Author

Topic: Security (Read 575 times)

legendary
Activity: 2940
Merit: 1090
August 17, 2012, 04:35:59 AM
#1
Check out Nefario's experience with GLBSE. GLBSE v1 was extremely secure, but didn't see any adoption at all.
GLBSE 2.0 is less secure, but is growing tremendously over the last several months.

People don't want security, they want usability first. If you're aiming to replace banks, you'll need to offer at least the ease of use they offer today.

The great thing about OT is that it allows anyone to open a bank. Customers (99.99% of them) will never run a true OT client, like they'll never run a full Bitcoin node (even though the hardware requirements for an OT client are significantly lower).


Security will eventually come from being open source and open in general as much as possible, having security audits, and having competition, and the option of running a full OT client.

GLBSE seems to have some ability to reverse stuff. Open Transactions does not, I suspect, since there is no way that the server can force someone to sign a balance that person does not agree with.

So basically if you want the nice warm fuzzies you get from your cute bank teller or well dressed stock broker, you can use skype or whatever to chat with such a person, who will use Open Transactions on your behalf and charge you some small nominal fee of only maybe a few times minimum wage or maybe quite a few times minimum wage for being conveniently available for you to chat with.

There is apparently no security in using certificates for websites, since the certificate issuer is a man in the middle, though maybe with a self signed certificate you can avoid that, but who wants the inconvenience of having their browser claim the certificate might not be trustable? Heck it should be more trustable than one bought from a professional man in the middle but that is not the impression those professional men in the middle pay the browser manufacturers to project.

However with good quality video via skype or some such you can maybe do very thorough watching of body language etc to feel sure your broker is not under duress etc.

The problem though again is reversibility. Such a broker is likely to get pressure from clients to reverse stuff, yet cannot actually do so maybe once an instant non reversible transaction has been processed by a transaction server.

Basically if you want all that warm fuzzy crap you probably do not want irreversible transactions, since likely most of your warm fuzzies derive from knowing nothing you say really means a thing, you can backtrack any time and reverse it all, screwing the other parties you pretended to transact with...

-MarkM-
Jump to: