Pages:
Author

Topic: My first experience with bitcoin was NOT positive :( (Read 6554 times)

hero member
Activity: 742
Merit: 500
We're getting a bit off topic here, but this stuff is important (the extension won't work but other approaches that convert the web app into something you "install" might do).

The 60% figure comes from the Chrome developers and I believe it's the total of all displayed interstitials.

I don't understand why you think self-signed certs provide any security. It isn't "easier" to do a MITM, it's the same as with no SSL at all. Unless you have communicated the cert to your users out of band (no first time visitors) AND they are installing the cert themselves, it provides no security.
You say you don't understand, but then you go on to say "unless you have communicated the cert" which is exactly what I'm doing, so I guess you do understand.  Additonally, blockchain.info doesn't use a SS cert.  I was simply using that example to show how those numbers are inflated by people like me.  The number of benign SS certs that are accepted is sadly not part of that number.  Even if it's half (which I doubt), 30% is still too many compromises and obviously something needs to be done to educate the users.

Quote
The click through rate on SSL errors for modern browsers should be zero because they don't let you click through (except for self signed certs, and even then, only with a lot of hassle). That change was made because the previous clickthrough rates were close to 100%.
I agree

Quote
Your belief that users are "dumb" if they ignore warnings is worthless because it categorizes all users as dumb, which is usually a good sign that actually your expectations are wrong. The real reason users clicked through these alerts was usually one of the following:

1) They didn't understand what the warning meant.
2) They have seen the warnings before in non-dangerous situations (like the clock being set wrong or a self signed  cert).
Well I do still think most all users are dumb.  Not dumb in all things, just in how this tech works.  After reading the studies you have linked, I'd also add that being dumb is not prerequisite for failing to check that everything is secure as even intelligent people make mistakes.  What word would you use instead of "dumb?" Clearly the users are something less than fully aware of their surroundings if they are ignoring warnings that are going to lead to them being robbed.  This is not intelligent behavior.

In my experience, you have to treat your users like they are idiots or malicious attackers who will do everything wrong and the software still has to be 100% secure and still work.  As you've pointed out, Blockchain.info sadly does not have this level of security yet, as it requires use of a secure passphrase and knowledge of two-factor auth and installation of a plugin. I still don't understand why you think the plugin is useless.

You seem to be taking the stance that it is an impossible task to trust users not to click the button "Hack me" button no matter how scary we make it.  If that's true, then aren't you the one calling the users dumb?

If this is really about only promoting clients with perfect security, then I'd say that you can't promote any of the desktop clients either as they are all vulnerabile to key logging and the beloved satoshi client has difficult to manage backups. Tangent: I wonder how many coins have been lost by deleting/losing wallets compared to being stolen because of weak security.

It sounds to me like if a user is going to be unsafe with their computer and accept bad SSL certs and generally ignore any warnings that things are going bad (as the studies you have linked prove), then these people more than likely have compromised computers anyway in which case their funds in their desktop wallet are also at risk and we have saved them from nothing by getting them to fear web wallets.


The only secure solution is a hardware wallet that can interface with any client, desktop or web.  Then the private keys are never anywhere that can be compromised by a hacker.
legendary
Activity: 1526
Merit: 1134
We're getting a bit off topic here, but this stuff is important (the extension won't work but other approaches that convert the web app into something you "install" might do).

The 60% figure comes from the Chrome developers and I believe it's the total of all displayed interstitials.

I don't understand why you think self-signed certs provide any security. It isn't "easier" to do a MITM, it's the same as with no SSL at all. Unless you have communicated the cert to your users out of band (no first time visitors) AND they are installing the cert themselves, it provides no security.

The click through rate on SSL errors for modern browsers should be zero because they don't let you click through (except for self signed certs, and even then, only with a lot of hassle). That change was made because the previous clickthrough rates were close to 100%. Your belief that users are "dumb" if they ignore warnings is worthless because it categorizes all users as dumb, which is usually a good sign that actually your expectations are wrong. The real reason users clicked through these alerts was usually one of the following:

1) They didn't understand what the warning meant.
2) They have seen the warnings before in non-dangerous situations (like the clock being set wrong or a self signed  cert).

Surprise, if you cry wolf all the time and do so in unintelligable jargon, people tune you out.

Some usability studies have found that even computer science PhDs often lacked an understanding of PKI!

Here's one usability study on the topic of SSL warnings:

  http://static.usenix.org/events/sec09/tech/full_papers/sunshine.pdf

Quote
Our warnings performed signi cantly better than exist-
ing warnings, but far too many participants exhibited
dangerous behavior in all warning conditions. Our re-
sults suggest that, while warnings can be improved,
a better approach may be to minimize the use of SSL
warnings altogether by blocking users from making
unsafe connections and eliminating warnings in be-
nign situations.

This of course also ignores SSL stripping attacks. Most likely, some your users navigate to your website by typing an address into the address bar. That means the connection starts out being un-encrypted and can be easily MITMd, there are GUI tools that automate this attack. Once you took control like that, you can remove the SSL entirely. If you do this, no users will notice that you've done so:

  http://usablesecurity.org/emperor/

Quote
Abstract We evaluate website authentication measures that are designed to protect users from man-in-the-middle, "phishing", and other site forgery attacks. We asked 67 bank customers to conduct common online banking tasks. Each time they logged in, we presented increasingly alarming clues that their connection was insecure. First, we removed HTTPS indicators ........ We confirm prior findings that users ignore HTTPS indicators: no participants withheld their passwords when these indicators were removed.

In short, SSL has a long history of absolute failure when tested in real world conditions with real people, and it's important that the Bitcoin community not repeat those mistakes.
hero member
Activity: 742
Merit: 500
The problem with having an extension that says "Something changed, watch out!" is that it's not going to work. This isn't debatable, if you think this will work you need to spend an evening reading usability studies of SSL in web browsers. For something like 90% of its history HTTPS simply had no effect despite all the fancy maths because all (seriously, all) users clicked through the warnings when something went wrong. Even since browsers have moved to big red screens that say "Don't proceed!" as plainly as possible, the clickthru rate on Chromes self-signed SSL cert interstitial is 60% - despite that accepting a self signed cert completely defeats the point of SSL.
I will give you that most users are dumb and just click right on through scary alerts no matter how large and glaring they are.  But I think your 60% number is a bit inflated.

That is probably 60% of people ignoring the alerts for SOME self signed cert.  Also, not all self signed certs are bad and they don't "completely defeat the point".  I use them all the time for my own services because they still provide security.  It is just easier (though still not trivial) for someone to implement a MITM.

I think a much more important number to find would be the click through rate of broken SSL certs on banking websites or websites where security actually matters.  If I visit joesmoeblog.com, I probably don't actually care that he has a self signed cert. But, how many people go to bofa.com and get the big red warning and still click through?  I'm sure it's still some, but I'm also sure it's less than 60%.  I also don't feel remorse for people who can't read a big red warning when handling money.
legendary
Activity: 2198
Merit: 1311
Nah it should look like this:



The further Bitcoin moves to the mainstream the less tech-savvy users will be. Even downloading and installing correctly can be a challenge.

This, or something like it.  Potential users need to be better educated more immediately on bitcoin.org.  The "Learn More About Bitcoin" button on bitcoin.org should say something that further reinforces beta/experimental/evolving nature of bitcoin and more about the main client (that it uses a lot of space and so on).
legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
Am now on my 3rd day of downloading the block chain.  To say this is ridiculous would be generous.  Come on core devs!

BTW, how did this happen?  Did no one anticipate how unwieldy the block chain would become?

Yes and no ... it was always coming but not as soon as this. Satoshi dice kind of took a dump in the feedbowl.
legendary
Activity: 1596
Merit: 1100
Am now on my 3rd day of downloading the block chain.  To say this is ridiculous would be generous.  Come on core devs!

BTW, how did this happen?  Did no one anticipate how unwieldy the block chain would become?

It is not an issue of unwieldly block chain, but unwieldly database software.

Upcoming version 0.8 already addresses this issue.

sr. member
Activity: 462
Merit: 250
Am now on my 3rd day of downloading the block chain.  To say this is ridiculous would be generous.  Come on core devs!

BTW, how did this happen?  Did no one anticipate how unwieldy the block chain would become?
hero member
Activity: 742
Merit: 500
I think more people should read the PR wiki page.

Many of the "problems" that I hear with bitcoin are misconceptions and not actual problems.
legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
How can we make bitcoin secure while at the same time usable by anyone?

Very difficult problem.

When thinking about this, I sometimes think that the personal risk with bitcoins might be even more serious than the systematic. For example: people forgetting their encryption keys, losing their backups, corrupting wallet.dat, scams/frauds with social engineering, etc etc. Systematic risk like a web wallet hack will gain more publicity, but it is arguable if the total loss of BTC is greater on systematic problems than with invidual problems.

You mean systemic, not systematic ... don't worry lots of people do it.
legendary
Activity: 1031
Merit: 1000
There is a learning curve to bitcoin. Is it possible to reduce this learning curve?

Showing people what to do, step-by-step, with the easiest to use tools goes a long way in doing that. Hence the Free Bitcoin Guide.
hero member
Activity: 812
Merit: 1006
How can we make bitcoin secure while at the same time usable by anyone?

Very difficult problem.

When thinking about this, I sometimes think that the personal risk with bitcoins might be even more serious than the systematic. For example: people forgetting their encryption keys, losing their backups, corrupting wallet.dat, scams/frauds with social engineering, etc etc. Systematic risk like a web wallet hack will gain more publicity, but it is arguable if the total loss of BTC is greater on systematic problems than with invidual problems.
legendary
Activity: 1304
Merit: 1015
Most of these are because of bad marketing.

There is a learning curve to bitcoin. Is it possible to reduce this learning curve? For example, when I bought my iPhone everything 'just worked' because Steve Jobs focused on the user experience when he developed his products.  How can we make bitcoin secure while at the same time usable by anyone?
legendary
Activity: 2618
Merit: 1007
Most of these are because of bad marketing.

Nearly every source also mentions mining as one of the main sources of Bitcoins and often goes far more into detail with that instead of focussing on the actual use cases of Bitcoin itself.

Also very often the "NO FEES, FREE MICROTRANSACTIONS, F*CK PAYPAL" attitude comes along additionally - this is not true now in some cases and will never be true in the future (when block rewards go down further and further).

Synchronisation will be sped up by the use of bootstrap.dat soon(tm) and I don't know if 0.8 does some additional magic with that. I also further looked into Metalinks and it seems one can even PGP-sign them - so if you trust the main bitcoin devs to compile the client for you, you could also trust them to give you a fairly recent copy of the blockchain along with it.
legendary
Activity: 1304
Merit: 1015
Some more first time painful bitcoin experiences I have been asked:

Quote
what is the intention of Bitcoin? Is it supposed to be - eventually - for dummies like myself or is it just for those individuals who are code and algorithm writers? I downloaded a wallet but how do I know if I need more software or a massive computer system to solve "the problem" for the next block? With all the talk of mathematical problem solving on a world wide network of computers I can't see a small laptop figuring out anything thus not gaining any bitcoins. Why should I be interested in this if it appears it's just for computer scientists?

Quote
hi, instaled bitcoin qt, but after it dowladed all the stuff, now i get DEP protecction from windows, and it tells me bitcoinQT need to run with DEP on, dont let me make an exception for it, nor work it i turn DEP only for sys, so hwat i should do?

Quote
hi, i'm new to bitcoin, i got a bunch of free bitcoins from a bunch of the free sites. how come when i tried to send my bitcoins to myself, it says the fee exceeds the balance? I thought there was no fees?

Quote
Is there a way to speed up the process of synchronisation with the network? It has been taken ages on my MAC.

Any help would be nice


Houston, we have a problem...

member
Activity: 67
Merit: 10
Yeah, the block chain size is quite ridiculous, with clients like MultiBit and Electrum, you don't have to download the entire chain.
hero member
Activity: 742
Merit: 500
I think it is also important to note that the Blockchain.info code is open source:

https://github.com/blockchain


I think Blockchain is superior to Coinbase because if Blockchain.info were to be hacked,  only a small number of users who actively logged in while the server was compromised would lose their coins.


If Coinbase is hacked,  all their online funds could be stolen.  (I learned this the hard way with Bitcoinica)
There is also nothing stopping a court order from seizing their cold storage backups from the safety deposit box at the bank.


With Blockchain, those are not issues.
+1

Coinbase does keep around 90% of their funds encrypted in a bank safe, so that limits the damage a hacker, but not a malicious employee can do.  Blockchain.info cannot run off with your funds, and I think this is a very important point.
vip
Activity: 1052
Merit: 1155
I think it is also important to note that the Blockchain.info code is open source:

https://github.com/blockchain


I think Blockchain is superior to Coinbase because if Blockchain.info were to be hacked,  only a small number of users who actively logged in while the server was compromised would lose their coins.


If Coinbase is hacked,  all their online funds could be stolen.  (I learned this the hard way with Bitcoinica)
There is also nothing stopping a court order from seizing their cold storage backups from the safety deposit box at the bank.


With Blockchain, those are not issues.
donator
Activity: 1466
Merit: 1048
I outlived my lifetime membership:)
The answer is FU.CK YOU. Everybody is able to wait one or two days downloading the last brand new videogame in their bittorrent client, or the last blockbuster movie but is too lazy to wait a day for the blockchain to download.

Only a day downloading and a new economy will be available for the user. And they still complain.  Sad

Congrats. You just made my iggy list.
legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
Nah it should look like this:



The further Bitcoin moves to the mainstream the less tech-savvy users will be. Even downloading and installing correctly can be a challenge.

This is good start but maybe have more options for the Easy, Medium, i.e. other web wallets, etc, Electrum, Amory (which would actually be my pick for "Advanced")

More importantly needs to spell out level of trust required since the "Advanced" is also the zero-trust "be your own bank" option whilst the Quick-Start is the possible "shut-up and take my money web-scammer" option  ....
legendary
Activity: 1031
Merit: 1000
The further Bitcoin moves to the mainstream the less tech-savvy users will be. Even downloading and installing correctly can be a challenge.

I created the Free Bitcoin Guide and directly influenced tens of thousands of people regarding Bitcoin, thousands have download the free guide and many have started using Bitcoin as a result for transactions.

The guide is targeted at new users with medium technical competence. I would greatly appreciate input and suggestions about how to improve the guide in order to increase the conversion rate (measured by people who engage in an actual Bitcoin transaction divided by those that download the guide).
Pages:
Jump to: