Topic: My first experience with bitcoin was NOT positive :( (Read 6471 times)

You say you don't understand, but then you go on to say "unless you have communicated the cert" which is exactly what I'm doing, so I guess you do understand.  Additonally, blockchain.info doesn't use a SS cert.  I was simply using that example to show how those numbers are inflated by people like me.  The number of benign SS certs that are accepted is sadly not part of that number.  Even if it's half (which I doubt), 30% is still too many compromises and obviously something needs to be done to educate the users.

I agree

Well I do still think most all users are dumb.  Not dumb in all things, just in how this tech works.  After reading the studies you have linked, I'd also add that being dumb is not prerequisite for failing to check that everything is secure as even intelligent people make mistakes.  What word would you use instead of "dumb?" Clearly the users are something less than fully aware of their surroundings if they are ignoring warnings that are going to lead to them being robbed.  This is not intelligent behavior.

In my experience, you have to treat your users like they are idiots or malicious attackers who will do everything wrong and the software still has to be 100% secure and still work.  As you've pointed out, Blockchain.info sadly does not have this level of security yet, as it requires use of a secure passphrase and knowledge of two-factor auth and installation of a plugin. I still don't understand why you think the plugin is useless.

You seem to be taking the stance that it is an impossible task to trust users not to click the button "Hack me" button no matter how scary we make it.  If that's true, then aren't you the one calling the users dumb?

If this is really about only promoting clients with perfect security, then I'd say that you can't promote any of the desktop clients either as they are all vulnerabile to key logging and the beloved satoshi client has difficult to manage backups. Tangent: I wonder how many coins have been lost by deleting/losing wallets compared to being stolen because of weak security.

It sounds to me like if a user is going to be unsafe with their computer and accept bad SSL certs and generally ignore any warnings that things are going bad (as the studies you have linked prove), then these people more than likely have compromised computers anyway in which case their funds in their desktop wallet are also at risk and we have saved them from nothing by getting them to fear web wallets.


The only secure solution is a hardware wallet that can interface with any client, desktop or web.  Then the private keys are never anywhere that can be compromised by a hacker.

We're getting a bit off topic here, but this stuff is important (the extension won't work but other approaches that convert the web app into something you "install" might do).

The 60% figure comes from the Chrome developers and I believe it's the total of all displayed interstitials.

I don't understand why you think self-signed certs provide any security. It isn't "easier" to do a MITM, it's the same as with no SSL at all. Unless you have communicated the cert to your users out of band (no first time visitors) AND they are installing the cert themselves, it provides no security.

The click through rate on SSL errors for modern browsers should be zero because they don't let you click through (except for self signed certs, and even then, only with a lot of hassle). That change was made because the previous clickthrough rates were close to 100%. Your belief that users are "dumb" if they ignore warnings is worthless because it categorizes all users as dumb, which is usually a good sign that actually your expectations are wrong. The real reason users clicked through these alerts was usually one of the following:

1) They didn't understand what the warning meant.
2) They have seen the warnings before in non-dangerous situations (like the clock being set wrong or a self signed  cert).

Surprise, if you cry wolf all the time and do so in unintelligable jargon, people tune you out.

Some usability studies have found that even computer science PhDs often lacked an understanding of PKI!

Here's one usability study on the topic of SSL warnings:

  http://static.usenix.org/events/sec09/tech/full_papers/sunshine.pdf


This of course also ignores SSL stripping attacks. Most likely, some your users navigate to your website by typing an address into the address bar. That means the connection starts out being un-encrypted and can be easily MITMd, there are GUI tools that automate this attack. Once you took control like that, you can remove the SSL entirely. If you do this, no users will notice that you've done so:

  http://usablesecurity.org/emperor/


In short, SSL has a long history of absolute failure when tested in real world conditions with real people, and it's important that the Bitcoin community not repeat those mistakes.

I will give you that most users are dumb and just click right on through scary alerts no matter how large and glaring they are.  But I think your 60% number is a bit inflated.

That is probably 60% of people ignoring the alerts for SOME self signed cert.  Also, not all self signed certs are bad and they don't "completely defeat the point".  I use them all the time for my own services because they still provide security.  It is just easier (though still not trivial) for someone to implement a MITM.

I think a much more important number to find would be the click through rate of broken SSL certs on banking websites or websites where security actually matters.  If I visit joesmoeblog.com, I probably don't actually care that he has a self signed cert. But, how many people go to bofa.com and get the big red warning and still click through?  I'm sure it's still some, but I'm also sure it's less than 60%.  I also don't feel remorse for people who can't read a big red warning when handling money.

This, or something like it.  Potential users need to be better educated more immediately on bitcoin.org.  The "Learn More About Bitcoin" button on bitcoin.org should say something that further reinforces beta/experimental/evolving nature of bitcoin and more about the main client (that it uses a lot of space and so on).

Yes and no ... it was always coming but not as soon as this. Satoshi dice kind of took a dump in the feedbowl.

It is not an issue of unwieldly block chain, but unwieldly database software.

Upcoming version 0.8 already addresses this issue.

Am now on my 3rd day of downloading the block chain.  To say this is ridiculous would be generous.  Come on core devs!

BTW, how did this happen?  Did no one anticipate how unwieldy the block chain would become?

I think more people should read the PR wiki page.

Many of the "problems" that I hear with bitcoin are misconceptions and not actual problems.

You mean systemic, not systematic ... don't worry lots of people do it.

Showing people what to do, step-by-step, with the easiest to use tools goes a long way in doing that. Hence the Free Bitcoin Guide.

Very difficult problem.

When thinking about this, I sometimes think that the personal risk with bitcoins might be even more serious than the systematic. For example: people forgetting their encryption keys, losing their backups, corrupting wallet.dat, scams/frauds with social engineering, etc etc. Systematic risk like a web wallet hack will gain more publicity, but it is arguable if the total loss of BTC is greater on systematic problems than with invidual problems.

There is a learning curve to bitcoin. Is it possible to reduce this learning curve? For example, when I bought my iPhone everything 'just worked' because Steve Jobs focused on the user experience when he developed his products.  How can we make bitcoin secure while at the same time usable by anyone?

Most of these are because of bad marketing.

Nearly every source also mentions mining as one of the main sources of Bitcoins and often goes far more into detail with that instead of focussing on the actual use cases of Bitcoin itself.

Also very often the "NO FEES, FREE MICROTRANSACTIONS, F*CK PAYPAL" attitude comes along additionally - this is not true now in some cases and will never be true in the future (when block rewards go down further and further).

Synchronisation will be sped up by the use of bootstrap.dat soon(tm) and I don't know if 0.8 does some additional magic with that. I also further looked into Metalinks and it seems one can even PGP-sign them - so if you trust the main bitcoin devs to compile the client for you, you could also trust them to give you a fairly recent copy of the blockchain along with it.

Some more first time painful bitcoin experiences I have been asked:






Houston, we have a problem...

Yeah, the block chain size is quite ridiculous, with clients like MultiBit and Electrum, you don't have to download the entire chain.

+1

Coinbase does keep around 90% of their funds encrypted in a bank safe, so that limits the damage a hacker, but not a malicious employee can do.  Blockchain.info cannot run off with your funds, and I think this is a very important point.

I think it is also important to note that the Blockchain.info code is open source:

https://github.com/blockchain


I think Blockchain is superior to Coinbase because if Blockchain.info were to be hacked,  only a small number of users who actively logged in while the server was compromised would lose their coins.


If Coinbase is hacked,  all their online funds could be stolen.  (I learned this the hard way with Bitcoinica)
There is also nothing stopping a court order from seizing their cold storage backups from the safety deposit box at the bank.


With Blockchain, those are not issues.

Congrats. You just made my iggy list.

This is good start but maybe have more options for the Easy, Medium, i.e. other web wallets, etc, Electrum, Amory (which would actually be my pick for "Advanced")

More importantly needs to spell out level of trust required since the "Advanced" is also the zero-trust "be your own bank" option whilst the Quick-Start is the possible "shut-up and take my money web-scammer" option  ....

I created the Free Bitcoin Guide and directly influenced tens of thousands of people regarding Bitcoin, thousands have download the free guide and many have started using Bitcoin as a result for transactions.

The guide is targeted at new users with medium technical competence. I would greatly appreciate input and suggestions about how to improve the guide in order to increase the conversion rate (measured by people who engage in an actual Bitcoin transaction divided by those that download the guide).