that no backups equals no files!
November 15, 2013, 03:35:24 AM
November 15, 2013, 03:33:58 AM
Mike's core concern, based on the thread on the Foundation forums, is that Cryptolocker is a serious problem, and because it's such a demonically simple way to extort cash from people, it's going to become a huge problem. There will be many, many copycats soon, and you get enough non-techies getting ripped off and having their first experience with bitcoin this way, and suddenly govs around the world become very hostile to bitcoin (vs barely caring about it, and figuring out how they feel about it as is the case now). And then (or perhaps before), you can kiss any hope of business acceptance of bitcoin (something we all dream of, I'd imagine, so that we can transact in bitcoin without having to resort to exchanges) goodbye.
Here's a thought - why don't people keep their virus definition files up to date? Microsoft deserves a huge amount of blame for leaving their OSes unprotected for such an incredibly long time, but windows 8 actually does include Microsoft Security Essentials for free.
Anyway, how many people have actually gotten the cryptlocker virus? I think it's pretty unlikely that this will be anything more then a fringe thing affecting people who probably don't have any valuable files anyway, because they don't even know how to use their computer. A virus writer will have to be extremely selective in targeting people if they don't want their virus to end up in virus definition, which in turn means not very many people will be effected. If they try to spread it all over the place it'll end up blocked everywhere, which in turn, again, means no one gets it.
I had a friend call me and tell the story of a small company (20 PCs) catching cryptolocker and needing bitcoin from him. It is a problem and it could become big. Unfortunately it also is a problem for Bitcoin (by association). The answer to this threat however, does certainly not lie in trying to render Bitcoin payment less attractive for those criminals. It lies in tightening your security and making regular backups... which you should do anyway.
November 15, 2013, 03:25:52 AM
So you're telling me that if each Bitcoin is worth $1 million dollars ransomware or other sophisticated malware and spyware wont be developed to target Bitcoin users? This isn't paranoia it's common sense. Governments may or may not have hit any of us already with advanced persistent threats. Do you think they'll tell us?
You're a persistent one.
I'm just telling you that ransomware will not magically become more efficient than it is now just because people acknowledge bitcoin being worth more than murrikan dollar.
Ransomware today is a pain. Ransomware tomorrow will be a pain. Ransomware won't be more dangerous tomorrow than it is today.
Your coins are safe as long as you have a backup+strong passphrase or cold wallets.
Just smile and go to sleep.
The answer to ransomware is tightening security and switching to opensource software, not fucking with Bitoin.
November 15, 2013, 03:24:41 AM
Advanced persistent threats can exist in any and every one of our computer systems. At any time a government can flip a switch and force us to pay some tax in Bitcoins?
No, they cannot.
And...
Have you been hit by a ransomware before?
Do you know anyone who have been?
Quit being paranoid. Ransomware did exist, still exist, and will exist. With no more power than they had before, provided you have a safe backup of your wallet.
So you're telling me that if each Bitcoin is worth $1 million dollars ransomware or other sophisticated malware and spyware wont be developed to target Bitcoin users? This isn't paranoia it's common sense. Governments may or may not have hit any of us already with advanced persistent threats. Do you think they'll tell us?
http://en.wikipedia.org/wiki/GhostNet
Quote from: Benjamin Franklin
“Those who surrender freedom for security will not have, nor do they deserve, either one.”
November 15, 2013, 03:17:16 AM
If the foundation chooses to support this idea, it will be the day when Bitcoin splits. In one way or another, there will be two different Bitcoin protocols, be it in the form of an altcoin or as a hard fork. I hope they make the right decision, which is obvious in my mind.
mikes idea is not acceptable of course. it will be interesting so see, what the devs of Litecoin will do...
What can they do? There's not much anyone can do about things like this. As Carlton has already pointed out, this isn't a protocol change. Tracking coins and creating whitelists/blacklists/redlists/bluelists is possible and open for anyone to do due to bitcoin's (and all other cryptocoins) design.
Its different. If a average joe creates such a list on its server it doesnt matter. But if the bitcoin foundation changes the official wallet and shows tainted coins it will have a bad effect.
It doesn't matter who creates the list. If the list is trusted by enough people, and governments mandate that businesses register or only accept from "verified" bitcoins on some approved list, then you get the same thing. Again, it doesn't matter if everyone's complaining prevents the Foundation from implementing something like this, because there's really nothing that can be done to prevent somebody from doing it and from governments from legislating for it.
I agree we can't prevent governments / corporations from doing this. However putting support of this into bitcoin-qt would greatly accellerate acceptance of the scheme. Fear would make it work.
November 15, 2013, 03:02:44 AM
molecular said:
Mike said :
If the quotes are correct, and if molecular is correct, what does it mean?
That we'd have to upload ID and bills to errr... The Foundation ? for verification, before we can even use a wallet?
Didn't you read what he proposed: you can wash your bills clean by registering your identity.
Mike said :
Quote
For instance, this process could be automated and also built into the wallet.
If the quotes are correct, and if molecular is correct, what does it mean?
That we'd have to upload ID and bills to errr... The Foundation ? for verification, before we can even use a wallet?
I should've said "coins" instead of "bills". I don't know how it could be automated, except maybe by using electronic ID like the german ID card that allows online identification of the slaves.
November 15, 2013, 02:43:53 AM
It seems the problem is that the users have control over address generation. But I constantly see in various Bitcoin FAQs on the web that it's good practice to use a new address every time. This seems like a constant source for problems. Couldn't the protocol be amended so that each address is only good for 2 transactions? 1 incoming and 1 to spend it? This would render this whole issue moot. Or am I missing something?
That's not very good either since it breaks Bitcoin in a different way.Satisfying the conditions of the appropriate script must always be both necessary and sufficient to spend an output.
November 15, 2013, 02:39:30 AM
Disclaimer: I don't know shit. I'm just a casual Bitcoin user.
It seems the problem is that the users have control over address generation. But I constantly see in various Bitcoin FAQs on the web that it's good practice to use a new address every time. This seems like a constant source for problems. Couldn't the protocol be amended so that each address is only good for 2 transactions? 1 incoming and 1 to spend it? This would render this whole issue moot. Or am I missing something?
It seems the problem is that the users have control over address generation. But I constantly see in various Bitcoin FAQs on the web that it's good practice to use a new address every time. This seems like a constant source for problems. Couldn't the protocol be amended so that each address is only good for 2 transactions? 1 incoming and 1 to spend it? This would render this whole issue moot. Or am I missing something?
Jump to: