Pages:
Author

Topic: What if the devs are ordered by a US judge to include a government backdoor? (Read 3047 times)

newbie
Activity: 8
Merit: 0
1. Bitcoiners would find an alternative wallet without backdooring
2. The official bitcoin wallet is open source, so one could remove the backdoor
legendary
Activity: 2053
Merit: 1356
aka tonikt
The government doesn't need a backdoor. They can walk in the front door, ie, the open transaction ledger.
the thing is that walking in the front door each time they'd like to check is just to expensive.
plus some people have guns
legendary
Activity: 2053
Merit: 1356
aka tonikt
I'm just saying.
feel free to get adventage of whatever tools you find useful to find it, but trust me, if I had an actual incentive and a proper access, I bet I can beat them all, starting from the most expensive ones. it's just a matter of time
people indeed is a harder part, though as I said, ppl ale subjective to different illusions that you can use in a source code.
especially those ppl who don't care, because they have such a great tools
legendary
Activity: 1470
Merit: 1006
Bringing Legendary Har® to you since 1952
call me a guy with a tinfoil hat again,
You are a guy in a tinfoil hat. Again.

it is as simple as changing one innocent character, at some place in the code he's made, to hide the actual purpose though still suggesting just a mistake.
like putting "," instead of ".", "O" instead "0" or "l" where you needed "1"... I've wrote so much code in C that I could think of tons of expressions that would actually work completely different than one thinks they do at the first sight.
Thanks to code analysis tools (and there are many powerful, free & extremely expensive commercial ones) plus git, such a mistake can be easily spotted.
Remember that you don't review whole code at once (large). You just review latest changes (small).

if the attacker is smart,
There are many smart (and i even dare to say: genius) people looking for backdoors in the Bitcoin code , so that wouldn't be very smart to add backdoors, even if you are a genius yourself.
member
Activity: 94
Merit: 10
The government doesn't need a backdoor. They can walk in the front door, ie, the open transaction ledger. Also, if a particular actor wanted to influence the course of any open-source project, he could simply join the project and contribute code (assuming some degree of subtlety in crafting pull requests, of course). The beauty of the process is that harmful contributions are weeded out, and if the worst-case scenario comes to pass, the project can be forked with a new lead developer.
legendary
Activity: 2053
Merit: 1356
aka tonikt
call me a guy with a tinfoil hat again, but as a guy who spent a big part of his life coding C, I dare to say that it is fairly easy to sneak into such a big source code a backdoor, i.e. in a form of some exploitable stack overflow.

if the attacker is smart, it is as simple as changing one innocent character, at some place in the code he's made, to hide the actual purpose though still suggesting just a mistake.
like putting "," instead of ".", "O" instead "0" or "l" where you needed "1"... I've wrote so much code in C that I could think of tons of expressions that would actually work completely different than one thinks they do at the first sight.

this is especially dangerous when they have just included a few tens of pull requests, so no sane person is really going to go carefully through all of them.

corrupting binaries would be the most stupid way to go, since this one can be actually found quite easily, thanks to bitcoin's fine gitian building solution.
legendary
Activity: 1596
Merit: 1100
This is very relevant to this thread:

  Open-source Governance in Bitcoin
  https://freedom-to-tinker.com/blog/felten/open-source-governance-in-bitcoin/




not sure this guy understand bitcoin, eg I skim read his paper
http://www.weis2013.econinfosec.org/papers/KrollDaveyFeltenWEIS2013.pdf

While I agree with you on his paper, please keep that separate from his blog post, which directly addresses $subject.

legendary
Activity: 2632
Merit: 1023
This is very relevant to this thread:

  Open-source Governance in Bitcoin
  https://freedom-to-tinker.com/blog/felten/open-source-governance-in-bitcoin/




not sure this guy understand bitcoin, eg I skim read his paper
http://www.weis2013.econinfosec.org/papers/KrollDaveyFeltenWEIS2013.pdf

as he appears to completely miss the re-target function of bit coin to make it easier to mine if hash leaves,

he also fails to make connection that specialization by asic miners does not equal distribution increase, in fact, quite the opposite ,eg now we are seeing usb miners, and one person noted that almost any heat producing need could also be mining.

more complex computer chips has been coupled with more uptake.

legendary
Activity: 1596
Merit: 1100
This is very relevant to this thread:

  Open-source Governance in Bitcoin
  https://freedom-to-tinker.com/blog/felten/open-source-governance-in-bitcoin/

legendary
Activity: 2632
Merit: 1023
Let's say the IRS wants to be able to confiscate bitcoins from tax evaders. So they go to the US courts to get this. A judge ends up ordering the bitcoin.org dev team to include a government backdoor so the IRS can take funds away from those who don't pay taxes.

The devs would be forced to comply right?

Pieter and Wladimir are not US citizens, so a US judge can't order them to do anything.

If I was ordered to insert a backdoor, I'd just resign as lead developer and find something else to work on.

But this whole scenario sounds like a paranoid delusion; has there EVER been a case where a judge has ordered a software developer to do anything other than stop distributing their software (because of some copyright or patent issue) ?

Not so sure you need to be US citizen, extradition is the favored tool theses days, even by other means, eg Assange.

Also I think that various protocols, and programs have been ordered modified by Judges, though mainly in patent suits, though this prism thing is perhaps a more pertinent example. If a program was somehow effect on national security I think Judges may order the programer change it, or face contempt. Sorta like journalist who elect to not give up their sources. They don't get to go, oh well I'm not a journalist any more, or working for this paper/story. I disagree with all of this by the way, but never underestimate how flexible the law is against the individual in the hands of the Government.
legendary
Activity: 2632
Merit: 1023
you would not necessarily know that there is a backdoor.

For an experienced programmer who reviews Bitcoin code on a daily basis it should be trivial to spot such a backdoor.

Git is such an extremely powerful tool to review exactly who does what and when. It will be almost unfeasible to put a backdoor in Bitcoin, currently.

what if they get to git, to not compare this code, mod git just for BTC, in some update, that would trick you as you had being relying on git to find the difference.
legendary
Activity: 2632
Merit: 1023
Let's say the IRS wants to be able to confiscate bitcoins from tax evaders. So they go to the US courts to get this. A judge ends up ordering the bitcoin.org dev team to include a government backdoor so the IRS can take funds away from those who don't pay taxes.

The devs would be forced to comply right?

Open source software makes it so that every change is visible.  

Currently the Bitcoin-Qt/bitcoind release is signed by the Bitcoin Foundation ... which means the release won't work for Windows 8 and Mac users (as an update) unless Bitconi Foundation signs it.   This makes it difficult for some other dev team members who are not a party to this hypothetical IRS backdoor demand to be able to release updates to the client without this backdoor themselves.   It would probably have to be a fork with a different name (and signed by some other organization).

But the developers don't have final say as to what changes are accepted for the Bitcoin protocol.  It is the economic majority who decides:
 - http://en.bitcoin.it/wiki/Economic_majority

i don't get this why does it need to be signed, just copy the cod, take out signing requirement bit and release....what am I missing
member
Activity: 73
Merit: 10
has there EVER been a case where a judge has ordered a software developer to do anything other than stop distributing their software (because of some copyright or patent issue) ?

It has happened to the JAP project (http://en.wikipedia.org/wiki/Java_Anon_Proxy)

Quote
In 2003, the German BKA[8][9] obtained a warrant to force the Dresden Mix operators to log access to a specific web address and to introduce a crime detection function in the server software making this possible.

AFAIK they handled the situation by putting in the code, openly labeling it as what it is, and when asked about it they just said "we can't talk about that..." and everybody knew what was going on.
It pretty much killed the project, though, which was about to be overtaken by tor at the time anyway (at least from my point of view).

Regarding bitcoin, I don't think it would take more than an hour to be the topic of discussion on IRC if Gavin did actually commit something like that. Let alone release it.
And, as he already said, our developer community is spread over several countries/continents so it's extremely hard to put them all under legal pressure simultaneously.

Maybe it would be nice to better track / display who reviewed what code. I know you can count the ACKs in the github discussions, but maybe it would put some minds at rest if there was a website listing commits/tags/builds along with green badges representing valid signatures from the core devs.
sr. member
Activity: 266
Merit: 250
aka 7Strykes
Rubber Hose!

If your wallet is protected by a 64 character alphanumeric pass phrase, they will use a $5 wrench to extract it from you.
Rubber hose is useless if they cannot prove that the data is there.

http://en.wikipedia.org/wiki/Plausible_deniability
http://www.truecrypt.org/
http://www.truecrypt.org/docs/?s=plausible-deniability

Exactly. Or just use a truecrypt hidden container so they think they've retrieved your wallet but just have it empty.
full member
Activity: 172
Merit: 100
No, its far easier and more practical to raid your home at first light, seize everything you have, and present you with alternatives so horrible that you'll cave.  A bit of shock and awe goes a long way to keep people in line.

This right here is 100% on point. Why bother with the hassle of installing a backdoor on the code when they can simply arrest you threaten you and your spouse with 20 years in prison and tell you if you surrender your coins they will let your wife off and knock your sentence down to 10-15. That doesn't work? Ok you're now declared an enemy combatant(who needs justification, that's why we have the patriot act), no legal rights, and deported to guantanamo. Oh Guantanamo is finally closed? You think that means you get a break? Nope, now you get to go rot in some hell hole jail set up in one of our "allied" (ie colony) third world nations. Enjoy rotting in prison in Turkmenistan.
legendary
Activity: 1470
Merit: 1006
Bringing Legendary Har® to you since 1952
Rubber Hose!

If your wallet is protected by a 64 character alphanumeric pass phrase, they will use a $5 wrench to extract it from you.
Rubber hose is useless if they cannot prove that the data is there.

http://en.wikipedia.org/wiki/Plausible_deniability
http://www.truecrypt.org/
http://www.truecrypt.org/docs/?s=plausible-deniability
legendary
Activity: 2618
Merit: 1007
Well, you could easily append stuff to the merkle root I guess... The problem is that the coinbase transaction is unknown to the miner itself and that is the one and nearly only one that matters to miners.

You could make them "break" at a certain point of time though for example.

An interesting concept would be an ASIC that spends e.g. 1 BTC for each block it produces from a known address to the ASIC developers and that gets distributed for free. One that address runs dry (hacked or simply enough blocks mined), the ASICs stop working. It is in the best interest of miners then to transfer some BTC to this address again to pay for their ASICs that way. It's not 100% possible right now (as the ASIC would need to know about a new unspent output in that address) but it might be a possibility at least maybe in the future.

By the way:
What about a guide/script to do the following:
Get a vanilla LTS Linux distro (e.g. Ubuntu)
Install something like Jenkins or buildbot
Install gitian
Configure Jenkins or buildbot to build every commit in the bitcoin github repo via gitian
Provide a way to sign and publish the output of these builds

I would love to help verify builds for various platforms but setting all these things up is a bit much to ask and surely has already been done by some people. If there is a guide (or even better: a simple commented shellscript that already installs all required dependencies etc. from a vanilla installation/liveDVD) somewhere then I'd be happy to donate my CPU time + HDD space towards this. I don't really want to "donate" hours of my time though to make gitian, buildbot and whatever you use for signing this (maybe Bitcoin and/or Bitmessage private keys? Smiley) run if there could be already a standard platform for doing so.

TL;DR: Give me a shellscript that "just works"(TM) with a specific liveDVD of some Linux distro that builds Bitcoin binaries and I would love to verify signatures.
legendary
Activity: 1232
Merit: 1094
I would worry more about backdoors in ASIC mining hardware.

If the hardware just does hashing then you can't really have a backdoor.  You tell the hardware what header you want it to hash and what nonce range to use.

A miner that is more complex and builds up its own blocks would be different.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
Rubber Hose!

If your wallet is protected by a 64 character alphanumeric pass phrase, they will use a $5 wrench to extract it from you.
member
Activity: 77
Merit: 10
Folks are asking the wrong questions.  The more interesting questions are:

If it were so ordered, how might it be done?

If it were done, how could it be kept hidden to stop it being circumvented?  (given that the point of bitcoin is that people are supposed to be a validating node.. right?)

What would they really want, anyway?  A copy of transactions? (like the public block chain? oh wait..)  Map addresses to people?  (That's what the FinCEN MSB/etc stuff is for)


Backdoors like registering private keys or even public addresses would never work (too many alternative clients, a huge can of worms - people would remember Clipper quickly)

Backdooring miners is academic - all they're doing is gathering signature transactions into a blockchain.  You need to private keys (see above) to take somebody's BTC.  They can't tamper with the blockchain, it would be rejected by the rest of the network.  The block chain is to provide consensus of which version of transaction is the right one, it doesn't make actual transactions.


No, its far easier and more practical to raid your home at first light, seize everything you have, and present you with alternatives so horrible that you'll cave.  A bit of shock and awe goes a long way to keep people in line.

There's no gain for "the government" to backdoor the bitcoin code when there's far more effective tactics.  Be more worried about the highly effective, low tech attacks.  Its hard to spend your bitcoins if you're in prison.
Pages:
Jump to: