Topic: Trust No One - page 112. (Read 161312 times)

This thread is now sticked (thanks SW). I'm hoping that this thread can help a few Newbies achieve the proper paranoia without having to earn it by losing coins.

Can't be too paranoid, have to convert the btc to real currency at some point afterall

Yes, and spread around your risk so that you don't have a "single point of failure" where you can lose all your coins!

The problem is that trust is a snowball and eventually the amount trusted is going to get bigger and bigger. I'm a cynic so I don't believe that anybody is incorruptible, just a matter of price. Sometimes it's not even the person's intention to defraud anybody, things might happen that he is forced to make a bad decision.

After all, if a crook knows Michael is holding on to say 10K BTC or about US$ 120K (now but hey it might be US$1.2M 2 years later) worth for you, and given his full name and such makes it that the crook knows exactly where Michael leaves, what's to say he won't pay Michael a surprise visit and force Michael to transact that 10K BTC + his own personal stash somewhere else where his partner immediately converts it to cash?

I've been thinking about trying to come up with a system that can be untrusted but seriously at every point, I always find a human being can always fuck it up from outside the technological system. Of course it could be my paranoia coming up with all kinds of "ridiculous scenarios" that won't ever happen in real life. Even then it's only a question of how probable.

So fundamentally the only way to reduce the exposure to close to zero is just a system with low fraud/loss probability P + never trusting it with more than X amount so that P * X is always such a small number that the users won't really feel it even if that system fails.

This is the sort of paranoia we need more of around here!

In this case, a less trusted forum member (me) was leveraging the trust of someone who was much more trusted. Michael Hendrix met all my requirements for how to choose someone to trust if you must (listed above), except obviously he had no insurance himself. In that forum thread I was telling the people placing bets that they don't need to trust me if they trust him, since he was holding my bond.

We could have been in cahoots, but there wouldn't be any point to doing that. Michael already has a lot of trust - he doesn't need my help to scam people if he decides he wants to do so.

Am I the only one who finds it ironic?

After all, the two person would be in cahoots so while A claims to have left insurance with B, they are actually on the same team.

I put this post in the Newbies area for a reason

I believe that bitcoin will someday be orders of magnitude more secure (and more valuable). If you buy bitcoins now, you are an early adopter getting in while prices are cheap and betting that security and utility will improve.

In the meantime, yes, you must be absurdly paranoid. These websites cannot be trusted any more than you absolutely have to. To actually hold onto your coins long enough for your investment to pay off, you need to push the paranoia up to the tinfoil-hat level. This is the price of being an early bitcoin adopter.

Buying things anonymously like with cash?

What's the point of bitcoin if you have to be so paranoid?

I think you hit some important points.

 It's very suspicious to me, that right after all of the fraud allegations started being mentioned, some guy comes in with a template website and some seemingly professional words claiming to be starting some type of "protection service" called the UABB. If this thing isn't a scam, I don't know what is.

Agreed. I wrote the post because I am appalled at how much people are trusting exchanges and online wallets to hold ALL their bitcoins. People are too trusting, and need to get a lot more paranoid.

Frankly if we are going to get this market off the ground we have to trust SOMEBODY.  I like your guidelines.  If you know where and who the person is, you have a leg up in litigating your funds back (since bitcoins do have an estimate-able value, theft is a criminal action.)  Another thing you should require is a merchant agreement.  When you are making a purchase online you want there to be a page (or better yet, receive and e-mail) that says exactly what product or service you are receiving and the cost in bitcoins.  You also want this to include the deposit address for the wallet, so you can prove that you paid to that address the specified amount from your transaction history. (print off the webpage.)

Another important factor is if they accept cash transactions.  In the United States and many Western Countries cash is legal tender, required by law to be accepted for transactions.  If they do not have a method for you to buy their product using a cash method, such as paypal, credit card, Western Union, etc, and operate solely on bitcoin then they are operating illegally.  Even if they are legitimately offering products and services you are taking a gamble that they won't be closed down through legal channels before filling your order, and probably shouldn't be trusted anyways for their complete lack of business sense.

Edit http://www.treasury.gov/resource-center/faqs/Currency/Pages/legal-tender.aspx Apparently private businesses in the US are not required to accept cash, but it would definitely be a step towards their credibility in my opinion.  Since fraud with legal tender is a federal offense and raises the stakes quite a bit for criminals.

Seriously. Don't trust the exchanges, don't trust online wallet services, don't trust your anti-virus software, and don't trust anybody online.

If you absolutely must trust someone with your bitcoins, for the love, choose carefully!

• Do you know their full name?
• Do you know where they are located?
• Have they demonstrated trustworthiness in the past?
• Are they asking you to trust them? (red flag)
• Do they have insurance?

Insurance? Impossible, you say. Not so!

When I needed people to trust me to hold bitcoins for a contest, I deposited 50 bitcoins as a bond with a well-respected forum member, so that even if I did something stupid and lost people's money, they would still be reimbursed. You can read about it here: https://bitcointalksearch.org/topic/finished-bet-on-bitcoin-future-price-here-july-1st-2011-10008

Consider carefully who you will trust. With bitcoins, elaborate scams may be profitable. For instance, someone may develop trust for their user name over many months with small transactions on this forum, then take advantage of that trust to make off with a lot of money. Such a scam would only be worth doing on this forum. No other forum in the world would be worth the effort.

If you want someone to hold your bitcoins for you, there are NO online services that have the transparency and security to make me comfortable using them for storing bitcoins for more than a short time in small amounts. The only way to do it is like I did - choose someone whom you believe to be trustworthy, and approach them. If they approach you, or in any way say or insinuate that they are a trustworthy person to hold your coins, STAY AWAY.

If you are thinking that I might not be trustworthy, since I am writing this post about the issue, you are approaching the appropriate level of paranoia.

If you want to store your bitcoins with maximum security, there are lots of resources about how to do it, such as this: https://en.bitcoin.it/wiki/Securing_your_wallet

Here's my summary:

1. Put all your coins in a new wallet that has never connected to the network
2. Encrypt that wallet with the maximum security you can find, using the most secure password you can keep track of
3. Delete the plaintext wallet, and distribute the encrypted wallet to every piece of physical media you own, store it online, and send it to several people you trust

Don't think you can generate and remember a secure enough password? Create a super-long password, and store clues to help you remember it. For instance, your password clue file might say:

My standard password + My throwaway password (backwards, all caps) + &#$%@ + First two sentences of first paragraph of page 19 of my favorite book (include all capitalization and punctuation) + My wife's mother's middle name + My son's favorite superhero + My favorite number times 8734 + food my wife hates (backwards, all caps) + 9-digit number stored with my paper will + 10-character password stored in my safety deposit box + . . . .

You can go on in this way to create as long a password as you want. Store this password clue file with your encrypted wallet, and optionally encrypt both with a simple standard password to keep out snoopers.

In this way, not only can you recover your coins from your "savings account" at a later date, if you get hit by a chicken truck tomorrow and die, your loved ones can probably piece together your password and recover the coins too (better make sure you trust them, and that between them they have or can get the answers to those clues).

I recommend that you practice your wallet encryption and recovery a few times with a small number of coins, until you are very comfortable with the process before you try it with the bulk of your savings.

And remember, this is how most bitcoins services get started:



Comic from: https://bitcointalksearch.org/topic/new-bitcoin-comic-13903