Pages:
Author

Topic: Mike Hearn, Foundation's Law & Policy Chair, is pushing blacklists right now - page 13. (Read 84410 times)

hero member
Activity: 714
Merit: 510
Or maybe we should just use passive crime fighting? Law enforcement announces an address which is believed to be used to store illegal funds, then everyone participates in coin mixing can decide for himself if he is willing to mix his funds with that of a suspect, it can even be built into the clients, oh wait, law enforcement prefers to remain obscure, so forget about it....

There are a lot of technical solutions which could empower the community without dividing it.

This idea you present actually isn't all that bad. If individual users want to set their client to only deal with other trusted users that actually would be an excellent feature. No one wants to get scammed to find out that they cannot trust. The principle is that it should be voluntary.

hero member
Activity: 784
Merit: 1000
Or maybe we should just use passive crime fighting? Law enforcement announces an address which is believed to be used to store illegal funds, then everyone participates in coin mixing can be notified and decide for himself if he is willing to mix his funds with that of a suspect, it can even be built into the clients to automatically receive notice from the government, oh wait, law enforcement prefers to remain obscure, so forget about it....
legendary
Activity: 3430
Merit: 3080
Redlisting does not involve blacklisting or whitelisting coins. Think of it as attaching a breadcrumb trail to coins that someone suspects are illicitly gained. It doesn't stop anyone from accepting them or spending them. It does, however, provide kind of an informational bread crumb trail for law enforcement to later track if it's necessary.

It does encourage people to check whether they are receiving redlisted coins, precisely because of what you're outlining. If you know coins are redlisted, you will prefer not to accept them, as they are potentially the proceeds of a crime. This means they can be legitimately removed from your possession, they are someone else's property.

This is a much more difficult problem with a finite money supply. In the fiat system, banks and credit card companies insure against thefts, and the central bank can just print whatever is required to offset such losses as demanded by the treasury department of the government. The money supply expands and contracts to suit all sorts of needs. Bitcoin cannot adhere to this model, whoever ends up with provably stolen funds can only conscionably return them to the original owner.

The solution, therefore, is prevention, not cure. Hard currency limit dictates this. Hardware wallets and cold storage are new concepts that are only for the "experts" and "snobs", as some would say. Let's encourage the developers to make them easy enough for anyone to use with comfort. Let's encourage users to want these things, by talking about them positively, not negatively.
legendary
Activity: 1078
Merit: 1006
100 satoshis -> ISO code
Stay focused, please.

Discuss how redlisting coins will help fight crime, and especially CyptoLock copycats.


Redlisting does not help fight crime. Criminals already have databases and probably have lists which they are exploiting as we speak. If they have lists we should be discussing how to make their lists less effective by improving the privacy functionality so that they cannot track our money.

We should also be discussing what we can do to protect users from being targeted in general. There are a lot of potential attacks and coin taint lists are just one.

You've either not read or not understood what Mike wrote.

Redlisting does not involve blacklisting or whitelisting coins. Think of it as attaching a breadcrumb trail to coins that someone suspects are illicitly gained. It doesn't stop anyone from accepting them or spending them. It does, however, provide kind of an informational bread crumb trail for law enforcement to later track if it's necessary.

That would be fine if that is where it stopped. But it becomes a slippery slope. The next logical step is enforcement in the protocol that such coins can't be spent. The other problem is that it is an avenue of attack. What is to stop someone getting their enemies coins redlisted?

The BF should not be dreaming up law-enforcement applications. Let LE do that. I don't like hearing that people are being forced to buy btc because of ransomware, but this situation is not unlike the invention of email which resulted in hundreds of people falling for Nigerian scams. It was not the fault of smtp.

The correct course of action would be for the BF to set up a charity. Hardship cases can be given compensation from funds donated for the purpose of helping people harmed during the growth phase of Bitcoin.

legendary
Activity: 1484
Merit: 1026
In Cryptocoins I Trust
This tool will kill Bitcoin as we know it. I wouldn't mind if it was only used to go after thieves, but there is no way to know and/or stop the government for using it however they see fit. The problem in my opinion is when they start using the tool to go after "Silk Road" types of people. I believe as long as someone is doing no one else harm, them and only them should be able to choose what is put into their body. The drug war has failed and the government is starting to realize it, the more the people push for policies such as decriminalization/legalization of marijuana, the more obvious this will become to the government over time. If this tool is used to further the government's agenda on the failing drug war, then I strongly oppose it.

Another problem... who enforces the basic American principal of innocent until proven guilty? How would the due process be like to be able to black list coins? Would there have to be a criminal court case, or can they decide to blacklist coins on a whim whenever they deem that someone is doing something illegal? This could be very dangerous against freedom of speech. If the government doesn't like what you're saying, who's to say they can't just blacklist your life savings? What recourse would there be in that situation? Are you going to call the Bitcoin police? Smiley

I'm afraid such a tool would be horribly misused by the government. We cannot trust them with such power, because eventually it will be used against us. Where would it end? Blacklisting coins because of parking/speeding tickets, past due taxes, unpaid Obamacare taxes? Anyone that thinks for a second the government will use this tool only for its intended purpose of going after thieves is slightly naive. This would just be another step in the wrong direction as far as personal liberties go. This is like the patriot act for Bitcoin... sure it's built for a good purpose, but they can also easily misuse it however they see fit.
hero member
Activity: 714
Merit: 510
Stay focused, please.

Discuss how redlisting coins will help fight crime, and especially CyptoLock copycats.


Redlisting does not help fight crime. Criminals already have databases and probably have lists which they are exploiting as we speak. If they have lists we should be discussing how to make their lists less effective by improving the privacy functionality so that they cannot track our money.

We should also be discussing what we can do to protect users from being targeted in general. There are a lot of potential attacks and coin taint lists are just one.

You've either not read or not understood what Mike wrote.

Redlisting does not involve blacklisting or whitelisting coins. Think of it as attaching a breadcrumb trail to coins that someone suspects are illicitly gained. It doesn't stop anyone from accepting them or spending them. It does, however, provide kind of an informational bread crumb trail for law enforcement to later track if it's necessary.

I don't think it's a good idea to start making lists unless you don't mind being on someones list. I think it can easily spin out of control where hackers have lists, law enforcement have lists, and everyone is caught in the middle of being scrutinized by both hackers and law enforcement.

If you want to be on a list it should be voluntary. The list idea needs to be more well thought out, that is all.


https://bitcointalksearch.org/topic/decentralised-crime-fighting-using-private-set-intersection-protocols-157130

The idea Mike Hearn presents here has some merit but once again how to implement it in a way which is voluntary, preserves privacy, and does not give control to any centralized government or group?

If each community had its own lists there would still be problems though. Some communities will do business with you while others wont. Also making a list of coins isn't smart. Why not just have verified users, trusted users, trusted accounts or trusted identities? Why do we need to track coins when the bad actors are the ones the community is concerned about?
legendary
Activity: 1001
Merit: 1005
This is indeed worrying. Hope this never gets implemented.
member
Activity: 62
Merit: 10
Stay focused, please.

Discuss how redlisting coins will help fight crime, and especially CyptoLock copycats.


Redlisting does not help fight crime. Criminals already have databases and probably have lists which they are exploiting as we speak. If they have lists we should be discussing how to make their lists less effective by improving the privacy functionality so that they cannot track our money.

We should also be discussing what we can do to protect users from being targeted in general. There are a lot of potential attacks and coin taint lists are just one.

You've either not read or not understood what Mike wrote.

Redlisting does not involve blacklisting or whitelisting coins. Think of it as attaching a breadcrumb trail to coins that someone suspects are illicitly gained. It doesn't stop anyone from accepting them or spending them. It does, however, provide kind of an informational bread crumb trail for law enforcement to later track if it's necessary.
hero member
Activity: 784
Merit: 1000
Keep focused, please.

Discuss how redlisting coins will help fight crime, and specifically CyptoLock copycats.


Easy, criminals can remain uncaught because innocent people are willing to hide them among us, or just do not object to it. If everyone thinks someone is a scumbag deserving some punishment, they will all actively participate in spotting him, like if he tries to use Coinjoin everyone will refuse to mix with his coins, then he has no place to hide.

The law-enforcement could even be compelled to be more transparent, because they have to do so to get our help, rather than forcing it upon us.


This should be Hearn's original idea: https://bitcointalksearch.org/topic/decentralised-crime-fighting-using-private-set-intersection-protocols-157130

What he is trying to present to the politicians may be a cooked-up version.
hero member
Activity: 714
Merit: 510
Stay focused, please.

Discuss how redlisting coins will help fight crime, and especially CyptoLock copycats.


Redlisting does not help fight crime. Criminals already have databases and probably have lists which they are exploiting as we speak. If they have lists we should be discussing how to make their lists less effective by improving the privacy functionality so that they cannot track our money.

We should also be discussing what we can do to protect users from being targeted in general. There are a lot of potential attacks and coin taint lists are just one.
hero member
Activity: 714
Merit: 510
If in 6 months magically Bitcoins are $100,000 each then the incentive to target users is now much much higher.

What does the BTC/USD ratio have to do with the incentive to target users?

Do you really have to ask that question? Hackers typically go after the easiest targets. They don't and wont typically go after the security experts using cold storage (at least not at first). However they'll collect information on everyone and gather intel through services which will ask for information to help them with their scams. They will then use this intel as part of the recon so that when they do launch their attack they'll know exactly your strengths and weaknesses.

If you're someone who likes to gamble and you log into a gambling site you could find that the whole site gets mysteriously hacked and shut down with all the coins missing. The whole event could have been planned as a honeypot to attract suckers into putting their money on the site and when enough money is given to the site the hackers could roll it all up and take all the money. The higher the price for BTC at the time the more incentive they'll have to do stuff like that. The more anonymous BTC is the more likely they'll do it thinking they can get away with it.

I'd say you didn't answer the question at all. If USD/BTC is $400,000 instead of $400, surely people will keep less BTC lying around on their computers.

That isn't the case. A lot of people including Mike Hearn have lost their BTC wallet from back when they first mined BTC. A lot of people who aren't paranoid about being hacked will leave some satoshi laying around. And not everyone is a security expert who even knows what the phase "cold storage" means. Why do we have to act like snobs about this?

Sure we could start businesses to secure people's wallets for a fee but then we'd be acting like banks and would probably have to be regulated.
member
Activity: 62
Merit: 10
Take a deep breath, remove the tinfoil hat.

Not an attack on your argument, but the term "tinfoil hat" has to be retired now, considering that half the people wearing tinfoil hats were validated by Snowden.

Now when someone says tinfoil hat, the first thing I think of is "They are probably right, if history is any indicator"

I'm not sure I know anyone reasonable who didn't think the NSA was widely spying on the world. Snowden confirmed it and provided valuable details as to just how watched we are, but come on.

This guy just claimed that Hearn's proposal was a way for the US gov to seize control of bitcoin worldwide. That's a tinfoil hat statement. Patently ridiculous.

(Maybe not ridiculous at some time in the future when bitcoin is large enough to actually raise any existential alarms in the halls of power, but we're a couple orders of magnitude from that, and nothing the federal government does is as subtle as co-opting a google security engineer living in Switzerland to start a discussion on a small (the foundation does not have that many members) message board.)
sr. member
Activity: 336
Merit: 250
Cuddling, censored, unicorn-shaped troll.
Stay focused, please.

Discuss how redlisting coins will help fight crime, and especially CyptoLock copycats.
legendary
Activity: 1162
Merit: 1007
It's all just a bluff. Hearn is just going there testifying that he can serve bitcoin up on a platter for the sitting mob to control and manipulate... and they will believe it... and they'll finally feast on some of the lies they've been serving up forever... consider it a vision.

Finally someone with some ideas about how politics works, the geeks' ignorance about which on this forum is just frustrating...

Intriguing.  I was thinking along similar lines as I drove home today too.  This is all just optics.

[sarcasm]Hopefully they get the same software company that did healthcare.gov to track the tainted coins! [/sarcasm] 
member
Activity: 62
Merit: 10

Mike Hearn is participating in the same sort of thing that the Bush Administration did in 2001. He is proposing that Bitcoin businesses voluntarily help the US Government seize worldwide control of Bitcoin for the mere perception that something is being done about CryptoLocker. Meanwhile, there are obvious ulterior motives in play. To achieve a critical mass that would harm all users of Bitcoin, he only needs to get BitPay and Coinbase on board.


Take a deep breath, remove the tinfoil hat.

Please read my previous post. Mike started a discussion about what is effectively a reputation service for coins. He didn't even propose that the Bitcoin Foundation adopt promoting the idea of one as policy, or that he himself is convinced a redlist is a good idea.

They're going to spring up regardless of Mike's proposal, though. Some bitcoin services will use them, some won't. They'll be full of holes and cannot, by the nature of bitcoin, be 100% effective.

A reputation system is a way for individuals and entities (companies, whatever) to communicate information to each other. I thought we're about free speech here, and freedom of individuals and entities to transact (money, information, etc) with each other?



It politicises the use of coins. My political opinion is that your coins should be redlisted, I don't like people like you, just because. There's your free speech.

Sure, that's fine. And the three people that will care about your opinion there can redlist my coins, which won't affect me at all. Likewise, I could redlist your coins, and the three people that would care won't affect you at all, because neither of us run a largely trusted service passing information to its clients.

For a site where so many people give lip service to freedom, it's incredible how many people have such opposition to the idea of entities (people, companies, etc) passing information to each other in a mutually willing exchange of value.

legendary
Activity: 1176
Merit: 1015
Take a deep breath, remove the tinfoil hat.

Not an attack on your argument, but the term "tinfoil hat" has to be retired now, considering that half the people wearing tinfoil hats were validated by Snowden.

Now when someone says tinfoil hat, the first thing I think of is "They are probably right, if history is any indicator"
hero member
Activity: 784
Merit: 1000

Well, Mike's a very smart guy, and an expert in security, so I may not understand his proposal with precision, but I'm pretty sure the outrage on this thread is a result of people just flying off the handle for no good reason. To be very clear, he's calling it a red list specifically because it's not the same as a blacklist. He's not proposing auto-filtering out 'tainted' coins. Here's the short summary:

"Consider an output that is involved with some kind of crime, like a theft or extortion. A "redlist" is an automatically maintained list of outputs derived from that output, along with some description of why the coins are being tracked. When you receive funds that inherit the redlisting, your wallet client would highlight this in the user interface. Some basic information about why the coins are on the redlist would be presented. You can still spend or use these coins as normal, the highlight is only informational. To clear it, you can contact the operator of the list and say, hello, here I am, I am innocent and if anyone wants to follow up and talk to me, here's how. Then the outputs are unmarked from that point onwards. For instance, this process could be automated and also built into the wallet."

This is basically a reputation service. There could be many of them, though it's a network on top of a network, so I'd have to imagine the network effect is pretty huge in terms of winner-takes-all.


You have to make a lot of assumptions to conclude that this "redlist" won't behave exactly like a blacklist. Especially when government joins in on it by punishing people for accepting coins they "should have known" were used for illegal activity. What you'll end up with is an ecosystem where nobody accepts "red"listed coins as payment, even if the network will still let you move them around. If you are innocent, sure, you can contact the operator of the list, but the operator will have no obligation to assume you're innocent. You'll be expected to prove your innocence to the operator's satisfaction.


I'm not making any assumptions. I'm saying that it's a preliminary discussion where nobody knows if or what a workable solution would look like. Could be a total dead-end and very well may be, but no reason not to explore the idea to see if there's a way to make it work.

I would say "no way to make it work" is exactly how it would work, we can make all kinds of assumption about Hearn's morality, but I doubt he is silly enough to believe a government-style blacklist will be successful, he was also an active participator in Maxwell's Coinjoin post.
hero member
Activity: 714
Merit: 510
If in 6 months magically Bitcoins are $100,000 each then the incentive to target users is now much much higher.

What does the BTC/USD ratio have to do with the incentive to target users?

Do you really have to ask that question? Hackers typically go after the easiest targets. They don't and wont typically go after the security experts using cold storage (at least not at first). However they'll collect information on everyone and gather intel through services which will ask for information to help them with their scams. They will then use this intel as part of the recon so that when they do launch their attack they'll know exactly your strengths and weaknesses.

If you're someone who likes to gamble and you log into a gambling site you could find that the whole site gets mysteriously hacked and shut down with all the coins missing. The whole event could have been planned as a honeypot to attract suckers into putting their money on the site and when enough money is given to the site the hackers could roll it all up and take all the money. The higher the price for BTC at the time the more incentive they'll have to do stuff like that. The more anonymous BTC is the more likely they'll do it thinking they can get away with it.

snip snip

So when people say I'm being paranoid it might be because I know a lot about this subject and have reason to be.

Hate to go even more offtopic here, but the ones that know something would never bother adding the words "I know a lot about this" for reasons such as not needing to tell they know a lot about the subject, and by knowing that they have a lot to learn.
I know a lot but not everything. Someone here probably knows more.
There is a lot of inherent risk involved in using Bitcoin services at this time, and while the client itself may be secure we don't vet third party services at all and that is a real problem.

I'm not saying taint lists are a good solution.
member
Activity: 62
Merit: 10

Well, Mike's a very smart guy, and an expert in security, so I may not understand his proposal with precision, but I'm pretty sure the outrage on this thread is a result of people just flying off the handle for no good reason. To be very clear, he's calling it a red list specifically because it's not the same as a blacklist. He's not proposing auto-filtering out 'tainted' coins. Here's the short summary:

"Consider an output that is involved with some kind of crime, like a theft or extortion. A "redlist" is an automatically maintained list of outputs derived from that output, along with some description of why the coins are being tracked. When you receive funds that inherit the redlisting, your wallet client would highlight this in the user interface. Some basic information about why the coins are on the redlist would be presented. You can still spend or use these coins as normal, the highlight is only informational. To clear it, you can contact the operator of the list and say, hello, here I am, I am innocent and if anyone wants to follow up and talk to me, here's how. Then the outputs are unmarked from that point onwards. For instance, this process could be automated and also built into the wallet."

This is basically a reputation service. There could be many of them, though it's a network on top of a network, so I'd have to imagine the network effect is pretty huge in terms of winner-takes-all.


You have to make a lot of assumptions to conclude that this "redlist" won't behave exactly like a blacklist. Especially when government joins in on it by punishing people for accepting coins they "should have known" were used for illegal activity. What you'll end up with is an ecosystem where nobody accepts "red"listed coins as payment, even if the network will still let you move them around. If you are innocent, sure, you can contact the operator of the list, but the operator will have no obligation to assume you're innocent. You'll be expected to prove your innocence to the operator's satisfaction.


I'm not making any assumptions. I'm saying that it's a preliminary discussion where nobody knows if or what a workable solution would look like. Could be a total dead-end and very well may be, but no reason not to explore the idea to see if there's a way to make it work.
hero member
Activity: 784
Merit: 1000
It's all just a bluff. Hearn is just going there testifying that he can serve bitcoin up on a platter for the sitting mob to control and manipulate... and they will believe it... and they'll finally feast on some of the lies they've been serving up forever... consider it a vision.

Finally someone with some ideas about how politics works, the geeks' ignorance about which on this forum is just frustrating...
Pages:
Jump to: