MtGox takes heat as reasons for Bitcoin FAIL surface The high-profile MtGox bitcoin exchange remains partially disabled as the company works to address a security flaw which critics say should have been fixed months ago. The company on Monday continued the suspension it placed on Bitcoin transactions from its users to third-party accounts. Currency withdrawals and incoming …
"It's a shame really that the groups opposed to Bitcoin have most of the world's money and could, if they wanted, subvert as they see fit."
As someone opposed to Bitcoin but who has developed other types of complementary currencies with some local success, it's important not to throw out the baby represented by the ability of 2 parties to form a contract in their mutual interests with the bathwater of the various fraud and crime opportunities Bitcoin and similar mechanisms of exchange enable.
So personally I think governments with regulation concerns should consider the extent to which particular Bitcoin type businesses create and provide opportunities for money laundering, Ponzi and other advance fee frauds and regulate these business types in manners compatible with current regulatory principles.
I've seen a number of Bitcoin related business scams in related news over the last couple of years, including wallet providers running off with deposits, electronics mining rig manufacturers taking advance payment and not delivering goods, and then of course there is the issue of money laundering. Not a set of problems mutually operated double-entry accounted currencies (the largest of which is the Swiss Wirbank) seem to have experienced to any great extent - and we don't want our kind of operation chucked out by laws intended for overzealous regulation of currency types which seem to deserve stricter oversight based upon existing regulatory principles than we do.
then of course there is the issue of money laundering
That one is a myth. Every transaction on the Bitcoin network is visible to the public, which makes it virtually impossible to launder money on it. You'd have to transfer the funds out of Bitcoin and then back in to have any success at laundering the money.
>>" Every transaction on the Bitcoin network is visible to the public, which makes it virtually impossible to launder money on it."
I would rather the possibility of money laundering than knowing everything I bought and everyone I paid, could be traced.
I would rather the possibility of money laundering than knowing everything I bought and everyone I paid, could be traced.
Likewise. I never claimed the system was perfect, only that laundering with it is difficult bordering on impossible. The point about botnets being able to pull it off is a valid one though. My own wallet peaked at around 0.002 bitcoin, which says wonders about how much stock I put in the system. Though with prices dropping like a stone I might just buy one full one and then wait for (and hope like heck) the price to go back up.*
*Hey, it's a better bet than the lottery. Barely.
"That one is a myth. Every transaction on the Bitcoin network is visible to the public, which makes it virtually impossible to launder money on it."
Not impossible for those in control of botnet capacity.
For them there's no shortage of Bitcoin IDs represented as public keys, IP addresses, and different chains of relays usable for hiding the human identity behind each transaction. IDs available on the Bitcoin network associated with exchange acounts can over time exhange enough cash in or out of it. Given very low transaction costs, much of the rest of the Bitcoin traffic can then be chaff, preventing traffic analysis being effective when conducted by those studying the blockchain. This means large enough transactions can split into small enough chunks and routed sufficiently independently of each other or any real world identity, e.g. traceable through IP address, from the POV of anyone studying the blockchain. Enough Botnet capacity can be devoted to mining that Bitcoin transactions costs are a profit to Botnet operators anyway.
Knowing the IP addresses may partly identify the legitimate Bot owners. This doesn't disclose anything about the identities of those criminally controlling the Botnet.
I didn't think the description of the problem here was very good. For anyone still lost let me try:
When you send bitcoins, a transaction is broadcast to the bitcoin netowrk, with an ID based on a hash of the content. But it's possible to fiddle a transaction so that it gets a new hash and new ID, while still containing the same information and remaining valid. (And remember bitcoin is P2P, so this doesn't require unauthorized access to do this.) If the fiddled transaction gets recorded in the blockchain first, the original will fail (because they both spend the same coins). Thus the sender might be fooled into thinking their transaction didn't go through at all, iff they rely solely on the transaction ID to check for that.
This is the first I'd heard of this, but apparently it's been known for some time and the standard bitcoin client will not be fooled by it. But MtGox evidently didn't follow best practices when they designed their custom software.
It does seem like it would be good to do away with this quirk for good if possible, and I guess that's what MtGox is advocating, but that's no excuse for an operation handling as much money as they to to be careless in the mean time.
At which point I'm baffled as to why someone would want somebody else to look after their wallet, a wallet that it seems is using software customized badly by said party. A single entity storing wallets is surely a much juicier target than some old-mate with 0.02 of a coin on his local machine, or am I missing something?
MtGox is a trading platform, not just a wallet, so it does make sense for them to hold your money (virtual or traditional) at least temporarily so you can execute trades without sending it back and forth every time. The other thing is the official Bitcoin client is kind of a pain in some ways. I use it anyway, but I can definitely see it putting people off.
At which point I'm baffled as to why someone would want somebody else to look after their wallet
Personally I think of my wallets on the exchange I use (not Mt Gox) more like a bank account than a wallet. You make deposits and withdrawals against them just like you would for your savings account. Presumably a trade account with a stock broker would be a better analogy, especially given the way I use mine, but I don't have one of those. (Or rather I do, but my financial advisor -- provided by my employer in case you're wondering -- handles everything dealing with it for me and just tells me how much money I have every few months so I really don't understand how it works.)
A single entity storing wallets is surely a much juicier target than some old-mate with 0.02 of a coin on his local machine
Just like a bank with $500,000 in the vault is a juicier target than some guy with $5 in his pocket. Like I said, the exchange wallets are like bank accounts. Only unlike bank accounts they're not insured. They also don't have as stringent security regulations, though I think most of the respectable ones would meet the regulations for online banking.*
*Bare in mind that the respectable exchanges are far outnumbered by the shady ones.
People think they understand "real banks". You take money, put it in the bankl, other people borrow it, pay interest etc etc.
Sure, "real banking" is far more complex than that but at least people THINK they understand it and therefore they trust it to an extent, even if they detest bankers and their bonuses.
BC, however, is a completely different game. Very few people, even those in IT, actually understand how BC works. No wonder they're skittish when anything in bitcoinland goes wrong.
Net result: when "real banking" has huge traumatic issues, the dollar (or whatever) might take a hit - but a relatively small one. Here, one "bank" - for want of a better word - stubs its toe and BC loses 30%.
Bitstamp daily prices have gone from ~$800 to ~$690, a 14% drop, not 30%. (Going by MtGox-only prices is meaningless if you're comparing to the price change of the US Dollar as a whole, rather than just one on exchange that's disallowed withdrawals.)
Now, that's still large, but I don't think the greater changes is due to the reasons you claim. For starters, if higher drops are due to lower confidence in Bitcoin as a whole, then how do you explain the massive increases? Sure, it is due to changes in confidence, but rather, it's confidence on Bitcoin's future value, not confidence in Bitcoin as a technology - if what you said about people's views on Bitcoin were true, it seems odd that this view widly changes so often!
I don't think Bitcoin is that much harder to understand than banking, if in both cases we're allowed to ignore the "real" details (though yes, Bitcoin is still harder to use, and improvements in the products are needed, and will no doubt come, but I don't think that's anything to do with confidence).
The most obvious reason why the price changes by greater amount than the US Dollar is that the market cap is vastly smaller, plus it's dependent on only a few exchanges (last year, Mt Gox was the dominant exchange, so thankfully things are improving).
And I would say the opposite - the critics said it was a bubble that will come collapsing down the moment a flaw is discovered, yet despite these problems, it's "crashed" to a value that's still over five times the value it had in October(!)
To put things in perspective, the BTC price on MtGox, after falling quite a way, is now the same as it was in Mid December, and is still higher than it was at any time beofre that. Prices on other exchanges, such as localBTC have remained pretty much stable after a small drop.
Reports of the sky falling may be premature. If anything, now is probably a good time to invest, before prices bounce back up.
This isn't MtGox's fault as the article implies, its a flaw in the bitcoin transaction protocol that allows transactions to be duped and hijacked - and thus effects all exhanges.
I'm guessing that someone tried to/successfully pulled off a rather large heist and MtGox had to foot the bill for it.
Their radio silence when they shut down trading causing bitcoin's value to bomb (allong with the russian announcement), was unfortunate but is entirely understandable given the nature of the exploit.
Cant help but think the author of this article should have put in a bit more research. Here's what the bitcoin development team had to say in relation to MtGox: http://www.businessinsider.com/bitcoin-developer-responds-to-mtgox-2014-2
Nothing is duped or hijacked. The recipient and sender addresses and the transaction amounts are cryptographically signed and impossible to tamper with. What can be changed is some other non material data which changes the overall hash of the transaction packet. Mt Gox relied solely on this hash to track payments they sent. This made it possible to fool them into thinking the transaction was not successful and sending a new one in its place. Of the dozens of exchanges in operation, Gox is the only one with this problem.
As for individual users, when you send bitcoins using a standard wallet like electrum.org, mycelium or multibit, you are safe because those wallets do not use the tx hash for traking
I think you chose not to understand what the developers said. It sounds like it is 100% MtGox's fault that MtGox paid some withdrawals twice, or have chosen to use this as a justification for closing outgoing transactions, or have attempted to manipulate the price. Developers admit it is not nice, and say everyone else has a working solution to the issue.
@chairo
I stayed out of bitcoin after the Winklevoss twins moved in. Then we are finally told something serious. It would take a lot to make me sorry for the Winklevoss twins, but this incident is nearly there.
Its time for a lot more disclosure before anyone puts a serious amount of their wealth into bicoin.
Bitcoin the protocol and the standard reference client are both open source. This particular issue - transaction malleability resulting from variable number of leading zeroes in the signature field - was reported in 2011. This is just one exchange - a has-been at that - being horribly inept. There is nothing here that affects bitcoin as a whole.
That was the drop on Mt Gox. Bitcoin withdrawals have been stopped, with fears that Mt Gox might not be able to supply all the required bitcoin, which means you have people selling bitcoin for USD, lowering the price.
The reason we see a drop on other exchanges (though it's already far less than 30% now) could be:
People think it is a problem with Bitcoin, even if it isn't. The price drops because people sell, which has nothing to do with whether the reasons why people sell are real or not.
People guess bad news means a price drop, so sell in the hopes of buying back lower (which makes it a self-fulfilling prophecy).
People hoping to take advantage of arbitrage - sell a load of bitcoin they have on Bitstamp etc, buy the much cheaper bitcoin on Mt Gox. This will tend to equalise prices, but means the cheaper bitcoin on Mt Gox will affect the prices on other exchanges.
Yes, one exchange can affect the others' prices, but the OP was talking about the technology, and whether the problems here could be faced by other exchanges.
Let me think through this turn of events, hypothetically obviously:
"Oops! There's a nasty hole here that I failed to fix, I'll take the system down for third party transactions"
"Oh look, the BC price has plummetted I'd better buy some"
"I've fixed the problem that I knew about all the time, carry on folks!"
"Oh look how the BC price has now risen due to increased confidence in my newly secured system."
""Wow, look how much money I've made from BCs that I bought when they had crashed in value after I knowingly took down the system in the full knowledge that it'd cause a temporary reduction in value ..."
BC market manipulation cynic ... me?
@Charles Manning
Bitcoin is an incredibly elegant solution to fiat currency which is controlled and manipulated by our govt masters on a daily basis 24x7x365 in order to keep us all in check. As far as I'm concerned it is way ahead of it's time and whilst yes it is difficult to understand and few in the world really do understand it in great detail (at the moment.. in a few years it will be taught in schools and universities) the same could be said about Einstein's theories after so many years... but that doesn't mean it won't change the world or it should be stopped. Infact it is unstoppable, if countries or governments ban it it will re-emerge in another form. The real beauty of it is that it's a distributed consensus platform and that is the real invention on which everything else is built and I believe that we'll be building much much more than a distributed currency on top of this... already moves are afoot in this arena. And guess what... it's all open source so there is nothing stopping you or I from downloading and studying the source code. This is a pivotal moment in history where we will see the old establishment in a real fight to retain power and resources.. I for one am going to be doing more than just getting the popcorn, this is one to be involved in :-)
One badly put together and run exchange isn't going to bring down Bitcoin itself, although personally I think they're clutching at straws with the "OMG Bitcoin is broken" response - I fear that whoever has their money tied up in gox is..well... goxed - perhaps that will be in the dictionary before the end of 2014;-).
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
