Ramblings of Juraj

Ethereum and Other Altcoins

As you all probably know I am a fan of Bitcoin, but I am not that much of an alt-coin guy. What I mean by that is that I think that a main property of money is that it is universal means of exchange. It is good that you can store your wealth as savings (for example in gold or oil). It is also important to choose a unit of account. But what matters is if you can use the money to exchange it for the stuff you actually want. People think they want money, but they are not much thrilled about my one hundred trillion Zimbabwe dollars. Why? Because it can’t buy anything.

I think this is one of the most important drawbacks of Bitcoin right now - it is not universally accepted. On the other hand, it is gaining traction and I like both the ideas behind Bitcoin and its technological ingenuity.

For me, switching to another alt-coin has to be justified by a significant improvement - one that would make the switch worth the loss of the network that accepts Bitcoin. I am all for playing with alternative ideas - I just think that what we need now is not ideas, but acceptance.

So far the main reasons behind developing alt-coins (except for fun and pre-mining profit) has been a different mining algorithm and speed of confirmation. I’ll touch both of these and then I will cover Ethereum.

Commodity mining

Litecoin was the first prominent alt-coin being developed from the Bitcoin source code with a different algorithm for mining. It’s called scrypt and it was supposed to be an algorithm that is hard to implement in specialized mining hardware, meaning that anyone could mine it on their computers. We now know that they have been wrong and KNCMiner just announced their scrypt miners. People have been mining Litecoins and other litecoins running on scrypt on their more expensive GPUs. A CPU is a general purpose processor and of course you may make it more difficult to create specialized mining equipment by being as general as possible (requiring both computational speed and memory access). Eventually, it is always possible to create faster specialized equipment. But the real question here is why to do that? Of course the common answer is that we want common people to perform mining and thus distribute the coins among the people. The beauty of the idea behind Bitcoin is that the mining is not an end by itself. It’s a mean to provide network security. You need to make sure that more than half of the network is honest to maintain security. Mining could be also called block validation. I understand that people freak out when they realize that someone with enough money could take over the network by secretly manufacturing this required computing power and taking over the network. The question remains: Would people still use it? Would they want to undermine the network or just make it stronger so their investment pays off? Of course, there’s no clear answer and depends on their value system. If they feel threatened by Bitcoin, they could do that and undermine it’s legitimacy and trust people put in it. How difficult would it be to start new alt-coin with slightly different algorithm, so their equipment is a piece of useless metal trash?

Now take the “commodity mining hardware” train of thought for a while. Anyone can mine it. How many huge organizations have commodity hardware that is underutilized at least a certain amount of time? Google, Microsoft, Amazon, NSA, … I don’t mean to say that they would do it, but they might as might anyone else. What about computer factories making supercomputers? Don’t they want to test the equipment they manufacture for four days before they ship it to their customers? Oh and when this currency is taken over and another one that works best on commodity hardware is popular, they just change the mining software they use.

What I really see is a socialistic sentiment - an idea that poor people’s old laptops could make this currency. But mining is not only about making new units of currency, it is about making it secure. Making it commodity-only friendly is a bad idea. I would rather trust a huge mining power of Bitcoin ASIC miners than 10 thousand old laptops. And would it work? The more people that invest their computing resources into mining, the less reward they collect (per computational unit). That effectively drives profit margins on mining to zero. So not only the network would be less secure, it would not be profitable for the common men. The incentive may be higher in people who invested in the computing power already - say from taxpayer money - and don’t care about profit. Like the NSA.

Confirmation time

Now about the confirmation time. Litecoin’s mining algorithm is targetted for 2.5 minutes blocks on average. That means that blocks get “confirmed” sooner, because they appear in the blockchain. But do they? Actually, no. For the block to be confirmed it means that it is more difficult to cause the blockchain to fork and undo a confirmed transaction. Satoshi showed in his original paper that the probabilty of this happening decreases exponentially with each new block. But in the end, it’s about computing power. Let’s say that we need a trillion operations for one block in Bitcoin. Then comes Litecoin and says that the block needs a quarter of a trillion operations, so the blocks come faster. Say the mining power is the same in both networks. Say I would trust a transaction to be confirmed after it’s been included in 5 blocks of the blockchain. How many blocks in Litecoin network would I need to do that?

You might say that it’s after five blocks (and they take a quarter of the time), but that’s actually not true. If an attacker had significant mining power, the probability is not dependant on the number of blocks, it’s based on number of operations performed.

So given that the mining power (operations per second) is the same, you would need to wait 20 (5 times 4) blocks in Litecoin network to have the same confidence and that’s exactly the same amount of time (probabilistically speaking).

Ethereum

I have to admit, that Ethereum is the first alt-coin that has significant changes to Bitcoin that would make me consider it. One special exception is Zerocoin, which I love and hope to see implemented in every alt-coin and possibly the main Bitcoin blockchain.

Ethereum has this idea of advanced scripting language at it’s core that is Turing-complete. Being Turing-complete, it can compute any function there is, making it a programmable currency. A little bit more about it later.

They also play the “commodity hardware” mining tune which I totally dislike and do something which has been a big “no-no” in alt-coin community and that is called pre-mining (or creating units in advance). The idea is that to fund the development of Ethereum, some of the currency will not be allocated to miners, but will be taken by a development team and redistributed to authors and contributors. There’s also this idea that they will pre-sell some units for Bitcoin, which makes me wonder - do they even trust it’s going to be the currency that they are willing to sell their superior currency for some older currency? I understand that they want to make it valuable and that they hope that the artificially set pricing will be set and go on with the currency. This all reminds me of social engineering and central planning. Bitcoin is simple. It is not overengineering, it does not have many weird arbitrary rules. It is simple and that’s probably the author’s intention. Now Ethereum has not even started yet and I already see the discussions about how it will be allocated and who will vote about who gets the “development” money. It is exactly this reason why I don’t like democracy. There’s no direct relation between those who pay and those who receive.

I understand that people want to get paid for their work and I have no problem with it. But this smells with committees, voting and conflict. What about making a Kickstarter-like crowdfunding. Want to have this project done? Contribute some Bitcoins. Create a prediction market for Ethereum prices and you can even denominate a crowdfunding idea in Ethers. Make people vote directly with their money.

Please learn from Bitcoin. There is this “official” Bitcoin foundation that people are talking about. People are saying that it should not represent Bitcoin users, talk to politicians, … I understand that there are people who are for it. But what is wrong with people wanting to vote with their money? You want this feature? Pool resources with others who do it and crowdfund it. Then it will be about users’ will - what gets funded, gets done.

No arbitrary pre-funding, constants, distribution, votes, …

I also don’t believe that unlimited (but slow) inflation is neither required nor wanted, but I can live with it (unlike with traditional fiat money, the inflation rate will be known in advance to everyone and it will directly affect the future price of Ethers).

The halting problem

In computational theory, there is a well-known and proven fact that you can’t tell about any general program if it will ever halt or just compute forever. It’s not that we have not yet found an algorithm to do that, we know for a fact that it’s impossible (in general Turing-complete programs). This is one of the basic findings of computer science that we have to live with.

I believe that the fact that Bitcoin’s scripting language is not Turing-complete is a design feature. If you can’t create loops (and jumps), you create a limited language that you know for sure will end in a limited time. If you don’t allow loops and instructions take certain amount of time, you know that the program will end after umber_of_instructions*slowest_instruction_execution_time. This trick is not new and there are many languages that are limited on purpose this way, for example, DTrace scripting language used for debugging kernel and user-level programs in some operating systems (Solaris, Mac OS X, …). The miner fees are also directly related to the size of a transaction, meaning that the longer program you write, the more you have to pay in fees to process it.

The problem with the scripting in the blockchain is that every full node has to process it and store it. Bitcoin also limits the number of external inputs making the execution completely deterministic - meaning that all nodes interpret the code in the blockchain exactly the same way. You can not rely on current time (you can rely on block number to represent time). You cannot rely on external inputs (like a content of a website) because they can change over time.

Ethereum can “solve” the halting problem by collecting fees per processed instruction. On the other hand, do we actually need this complexity to do what we need to do? The power of Bitcoin contracts is still not fully used to this day and yet we want to create something better. But if we regard the determinism and time-bounded execution constrain as a feature, not a bug, is it an improvement?

Conclusion

I am not against anyone developing a new currency. I am not expecting huge popularity of Ethereum either. Vitalik Buterin explained in his Bitcoin Magazine article that he wanted to make cryptocurrencies more general. He compared it to creating something more like TCP/IP instead of SMTP. I have another analogy: Everyone is using e-mail to communicate. There is also a clear room for innovation here - encryption and fighting spam. Why hasn’t anyone switched yet? It’s because of the network problem - the more people use it, the more difficult it is to make everyone switch. And if encryption and spam aren’t good enough reasons for people to ditch good old SMTP, I think Ethereum has to offer something more than a new philosophical approach to be an attractive alternative to Bitcoin.

On the other hand, I wish them well and I hope they succeed. I may even buy some Ethers just for the casino-like rush and being able to tell people I was one of the first owners of Ethers. I will be really excited when there are 10000 shops accepting it as a payment. And unless there’s much better PR and significant practical improvements over Bitcoin, I doubt that’s going to happen.

Report From 30C3: There’s No Privacy

Chaos Communication Congress is the oldest hacker conference in the world and the largest of its kind in Europe. It takes place at the end of each year in Hamburg and brings current research in the field of security, networking and increasingly also politics and other topics related to “hacking” - the unconventional use of ideas, technologies and things around us.

For the past few years, I was always left with the similar impression after coming back from the conference: Our “paranoia ” is not paranoid enough; technologies are vulnerable and (rich, big) states increasingly breach our privacy and other rights. This year was no exception, on the contrary: Jacob Appelbaum presented new documents leaked by Edward Snowden, along with technological analysis. In his talk To Protect and Infect (Part 2), he revealed among other things an NSA-internal “Catalogue of spying technologies and products” they use against their targets. I had a feeling that I was in a dystopian spy novel - that all the conspiracy theories about what the NSA can do are true, and conspiracy theorists lacked the imagination to describe what is actually happening.

30C3 entrance, photo by Blinkenarea.org Photo credit: Blinkenarea.org CC-BY-SA-3.0

Sooner last year, we learned that the NSA is intercepting most of the major Internet services and companies such as Gmail, Yahoo, Microsoft and so on. Some of these parties clearly cooperated with the NSA, in some cases they easily intercepted Internet traffic or traffic between data centers of the company. Many mobile operators had to abandon any hope for the privacy of its customers under a court order, issued by a secret court, which is not under public scrutiny.

]Jacob Appelbaum presented other documents leaked by Snowden) that describe, among other things that the NSA can install malware in the BIOS or in the firmware of your hard drive (such malware survives a full reinstallation of the operating system). In cooperation with the U.S. National Institute of Standards and Technology (NIST), they influenced standardization process and approved a random number generator algorithm that had a NSA backdoor built in. Anyone who wants to sell products that comply with FIPS (a federal security standard) had to implement this algorithm. Some companies, such as RSA used it for several months as a default random number generator in some of their products. RSA was blamed that they were “bribed” by the NSA to have this default setting, which caused several security researchers to boycott the RSA Security Conference and withdraw their papers. The backdoor means that there’s a secret to this algorithm, which allows NSA to predict the numbers generated by the algorithm and guess private encryption keys that were generated using this algorithm. Aris Adamantiadis showed a proof of concept how this backdoor can be used.

A lot of people thought that NSA is passive during their mass surveillance operation. Although the majority of interception points probably cannot really change the data, another of the NSA program called Quantum Insert “solves” this problem. The NSA controls an unspecified number of routers around the world (including home routers) which allows them to “insert” data into an existing TCP connection. This tool is used to infect the computers with their “uninstallable” spying malware. They can infect a software package you are downloading from the Internet. It is time to start verifying digital signatures of software downloads (and use HTTPS everywhere)…

The NSA also has a special program for installation of hardware “backdoors”, which are installed into notebooks and servers between the time they leave the factory and come to you. They are intercepted during transport and modified to include a hardware backdoor. Of course, I would suspect the NSA to use this technique for really interesting targets, not as a general surveillance tool, but still: This really seems like a story from a bad spy novel, but it seems it’s a reality.

ATMs, beware!

NSA is not the only bad guy in the world. Researchers described a special kind of malware that has been found in several infected ATMs. The criminal organization that created it used it to steal bank notes. The method of installation was relatively simple – the thieves cut out a hole in plastic and inserted their own USB key. Then they forced the ATM to reboot from the USB key. When the machine has been infected, they could gain access to a special menu by entering a short secret code on the keypad. This enabled them to see the number of bank notes in each cassette inside the ATM.

When they wanted to steal the content of one or more cassettes, they had to call “the headquarters” of the organization and say a unique challenge code displayed on the ATM screen. Using a challenge-response algorithm, the HQ told them a unique answer code for withdrawal. This made sure that the headquarters knew who steals from the ATMs and how much.

The malware is actively developed and reminds me of a bitter taste of the old joke about the pickaxe hackers who “hack” the ATMs.

30C3 lounge, photo by Moritz Petersen 30C3 Lounge, photo credit: Moritz Petersen CC-BY-SA-3.0

The Year In Crypto

A follow up to the last year’s talk on developments in cryptography suggests that Dan J. Bernstein, Nadia Heninger and Tanja Lange started another tradition. And I like it. In “The Year in Crypto” they describe what happened in the field of cryptography. In addition to backdoors in algorithms, they mentioned problems with TLS, random number generators, etc. We learned about the upcoming “cryptocalypse”, which is very likely to be caused by the arrival of quantum computers. At least NSA is trying to build one, and its goal is to break ciphers. What ciphers should be used after some of us upgrade our old Pentiums to quantum computers? Check the recording of this talk online.

We must also praise Google for introducing Perfect Forward Secrecy in their HTTPS configuration and the introduction of encryption between their data centers. We do not know if Google willingly cooperated with the NSA, what we do know is that they are trying to make it more and more difficult for others to spy on the traffic between their servers and their users.

Perfect Forward Secrecy ensures that even if HTTPS private keys of servers are compromised, this does not allow the attacker to decrypt previously recorded sessions. The keys are used to verify the identity, and the exchange of encryption keys is done by separate instance of asymmetric key exchange algorithm (ECDSA or DSA). In practice, this means that if anyone gets the private key and also has a huge worldwide interception network, they must actively attack each connection (using the so-called man in the middle attack), passive listening is not enough. Do you think that such an organization does not exist? According to the available information, an e-mail provider Lavabit was forced to disclose their server’s private keys by a secret court order. And coincidentally, the NSA has a worldwide eavesdropping network. I believe that perfect forward secrecy will make it difficult to do untargeted mass interception of innocent people…

Knock, knock, internet!

For a couple of geeks like me, it is important to know how many computers on the Internet are live, whether they use encryption and whether they have up to date software. And some of us have dreamed of doing an internet-wide scan to seek answers to their weird geeky questions. Zakir Durumeric of the University of Michigan and his team are the ones who woke up and made their dream a reality. They wrote a scanner that can do an internet-wide scan in a matter of hours. In this way, they were able to collect SSL certificates used online and evaluate how many of them use compromised keys. Also, they were able to determine how many computers have vulnerable implementations of UPnP or IPMI. The results can be found in this talk, or on zmap.io, but if you have any illusions about Internet security, I recommend breathing deeply before watching the lecture…

Journalists & whistleblowers

In addition to technical issues, freedom and politics were main issues. The keynote was presented by Glen Greenwald, an independent journalist who publishes Edward Snowden leaks. He talked about the right to privacy and huge impact of the surveillance state. From WikiLeaks, we could hear Julian Assange (who unfortunately had a crappy video connection – he still cannot leave the Ecuadorian embassy in London) and Sarah Harrison, who according to WikiLeaks saved the life of Edward Snowden when he had to leave Hong Kong suddenly.

Malware in your SIM card

Karsten Nohl presented new attacks that target SIM cards. The GSM mobile phones have many more processors than most of us think. The main ones are the baseband chip, which handles communication with the mobile network (and attacks on it were presented in another talk), application chip (that’s the one that runs the applications and the operating system with which users interact) and SIM card – yes, the SIM card itself can also run stored programs. SIM card can detect your location, turn on your microphone, send data and SMS, etc…

Karsten Nohl presented another attack, which can be used to install spyware (or any other code) to the SIM card. It can, for example, turn on the microphone and call a toll-free number or regularly send your physical location to the attacker.

By saying “presented” I mean that he showed the attack live on stage using fake GSM network and a phone which he infected on stage. So this is not a weird academic paper, but a very practical reality. This type of attack is undetectable by the user. Enforcing encryption can prevent the attack. For this reason, Karsten released GSM Map which maps various security parameters of GSM operators around the world.

It’s no surprise that this “new” attack that was presented at the conference was already being used by the NSA at least since 2008. However, just in case the NSA does not have direct access to the mobile operator, their mercenary hackers simply break in, as one Belgian GSM operator experienced on their own. Who knows what other networks are hacked by the NSA (or other countries, which have no Edward Snowden yet, but still have huge spying and hacking programs).

Satellite antenna in the backyard

Travis Godspeed presented a project of a satellite antenna, which he built in his backyard. He can track satellites in low earth orbit and record what they transmit. Unlike the satellites in geostationary orbit, these are moving around and the antenna has to be rotated to follow the satellite. At first we envied the amount of free time Travis had, but I have to admit I would love to play with such a thing that not many people can have hands-on experience with.

Bitcoin Trezor

In 2013, Bitcoin – a decentralized alternative currency – gained even more popularity, the exchange rate (or value) increased, and more general acceptance followed. Unfortunately, the Congress did not follow this trend – you could not buy tickets with Bitcoins, pay for food or T-Shirts. Some hackerspaces accepted it, and you could use it to pay for some nerdy stuff like electronics kits, etc.

The only Bitcoin-related talk was by my friend Pavol Rusnák, who presented his project Bitcoin Trezor. It allows secure storage of Bitcoins even when your computer can be infected with malware. If you have any Bitcoins, I recommend looking at this project. Many people got infected or hacked, and their Bitcoins were stolen.

Ztohoven

Czech art group Ztohoven (with my help) presented its three projects - Media Reality (atomic mushroom in a live broadcast of Czech public television), Citizen K. (exchange of identities) and Moral Reform - drama for parliament, government, the president and journalists. Watch it, it’s cool!

The Venue

Hacking is not just playing with computers or soldering iron. The lounge presented bands that are close to the hacker culture. On the top floor, there were several places where you could prepare coffee in different ways (for example you could use the bike-powered grinder). If you wanted to communicate with someone, it was possible to use the internal telephone network. However, if by communication you rather mean a message in a bottle, you could use pneumatic tube mail that was all in and around the building.

Check it out:

Conclusion

Chaos Communication Congress has traditionally been the place to meet hackers, artists, cryptology and security experts and developers. All lectures are streamed live, so in addition to the direct participants, there were hundreds of people watching around the world, mainly from hackerspaces that organized viewing parties. If you missed the opportunity to see the presentations live, recordings are available. I hope you could join us next year, it’s a remarkable experience.

Migrating From iPhone to Android 4.4 (Nexus 5) - the Geeky Review

For the past few years, I have been an iPhone user. At first I was jailbreaking, that got frustrating pretty soon, so I forgot about phone freedom, which for me means I can install any app I want, not any app that Steve or any other guy (however nice) approves of.

I mainly missed a Bitcoin wallet, a good PGP implementation, encrypted folders. So I bought a Nexus 5 and quickly got introduced to the world of Android.

The good:

  • I can easily install any app I want. That includes a Bitcoin wallet (I use Mycelium), Tripglasses :) and Fon (which can automatically log me into free wifi hotspots when I’m around)
  • Most apps I used have a good Android version or there’s a good alternative. The most difficult thing to migrate was GTD/to-do list app called Things, which I really enjoyed. Thankfully, I have found an alternative called doit.im, which is subscription-based ($20 for a year if you want a desktop app; otherwise it’s free as in beer). I have migrated while still on iPhone, and the device support of the app is just amazing. It also has all the features from Things I used and some more. There are some things in the GUI that are not so optimal, but I am very satisfied.
  • All the geeky stuff is there. I switched from Acrobits Softphone to csipsimple for encrypted calls. I also installed RedPhone. The first guy I called had it installed, so it switched the call to encrypted automatically. No hacking needed! It has encrypted filesystems, mail client with PGP and S/MIME support, SSH shell, terminal access. Llama can do things based on my location (like switch on ringtones when I leave home). It does not use the GPS; only cell tower IDs (it has to learn them), so it does not eat battery nor send my location to Google.
  • It is fast. I switched from Dalvik to ART runtime, which compiles the application during the first boot (or when they are installed). That makes it even faster!
  • Apps run in the background without hassle. Threema downloads my messages.
  • I can change my ringtones without hacking. I can upload and download music to a folder using any app I want, not just iTunes. I can listen to FLAC music.
  • The home screen widgets are fun. It’s very useful to see my agenda, browse the to-do list, etc.
  • SwiftKey - guys, this is amazing! The best way to type on a phone ever. It works in both English and Slovak at the same time, and it makes me want to type blogs on my phone. OK, not really, but it is so convenient. And it shows that on Android, you are free to change default keyboard, which Apple does not allow you to do because they know what’s best for you. Also, Google voice dictation works both for Slovak and English and is much better than Siri for English (I have to admit I am working a little bit on my accent, but we tried with really heavy eastern European accent at work). And the assistant activates by saying OK Google - how cool is that? :). Of course, there are privacy concerns, but for setting alarms at night, it’s very convenient.
  • All the apps show you what kind of permissions they want before they are installed. The system enforces those permissions. There are also firewalls, antivirus and anonymization programs, although iPhone has Onion Browser as well.
  • The notification LED is cool - it can change color based on how you configure it, and you see if you have a message, missed call or any other significant event occurred. It does not reveal any sensitive information; it’s just a blinking LED.

The bad parts of migration from iPhone:

  • iTunes backups to my Mac (not to cloud) took me a minute to set up, and they would just work. I could set up encrypted backups, and I would have a recent backup over wifi without needing to do anything. If I don’t want to send my data to Google, I need a third party solution. I use Titanium Backup, but hell the UI looks worse than our internal information system :). It also needs to backup to my local internal ROM and then it can upload (encrypted, which is good) to Dropbox or Box.com. I don’t need the backup on my phone; I need it somewhere - safe and encrypted, without me ever touching a button. I don’t want to do manual backups through USB. And I don’t want my backups to waste precious space on my phone.
  • I use r2mail2, because I use both S/MIME (I would not be able to read any work related e-mail without it) and PGP. The user interface is really not so nice if you are used to Apple Mail client - and that needs an improvement. To be fair, there are different e-mail clients that support S/MIME, r2mail2 is just the only one that support both S/MIME and PGP (both inline and PGP/MIME). So I am gaining functionality I did not have on iPhone at the expense of a worse GUI. Hopefully it will stop me from replying to e-mails from my phone, and I will enjoy life around me more :)
  • I had to buy a few apps even when I have Android versions. Evernote just used my premium account, so that’s fine. I have not decided for navigation yet, but I guess I’ll buy Sygic because it’s the cheapest option with offline maps and navigation (there are pretty cool OpenStreetMaps based offline maps, but they don’t support search and offline directions).
  • On iPhone, I really hated that simple apps like calculators, rulers and flashlights were not free or displayed ads. Seems that Android is not so much different, but there are at least more options usually. I learned about a nice flashlight app that traced your location. Thankfully, I found one flashlight that is both free as in beer and free of spyware called SearchLight. I was actually seeing myself installing the fresh new IDEA-based Android SDK and writing the app that turns on the camera flash myself.

Things I would like to see in the future:

  • Amazing e-mail client
  • OK Google dictation
  • More Bitcoin and encryption apps
  • Smaller phone (although the display is nice)
  • Finally a phone that lasts for days on battery. I know the old Nokias didn’t do much, but one week battery life was cool!

Right now I am happy Android user. I am learning new stuff, and I will probably not hack the phone as a total geek, it’s good to customize the device that travels with you.

Update: PowerToggles deserves a very honorable mention as well, landed on my home screen.

Interview With Me About Bitcoin and Other Virtual Currencies

There was an interview with me on a Slovak web about money and I decided to translate it to English (and do a few minor edits). Enjoy!

Is Bitcoin a pyramid scheme? Certainly not, is more like gold. Juraj Bednar talks about the most popular virtual currency in the world.

Mining and buying are two ways of getting Bitcoin. What is the difference?

Regarding Bitcoin mining, we can use an analogy to gold. Mining is a very difficult process and currently makes use of specialized hardware developed only for this purpose. As with gold, most people who want to get gold (and Bitcoin) buy it on the market instead of mining it. Mining gold from nature means people need specialized machines to mine gold. They also need a lot of knowledge - like the location of good mining spots.

Is it better to mine or to purchase Bitcoins?

Mining is required to secure the Bitcoin network, and you need to realize that there are only 25 Bitcoins mined every ten minutes in the whole network. Miners compete to get these 25 Bitcoins. I guess for all normal Bitcoin users, mining is irrelevant and too difficult.

Aren’t the “first miners” in advantage?

Again the analogy with gold: Those who have mined it first were in advantage, because it was much easier to find new gold then than it is now. With Bitcoin mining, there was always a risk - no one knew if Bitcoin would take off and have any value at all. First miners are rewarding for taking this risk and investing in mining infrastructure.

Isn’t it a bit of like a pyramid scheme? Who got in first has earned the highest profit…

Unlike pyramid schemes, there is one crucial difference - no one ever promised profit on Bitcoin. A pyramid scheme is based on the fact that those who join it first earn profit at the expense of those who came later, despite promises that they all earn profit. There is and never was such promise with Bitcoin - it is, and it was risky all the time. Bitcoin was invented as a new medium of exchange, not as a quick way to get rich.

Even so, a lot of people buy it hoping to get rich…

You should be aware that Bitcoin itself is not an investment. It does not create anything new; it is just a medium of exchange. One can make a profit if one is willing to take a chance and “bet” on the future value of Bitcoin. It is also possible that the value crashes and you end up with a loss.

It is important to note that speculations are very beneficial for the market because, in the long term, they stabilize prices. And it is not just earning, it is risk-taking with a possible downside. At the same time, people who started using it first took the risk, popularized it and built the necessary infrastructure around it. In my opinion, they deserve a reward.

Why has Bitcoin become the most popular virtual currency right now?

Because it was the first fully decentralized virtual currency. Technologically it is something new, the authors of this currency invented some really unique solutions to previously unsolvable problems. At the same time, during the financial crisis, people at least for a moment lost their illusions about the stability of the international financial system based on government fiat money and welcomed an alternative. Alternative currencies have existed in the past - for example e-gold based on gold, but all were centralized. This was also their main problem if they have not crashed before that because of inflation or poor acceptance (especially true for so-called local currencies).

Which of virtual currencies do you think are the most interesting right now?

Currently, I think that the most promising is still Bitcoin because it is the largest and most widely accepted. If anything is to become a universal medium of exchange, liquidity is the most important parameter, i.e. for what it can be exchanged. Bitcoin is still too small, especially compared to credit cards, but all other decentralized virtual currencies are only a small fraction of the Bitcoin economy.

There are more than 40 of such currencies on the market…

Other currencies are not so popular because they did not bring much new. Most of the differences are cosmetic and do not bring anything fundamentally new to the user. The best technological innovations currently are ZeroCoin, which brings anonymity on top of Bitcoin and proof-of-stake mining, which gives more power to holders of the currency (in addition to miners). For example, TerraCoin implements this. It is a little bit more ecological because the creating new blocks can be done also without power-hungry calculations. I want to state again that mining is not an end in itself, but it helps to maintain network security.

Bitcoin is relatively new - it is from 2009. Are there any predecessors?

Several attempts have been made to create virtual currency. The ideological predecessor of Bitcoin was probably Hashcash, which was not a currency in itself; it was a system designed to fight spam. It used similar calculations as Bitcoin to increase the price of sending an e-mail. If you wanted to send an e-mail, you had a computer perform calculations similar to mining - if a person wanted to send one e-mail, it took a few seconds. If a person wanted to send millions of e-mails, it would take too long, and it would cost a lot of computing power and electricity. Verification of the calculation (as with Bitcoin) is simple and takes very short time. The second system was the forerunner of Bitcoin called Bit Gold, authored by Nick Szabo. It has a lot of characteristics similar to Bitcoin and many people believe that the author of Bitcoin who hides behind the pseudonym Satoshi Nakamoto is Nick Szabo.

Bitcoin is currently worth about a thousand dollars. Is it also suitable for smaller payments?

High value of Bitcoin is certainly not a problem. What you know as Bitcoin is a hundred million pieces of units called Satoshi. When you send a Bitcoin, in fact, send a hundred million Satoshi. The authors of Bitcoin knew about the possibility that the price of Bitcoin would rise. I have changed my wallet to display balances in millibitcoins (one Bitcoin equals 1000 mBTC), and I know that 100mBTC is about $100 as of time of this writing. Bitcoin is also suitable for sending small transactions.

Is it possible to steal or fake Bitcoins?

It is currently not possible to create fake Bitcoins, but it is possible to steal them - your Bitcoins are stored on your computer in your wallet - an encrypted file with a “private key”. The easiest way of stealing it is infecting your computer with a virus that waits until you enter the decryption password for your wallet and at that moment, it transfers all Bitcoins to the thief’s address. When using Bitcoins, you need to follow all safety precautions as with any other electronic payments. There are several solutions to the security problem. You can use an offline wallet, when transactions are created on a computer that does not have the necessary private keys to sign it, and then sign it on another computer that is not connected to the Internet and is sufficiently secured against theft. I would also like to mention Bitcoin Trezor, which is a good solution for securing your Bitcoins.

What about legislation? Does it treat Bitcoin as private property?

I hope that every theft is illegal, and legislation sees Bitcoin as an asset, but it is a question for lawyers (and the answer would probably differ among countries). Even more interesting question is if the police can actually do something about the theft. Like ten years ago, the Internet was something completely unknown for police and justice systems in most countries. I do not believe that our police would be able to investigate the theft of Bitcoins or do something about it. By design, Bitcoin transactions are irreversible and relatively anonymous. The investigation and correction would be tough even for experienced security professionals. I recommend that you think deeply about security if you hold a significant amount of Bitcoins.

Avoid News

If you have an intellectual minute, read Avoid news by Rolf Dobelli

I highly agree. I have not watched TV for years now (we don’t have a subscription and I did not bother installing an antenna) and I’ve been practicing a healthy news diet for more than a year now. It really helps, especially with focus. The justifications in the article are sound, and I highly agree with this article. Nothing important passed my attention - someone always tells me. I am sometimes in an awkward situation when I don’t know that our country’s president said something stupid again, but I am actually proud of it.

I try to learn more about internal structures of the world by reading books. I add to the suggested diet by reading books which I know I won’t agree with to challenge what I believe. I also try to talk to people with opinions highly different than mine.

Also read this article by N. N. Taleb which explains why noise explodes faster than data (and thus why you should read less news, not more). Warning: equations ahead! :)

If you are trying to replace news with some really interesting reading, I highly suggest Taleb’s Antifragile and Dobelli’s The Art of Thinking Clearly. Both are both interesting and very valuable. They will both also improve your life, not only stimulate your intellect.

What do you think?

OHM2013 - Hackers Are Camping

OHM2013

The evocative video made by conference organizer tried to convince the audience that the hacker campgrounds are a Dutch tradition - as well as tulips, windmills, Gouda cheese and wooden shoes. Since 1989, every four years hackers gather in a traditional Dutch style campsite. Imagine a large music festival, substitute concerts with tech lectures and replace a variety of food stalls with tents of various hackerspaces, makerspaces and projects. At night, the camp turns into a twinkling city in which hackers want to prove that the image of the hacker as an intellectual loner is pure cliché.

Our group starts arriving to Amsterdam a few days early group by group. We all want to see the other Dutch traditions - Red Light District, have a beer at the windmill and go cycling. Many of us opt for a bicycle trip from the nearest station to the campground. We were welcomed by a typical Dutch weather and arrive completely wet, but happy. Trying to dry at the Progressbar, Laila, the chief decorator of our camp tent is already sticking posters to the wall. Others build up tents - inside the main tent which is the headquarters of Czech-Slovak village. Geography is maintained at least relatively because a short walk from our village is HQ and campsite of Metalab, Vienna. Their typical telephone booth is connected to the OHM2013 phone network. Brmlab from Prague is a bit further but still close.

Unofficial, but apparently the main theme of OHM2013 is the apparent asymmetry between the human desire for privacy and large organizations – headed by the NSA and the largest social networks and portals, who have other plans with the “private” data. Proclaimed objective of NSA is to protect the public against terrorist attacks, although the facts show a significantly different story. According to the latest information, NSA-caught personal communication is distributed to DEA for minor drug investigations as well. The aim of “technology” giants like Google, Facebook and Yahoo is to serve their customers - the advertisers. In this way, they can raise prices and allow better ad targeting. People are starting to realize that for these companies, we are not the customers, but the product. Julian Assange spoke about this from his “asylum” in the Ecuadorian Embassy in London via Skype. Jérémie Zimmermann, founder of La Quadrature du Net, a European organization that is fighting for the right to privacy of users said, “Julian, I really wish that you could be here with us. It’s beautiful here, there are lots of blinking lights at night. We miss you.” The atmosphere was nostalgic, just four years ago he gave one of the major speeches on his project Wikileaks at this same event. Julian Assange did not say much, but one new thing we did learn - according to him, the states are not forcing companies to send data to their secret organizations and companies are fighting, but ultimately giving up. Technology giants and NSA are in the same bed. As an example, he mentioned a visit from Eric Schmidt of Google, who came up with several representatives of state power.

OHM2013 by night

The so-called “Spook Panel”, which consisted of former agents and contractors of NSA, CIA, MI5 and American Department of Justice, explained to us how the surveillance system works. There is a great deal of exchange of information between the agencies. Since the NSA cannot eavesdrop on Americans officially, they simply outsource this part of activities to their partners, who in exchange receive information that are captured by the U.S. probes. Analyst at the agency sees target’s e-mails, conversations on social networks, browsing history, metadata about phone calls (date, time of call and dialed number), or SWIFT transfers and card transactions. Whenever the analyst tries to get the information, they must provide written justification, however, although it is archived, nobody reads it.

In addition to political issues, there were also purely technical issues. Philippe Langlois started a popular topic of hackers - hacking telecommunications infrastructure. Telecommunications market is known for its closeness and overcomplicated solutions and protocols. It is a popular target for hackers because closed complex systems usually involve a lot of vulnerabilities. Phillipe’s lecture was about Home Location Registry of cellphone operators. HLR is a central database of users and information about them. Each access to the network by the user, whether at home or from a roaming network is verified by this system. It contains most sensitive data operator knows about its users. And it’s almost always a huge, complex system covered with the various old components. It is no wonder that finding security holes is not that difficult. But no one would forget to protect such systems with firewall and certainly no one would ever put them out on the Internet, to be reachable by anyone, right? Not really - several mobile operators with millions of active users have put the most important system they own out on the Internet.

Karsten Nohl continued his series of mobile technology hacks and this time he focused on the SIM card. He found a vulnerability in firmware signing of several SIM cards, which allows complete remote cloning, locating the user or calling the attacker-chosen phone number at any time. Effectively this way an attacker can transform a phone with a SIM card to a surveillance bug, which intercepts not only what you say, but also where you are. Some mobile operators stated that their SIM cards are not vulnerable - at least our SIM cards were OK. But you should be aware that mobile phone operators change their SIM card technology, and while the newest cards may not be vulnerable, when was the last time you actually changed the SIM card?

Like at other hacker camps, what is happening outside of the official program is usually much more fun and interesting. Workshops, technology demonstrations and dance floors gave us perhaps more than mere lectures. Opportunity to meet interesting people from different fields of science, technology and art is almost priceless. And the biggest surprise? Flying ostrich. Do you say that ostriches do not fly? That is true, but not at hacker camps, where they replace their inside with an engine and add few rotors on top. And voilà, the ostrich can fly. I saw it with my own eyes.

Stuck Bitcoin Transaction and Play With Double-spend

A few days ago I was sending my friend a payment of 1.2 BTC. My account had only slightly more than this amount available, not even enough for recommended transaction fee. Instead of borrowing or waiting for a miner to generate more, I decided I would push a transaction with a much smaller fee to the network and hope it gets confirmed in under a day. It did not happen. According to Bitcoin wiki, a transaction needs to pay the recommended fee unless all outputs are more than 0.1 BTC and few other conditions. I did not meet this condition, because I had one 1.2 BTC output and one change which was smaller than transaction fee. It was stuck there for more than a day, my mining pool paid me, so I decided I want to just cancel this transaction and create a new one with a proper fee. Easier said than done :).

I use Electrum as a client - it is much better than stock Bitcoin client and there’s a nice console. I was able to extract the transaction and try to modify it to include the fee. The interface is not so nice, or at least I am too lame. I got the transaction as a JSON structure from Wallet object by transaction hash. I was not able to easily create a different transaction without going through manually finding keys to sign.

mktx does not work, because I don’t have enough unspent outputs (same as paying from the GUI).

createrawtransaction is something I managed to do, but then for signing, I would need a list of private keys, addresses and scripts. My transaction had more than 10 inputs and I was too lazy to find which keys belonged to the other addresses (and if it’s possible to do it programatically, there should be a function to do it - I guess that’s what mktx does internally too). I guess it should work with less parameters per documentation, but the console call insisted I fill all the parameters.

I found out a very lame and easy solution. I thought if Electrum does not see the old transaction, it can spend the inputs again. So I changed wallet.py. There’s a function called update_tx_outputs that takes a tx_hash and updates a list of spent outputs. I modified it like this:

1
2
3
4
def update_tx_outputs(self, tx_hash):
    if tx_hash == '00455149b368344f4087596c97dccf9dc185ed275a58187a63f72399618f815d': return
    tx = self.transactions.get(tx_hash)
    ...

So if my transaction (the hash is from other stuck transaction I found online) is found, it’s skipped, so Electrum thinks the outputs are not spent.

I thought I would just pay, but the transaction got refused by Electrum server, because it thought it’s a double spend (which was correct). So I used mktx and used Coinb.in’s wonderful Raw Transaction utilities to broadcast the hash to the network. It also returned that the transaction is invalid, but it propagated anyway and a miner included it in a block.

I found out that blockchain.info reports on attempts to double spend when I look at a transaction or address and recommends you proceed with caution.

Takeaways: Pay the transaction fee, really. Nodes try to refuse double spends (they cache stuck transactions), but the transaction eventually propagates. Electrum could have much nicer Python interface for things.

I guess Amir’s sx command-line utility would make my life much easier, but I had no time to upgrade my g++ toolchain, it does not compile on any system I own. Installing Ubuntu or ArchLinux just because I want to play with it takes a lot of time. I tried fixing a few of the main problems of libbitcoin not compiling on OS X, but I had no more time doing it. I would love to use sx with OS X or Scientific Linux someday. Playing with Electrum and it’s internals is fun too though.

Spying, Liberty, NSA and USA vs. Europe

When I discussed the loss of American liberties with people here in Europe few years ago, my position was simple - we get the same draconian regulations without any opposition or fanfare here in Europe. Remember export controls of cryptography? We should have been fighting against this barrier because it was primarily against our interests and privacy. The people in the U.S. got the benefits of cryptography anyway (short of some patent issues). They fought the battle anyway - on principle.

Do you remember Communication Decency Act of 1996? The Americans fought against it. There were blogs and strong opposition.

Do you remember data retention? Massive campaign against it in the U.S., a press release that said that a new law passed here in Slovakia. A press release, no discussion, no opposition. “We are just implementing European regulation”.

I always regarded Americans as liberty-minded and people who speak up when their liberties are about to be taken away from them.

That is until recently. While information about massive surveillance programs of NSA are nothing new. I wrote about Echelon (and ways to protect yourselves) in my book in 2002. Thomas Drake and William Binney are both ex-NSA employees and they both mentioned these programs before. There are several videos of them talking about the program on YouTube. It was easy to mistake all these report for conspiracy theories and not act upon this information.

With the information release by Edward Snowden, we now positively know that communication on the Internet is surveilled in real-time and recorded for unknown time by the NSA. We know that e-mail, telephone conversations, Facebook chat, Google communication tools, HTTP requests, SWIFT and credit card payments are all included. This huge world-wide privacy breach was revealed. And what happened? Nothing.

I mean it’s great that Mr. Snowden could at least walk out of the Moscow airport and have a life. What should have happened? People out in the streets demanding their privacy back. The state should have apologized to Snowden and to the public for their crimes. Something should have changed.

It seems that the American public does not care anymore. It’s exhausted from the financial crisis, sceptical about the issues around us. The failure of Occupy movement to bring any real change to the world, the gloom caused by the financial crisis, the reality of doing more of what caused the crash. The wars, the drones, the kill list.

Americans are tired; they no longer care about their freedoms. And that’s too sad. It means the the Illuminati can do whatever they want now. And they will use this opportunity.

On Darkness: Your Fear of Death Attracts Such Strange Objects

I am widely known for listening to darker genres of music. It makes some people feel I am a complete weirdo (which is true). A few weeks ago I was sitting in a cab with a full album (!) of Aqua playing on a radio. Happy songs of happy days, so unauthentic. It thankfully ended with me putting my headphones on :).

Why do we fear darkness? When walking on a street at night, with no lights on, we don’t fear darkness itself; we fear that something unseen could harm us. The fact? It can happen on a clear day. Thanks to bystander effect, we are not even much safer during the day.

Getting comfortable with darkness, with things that seem evil and with the unknown is a huge asset in life. Our minds infer causation from correlation. We fear darkness because it may be evil and we fear it because it’s unknown. And then we infer that the unknown is evil, which is incorrect. There’s so much hatred and misunderstanding in this world already.

Happy songs with happy melodies, positive texts and beautiful performers have their place in this world. But there are tracks that are unexpected. Computer-generated noise, glitches and yelling can come at any time. And that prepares us to understand that dark and unexpected is not evil (please show me a person who died of listening to dark music if you disagree). While happy music can increase our mood, from the unexpected, we learn.

Here’s an interview with Coil about the same topic.

My favorite bands that are dark, but nice are Coil, Current 93, The Residents, Orphx and The Kilimanjaro Darkjazz Ensemble.