561
|
Economy / Speculation / Re: Wall Observer BTC/USD - Bitcoin price movement tracking & discussion
|
on: December 08, 2014, 11:47:37 PM
|
For those who asked for more deadlines, December 14 is the last day to oppose this trademark aplication at the US Patent Office: Trademark application for: BITCOIN Serial Number 86135516 Goods and Services : Barware, namely, flasks, bottle openers, corkscrews; beverage glassware; housewares and accessories, namely, shot glasses, and decanters http://tmsearch.uspto.gov/bin/showfield?f=doc&state=4810:x6ra4a.2.13If the link does not work, go to http://tmsearch.uspto.gov/ and search for "bitcoin". The trademark seems limited to barware, so it may not prevent the sale of abstract bit patterns under that name. But it may prevent sending beers as bitcoins.
|
|
|
562
|
Bitcoin / Project Development / Re: [ESHOP launched] Trezor: Bitcoin hardware wallet
|
on: December 08, 2014, 11:32:05 PM
|
Also I fail to see what's the risk for the manufacturer if someone starts selling what is essentially a counterfeit version of the device. This would be like blaming an original SD card manufacturer when you get a fake chinese SD clone.
If you buy fake merchandise, your loss is usually limited to the article. Someone who buys a fake malicious Trezor may lose millions. The victims will be much more motivated to get their money back, and SatoshiLabs will be the only target they can sue. The victims will argue that SL is responsible because they did not warn people about the risk of buying Trezors from resellers. For the same reason, I hope that SL is taking adequate measures to physically secure their storage and shipping operations. How much would it take to convince an employee to switch some Trezors before shipping? A knockoff requires some serious dedication and isnt even a remote concern if you just buy directly from buytrezor.com
Exactly. far more likely: 1) printers with custom firmware to recognise bitcoin addresses/QR codes when printing, and push that data to a server 2) casascius or any other coins being opened up with precision and solvents, private key copied, then sealed shut again for resales. Or even the creator keeping a copy of all private keys 3) an android/windows/ios/ANY wallet software that was downloaded from the wrong site or updated to a malicious version 4) a webwallet that is hacked or otherwise steals privkey data. 5) virus or malware that seeks and steals any wallet info, or even QR codes from your print/documents history, and pulls the funds out.
Yes, all of that too, and more.... someone creating an exact replica of the trezor and its (quality) box that its shipped in, plus valid serial numbers, plus making it match the MD5 hash..... you are pulling at straws. You have heard of fake ATMs, right? IMO the trezor is 100% the safest option right now outside of operating an isolated offline system with an offline printer, using it to sign txs, copying the signed tx to a USB, then sending the signed transactions from an online system
The Trezor may be even safer than an off-line computer (if malware gets installed in that computer, it may be able to do a weak-key attack, or leak the private key in the signed transaction.) Basically, the Trezor is an offline computer that is dedicated to a few bitcoin-related tasks and therefore is more difficult to compromise. Trezor is certainly much safer than that competition hardware wallet without display. But owners must be aware that it is still far from 100% safe.
|
|
|
564
|
Bitcoin / Project Development / Re: [ESHOP launched] Trezor: Bitcoin hardware wallet
|
on: December 08, 2014, 10:09:45 PM
|
But you have been bashing the same arguments since July... The first time, I can understand, but repeating the same thing over and over again...
Well, many Trezor customers and prospective customers do not seem to be aware of that risk yet. And I am not sure that the SatoshiLabs people are aware of the risk that they incur by tacitly approving the re-selling of their Trezors.
|
|
|
572
|
Bitcoin / Project Development / Re: [ESHOP launched] Trezor: Bitcoin hardware wallet
|
on: December 08, 2014, 07:50:53 PM
|
SatoshiLabs could do the following: Put a long serial number in the sealed box. People can go to the website and register their Trezor. This tool would verify the Trezor device to be legitimate. By doing that, they can also attach their email or (if they want to keep their anonymity) just a bitcoin address to their device. This can be used for warranty purposes so reselling the Trezor would be much more easy That would help, but may not remove the risk entirely. The malicious reseller may order a batch of real Trezors and send fake malicious Trezors to the clients, with the same serial numbers. Perhaps one can devise some secure hanshake that that the Trezor could do with the SatoshiLabs server to prove that it is legit. It would have to be something hard to emulate by a fake Trezor, even one that used parts from a real Trezor.
|
|
|
573
|
Economy / Speculation / Re: Wall Observer BTC/USD - Bitcoin price movement tracking & discussion
|
on: December 08, 2014, 07:33:17 PM
|
I thought they seized 144,000 total?
They seized ~30'000 from SilkRoad servers, and were able to auction them right away. And seized another 144'000 from Ross's personal laptotp, so they are still disputing whether they are his or SilkRoad's; but both sides agreed to auction them now and continue disputing over the money.
|
|
|
574
|
Economy / Speculation / Re: Wall Observer BTC/USD - Bitcoin price movement tracking & discussion
|
on: December 08, 2014, 07:28:30 PM
|
Do i understand correct that if you get disqualified you will lose your initial deposit of 150.000$? that would be a weird way to throw.away 150k $
Yes, that's the idea. AFAIK, you lose the deposit onnly if your bid is called and you default. The USMS doesn't want people to bid first and then scramble to find the money later. AFAIK, to enter a syndicate you must send the full value of your bid to the organizers in advance -- for that reason. If that 2000 BTC lot was held because of a default, the bidder may have miscalculated the time neded for a wire transfer, or may have been counting on some expected revenue that did not materialize in time. Who knows.
|
|
|
578
|
Economy / Speculation / Re: Wall Observer BTC/USD - Bitcoin price movement tracking & discussion
|
on: December 08, 2014, 06:17:45 PM
|
I hear ya Jorge, loud and clear Yeh, that 52k + change does not fit the pattern.
unless 1 lot did not sell, or unless some wise guy has not met payment deadline, then it makes sense... On Friday, December 5, by 5:00pm EST, the USMS will notify the winning bidder/bidders that their bid/bids has/have been selected. Any winning bidder must send the purchase price funds (less the deposit amount) by a wire transfer originating from a bank located within the United States and provide a wire transmittal receipt to the USMS by 2:00pm EST, on Monday, December 8, 2014. [ ... ] Failure to provide the USMS with a copy of the wire transmittal receipt by the deadline will result in disqualification, forfeiture of the deposit, and award to another bidder. If one bidder does not pay by the due date (today 2:00pm EST) , they will have to notify the highest bidder who was left out of the first round, and obviously give him a couple of days to wire in the payment. So it may be that one of the bidders who won a 2000 BTC block defaulted, and the USMS has transferred the 48 000 BTC to those who paid, and didn't bother to split off the 2000 BTC chunk yet, waiting for the next bidder to pay. By the rules, each bid form could bid for any number of 2000 BTC 'A' blocks, all at the same price, and any number of 3000 BTC 'B' blocks, all at the same price. So, a syndicate that wanted to place bids for many blocks, all at different prices, would have to submit a number of forms, each for 1 'A' block and 1 'B' block. It seems likely that the USMS would want to make a separate transfer for each form received, even if two forms were submitted by the same person. So that may explain why there are nine 5000 BTC chunks.
|
|
|
579
|
Economy / Speculation / Re: Wall Observer BTC/USD - Bitcoin price movement tracking & discussion
|
on: December 08, 2014, 05:36:28 PM
|
Something not right about that. Wierd ... all the lots of about 5k and 3k have small amounts deducted for miner fees. That 52 k is odd tho ... Maybe someone made them an offer they could not refuse for an extra 50k over the weekend (Draper ... 2k + 50k = 52k) Still does not explain why the total is over 52k and not under as you would expect after fees Could they even do that, without auctioning them? Do they not have some sort of fiduciary duty ? Answers on a postcard ... From the USMS announcement: Transfer Fees. Any transfer fees associated with the transfer of the bitcoins will be paid by the buyer. The buyer will be given an opportunity to select the amount of fees charged in the transfer. They seem to use a 0.001 0.0501 BTC or 0.05 BTC fee. So, someone who bought 3000 BTC will get 1999.999 1999.959 and 0.001 0.0501 will go to the miners. Note that only 48'000 of the 50'000 BTC were split (into nine 5000 BTC chunks and one 3000 BTC chunk). That is why the leftover of the 100'000 BTC is 52'000 BTC. Does that mean that the USMS thought that the bids were too low? Or that one of the bidders defaulted on the payment? EDIT: fixed fee amount
|
|
|
580
|
Bitcoin / Project Development / Re: [ESHOP launched] Trezor: Bitcoin hardware wallet
|
on: December 08, 2014, 04:04:11 PM
|
A fake Trezor can do anything.... you pulled that out of your FUD hat? Why couldn't a fake trezor impersonate a real one and do whatever it wants underneath the hood? I'm not saying this is easy to accomplish, but certainly technically possible. A fake Trezor can, for example imitate the real one but generate only weak keys (say, from among 2^30 possible pairs rather than 2^160). Then the thief needs only monitor the blockchain until enough coins have been stored in those addresses, which he has precomputed. Then he just moves the coins to his own addresses, all at once. Note that the thief does not need to know who got the fake Trezors, and the user has no practical way of checking whether the keys are strong. How many coins people may keep in those fake Trezors? That is the expected payoff of this attack. How much does it cost to make a fake Trezor with malicious bootloader? EDIT: grammar
|
|
|
|