Pages:
Author

Topic: Mike Hearn, Foundation's Law & Policy Chair, is pushing blacklists right now - page 11. (Read 84410 times)

maz
full member
Activity: 140
Merit: 100
Doesn't Electrum already have cryptoransom prevention built in? you need to prove you have backed up your seed before it allows you to create a new wallet, and your wallet needs to be passworded? Implement these features as standard into the default client and you have a wallet which the funds cant be stolen from and a backup that can be recovered from. Plus we have the Trezor coming out soon which will hopefully come with plenty of hardware wallet competition soon, another saving grace. Why are we even having this discussion with the little old lady story in an attempt to give it significance?

full member
Activity: 161
Merit: 100
They wasn't built in to protocol to let some corrupted dick head in washington to decide which bitcoin is good on bad ? lolol first update you will have to register voluntary secound update if you not registered yours coins are automaticli tinted lolo. But you know whan? if bitcoin miners are so retarded, to want do j,ob for some corrupted oficials in washington(FED )then let them. We see how fast bitcon network will go back to cpu minig.
legendary
Activity: 1133
Merit: 1163
Imposition of ORder = Escalation of Chaos
Oh dear, a centralized institution thinking about protecting the stupid masses from some imaginary threat by implementing freedom-reducing actions. What a surprise.  Roll Eyes

It has been pointed out several times in this thread already: the most effective way to combat fraud and things like cryptolocker is increasing the general amount of knowledge about security among users. Unfortunately that involves trusting in peoples ability to learn and think for themselves. Not a very popular stance today.

So yeah I just want to echo the general sentiment here: even though this may be just a call to discussion, I feel this idea needs to be opposed vehemently. I just want to add that there are no political solutions, only technological ones. That's where the focus should lie.
sr. member
Activity: 303
Merit: 251
Why do it in secret?

I believe the thread was originally posted in the open on the membership forums.
legendary
Activity: 4760
Merit: 1283
While I genuinely appreciate community feedback, I dislike the misleading title of this thread. It's one individual's opinion and it may not even be actionable.

Committee chairs, just as board directors, are free to have their own opinions on issues. It doesn't automatically imply that it is the policy of the entire Foundation or even that the Foundation has in a mandate in that particular area. Just as forum members here disagree and debate, the members of the Foundation have similar disagreements and debates on a consistent basis. In the end, we represent the makeup of our membership and you can see from the latest election results that it is a wide variety of opinion.

Why do it in secret?

sr. member
Activity: 303
Merit: 251
While I genuinely appreciate community feedback, I dislike the misleading title of this thread. It's one individual's opinion and it may not even be actionable.

Committee chairs, just as board directors, are free to have their own opinions on issues. It doesn't automatically imply that it is the policy of the entire Foundation or even that the Foundation has in a mandate in that particular area. Just as forum members here disagree and debate, the members of the Foundation have similar disagreements and debates on a consistent basis. In the end, we represent the makeup of our membership and you can see from the latest election results that it is a wide variety of opinion.
full member
Activity: 238
Merit: 100
This is just the beginning.
Satoshi would be ashamed.

its so sad too, because Satoshi reached out to Mike to get him more involved (as I understand it). Now he appears to be looking to effectively kill the whole thing.

Q: I'm not technically savvy, but wouldn't the solution be CryptoLocker counter-measures on client computers?
A: (Mike's own words) "That's certainly a solution yes, but unfortunately it's sort of like saying the solution to burglary is having locks ondoors and windows, so we don't need the police."

And this guy is important for bitcoin? SMDH.

(edit: source: https://jumpshare.com/v/FCGnW40vMhG8ETE8i57h?b=rJU3YwFcBYWUD5X0bbqR)

It's more like saying you should put a lock on your bicycle.

If you don't have a lock on your bike, someone will steal it. Guaranteed. So people put locks on their bicycles. It's cheap, simple, easy, and everyone does it.  And as a result you can be relatively secure riding your bike around and leaving it locked and unattended.

Of course, bikes still get stolen every once in a while, and do the cops care?   Pretty much they don't give a shit.
member
Activity: 116
Merit: 10
It seems the problem is that the users have control over address generation. But I constantly see in various Bitcoin FAQs on the web that it's good practice to use a new address every time. This seems like a constant source for problems. Couldn't the protocol be amended so that each address is only good for 2 transactions? 1 incoming and 1 to spend it? This would render this whole issue moot. Or am I missing something?
That's not very good either since it breaks Bitcoin in a different way.

Satisfying the conditions of the appropriate script must always be both necessary and sufficient to spend an output.

Could you please explain this further?

I'm under the impression this is how the client currently works. It spends the entire sum of what's in the address, sending the desired amount to a target address and the change to a new address. Wouldn't it make sense to make that behavior part of the protocol, so that when a sum is spent, that address is then null?
legendary
Activity: 1470
Merit: 1006
Bringing Legendary Har® to you since 1952
If the foundation chooses to support this idea, it will be the day when Bitcoin splits.

If that happens, then...

OH BABY, I'M SOOOOOOOOOOOOO GONNA FORK IT AGAIN !
legendary
Activity: 1176
Merit: 1015
Cryptlocker just shows how people have no idea about security. So many people have so little clue that cloud backup is the only solution for most people.

Hint: Get all your relatives using crashplan, I don't care if the NSA looks at their photos its better than keeping all your digital photos on a single spinning disk.
hero member
Activity: 784
Merit: 1000
Mike's core concern, based on the thread on the Foundation forums, is that Cryptolocker is a serious problem, and because it's such a demonically simple way to extort cash from people, it's going to become a huge problem. There will be many, many copycats soon, and you get enough non-techies getting ripped off and having their first experience with bitcoin this way, and suddenly govs around the world become very hostile to bitcoin (vs barely caring about it, and figuring out how they feel about it as is the case now). And then (or perhaps before), you can kiss any hope of business acceptance of bitcoin (something we all dream of, I'd imagine, so that we can transact in bitcoin without having to resort to exchanges) goodbye.

Here's a thought - why don't people keep their virus definition files up to date? Microsoft deserves a huge amount of blame for leaving their OSes unprotected for such an incredibly long time, but windows 8 actually does include Microsoft Security Essentials for free.

Anyway, how many people have actually gotten the cryptlocker virus?  I think it's pretty unlikely that this will be anything more then a fringe thing affecting people who probably don't have any valuable files anyway, because they don't even know how to use their computer. A virus writer will have to be extremely selective in targeting people if they don't want their virus to end up in virus definition, which in turn means not very many people will be effected.  If they try to spread it all over the place it'll end up blocked everywhere, which in turn, again, means no one gets it.

I had a friend call me and tell the story of a small company (20 PCs) catching cryptolocker and needing bitcoin from him. It is a problem and it could become big. Unfortunately it also is a problem for Bitcoin (by association). The answer to this threat however, does certainly not lie in trying to render Bitcoin payment less attractive for those criminals. It lies in tightening your security and making regular backups... which you should do anyway.


The reason why Cryptlocker is putting people in misery is not too much Bitcoin, but too little, and too late, Bitcoin should have been invented right at the beginning of the internet.

Cryptlocker relies on some command and control servers on the botnet to send it the public key, the reason botnet exists? It doesn't cost any energy to send spam E-mails,  which is exactly how Cryptlocker spreads. Bitcoin, created to thwart the botnet, shows how useful hashcash is, and how irresponsible the E-mail providers are. Responding to ransomware threat by proposing to regulate Bitcoin is another step towards the wrong direction.

And we should really regulate RSA, really really should do that, Ransomware will be useless without it.
legendary
Activity: 1176
Merit: 1015
I had a friend call me and tell the story of a small company (20 PCs) catching cryptolocker and needing bitcoin from him.

What if the virus just destroyed all his files?

Why does his business have no backup solution?

I can catch cryptolocker right now and everything will be back to normal in 10 minutes. Just because of other peoples stupid I will not be happy my Bitcoin becomes listed and compromised.

Now is the age of backups and security, tell your friend and that grandma from earlier, their files are gone! Deleted! Make up a story that cryptolocker has actually deleted the files and wants money even though the files are forever gone.

People need to start learning that no backups equals no files!
donator
Activity: 2772
Merit: 1019
Mike's core concern, based on the thread on the Foundation forums, is that Cryptolocker is a serious problem, and because it's such a demonically simple way to extort cash from people, it's going to become a huge problem. There will be many, many copycats soon, and you get enough non-techies getting ripped off and having their first experience with bitcoin this way, and suddenly govs around the world become very hostile to bitcoin (vs barely caring about it, and figuring out how they feel about it as is the case now). And then (or perhaps before), you can kiss any hope of business acceptance of bitcoin (something we all dream of, I'd imagine, so that we can transact in bitcoin without having to resort to exchanges) goodbye.

Here's a thought - why don't people keep their virus definition files up to date? Microsoft deserves a huge amount of blame for leaving their OSes unprotected for such an incredibly long time, but windows 8 actually does include Microsoft Security Essentials for free.

Anyway, how many people have actually gotten the cryptlocker virus?  I think it's pretty unlikely that this will be anything more then a fringe thing affecting people who probably don't have any valuable files anyway, because they don't even know how to use their computer. A virus writer will have to be extremely selective in targeting people if they don't want their virus to end up in virus definition, which in turn means not very many people will be effected.  If they try to spread it all over the place it'll end up blocked everywhere, which in turn, again, means no one gets it.

I had a friend call me and tell the story of a small company (20 PCs) catching cryptolocker and needing bitcoin from him. It is a problem and it could become big. Unfortunately it also is a problem for Bitcoin (by association). The answer to this threat however, does certainly not lie in trying to render Bitcoin payment less attractive for those criminals. It lies in tightening your security and making regular backups... which you should do anyway.
donator
Activity: 2772
Merit: 1019
So you're telling me that if each Bitcoin is worth $1 million dollars ransomware or other sophisticated malware and spyware wont be developed to target Bitcoin users? This isn't paranoia it's common sense. Governments may or may not have hit any of us already with advanced persistent threats. Do you think they'll tell us?

You're a persistent one.
I'm just telling you that ransomware will not magically become more efficient than it is now just because people acknowledge bitcoin being worth more than murrikan dollar.

Ransomware today is a pain. Ransomware tomorrow will be a pain. Ransomware won't be more dangerous tomorrow than it is today.
Your coins are safe as long as you have a backup+strong passphrase or cold wallets.
Just smile and go to sleep.

The answer to ransomware is tightening security and switching to opensource software, not fucking with Bitoin.
donator
Activity: 2772
Merit: 1019
Advanced persistent threats can exist in any and every one of our computer systems. At any time a government can flip a switch and force us to pay some tax in Bitcoins?

No, they cannot.

And...

Have you been hit by a ransomware before?
Do you know anyone who have been?

Quit being paranoid. Ransomware did exist, still exist, and will exist. With no more power than they had before, provided you have a safe backup of your wallet.

So you're telling me that if each Bitcoin is worth $1 million dollars ransomware or other sophisticated malware and spyware wont be developed to target Bitcoin users? This isn't paranoia it's common sense. Governments may or may not have hit any of us already with advanced persistent threats. Do you think they'll tell us?

http://en.wikipedia.org/wiki/GhostNet

Quote from: Benjamin Franklin
“Those who surrender freedom for security will not have, nor do they deserve, either one.”
donator
Activity: 2772
Merit: 1019
If the foundation chooses to support this idea, it will be the day when Bitcoin splits. In one way or another, there will be two different Bitcoin protocols, be it in the form of an altcoin or as a hard fork. I hope they make the right decision, which is obvious in my mind.

mikes idea is not acceptable of course. it will be interesting so see, what the devs of Litecoin will do...

What can they do?  There's not much anyone can do about things like this.  As Carlton has already pointed out, this isn't a protocol change.  Tracking coins and creating whitelists/blacklists/redlists/bluelists is possible and open for anyone to do due to bitcoin's (and all other cryptocoins) design.

Its different. If a average joe creates such a list on its server it doesnt matter. But if the bitcoin foundation changes the official wallet and shows tainted coins it will have a bad effect.

It doesn't matter who creates the list.  If the list is trusted by enough people, and governments mandate that businesses register or only accept from "verified" bitcoins on some approved list, then you get the same thing.  Again, it doesn't matter if everyone's complaining prevents the Foundation from implementing something like this, because there's really nothing that can be done to prevent somebody from doing it and from governments from legislating for it.

I agree we can't prevent governments / corporations from doing this. However putting support of this into bitcoin-qt would greatly accellerate acceptance of the scheme. Fear would make it work.
donator
Activity: 2772
Merit: 1019
molecular said:
Didn't you read what he proposed: you can wash your bills clean by registering your identity.

Mike said :
Quote
For instance, this process could be automated and also built into the wallet.

If the quotes are correct, and if molecular is correct, what does it mean?
That we'd have to upload ID and bills to errr... The Foundation ? for verification, before we can even use a wallet? Huh

I should've said "coins" instead of "bills". I don't know how it could be automated, except maybe by using electronic ID like the german ID card that allows online identification of the slaves.
legendary
Activity: 1400
Merit: 1013
It seems the problem is that the users have control over address generation. But I constantly see in various Bitcoin FAQs on the web that it's good practice to use a new address every time. This seems like a constant source for problems. Couldn't the protocol be amended so that each address is only good for 2 transactions? 1 incoming and 1 to spend it? This would render this whole issue moot. Or am I missing something?
That's not very good either since it breaks Bitcoin in a different way.

Satisfying the conditions of the appropriate script must always be both necessary and sufficient to spend an output.
member
Activity: 116
Merit: 10
Disclaimer: I don't know shit. I'm just a casual Bitcoin user.

It seems the problem is that the users have control over address generation. But I constantly see in various Bitcoin FAQs on the web that it's good practice to use a new address every time. This seems like a constant source for problems. Couldn't the protocol be amended so that each address is only good for 2 transactions? 1 incoming and 1 to spend it? This would render this whole issue moot. Or am I missing something?
Pages:
Jump to: