Wow, it really is the wild west out there right now...
I wish that some of the "post-mortem" reports I've seen were this good and detailed with problem, explaination, resolutions. I don't have a horse in this race so people affected probably feel differently.
Given illegal nature of Silk Road 2, I can't help but be suspicious of this explanation of the hack. If someone's sufficiently willing to flaunt laws as to operate a site devoted to selling contraband, what stops them from taking advantage of their position of power and stealing from their users?
SR1 was a criminal enterprise as well, and there's no indication DPR was stealing from his users. Trust is at least as valuable in the criminal world as it is in legitimate enterprise, if not more so. A criminal who runs a trustworthy criminal enterprise is likelier to do well in the long run than one who rips off his customers.
Allegedly, SR2 was setup in ways which made it much, much easier to run off with larger quantities of money than with SR1. Given the circumstances, you could reasonably conclude this would happen.
Running off with the money is probably the smart move. The quicker you can get off the radar with something like this, the better your chance of not ending up in jail. It is entirely possible they are made for life, and with no more incoming transactions, if they haven't left a trail, they can have their cake and eat it too.
You can easily throw that trust away and profit some bitcoins if your face is unknown. In the real world someone would come after you sooner or later. In the world SR1/SR2, Bitcoins and Tor? Only if the NSA has an interest.
But there was indications that DPR was murdering people who got in his way. Hardly an "ethical upcheck" here, and if he didn't steal from his users it was only because he didn't feel it necessary, not because he felt ethically bound for that.
In fact ensuring the ideal of SR paying out fairly would allow his business to grow and therefore his lack of theft could easily be entirely and completely pragmatic without needing a shred of ethics to support it.
This is also the guy that just talked a bunch of trash about the last Dread Pirate Roberts, and how he was so much better about security. Jinxed yourself, bro.
Granted this was supposedly in the Bitcoin protocol itself, but for real, there's really never any need to stick your neck out to talk about how great your security is...
I think you're confusing Silk Road 2 with Atlantis. They did talk trash and flapped their wings with fancy Youtube commercials etc before they suddenly closed down soon before Silk Road got busted. Silk Road 2 always claimed to be the rightful heir to the original Silk Road, and have their own Dread Pirate Roberts.
The fact that they would be cutting their own revenue stream? I'm not saying its not possible but really this is just speculation. I could just as easily surmise that it was from a government or banks who feel threatened by bitcoin...
With any other business I would agree, but a $90k+ payout would probably be very attractive for someone running a clone of a drug site that got publicly busted just months before. I would imagine these guys have a countdown to when they get arrested ticking in their heads...
No, $90k is peanuts. Ross Ulbricht was making $19k a day on SR1, according to the complaint. Given that SR2, for all its problems and pissed off users, was still the biggest market, $90k is not worth killing it over. The estimates of >4500btc, on the other hand...
Well, the hackers did move fast, from the Bitcoin discussions I've been following. That's why it's such a good excuse for the SR2 operators: because it's a real hack, it has a surface plausibility.
There is a huge moral difference between the sort of victimless-crime-contraband that is on SR (especially since SR1 at least, not sure about SR2, actively filtered out child porn, weapons, assassinations and all of the other truly scary things that you can potentially sell on an anonymous market), and stealing millions of dollars from people at least a few of whom are dependent on substances and desperately need the money to get them in time.
Also, it hasn't really happened yet, but vigilantes.
Notice that morality doesn't have to have anything to do with this argument. As a matter of pragmatism, the operator of a Silk Road-type site is almost certain to harbor a conviction that he can do so without getting caught (regardless of whether the authorities have morality on their side).
The same same goes for stealing from your customers: of course you won't get caught, what are your victims going to do? File a police report that the money they gave to a contraband site to presumably purchase contraband was stolen? The same conviction that makes it possible for them to operate Silk Road 2 makes it possible for them to steal from their customers.
I think what he's trying to say that it's far less likely for a libertarian "legalize drugs" type of person to screw a bunch of people over.
Like, when you facilitate selling drugs, there is no victim. Hell, you probably prevented having a victim. When you facilitate selling weapons/assassinations/child porn, there is a victim. The latter type of person would be more likely to victimize his/her customers than the former.
This does not invalidate my point. Even though it may not be true, many people think that running a drug dealing website is for the betterment of society. It's less likely for the owners to rip its customers off and be the "bad guy".
I'm far from libertarian but the drug laws are a travesty and selling restricted substances is pretty much the definition of a victimless 'crime'.
The myth of the first-hit-is-free, sell-at-the-school-gates 'pusher' is mostly just that, a myth. If you buy drugs you are not a victim. You may have problems and I believe that we should make government assistance available for those that do. However right now the state and its laws criminalise whole swathes of society for no good reason - there is no victim.
please stop with this idle speculation. 'the operator... is almost certain to..."? give me a break. you don't know them and ametur hour psychology isn't going to contribute anything to the discussion.
LOL @ "victimless-crime-contraband." What a joke. Where do you think the majority of drugs come from? Some hippie's backyard? See the world's stop producers of drugs and you'll find violent, broken countries many of whom are run by drug cartels.
Take this one further, and you might ask why it's all run by cartels. We make it profitable for them with prohibition. We give them the resources to wage these wars ourselves. The only reason this violent industry exists is because the government makes it that way with unjust laws. Tax and regulate just like alcohol and it will be run by normal non-violent people. Just like liquor stores. Prohibition has never and will never work.
> between the sort of victimless-crime-contraband that is on SR
Are you really that naive, or was that for the sake of your argument?
There's no way the drugs they sell on SR come all from some dude's dorm room, specially if it's not weed, and if they want it to be a profitable business.
It's entirely possible to be in support of a free and peaceful drug trade, while at the same time being morally against theft. I don't know why you're lumping the two.
There's a difference between supporting a free and peaceful drug trade and participating in a very-much illegal drug trade.
It's possible to be a hemp-wearing, tree-hugging hippie and be pro-death penalty - it also happens to be rare.
That is very true, but there's still an enormous chasm for your average person between being mostly-law-abiding (I'm not counting things like jaywalking or going 5mph over the limit) and participating in drug sales, which could land you life in prison. Hell, I think drug laws are incredibly unjust in the US, and that the government is overstepping its bounds left and right. By no means should you infer from this that I'm not careful of the legality of my actions. I think it's perfectly reasonable to assume that someone participating in a life-in-prison-risking drug enterprise would also be willing to make other illegal/immoral decisions - in fact I think it would be foolish and naive NOT to assume that as a default, despite the fact that it will of course not be true in every case.
Having dealt passingly with a large number of marijuana dealers, I disagree strongly with your assessment.
Do you have any statistics to back this up, or just the naive reasoning "Well, it's a /serious/ crime, so they'd probably commit others, because only bad people commit /serious/ crimes"?
I'm an ex-heroin addict, and you'd be quite surprised. At least here in Australia, that particular "community" is quite anti-violence, at least at the purchasing/dealer level. Move up the ranks and then that will change, however.
Overzealous drug laws make normally-regular people be defined as criminals. As such, they are forced into contact with other criminals. Some of these criminals break moral laws as well as legal ones.
Well, Nuremberg trials and the American revolution show that ethics are above law in many peoples minds at least when convenient. And in many ways, opposite expressions of the notion of Natural Law vs. State. (not Socrates, of course)
Is that the Nueremburg trials that von Braun was prosecuted at? Because the history of that trial showed me that justice is applied at the prosecution's convenience rather than in the cause of justice, even for the most reprehensible.
Nuremberg trials are not a paragon, merely an example where a majority of the people believe that ethics/natural law trumps the laws of the state. This says nothing of its actual conduct.
What drug kingpin would ever be morally against theft? Does the fact that this trade is being done via the internet imply that these groups have all adopted some kind of code of honor? DPR of SR1 put out hits on people.
Because most people feel an ethical obligation to follow the law. (And I'm not saying this as a member of this group). So if you find a person who does not feel compelled to follow the law, they could be an ethical anarchist, or altogether unethical. Purely given how fringe anarchism still is, I don't think it's too unreasonable to guess that the person is in the second category.
I think that's exactly wrong, given the number of people who don't feel compelled to say, follow the rules about when to cross the road, but don't commit theft or murder.
It shows that large classes of people are willing to follow rules that they think are ethical, while ignoring others they regard as immoral or amoral.
It doesn't like a moral argument that's being made, rather a probability. Yes someone can be motivated by libertarian values and enable crime. But what's the likelihood that it's a crook looking for a way to steal?
I don't have a great opinion on this argument, just clarifying it.
Very true, but at the same time, the anonymity prized by many in support of the site or currencies like BTC makes it a easy target for scammers. I'm saying this happened here, but I'm honestly surprised DPR1 had as much money in BTC, and lived in the US. i.e. Build a system, run it as legit until you're storing $100m of other people's money. Then use the anonymity the system provided you disappear with their money to a county where you broke no laws and provides no extradition to the USA. Spend the rest of your life sipping mai-tais on the beach. Anonymity can be the enemy of accountability.
How about self-interest? SR2 was not a very big site, and building a much larger business based on being a good operator of an underground market would earn him significantly more money than what he would have made by stealing the funds.
Given the latest news it is also very likely that the FBI with the help of some other government cyber-crime unit raided Silk Road 2. You will see it only when the thieves will try to sell or exchange the bitcoins.
The FBI won't do, and it will be in the news sooner and later.
Is our only recourse downloading the entire block-chain to keep our wallets stored offline? Or do I have some misunderstanding? I just really like the convenience of services like coinbase.
You can keep your wallet on your own computer with a "light" client like Electrum, which doesn't need to download the whole blockchain. There are some security tradeoffs, but nobody can outright steal your bitcoins without you doing anything.
At a recent meetup there was a presentation recommending Electrum with HD wallets instead. That would mean you really would only need to memorize a passphrase, all the keys would be generated from that so no backup necessary. Personally I am not yet 100% sure HD wallets are safe, need to look into it.
You can also use something like blockchain.info for slightly better security than coinbase. They do client-side encryption and decryption of wallets. Of course, if you forget your password, your coins are gone. And blockchain.info could always modify their code to steal your coins later. At least they couldn't steal them without you logging in.
But a thin wallet like Electrum is probably your best bet.
Yeah. The moment I got to " a vendor exploited a recently discovered vulnerability in the Bitcoin protocol known as “transaction malleability”" I was like "Riiiiight....".
It's not even 'recently discovered', and as far as I understand it it does not let anyone to drain other persons' wallet (if it did, that'd be a killer to entire bitcoin the moment it was discovered)
They wanted to exit the business from the start. Saw a convenient time with everyone discussing a vulnerability, claim right away that vulnerability was used to steal all the money to avoid backlash from users.
If one were sufficiently cynical one could argue that this was the plan from the start. Build another version of the site, wait for some BitCoin disaster, take all the funds and claim it was the disaster that done did it.
Of course to pull that off you'd really need to employ the disaster yourself so that you have the ledger entries to "prove" it.
Tor != can disappear forever and completely untraceable. The marketplace they have set up is often used to sell illegal items and substances. I would imagine there is a high percentage of those involved that if they found out who is behind and Silkroad 2.0 owners plainly and simply said -- "haha, I got your money now, too bad" would put enough resources into tracking them down and physically injuring them.
It just makes sense for them to mitigate risk and having a plausible "hey this recent vulnerability killed us, sorry, go read about in the news, it is bad..." excuse perhaps does that.
I doubt drug dealers care about the distinction between "you stole my money" vs. "you lost my money". Either case SR2 admin better do a good job of hiding.
I thought the 'malleability' problem only resulted in miners being DDOS'd. The transactions themselves were supposedly still 'intact' - i.e., inputs, outputs, addresses were not modified.
So.... what are SR2 saying happened here?
- Is it a double spend using SR2 escrow bitcoins?
- How was the malleability introduced?
There are two potential issues with the malleability. One is the MtGox problem where you might not realize a transaction was successful and you are duped into sending the money twice.
The second issue is a bug that was discovered in the reference client where if you try to spend coins you sent to yourself before they are confirmed a bug in the wallet causes your balance to be off.
Neither problem inherently allows theft but if you aren't careful the first can open your to social engineering. The reason they are calling this a dos as far as I can tell is because they are preventing you from spending your money until the bug is fixed with the accounting in the reference wallet.
SR2 is probably full of crap but there is a small possibility that they some how automated re-sending of failed transactions w/o properly accounting for malleability in which case you might be able to steal a multiple of the actual amount of money in your account over a few days. The sheer size of this though would make me skeptical of that scenario.
> One is the MtGox problem where you might not realize a transaction was successful and you are duped into sending the money twice.
This isn't really a malleability issue however. Lets say it wasn't successful: You send again. Opps, someone pulls the original out of a hat and both go through.
The only way to safely reissue is to double spend the original transaction. Then you get atomic exclusion, and it's completely safe: only one can possibly get into the longest chain. This safety still applies if there is mutation going on.
The "hack" would involve withdrawing money, changing the hash of the transaction and then complaining that the transaction didn't go through. This was done through the support channels on Mt. Gox etc but technically could have been an automated system on silk road 2. Not likely though.
I think the idea would be that you would withdraw from escrow, manipulate the transaction to change the transaction id (which they shouldn't be relying on if they use bitcoind and makes the whole thing kinda fishy) then when SR can't find the transaction it assumes it failed and sends again or he opens a ticket saying he never got his funds and they send them again manually.
From my understanding of the malleability issue, couldn't you have vendor withdrawals that get sent, but then not verified by the Silk Road system? Where the original transaction gets rejected due to the modified one getting accepted by the network? So then the Silk Road internals would assume it just didn't go through and not deduct it from the vendor's internal balance, allowing the vendor to repeatedly withdraw as long as they just withdrew their whole balance and modified the transaction each time?
It's recently been suggested that it actually is possible to drain someone's wallet using transaction malleability, if they are not using the reference software. See below:
Update: The amount of BTC that was stolen was calculated by Nicholas Weaver @NCWeaver – Computer Security Researcher, to be around: 4474.266369160003BTC that are with the value of about $2.7 Million.
Bitcoin can be divided down to Satoshi's (0.00000001) an are often traded in fraction. Since they're worth $500+ at the moment, it makes a lot of sense.
I was talking about the trailing decimals after the hundred-millionths place. It's an obvious sign that someone was doing calculations on them as floats and not integers (and dividing by 100,000,000 for display purposes).
Not having very much knowledge about the financial industry - is this also an issue with marketplaces that deal with fiat monies?
i.e. Dwolla, Balanced, Stripe, Venmo, all serve as intermediaries for moving money - do these companies have bank accounts that hold onto massive sums of money? What protections would go into keep those accounts secure?
Dwolla, Inc. is an agent of Veridian Credit Union and all funds associated with your account in the Dwolla network are held in a pooled account at Veridian Credit Union. These funds are not eligible for individual insurance, and may not be eligible for share insurance by the National Credit Union Share Insurance Fund. Dwolla, Inc. is the operator of a software platform that communicates user instructions for funds transfers to Veridian Credit Union.
I have the sense that the protections in place on above-the-board, regulated financial services companies are more meaningful than those placed on companies dedicated to selling contraband. (That is: none)
Modern banking is over 100 years old. There is 100+ years of fraud protection processes, legal experience, etc built into the system, plus a huge and complex industry that has a vested interest in overall currency stability.
Bitcoin and other digital currencies are learning firsthand what it means to "disrupt" on this scale. Part of that is learning the hard way what the old industry has known since before any of us were born.
Modern banking is also largely reversible, so stolen funds can often be recovered, and insurance covers the other cases.
Bitcoin has the problem of having irreversible transactions, and it's also a lot more difficult to determine whether or not an account has been legitimately stolen from.
I don't think it's the case that the current banking industry is insulated from theft due to superior security. From what I've heard from programmers working in the financial industry, the software there can be quite ropey, or at least no better than anywhere else.
Reversible transactions are a security mechanism. And not all mainstream financial transactions are reversible - short term bank to bank loans, which can run in the tens of millions of dollars over periods of mere minutes, are not reversible within the transaction process itself (set up another transaction to balance the books if necessary). Of course, this is hardly a realm for consumers! Only a rarified few that have passed stringent regulatory requirements can participate in high-end mechanisms, and they can be booted out easily in case of fraud or failure.
Irreversible, unregulated, software-driven money at the consumer level is a thief's wet dream. It's even more appealing than cash. Money can be stolen from halfway across the globe, anonymously. Digital currencies face security challenges that go far beyond those of the fiat currency so many people despise.
Besides the theft problem, there's the crime problem. Digital currency is extremely convenient for high-dollar criminals like international drug and arms dealers. They're the first big customers, while mainstream businesses lag far, far behind in their own cautious way. This makes governments even more hostile, and civilians as well. And a currency that isn't accepted by the vast majority of legitimate businesses is not terribly useful.
But to your other point... yeah, banking software is not necessarily a paragon of security, any more than any other big enterprise software. But consumer-facing parts are generally fairly limited in scope (worst breach I know of is the recent Target breach), and the really big-money parts are hidden well away from the world and buried under many layers of process as well as software security.
An example of a "big-money" part of the banking system, Fedwire, the money transfer between banks run by the Federal Reserve, cleared an average of 2.85 trillion dollars per day in Q3 2013.
Sure, but the processes that make banking secure mostly rely on human interaction, insurance and centralisation, which are obviously difficult or impossible to apply to Bitcoin. The current batch of Bitcoin businesses are getting hard lessons in information security, whereas the mainline banking system can compensate for any deficiencies in their software with more traditional security processes.
To me, one of the more interesting results of Bitcoin is how critical information security is to the businesses that deal in it, and how a flaw in their security can make companies vanish overnight. It really provides some darwinian pressure to get security right!
And fiat currency starts looking better all the time. The fact that the most powerful security mechanisms aren't even applicable to digital currency should be a huge red flag.
Short the exchange rate + significant DDOS attack on the exchanges = millions in free money. That's just a for example. It doesn't even require explicit crime on the bitcoins themselves, and can be done at a safe remove through multiple cutouts. (Historical point of comparison - shell companies were used to short airline stock just before 9/11, resulting in tremendous windfall profits for presumably close allies of the perpetrators)
> And fiat currency starts looking better all the time. The fact that the most powerful security mechanisms aren't even applicable to digital currency should be a huge red flag.
You could make similar arguments about security on the internet compared to physical security in the real world. The recent Target credit card theft, for instance - it's unlikely that the thieves could have appropriated 40 million credit card numbers by physically taking them!
> Short the exchange rate + significant DDOS attack on the exchanges = millions in free money. That's just a for example. It doesn't even require explicit crime on the bitcoins themselves, and can be done at a safe remove through multiple cutouts.
Sure, but you could achieve a similar effect by attacking an internet retailer and shorting their stock. It's also a lot easier to short stock, which is a shame, as shorting typically reduces price volatility.
The main protection overall is probably the reversibility of most kinds of transactions in the mainstream banking system (and the liability of banks to customers in many cases of fraud). At least, this kind of policy can be seen as a backstop to particular arrangements and policies like limiting the size or rate of transactions, requiring multiple authorizations for certain transactions, and so on.
The reversibility of transactions has drawbacks (one that's of interest to me is that it serves as one motivation for reducing privacy and increasing data retention).
> No because if there are bad charges on my card the bank absorbs them
The transaction is reversed and the money comes back from the merchant it was sent to, your bank doesn't absorb any loss. The only victims of credit card fraud are the stores, not the consumers, not the banks, and not the unauthorized user of the card. Nobody who should have actual liability is actually punished in any way, just innocent retailers, for the most part.
The financial industry is just as insecure if you hold actual cash.
The solution the industry has is not to hold cash.
Since no one has money, and all the banks have insurance, they just reverse the transactions in 90% of cases, and in the other 10, like ATM fraud, use insurance. But seriously, go to a bank and try to withdraw $90K in cash.
Also, if you make off with 90K in cash the finance industry has people with guns to go and get the cash back.
Quite a lot of banks will simply say "no, not with any amount of paperwork". It's over the AML threshold. Unless you're a business with a need for that quantity of cash.
Quite a lot of banks will simply say "no,
not with any amount of paperwork"
You're going to need to provide a source for this statement. HSBC was just pilloried in the press for denying large withdrawals to the point that they reversed their policy.
"Suspicious Transaction Reports" or "Currency Transaction Reports" only take a few minutes at most and can be completed online. The AML threshold applies whether you're using cash or a check, so you're basically saying that banks won't deal with transactions over $10,000 which is absurd.
Nearly every bank and credit union has a 'Large Cash Withdrawal' policy that merely requires ~7 days' notice prior to the withdrawal so that they can order the cash. It also of course waives their liability if you lose that cash or get robbed, but that's to be expected.
If it took the FBI 2 years to track him down, unless he fucked over the Zapatas exactly nothing will be done about this. But then again the Zapatas hide behind guns, not crypto currency.
This is nonsense. The transaction malleability issue doesn't cause coins to be automatically resent. The simple explanation is that the owner ran off with everybody's money.
Exhibit HN: I've concocted a most healthful and beneficial syrum of the utmost pure ingredients! This here oil shall alleviate ye of all woe, misery and weak-of-knee! Looking for a most suitable alchemical co-founder to assist in mine taking this to production ready status for this year's county fair! Please contact me by post or telegram!
Dr. Samuel's Special Synergistic Syrum
One Market Plaza, San Francisco
My favorite part of bitcoin is just how wild west it always feels. Real money, in very massive quantities is stolen, and there's no authorities who will do anything about it. Old school scams are new again. Crashes happen on a monthly basis. I'm staying out of it in any serious quantities because frankly i'm having too much fun watching it.
There are certainly fortunes to be made as well as lost. I probably would not put "serious" quantities into bitcoin myself either, but it definitely is more interesting to watch it when you have a small amount in it.
for anyone who sees bitcoin as a 'wild west' environment, this sort of thing is obvious and just moves the bitcoin economy forward. problems found now are fixed, and won't be as big of a deal later.
If one of the main bullet points of your currency replacement is that "it's frictionless unlike regular money", and you ever find yourself pointing the finger at regular money and saying "it has frictions too" you already lost the argument.
If the worst problem in the fiat banking cartel industry was occasionally buggy client software, we would all be floating on a cloud of happiness and rainbows.
That's weird, even in 2009 my market investments didn't randomly end up with an account balance of 0.00.
Seems that fiat is doing much better than "occasionally buggy". They even usually catch the bank robbers, let me know when Team Bitcoin tracks down the SR2 thief!
People should know better. I made a nice profit last year with bitcoins which could have been a lot more if I had sold them later, but I always saw that as an experiment. It was basically fuck you money that I could affort to lose. I truly believe that cryptocurrency will have a lasting impact in the future, but right now it's just much a gamble as playing roulette. In its current state, believing bitcoin is as stable as traditional currency is very, very naive.
I had a large reply written out for you, but then I realized it was just a long-winded way of writing "Risk Reward"
Yes, of course it is Risk/Reward. That's why people get into new things. Ocean travel wasn't ready for primetime, but if you came back with a ship full of gold and spices...
Either SR2 was hacked or someone ran off with the funds. Whatever the case may be, I do not see how the friction (or lack thereof) of Bitcoin has anything to do with this.
I'm still waiting to hear how they plan to scale Bitcoin to 50,000 transactions per second. To cover a part of the current financial system alone (but only in the U.S., not the rest of the world). 50,000 is a looong way from 7.
> our projections of order finalization volume indicated that we would need the community’s full balance in hot storage.
As a bitcoin community leader, you have to stay informed with how other people got hacked in the past, and there are so many cases where all the bitcoins were foolishly kept out of air-gapped cold storage until an adventurous hacker plundered them. I guess history is doomed to repeat itself.
This is why bitcoin is a sham. The premise of perceived bitcoin value is based on the greater fool theory. What the hell were any of these people thinking?
That has nothing to do with what has happened here and has been argued ad nauseam in other threads already. In short: the only aspect of bitcoin that may be considered an instance of the greater fool theory is the idea that it is a guarenteed investment. Obviously it is not, and this news has nothing to do with bitcoin as an investment vehicle anyway.
It has everything to do with this - the reason it was stolen is it is a crypto currency with no legitimacy or inherit value. It's not even a physical object, its more like a stock that is not regulated.
If this were real currency or a stock, then there might be some regulation and stealing would be hard to pull off.
This virtual currency's value is based on nothing. The whole hacked account thing has a lot in common with some of the stock scams that occurred pre-depression. You have phony stocks which people buy into, it gets pumped, value is inflated, then dumped only to find out there was no company or the books were cooked. For all we know the guy that created silk road 2 'hacked' it himself and pocketed the bitcoins. This has more in common with a bad stock deal than a real robbery. And bitcoin has about the same real value as one of the phony stocks peddled on the market in the 1920s.
It is entirely possible. Being a marketplace their software sends coins around for all sorts of reason, this is what was hacked. Someone's personal bit coins are not at risk.
It is perfectly possible. Your only task is to secure the private keys. These are short enough to be printed as a QR code or written down. keep that piece of paper somewhere safe. Alternatively, it is possible to use a good, random, long passphrase as your de facto private key. That way, the keys to your wallet are literally stored in your mind and nowhere else.
As of now, there are no known fatal flaws or weaknesses in the Bitcoin protocol itself. The network is secure and as long as you manage to secure your private keys, Bitcoin is extremely safe.
Social engineering applies to pretty much everything. It has nothing to do with Bitcoin (or whatever else a social engineer wants from you) and everything with your own lack of due diligence and gullibility.
Semantics. Obviously, theoretically, everybody can be fooled. The common sense definition of secure is not "secure with zero possibility of the security being broken". Storing diamonds in a safe at the bank is secure. Printing your private key and storing it at the bank is not any less secure than storing diamonds there.
... and things like this do to a point hilight why there is a lot of regulation around money and trying to create a new "freer" currency is actually really dangerous. I'm pretty sure his operating practice of keeping all the money in one place would be against regulations. Also usually there are big security standards. And finally high transaction fees do in some part support insurance so when my/your visa is stolen or what ever, the bank can just refund me, and take it out of its insurance. Because storing a lot of money for a lot of people is a big deal, but its a well looked at deal, and trying to start from scratch ignoring all of that... well... you just end up with people loosing money in ways that would never happen otherwise. :/
This is almost certainly hogshit, and anybody who has been paying even a little bit of attention over the last week can probably smell it.
The "hole" in MtGox's security was a social one. You could contact customer support and claim that you had not received your coins, and they could re-issue you new ones if they chose to. There is also no evidence that this ever happened.
This wasn't, and isn't, a flaw in the underlying architecture, it's just a way to convince a customer service rep that you weren't lying.
If SR was re-issuing coins automatically, it's because they were being intentionally stupid.
--
They're using this as a scapegoat. Either somebody ran off with the coins, or something otherwise hacked them and they're using this as an explanation.
If SR was re-issuing coins automatically, it's because they were being intentionally stupid.
MtGox was re-issuing coins automatically. Due to this, Gox has lost money. Possibly a huge amount. Were they being intentionally stupid, or just stupid?
This transaction malleability flaw is certainly a convenient excuse. But if these people implemented their wallet software in the same manner as Gox, then they would've suffered the same fate: a loss of thousands of coins, which is exactly what they claim happened.
You'll note that mtgox had funds taken from it. None of these other sites [did]. They're just being flooded with junk that screws up their transaction processing. It's not really the same thing at all.
They worded that very strangely in their statement about it:
>This means that an individual could request bitcoins from an exchange or wallet service, alter the resulting transaction's hash before inclusion in the blockchain, then contact the issuing service while claiming the transaction did not proceed. If the alteration fails, the user can simply send the bitcoins back and try again until successful.
Emphasis mine.
The reference client certainly doesn't do this on spends. Why would gox have implemented it in this way? It doesn't make any sense at all.
The reference client certainly doesn't do this on spends. Why would gox have implemented it in this way? It doesn't make any sense at all.
I've been researching the details of this disaster. Here's what I've gathered. This info came from Greg Maxwell, a bitcoin core developer. He got his information from the owner of MtGox himself:
Gox implemented custom wallet software to deal with massive transaction volume. The reference client wouldn't cut it for their purposes. For what it's worth, Greg agrees with the decision to write custom software for high-volume exchanges. It seems pretty likely that other exchanges have also implemented custom bitcoin software stacks.
In the scenario where Gox detected that a transaction failed, they automatically reissued the transaction. But that was based on the faulty assumption that the transaction hash couldn't ever mutate. This flaw was exploited to siphon bitcoin out of Gox.
This doesn't matter very much for Gox because, conservatively, they've made at least 120k BTC in profits from trade fees. More likely in the range of 400k. So they'll be able to cover the losses.
But this means it's entirely possible that other exchanges and web services with custom software stacks were hit hard by the malleability event, just like Gox was. It depends whether they were automatically reissuing transactions. If so, then they probably lost money.
I'm surprised they had any kind of online wallet. You'd think you would do manual transactions with offline keys if running a blackmarket, or the very least multiple sigs for any hot wallet.
People find it hard to use, between i2p and multi-sig, and so they don't use it and then you have the usual chicken-egg problem. You might think i2p & multi-sig are trivial conveniences worth paying for security from site operators scamming you (currently the #1 cause of black-market death in my compilation), but we here, on HN of all places, should appreciate how important usability is and how hard ordinary people find crypto stuff to use: most black-market users can't even PGP-encrypt their addresses when ordering drugs. (You might expect 100% of addresses to be encrypted, but actually encryption rates range from 8% to 90%, depending on which marketplace & vendor you ask.)
I was under the impression MtGox was also processing withdrawals automatically and shut off withdrawals while they implemented a manual step (like all the other wallet sites already have.)
I don't mean to be unconstructive, just trying to understand what you're saying here, I don't really see how a customer support issue such as you outlined would require shutting off withdrawals for multiple days.
I might just be wrong. I'm interpreting their statement to mean that, but some people have pointed out that they've said other, possibly conflicting things.
>This means that an individual could request bitcoins from an exchange or wallet service, alter the resulting transaction's hash before inclusion in the blockchain, then contact the issuing service while claiming the transaction did not proceed. If the alteration fails, the user can simply send the bitcoins back and try again until successful.
554 comments
[ 3.0 ms ] story [ 303 ms ] threadI wish that some of the "post-mortem" reports I've seen were this good and detailed with problem, explaination, resolutions. I don't have a horse in this race so people affected probably feel differently.
That reminds me of arguing along the lines of, I played Russian Roulette before, and I didn't lose. Therefore, I will not lose this time either.
In fact ensuring the ideal of SR paying out fairly would allow his business to grow and therefore his lack of theft could easily be entirely and completely pragmatic without needing a shred of ethics to support it.
Granted this was supposedly in the Bitcoin protocol itself, but for real, there's really never any need to stick your neck out to talk about how great your security is...
A lot of talk for something that just started, and had a massive fail one week after publication.
Cue a line of BTC-promoting ostriches claiming that the protocol is fan-fucking-tastic and in no need of improvement.
Well atleast that is how they delusionaly see it.
http://en.wikipedia.org/wiki/Iran%E2%80%93Contra_affair
http://en.wikipedia.org/wiki/Troubled_Asset_Relief_Program
Also, it hasn't really happened yet, but vigilantes.
Except for when they needed those things.
The same same goes for stealing from your customers: of course you won't get caught, what are your victims going to do? File a police report that the money they gave to a contraband site to presumably purchase contraband was stolen? The same conviction that makes it possible for them to operate Silk Road 2 makes it possible for them to steal from their customers.
Like, when you facilitate selling drugs, there is no victim. Hell, you probably prevented having a victim. When you facilitate selling weapons/assassinations/child porn, there is a victim. The latter type of person would be more likely to victimize his/her customers than the former.
Ah, I'm pretty sure only libertarians feel this way...
I'm far from libertarian but the drug laws are a travesty and selling restricted substances is pretty much the definition of a victimless 'crime'.
The myth of the first-hit-is-free, sell-at-the-school-gates 'pusher' is mostly just that, a myth. If you buy drugs you are not a victim. You may have problems and I believe that we should make government assistance available for those that do. However right now the state and its laws criminalise whole swathes of society for no good reason - there is no victim.
Why? Does being libertarian somehow grant a +3 to morality?
Are you really that naive, or was that for the sake of your argument?
There's no way the drugs they sell on SR come all from some dude's dorm room, specially if it's not weed, and if they want it to be a profitable business.
Do you have any statistics to back this up, or just the naive reasoning "Well, it's a /serious/ crime, so they'd probably commit others, because only bad people commit /serious/ crimes"?
I can't back it up with science (someone know of any research?), but it sure seems to be a trend when you compare among countries in various stages.
What drug kingpin would ever be morally against theft? Does the fact that this trade is being done via the internet imply that these groups have all adopted some kind of code of honor? DPR of SR1 put out hits on people.
Parent's suspicion is right on the money.
It shows that large classes of people are willing to follow rules that they think are ethical, while ignoring others they regard as immoral or amoral.
I don't have a great opinion on this argument, just clarifying it.
The FBI won't do, and it will be in the news sooner and later.
Edit: here is one way to do it https://en.bitcoin.it/wiki/How_to_set_up_a_secure_offline_sa...
At a recent meetup there was a presentation recommending Electrum with HD wallets instead. That would mean you really would only need to memorize a passphrase, all the keys would be generated from that so no backup necessary. Personally I am not yet 100% sure HD wallets are safe, need to look into it.
But a thin wallet like Electrum is probably your best bet.
The reference client (github.com/bitcoin/bitcoin) does not resend transactions because of malleability.
The only way you can have double transfers due to malleability is if you are manually reviewing transfers and re-sending them yourself manually.
This seems like a very convenient scapegoat.
It's not even 'recently discovered', and as far as I understand it it does not let anyone to drain other persons' wallet (if it did, that'd be a killer to entire bitcoin the moment it was discovered)
Of course to pull that off you'd really need to employ the disaster yourself so that you have the ledger entries to "prove" it.
It just makes sense for them to mitigate risk and having a plausible "hey this recent vulnerability killed us, sorry, go read about in the news, it is bad..." excuse perhaps does that.
So.... what are SR2 saying happened here? - Is it a double spend using SR2 escrow bitcoins? - How was the malleability introduced?
The second issue is a bug that was discovered in the reference client where if you try to spend coins you sent to yourself before they are confirmed a bug in the wallet causes your balance to be off.
Neither problem inherently allows theft but if you aren't careful the first can open your to social engineering. The reason they are calling this a dos as far as I can tell is because they are preventing you from spending your money until the bug is fixed with the accounting in the reference wallet.
SR2 is probably full of crap but there is a small possibility that they some how automated re-sending of failed transactions w/o properly accounting for malleability in which case you might be able to steal a multiple of the actual amount of money in your account over a few days. The sheer size of this though would make me skeptical of that scenario.
This isn't really a malleability issue however. Lets say it wasn't successful: You send again. Opps, someone pulls the original out of a hat and both go through.
The only way to safely reissue is to double spend the original transaction. Then you get atomic exclusion, and it's completely safe: only one can possibly get into the longest chain. This safety still applies if there is mutation going on.
I've sent literally tens of thousands of bitcoins transactions and have never once had a transaction that wasn't confirmed within 48 hours.
The important part here is that I have always used the reference client with the latest ruleset for transaction fee calculation.
Is if you replace the transaction without double spending it, which is unsafe.
https://anders.io/the-troublesome-history-of-the-bitcoin-exc...
Update: The amount of BTC that was stolen was calculated by Nicholas Weaver @NCWeaver – Computer Security Researcher, to be around: 4474.266369160003BTC that are with the value of about $2.7 Million.
I just looked at a few of them and most addresses received from 20 to 100 BTC so it's quite a lot in total, maybe in the ballpark of 1000-2000 coins.
i.e. Dwolla, Balanced, Stripe, Venmo, all serve as intermediaries for moving money - do these companies have bank accounts that hold onto massive sums of money? What protections would go into keep those accounts secure?
Dwolla, Inc. is an agent of Veridian Credit Union and all funds associated with your account in the Dwolla network are held in a pooled account at Veridian Credit Union. These funds are not eligible for individual insurance, and may not be eligible for share insurance by the National Credit Union Share Insurance Fund. Dwolla, Inc. is the operator of a software platform that communicates user instructions for funds transfers to Veridian Credit Union.
Bitcoin and other digital currencies are learning firsthand what it means to "disrupt" on this scale. Part of that is learning the hard way what the old industry has known since before any of us were born.
Bitcoin has the problem of having irreversible transactions, and it's also a lot more difficult to determine whether or not an account has been legitimately stolen from.
I don't think it's the case that the current banking industry is insulated from theft due to superior security. From what I've heard from programmers working in the financial industry, the software there can be quite ropey, or at least no better than anywhere else.
Irreversible, unregulated, software-driven money at the consumer level is a thief's wet dream. It's even more appealing than cash. Money can be stolen from halfway across the globe, anonymously. Digital currencies face security challenges that go far beyond those of the fiat currency so many people despise.
Besides the theft problem, there's the crime problem. Digital currency is extremely convenient for high-dollar criminals like international drug and arms dealers. They're the first big customers, while mainstream businesses lag far, far behind in their own cautious way. This makes governments even more hostile, and civilians as well. And a currency that isn't accepted by the vast majority of legitimate businesses is not terribly useful.
But to your other point... yeah, banking software is not necessarily a paragon of security, any more than any other big enterprise software. But consumer-facing parts are generally fairly limited in scope (worst breach I know of is the recent Target breach), and the really big-money parts are hidden well away from the world and buried under many layers of process as well as software security.
To me, one of the more interesting results of Bitcoin is how critical information security is to the businesses that deal in it, and how a flaw in their security can make companies vanish overnight. It really provides some darwinian pressure to get security right!
Short the exchange rate + significant DDOS attack on the exchanges = millions in free money. That's just a for example. It doesn't even require explicit crime on the bitcoins themselves, and can be done at a safe remove through multiple cutouts. (Historical point of comparison - shell companies were used to short airline stock just before 9/11, resulting in tremendous windfall profits for presumably close allies of the perpetrators)
You could make similar arguments about security on the internet compared to physical security in the real world. The recent Target credit card theft, for instance - it's unlikely that the thieves could have appropriated 40 million credit card numbers by physically taking them!
> Short the exchange rate + significant DDOS attack on the exchanges = millions in free money. That's just a for example. It doesn't even require explicit crime on the bitcoins themselves, and can be done at a safe remove through multiple cutouts.
Sure, but you could achieve a similar effect by attacking an internet retailer and shorting their stock. It's also a lot easier to short stock, which is a shame, as shorting typically reduces price volatility.
The reversibility of transactions has drawbacks (one that's of interest to me is that it serves as one motivation for reducing privacy and increasing data retention).
If the bank itself collapses the FDIC insures my deposits.
Then again if my drug dealer steals all my money I am shit out of luck, much like all the users of this site. I guess it isn't that different at all.
The transaction is reversed and the money comes back from the merchant it was sent to, your bank doesn't absorb any loss. The only victims of credit card fraud are the stores, not the consumers, not the banks, and not the unauthorized user of the card. Nobody who should have actual liability is actually punished in any way, just innocent retailers, for the most part.
The solution the industry has is not to hold cash.
Since no one has money, and all the banks have insurance, they just reverse the transactions in 90% of cases, and in the other 10, like ATM fraud, use insurance. But seriously, go to a bank and try to withdraw $90K in cash.
Also, if you make off with 90K in cash the finance industry has people with guns to go and get the cash back.
This chart is old (1992) but gives an indication of the amount of money in a bank vault:
http://i.imgur.com/hVZWFR5.png
"Suspicious Transaction Reports" or "Currency Transaction Reports" only take a few minutes at most and can be completed online. The AML threshold applies whether you're using cash or a check, so you're basically saying that banks won't deal with transactions over $10,000 which is absurd.
Nearly every bank and credit union has a 'Large Cash Withdrawal' policy that merely requires ~7 days' notice prior to the withdrawal so that they can order the cash. It also of course waives their liability if you lose that cash or get robbed, but that's to be expected.
See exactly how much paperwork you end up doing for the next 10 years of your life.
(Likely more to the point: it's probably harder to clean out your own liquor store and claim robbers did it.)
If it took the FBI 2 years to track him down, unless he fucked over the Zapatas exactly nothing will be done about this. But then again the Zapatas hide behind guns, not crypto currency.
I imagine there is something considered criminal in there.
Dr. Samuel's Special Synergistic Syrum One Market Plaza, San Francisco
1. Mine Plundered: $2300 in Nuggets Stolen! (439 points)
2. Gold Is Where You Find It (102 points)
3. Show RN: A Better Shovel (32 points)
4. WANTED: No good pickaxe thief, DoA (8 points)
http://www.cryptocoinsnews.com/2014/02/13/silk-road-2-0-has-...
Anyone is free to attempt to investigate and go after this guy.
Contrary to popular(?) opinion, there is such a thing as bad publicity. At least when you're selling a get rich quick scheme.
[0] http://www.bbc.co.uk/news/business-25861717
Seems that fiat is doing much better than "occasionally buggy". They even usually catch the bank robbers, let me know when Team Bitcoin tracks down the SR2 thief!
Yes, of course it is Risk/Reward. That's why people get into new things. Ocean travel wasn't ready for primetime, but if you came back with a ship full of gold and spices...
As a bitcoin community leader, you have to stay informed with how other people got hacked in the past, and there are so many cases where all the bitcoins were foolishly kept out of air-gapped cold storage until an adventurous hacker plundered them. I guess history is doomed to repeat itself.
http://en.wikipedia.org/wiki/Greater_fool_theory
If this were real currency or a stock, then there might be some regulation and stealing would be hard to pull off.
This virtual currency's value is based on nothing. The whole hacked account thing has a lot in common with some of the stock scams that occurred pre-depression. You have phony stocks which people buy into, it gets pumped, value is inflated, then dumped only to find out there was no company or the books were cooked. For all we know the guy that created silk road 2 'hacked' it himself and pocketed the bitcoins. This has more in common with a bad stock deal than a real robbery. And bitcoin has about the same real value as one of the phony stocks peddled on the market in the 1920s.
As of now, there are no known fatal flaws or weaknesses in the Bitcoin protocol itself. The network is secure and as long as you manage to secure your private keys, Bitcoin is extremely safe.
You're forgetting about social engineering.
The "hole" in MtGox's security was a social one. You could contact customer support and claim that you had not received your coins, and they could re-issue you new ones if they chose to. There is also no evidence that this ever happened.
This wasn't, and isn't, a flaw in the underlying architecture, it's just a way to convince a customer service rep that you weren't lying.
If SR was re-issuing coins automatically, it's because they were being intentionally stupid.
--
They're using this as a scapegoat. Either somebody ran off with the coins, or something otherwise hacked them and they're using this as an explanation.
MtGox was re-issuing coins automatically. Due to this, Gox has lost money. Possibly a huge amount. Were they being intentionally stupid, or just stupid?
Source: https://news.ycombinator.com/item?id=7222690
This transaction malleability flaw is certainly a convenient excuse. But if these people implemented their wallet software in the same manner as Gox, then they would've suffered the same fate: a loss of thousands of coins, which is exactly what they claim happened.
You'll note that mtgox had funds taken from it. None of these other sites [did]. They're just being flooded with junk that screws up their transaction processing. It's not really the same thing at all.
They worded that very strangely in their statement about it:
>This means that an individual could request bitcoins from an exchange or wallet service, alter the resulting transaction's hash before inclusion in the blockchain, then contact the issuing service while claiming the transaction did not proceed. If the alteration fails, the user can simply send the bitcoins back and try again until successful.
Emphasis mine.
The reference client certainly doesn't do this on spends. Why would gox have implemented it in this way? It doesn't make any sense at all.
I've been researching the details of this disaster. Here's what I've gathered. This info came from Greg Maxwell, a bitcoin core developer. He got his information from the owner of MtGox himself:
Gox implemented custom wallet software to deal with massive transaction volume. The reference client wouldn't cut it for their purposes. For what it's worth, Greg agrees with the decision to write custom software for high-volume exchanges. It seems pretty likely that other exchanges have also implemented custom bitcoin software stacks.
In the scenario where Gox detected that a transaction failed, they automatically reissued the transaction. But that was based on the faulty assumption that the transaction hash couldn't ever mutate. This flaw was exploited to siphon bitcoin out of Gox.
This doesn't matter very much for Gox because, conservatively, they've made at least 120k BTC in profits from trade fees. More likely in the range of 400k. So they'll be able to cover the losses.
But this means it's entirely possible that other exchanges and web services with custom software stacks were hit hard by the malleability event, just like Gox was. It depends whether they were automatically reissuing transactions. If so, then they probably lost money.
I was under the impression MtGox was also processing withdrawals automatically and shut off withdrawals while they implemented a manual step (like all the other wallet sites already have.)
I don't mean to be unconstructive, just trying to understand what you're saying here, I don't really see how a customer support issue such as you outlined would require shutting off withdrawals for multiple days.
>This means that an individual could request bitcoins from an exchange or wallet service, alter the resulting transaction's hash before inclusion in the blockchain, then contact the issuing service while claiming the transaction did not proceed. If the alteration fails, the user can simply send the bitcoins back and try again until successful.
https://www.mtgox.com/press_release_20140210.html