Weird.  Will you think so when it will be your turn to have all your coins (minus a couple %) stolen?

Everybody will do some really stupid thing now and then.  People are said to be "smart" if they do it only now and then.

Would lead carbide be a more fun topic than mistletoe berries?

Someone asked why would Josh's passport record a trip through North Korea and wondered whether mining chips can be used for military purposes.

I supposee that if he were indeed involved in illegal military or intelligence businesses with NK, he would not go in person and have his passport stamped.  But who knows.

As for other uses of mining chips: I believe they can be handy for certain kinds of cryptanalysis.  Say that you know the precise contents of a document (e.g. a webpage, an automatic email, a PDF form, etc.)  except for one variable field (PIN, password, CC number, bank account, crypto key, ...) and you know the SHA256 hash of the document.  Then you can discover that unknown field by brute-force enumeration of all possible values and computing the respective hashes.

With a 1 GH/s chip you could recover a 9-digit PIN or a 5-character password from that data in about one second, a 6-character password in few days, etc. . With a 100 TH/s installation you could crack an 8-character password in a few seconds, etc.

Thanks! By google, the text says "[ONE]HUNDRED MILLION B.-PENGŐ"  What word does the "B.-" stand for, do you know?

The text says apparently "ONE BILLION B.-PENGŐ".  Is a "B.-PENGŐ" one billion pengő?  (note that "Billion" is "milliard" in Hungarian.)

Although I have seen claims that some alchemical traditions substitute Milla Jovovich for chewing gum.

 

That is what gold (and bitcoin) salesmen say.  But ther are dissenting claims:

Consumer Price Index report - August 2014
http://www.bls.gov/cpi/cpid1408.pdf

One ounce of gold, on the other hand, will buy 30% less today than it bought 2 years ago:

There is no such thing as a "part-time" or "mostly honest" scammer.  Once a person chooses that path in life, he must follow it in earnest.

The five elements that make up all things in the universe are air, fire, water, earth, and chewing gum.  I learned that from a comic strip, years ago.

Indeed it means that the fact "several instances of 4 blocks in one minute" is no evidence for anything.

Surely you know the difference between  "X is not evidence of attack"  and "X is evidence that there is no attack".

I saw the lengthy discussion, and I did not see the point of it.

If someone is causing the block rate to be higher than one per minute, that should be detected by counting blocks in some long interval (say, 10 hours) .

If the block rate is OK but the suspicion is that the timing of blocks is being manipulated, that should be detected by plotting a histogram of block-to-block gaps, or of number of blocks in successive 2 minute intervals, again over a long enough period.

Computing the probability of a certain complicated pattern occurring, after seeing it occur, is a tricky business.  The chance of my mother marrying my father was one in two billions or so; that does not mean that my mere existence is a sign that something fishy is going one with the universe...

 

I did not mean you specifically, but that was THE argument, nine months ago.  I don't recall reading any other back then.

When was that?

I recall an old TV series with a black mom, white dad (Mickey Rooney perhaps?), but I don't recall them ever kissing.  Or even touching.

Just to remain off-topic,  the poles of the Earth are more than 20 km closer to the center than the Equator is; almost as far as the Poles in Poland compared to the Ecuadorians in Ecuador.

[ Reposting some comments from the Trezor thread, somewhat edited ]


If you are using someone else's computer, it may easily have a hacked OS.  Ditto if the malware was installed in your computer by someone hacking into it with root access. 

The Trezor seems to protect against that risk, since the transaction details are displayed on the Trezor's screen and confirmed there.

(Neither device will protect against the user copying or scanning the wrong payment address from merchant's homepage that was hacked --- at the server, by IP/URL spoofing, or by a compromised browser.  For that, the user must be careful to get the address from a secure source that cannot be easily hacked.)


I am not clear yet on how BTCchip works, but if one computer in such a place is compromised, there is a high chance that all of them are.  Especially if (a) the computer was compromised specifically to steal bitcoins from BTCchips (which is the assumption), or (b) the hacker may be an employee of the place.


If a chip-enabled credit/debit card gets stolen, the owner should worry that the PIN was captured visually (by a camera or person looking over his shoulder) or by a physically hacked CC reader at some store.

If a BTCchip gets stolen, the owner should worry that the PIN may have been captured visually as he typed it on the computer's keyboard, OR by a keylogger in the computer.   The latter is much more likely to occur than a hacked CC reader.

If a Trezor gets stolen, the owner should worry only if there is a chance that the PIN scramble matrix was captured visually from the Trezor screen.  Malware alone cannot capture the Trezor PIN.

General comment:

Stealing bitcoins by hacking may become a big issue, if it is not already.  Hardware wallets like Trezor and BTCchip surely improve the security, but substantial risk will remain.  Malicious hackers will be strongly motivated to use all their ingenuity to overcome the device's protections. 

Bitcoin theft seems more tempting than credit/debit card theft, for several reasons.  For one thing, bitcoin transactions are instantaneous (even though confirmation may take 10 minutes on average) and final.  Even if the victim uses Trezor or BTCchip, if the device is stolen after the thief got the PIN, the coins will probably be gone before the user gets the chance to move them, and they cannot be recovered (unless the thief is caught and convinced to return them).   In comparison, when someone's credit/debit card is stolen, the owner can call the company to cancel it, and there is a good chance that it will be canceled before the thief has a chance to get value out of the card.  Moreover, the bitcoin network provides no anti-theft barriers: no one will call the victim to confirm a transaction that moves a million BTC from his account to someone else's account. 

Even if if the probability of success of some hacking attack mode is 0.1% or less, the per-target cost of such an attack is small, thousands of computers can be hacked automatically, and the payoff from one successful attemp may be quite substantial.  See that Australian guy who was recently hacked out of 750 BTC, almost 300'000 USD. Note that the malware may be programmed to act only if the wallet has a large enough sum. 

I do not expect that the manufacturers of hardware wallets will go out of their way to warn users of these remaining risks.   The bitcoin media and the community should do that.  However, manufacturers should put clear disclaimers in their warranties and ads, so that they are not blamed if bitcoins are stolen from clients.

Is Zippy the Pinhead still known to anyone who is not a paleocomics expert?

Is there an accepted explanation for the deep and slow price decline following the Jun/2011 bubble (from 14$ by mid Jul/2011 to less than 3$ by Dec/2011)?

That thread is moderated by the manufacturer.  Nothing against BTCchip specifically, but product criticisms are often deleted in such threads.  Inasmuch as criticisms of BTCchip are indirect endorsements of Trezor, its seems safer to post them here. 


If you are using someone else's computer, a hacked OS is no big deal.  Ditto if the malware was installed in your computer by someone hacking into it with root access. 

The Trezor seems to protect against that risk, since the transaction details are displayed on the Trezor's screen and confirmed there.

(Neither device will protect against the user copying or scanning the wrong payment address from merchant's homepage that was hacked --- at the server, by IP/URL spoofing, or by a compromised browser.  For that, the user must be careful to get the address from a secure source that cannot be easily hacked.)


I am not clear yet on how BTCchip works, but if one computer in such a place is compromised, there is a high chance that all of them are.  Especially if (a) the computer was compromised specifically to steal bitcoins from BTCchips (which is the assumption), or (b) the hacker may be an employee of the place.


If someone suspects the theft of his a chip-enabled credit/debit card, he may worry that the PIN was captured visually (by a camera or someone looking over his shoulder) or by a doctored handheld terminal.

If that happens to a Trezor user, he should worry only if there is a chance that the PIN was captured visually from the Trezor screen. 

If that happens to a BTCchip user, he should worry that the PIN may have been captured visually from the computer's keyboard, OR by a keylogger in the computer.

However, the credit/debit card user can call the company to cancel it, and there is a good chance that it will be canceled before the thief has a chance to get value out of the card.    With both the Trezor and the BTCchip, if the device is stolen after the thief got the PIN, the coins will probably be gone before the user gets the chance to move them.

Stealing bitcoins by hacking may become a big issue, if it is not already.  Even if if the probability of success of some hacking attack mode is 0.1% or less, the per-target cost of such an attack is small, thousands of computers can be hacked automatically, and the payoff from one successful attemp may be quite substantial.  See that Australian guy who was recently hacked out of 750 BTC, almost 300'000 USD. Note that the malware may be programmed to act only if the wallet has a large enough sum. 

Hardware wallets surely improve the security, but substantial risk will remain.  Malicious hackers will be strongly motivated to use all their ingenuity to overcome the device's protections. 

Hm, this is quite a change from the arguments used up to six months ago.  Claims like "1 BTC will soon be worth over 100'000 dollars" were entirely based on the prediction that bitcoin would capture some fraction of the e-payments in the world, and the price would have to be that high in order to have that much dollar volume with 21 million coins.