* Posts by Ben Tasker

1298 posts • joined 23 Oct 2007

Page:

Alleged hacker Lauri Love loses extradition case. Judge: Suicide safeguards in place

Ben Tasker
Silver badge

Re: Controversial

But, to stretch the analogy, you wouldn't get to claim the cost of installing an alarm as damages against the car thief either. The thief stole the car and gets done for that, you don't get to claim back the cost of doing what you should have been doing in the first place.

In other cases though, the US has tried to reach the bar for damages by including the cost of implementing security that should have been there in the first place.

So whilst he shouldn't get off scot-free he's not wrong when he claims it won't actually be justice that's metred out in the US

6
3

Swedish appeals court upholds arrest warrant for Julian Assange

Ben Tasker
Silver badge

Re: Very few commenters seem to know the facts of this case...

> 2. Assange has not been charged and he is not wanted for trial.

FFS, if by now you don't know why that's bullshit you're either being willfully ignorant or are just too plain dense to conceive that different countries have different legal systems.

He cannot be charged (and therefore cannot be wanted for trial) until after the interview they want to have with him. It's not a difficult concept, and it's not new.

> 4. Assange has not "refused to come to trial or indeed be questioned".

No, but he (the suspect) is trying very hard to dictate how and where that happens. What other suspects would you say could get away with that?

> 5. Assange did not "flee".

For a start, he's a bail jumper which most would consider fleeing. Secondly look up tje circumstances of his departure from Sweden. Not that whether he flee'd Sweden really matters, if he left to visit his Great Aunt Norma the requirement for him to go back wouldn't change.

Maybe try reading a wider range of sources and verifying facts a little more thoroughly. It might be a fact that he's not been charged, but there's another fact that explains why and that its not unexpected.

17
8

Bug of the month: Cache flow problem crashes Samsung phone apps

Ben Tasker
Silver badge

Re: Mono

Yes and Yes.

Xamarin bug is here - https://bugzilla.xamarin.com/show_bug.cgi?id=39859

Edit: clicky

10
0

We want GCHQ-style spy powers to hack cybercrims, say police

Ben Tasker
Silver badge

Re: on the rights of man and common sense

>> increase the risks criminals need to take

>

> struggling with ideas here that don't involve logging everything everywhere. fuck off.

Perhaps reduce the time wasted on fighting for things that harm us all and focus on doing some actual police work? More coppers doing what they're supposed to be doing should increase the risk of getting caught

>> ; remove the excuses for it

>

> Does anyone have any good excuses for cyber crime? Crap wars in foreign lands?

I've got a sinking feeling that in the future we may all have a good excuse - they've clamped down so hard on things that "normal" stuff like using https is now potentially a cybercrime.

4
0

Dropbox: Leaked DB of 68 million account passwords is real

Ben Tasker
Silver badge

Re: Can someone explain

With bcrypt, the salt is stored in the "hash". The output of bcrypt is essentially a string containing the actual hash - in effect ${cost}${salt}${hash} - so if you've got the bcrypt "hash" you've got everything you need except the real password.

But that's fine, because a salt isn't intended to be secret, it's intended to make it more expensive for an attacker to try and bruteforce hashes

2
0
Ben Tasker
Silver badge

I emailed them back in 2012/2013 to ask if they'd been compromised because the alias I'd used for them started receiving spam. They said no

Feeling a little vindicated now

3
0
Ben Tasker
Silver badge

Re: Ummm

> I am also not sure the attacker "would need the salts". Generally they are right next byte to the hash, possibly after or before a separator...

Absolutely correct - with bcrypt the salt is stored within the "hash", along with the cost used and the resulting cipher text. The cost and salt get split out of the stored string when testing a submitted password.

1
0

£1m military drone crashed in Wales after crew disabled anti-crash systems – report

Ben Tasker
Silver badge

> Millions of pounds of hi tech equipment destroyed for want of a £1 microswitch.

By the time it's been rated "aviation safe" it'll cost much more than £1. I remember seeing £20 spanners coming into the aviation workshop still carrying a price tag that indicated they'd cost 10x as much. Partly because Government contract, partly because they'd been rated as OK for use on aircraft.

So that £1 microswitch may well cost hundreds, if not thousands from the supplier

3
0
Ben Tasker
Silver badge

Re: The Real Lesson

> Is that this drone was of a horrible design.

Pretty much my takeaway as well.

> if Master Override is activated and one of the altimeters is malfunctioning, the Watchkeeper opens up its “ground touch” window from 1m sensed altitude to 20m sensed altitude. In other words, the drone might decide it has landed even when it is still 65 feet up.

Clearly whoever designed this was trying to solve a specific issue they predicted might happen, but didn't give enough consideration to what the actual ramifications might be

13
0

Thieves can wirelessly unlock up to 100 million Volkswagens, each at the press of a button

Ben Tasker
Silver badge

Re: Quick Release or build it like it is in my head

Inevitably leading to someone having to stand at the tobacco counter at Tesco's as their icecream nelts and say, errr... has anyone handed in a steering wheel? I'm sure I had it when I paid, but can't find it anywhere

Not that I once realised I'd left my wallet on the counter once I'd driven 100 miles. Thankfully there was enough diesel in the tank to get back

12
0

Idiot flies drone alongside Flybe jet landing at Newquay Airport

Ben Tasker
Silver badge

Re: Ban Them!

> Me neither. *shakes fist at pesky adblocker*

Same here. Was only yesterday I was debating whether to whitelist the Reg so they could earn some income from my views. Guess that settles it.

11
0

Hilton hotels' email so much like phishing it fooled its own techies

Ben Tasker
Silver badge

Re: Banks are just as bad

Perhaps if you'd clicked it it would have resent the email, but in a larger font this time to try and get the information to sink in?

But yeah, I've had similar from my bank - we take account security very seriously, click this link to a random looking domain to find out how to avoid getting scammed

12
0

Julian AssangeTM to meet investigators in London

Ben Tasker
Silver badge
FAIL

Re: He's on Ecuadorian Soil...

> Assange is not in the EU or the UK, he's on Ecuadorian Soil,

No, he's on UK soil.

The whole "an embassy is foreign soil" is a Hollywood thing, not a real-world thing.

The Vienna convention prevents us from going in without very good cause, but to do so wouldn't be an invasion of foreign soil. The real risk is that failing to respect someone else's embassy would lead to British embassies suffering the same.

> No one has come off well in this, least of which the UK Government. The original offence (if there ever was one) has long been served, by his self imprisonment.

Except it's self-imprisonment so it doesn't actually count. If you're expecting that you'll be convicted of something you can't just hole yourself up somewhere of your choosing and then claim time served, that's just not how it works.

16
0

The developer died 14 years ago, here's a print out of his source code

Ben Tasker
Silver badge

Re: Mr Robot

>  when you see people in DC doing whatever they're doing, while wearing t-shirts but not seeming to feel the cold.

I don't think I've ever felt the need to layer up in the DC. I have occassionally had to leave the hot aisle because I was getting too warm though. A tshirt is otherwise normally fine, but its possible Ive built a tolerance since the smoking ban exposed me to the elements more frequently

Oh, and Ill usually have something in/over my ears if Im going to be in there for too long. Not so much the volume as the constant exposure that gives me a headache.

2
1

Dying satellite sends boffins one last surprise before disappearing

Ben Tasker
Silver badge

Because if you kick the mistake makers too hard, by firing them or making it impossible to continue with their jobs, then you lose not only the skills you've invested in but also the learning from the mistake. Do something wrong in the armed forces and you're often demoted - you have to earn your way back up.

Yup, an employee who's fucked up and been punished is usually still a more productive and useful asset to the company that an employee who hasn't yet fucked up and hasn't learnt to exercise a little more care. I'd rather someone who didn't fuck up because they'd learned to be careful than someone who's just got lucky so far.

Firing is for the willfully incompetent/negligent and for those who never learn to exercise care. Everyone else should get the chance to learn from mistakes.

And firing someone to "make a statement" (i.e. for political purposes) should probably be a sackable offence too IMO, as it's throwing away the company's investment in that person for no good reason.

4
0

Meet the 1,000 core chip that can be powered by an AA battery

Ben Tasker
Silver badge

Re: Why?

It's part of Skynet:

....the chip can execute 115 billion operators a second while....

But seriously, as others have said - does there need to be a "why" for trying everything new? Once a technology is developed, uses will generally be found for it, and otherwise unthought of technologies sometimes grow up around them

0
0

Tor torpedoed! Tesco Bank app won't run with privacy tool installed

Ben Tasker
Silver badge

Tesco are using DNSSEC for their financial arms right? right? Oh wait, no they're not. Hell, they're not even using HSTS or HPKP

Got curious, turns out they're not the worst of the lot, even if far from great.

0
0
Ben Tasker
Silver badge

Also considering the risk of poisoned exit nodes & MITM, while TOR is great for anonymising your origin you probably can't trust it to protect your identity and personal details that you transmit

Well, how about the App actually verifies the certificate it receives, and they use DANE to ensure that the fingerprint of the provided certificate matches the certificate they _know_ to be real.

Then the exit not only has to MITM the SSL connection (using a publicly trusted certificate), but also has to find a way to return a valid, _signed_ response to the DNS query.

Tesco are using DNSSEC for their financial arms right? right? Oh wait, no they're not. Hell, they're not even using HSTS or HPKP

Implementing actual checks on the certificate being provided would benefit all users, tor and non-tor. Instead, they leave their app checking the local system whilst ignoring the large expanse of network between the client and the server.

4
0

Mark Zuckerberg's Twitter and Pinterest password was 'dadada'

Ben Tasker
Silver badge

Re: As for username and password,

Personally, I don't know the answer to any of my secret questions. I generate a random string and paste that in.

Passwords are in a manager so the questions shouldnt ever be needed, and if they are Ive bigger things to worry about.

Does mean it's a right shit when a site suddenly updates login to include "enter character 6 of the answer to your security question" though.

0
0

Jacob Appelbaum quits Tor Project amid 'sex misconduct' accusations

Ben Tasker
Silver badge

Re: The blog ppst

> No, I linked to a page on the Tor Project blog only, not the website Appelbaum mentions.

Strange then, the second paragraph of the statement is a bit unnecessary IMO, but otherwise not quite sure it'd fall under defamatory, even if the language is a little woolly

0
0
Ben Tasker
Silver badge

IOError's Statement

Jake has (just) published a statement - http://www.twitlonger.com/show/n_1soorlp / https://twitter.com/ioerror/status/739731362404536320

2
0
Ben Tasker
Silver badge

Re: The blog ppst

I don't know, but I suspect at least one of the deleted comments probably linked to the domain that's been, err, dedicated to ioerror - which very definitely does contain a lot of defamatory stuff.

No idea whether the allegations are true (other than that he can be a knob at times), but that site and the social media witchhunt make me sad to be part of the community. There's no reason for everything to have been done quite so publicly (the site in particular), particularly at this stage, and for a privacy loving community to seemingly take so much delight in a public burning doesn't sit well.

5
0
Ben Tasker
Silver badge

> I take it you're British? No freedom of speech, your votes don't count,

Funny, those first 2 seem to apply to the opposite side of the pond too.

As far as the monarchy goes, it seems at last check, they bring in more money that we pay to support them, which seems to be in line with the capitalist dream, no?

7
1

'Windows 10 nagware: You can't click X. Make a date OR ELSE'

Ben Tasker
Silver badge

Re: What date is good for you?

> And unless VM support for DX12 comes along, I don't trust virtualizing a gaming rig with a Steam collection that's Windows-only and VM- and WINE-unfriendly.

Not saying it's necessarily the right solution for you, but one option would be to do something like this

http://lg.io/2015/07/05/revised-and-much-faster-run-your-own-highend-cloud-gaming-service-on-ec2.html

Edit - making link clicky

3
0

Don't panic, says Blue Coat, we're not using CA cert to snoop on you

Ben Tasker
Silver badge

Re: Symantec

Browsers need to start tracking the certs for each website and if the certs change, then its untrusted even if Symantec say its trusted.

That's already possible with HPKP and/or DANE.

Googles certificate pinning, is Googles log, I have no reason to trust Googles logs either.

If you don't trust the operator of the site (in this case, Google), why are you exposing your system to their services?

1
0

Thai bloke battles jumbo python in toilet todger thriller

Ben Tasker
Silver badge

Re: Is it just me, or...

Surely we've all dealt with a user or a boss where we've thought I'd rather feed my todger to a snake?

Or... alternatively, it might be we're currently in bootnotes ;)

14
0

Hacked in a public space? Thanks, HTTPS

Ben Tasker
Silver badge

Some go further that that and are included on a list pre-baked into the browsers. So on a virgin install of Chrome (for example), if you enter http://www.google.com it should change to HTTPS without bothering to try port 80.

Helps to remove the inherent risk in just HSTS when talking about users who're visiting your site for the first time.

0
0

Hewlett Packard Enterprise hiring temps to cover for redundancies - sources

Ben Tasker
Silver badge

They're your statutory rights, you can't waiver them. They can throw money at you and make you sign something in the hope you don't use them, which is something different

True, however, they can have you sign an agreement which states that in return for the "advanced redundancy package" you won't exercise those rights.

If you then choose to do so, you lose out on the "advanced" element and fall back to being eligible for a statutory redundancy (1 week per year), in the hopes of perhaps getting a better payment, which will almost certainly be calculated using statutory values.

So, no, you can't waive your statutory rights, but by actually exercising them you effectively throw money away.

5
0

'Knucklehead' Kansas bloke shoots self in foot

Ben Tasker
Silver badge

Re: Acts of God...

> Also, ankle holsters are crap except in very particular circumstances.

For example when you're a leggy femme fatale in a movie that's just looking for an excuse to show some leg :)

It might be a limited imagination, but I can't think of a civilian circumstance where it'd likely be beneficial as it's more of a "backup" thing

3
0

Linux greybeards release beta of systemd-free Debian fork

Ben Tasker
Silver badge

> Most of the problems with systemd stem from not knowing or not caring about how to use it

I think that's a little unfair, but, that said, the very presence of systemd on a system can also lead to a systemd blinker coming down when troubleshooting.

I actually spent some time dealing with an issue earlier. For some reason systemd-udevd had started deciding to rename a NIC from it's configured name to "rename2".

I'm sure Lennart's ears were burning for a little while, until I looked a little closer and remembered what fuckwits Realtek are.

The NIC in question is part of a bond, and on the reboot just before the issue, systemd got impatient waiting for the network to come down cleanly, so just shut it off. On boot, the RTL driver reads the MAC from the NICs volatile storage (instead of the PHY) so got the bond's IP instead, which of course matches the other slave. So two NICs matched the same udev rule...oops

Blaming the (sometimes) clusterfuck that is systemd is too easy and rarely solves the problem itself.

But systemd isn't faultless either, just as some distros managed to ship flawed selinux configs (apache context? Nah, won't need /var/www/html). It's got it's problems and journalctl is a fair example (system hung and want to know why? Sorry the binary log is corrupted). Being able to pass through to rsyslogd is a bandaid not a fix for the issue

Or, as others have pointed out, the NTP issues.

5
0

E-cigarettes help save lives, says Royal College of Physicians

Ben Tasker
Silver badge

Re: "E-cigarettes help save lives, says Royal College of Physicians"

In the past when I've said similar, I've had people say "you think the cig is calming you, but actually it's just satisfying the addiction, making the cravings go away"

Because, you know, the twat who pushed untested changes to production clearly had nothing to do with the irritation in the first place..

4
0

The case for ethical ad-blocking

Ben Tasker
Silver badge

> YouTube is advertising for the artists whose material it hosts

Yeah, there are more than a few bands in my collection now who I stumbled across on Youtube, listened to for a bit and then went and bought their album. Some of those were direct sales as well, as they were small bands I'd likely never have heard of if I hadn't come across them on Youtube (At least one of the bands didn't even have an english language website).

5
0

Ad-blocker blocking websites face legal peril at hands of privacy bods

Ben Tasker
Silver badge

To be fair, as much as I don't like it, I personally think he's got a potentially valid argument on this one:

> Adblock detection tools store and execute scripts on the client to detect behaviour of that client (are they using an adblocker).

He's entirely correct that the only storage in use is the cache, which the publisher has little to no control over, and shouldn't really be considered persistent storage in the way the cookie jar is.

On the other hand, that doesn't automatically mean the EPD doesn't apply - it'd be for a court to determine. And he can't be ignorant to the fact that finding out would likely be prohibitively expensive for the advertiser on the receiving end. Far better to fix the behaviour IMO.

He's also right that the response seems to be based on the assumption that scripts are stored, so, again, the above applies - would need to be determined by a court.

But, he definitely seems to be pushing an agenda, and weakens what could be a valid point with some completely out-there arguments.

5
2
Ben Tasker
Silver badge

Re: snooping my machine

Now, if people would only pick sites based on how bad or good ads on them are, then the same evolutionary process would take place on the market of ads, and they would get all better.

Or, perhaps, things could work the way they should. Advertisers sort out the state of their own house, and people pick sites based on the quality of the content they're going there to see. No-one picks a site based on ads, though they may be pushed into avoiding it because of the ads.

As others have said, the "free market" doesn't seem to work with advertisers. Google's Adsense became hugely popular at one point, in part because the ads were largely text based and non-intrusive. Have advertisers learnt from this success, or are they still pushing flashing animated shit over our pipes? Did the popularity lead to a reduction in that kind of shite? Temporarily, maybe, but it seems to have been whilst the advertisers regrouped and then pushed back with even more crap.

12
0
Ben Tasker
Silver badge

Re: Bull

But do they?

I've seen this excuse used in so many places. You don't actually get a choice as the damage is often done before you even get a chance to say "no"

Nail on the head.

Generally, you visit a site because the page you're browsing to looks like it might contain the information you're currently after. But, until you visit, you have no idea what the "cost" will be - what JS will run, what third party trackers they use etc.

Once you've found out (and most users never do, because they don't look), it's too late, because it's already happened. All you can do is not visit in future, limiting it to one occurence (for that site). Which means it isn't anywhere close to informed consent and doesn't count.

33
1

'No regrets' says chap who felled JavaScript's Jenga tower – as devs ask: Have we forgotten how to code?

Ben Tasker
Silver badge

Re: Azer's childish decision

All that was in dispute is the modules name. How that could be used to justify transferring ownership of the module is beyond me and I'd have immediately protected the rest of my code by removing it from the service too.

Agreed, it was an arbitrary decision made with no real grounding in rationality. I'd have pulled my code and then spent some time considering whether I wanted to continue being involved with NPM given the new knowledge

I can understand the logic behind their decision to not allow unpublishing after 24 hours, but on the other hand, it's my code and I now have to ask permission to withdraw it? The end result of that, presumably is going to be for a dependancy to just sit unmaintained

12
1

90% of SSL VPNs are ‘hopelessly insecure’, say researchers

Ben Tasker
Silver badge

That was the argument I was going to make, until they mentioned that just sticking with the vendor's default accounted for a good number of those. That's a different kettle of fish.

That aside, using a certificate signed by your own CA doesn't offer any issues IMO, so long as the clients trust your CA. In fact, if you're using a client that can be told to _only_ trust your CA then even a cert from a compromised public CA becomes less of a vector.

Having a cert issued by a publicly trusted vendor has it's value when it's randomers hitting your service (e.g. a https site), but when the end client is one you control (e.g. a work laptop) or operated by someone you're associated with (like a colleague) reducing trust to a CA you control has some benefits

3
0

Brit spies can legally hack PCs and phones, say Brit spies' overseers

Ben Tasker
Silver badge

Re: English

I though the standard for those was Chinglish?

1
0

Heart Internet in 22-hour TITSUP after data centre power stuffup

Ben Tasker
Silver badge

Re: The servers may be up...

Yeah, I spent some time this morning recovering databases from backup as the sudden power interruption wasn't particularly appreciated by InnoDB.

They did a reasonable job of updating their webhostingstatus page, but I can't help think a cursory notification email would have been nice once they were aware there was an issue

3
0

Leak – UN says Assange detention 'unlawful'

Ben Tasker
Silver badge

> What exactly was he hoping to achieve from this?

The only conclusion I've been able to come to on that one is - his name in the news again.

If the report says it was unlawful, it makes no difference as it has no legal sway whatsoever. Assange's supporters no doubt will be all over the net saying "the UN has ruled Assange's treatment illegal" I'm sure, but other than that very little real difference.

If the report had come back and said it was 100% lawful, does anyone believe he'd actually have walked out of that embassy and accepted arrest?

It's essentially a publicity stunt and nothing more

3
0

BT broadband is down: Former state monopoly goes TITSUP UK-wide

Ben Tasker
Silver badge

Re: self-generated DDoS

It would. 'Cos like I said, while the BT Wholesale CentralPlus service was around (which was designed for and exclusively used by BT Retail), it don't need no username and password for authentication, just the circuit ID,

Ever so slightly different now (or was 6-9 months ago, whenever they put my Infinity in).

The username/password still isn't technically used by a HomeHub. The Modem's MAC is whitelisted and the authentication works/fails based on that - they managed to send out a batch of HH's without authorising them to connect them to the network, so I had a very confused engineer here at the time.

As others have said, yesterday, CHAP was failing. Prior to that though packets were making it 1 hop into BT's network and then falling off the network

0
0

The monitor didn't work but the problem was between the user's ears

Ben Tasker
Silver badge

Re: Old IT joke

Try explaining to the new Commanding Officer in a military unit why it is that the power-cut has affected his office (not operationally essential) and yet all the sockets and lights in IT's office are still functional.

The operational reasons of making sure the office, DC and path to the DC stay live are obvious, but the explanation is somewhat undermined when it's pointed out that your coffee machine is plugged into one of the "essential" sockets.

13
0

Research: By 2017, a third of home Wi-Fi routers will power passers-by

Ben Tasker
Silver badge

Re: Non-starter, at least here in the US

That's assuming it surfaces over your usual IP address as NAT of course. Anyone know?

I can't remember exactly which of the two it is (I believe the latter) but the way BT's works is either

- Goes out over a VPN

- Goes out with specific DSCP markings to differentiate

(IIRC it changed from one to the other at one point)

In either case someone downstream will be able to tell the difference - it certainly gets NAT'd away from your WAN IP before it goes anywhere near the net at large so won't help with snooping by Google either

0
0

'No safe level' booze guidelines? Nonsense, thunder stats profs

Ben Tasker
Silver badge

Re: What's the point of living?

@Stuart 22

I've just marathoned the last season of Peep Show so in my head it was Jeremy's voice saying - fits perfectly so have an upvote

0
0

It's 2016 and idiots still use '123456' as their password

Ben Tasker
Silver badge

Re: idiots still use '123456' as their password

Depends how many drinks she's had ;)

2
0
Ben Tasker
Silver badge
WTF?

Errrr

Not to be picky, but the blog linked to in TFA has a recent post appearing to be the one TFA is referring to, except that it was posted a year ago and the included list is from 2014's top 10.

El Reg hasn't accidentally fallen for the tweet old content as if it were new trick has it?

Edit: looks like this is the correct link https://www.teamsid.com/worst-passwords-2015/

2
0

What if China went all GitHub on your website? Grab this coding tool

Ben Tasker
Silver badge

My site uses on the wire encryption, so shouldn't cause any issues for anyone visiting my humble slice of the net.

On the other hand other sites may not keep up with things, and gating punishes the users not the admins (though if it's severe enough, they may well see a drop in traffic which should provide some motivation if they figure out why).

Personally, if I were implementing the gating (and couldn't opt not to) the one big change I'd make is to implement a notification system, something like the following

- User A visits example.invalid via HTTP, feature X is gated so browser effectively disables feature on that site

- User A's browser generates a HTTP request to example.invalid with a recognisable request path (something like /gated-feature-denied.html) with a User-Agent string including a URL to documentation explaining the gating

At the moment it relies on users actually bothering to tell site admins, which most won't. If you're going to punish the users, make it damn easy for the admins to realise this is the case.

0
0
Ben Tasker
Silver badge

"I only want my HTML, and don't need no stinking cert" crowd are unlikely to be too bothered about JavaScript.

I wouldn't be so sure on that one.

Personally, I'm against the idea of browsers gating "core" functionality on the presence of SSL/TLS. Ultimately the user is being punished for something they have no control over. You can argue they can go elsewhere or bitch to the webmaster, but what if they've spent hours trying to find something niche and this site looks like it has it, but is http only?

On the other hand, blocking certain things might be more appropriate. You can have JS but no XMLHttp/XHR and no cross-domain requests (i.e. posting a form to another domain). But then you're increasing complexity and likely still leaving holes.

Either way though, sites need to start getting their act together and looking out for their visitors. Especially anywhere which might be considered a popular destination, such as an IT centric UK based lesbian website ;)

1
0

BTC dev: 'Strangling' the blockchain will kill Bitcoin

Ben Tasker
Silver badge

Re: Bit bollocks more like

I sat down with a colleague and tried to work out how to pay for something in Bitcoins. It's the most fiendishly complicated way of paying for anything that I've ever seen

Open (or log into) wallet. Enter recipient address and amount, click send.

What's fiendishly complicated about that?

Laying your hands on BTC is only slightly more complicated than getting your hands on foreign currency (assuming you're going the exchange rather than mining routes).

There are plenty of (valid) criticisms of bitcoin, but I'm really struggling to see ease of use as one of them. Unless you count finding a merchant willing to accept them of course.

Even at the other (seller's) end, it's not particularly difficult. Generate a transaction specific address, display that and outstanding balance to user. Monitor transactions against that address, waiting for n confirmations and then mark payment as complete.

5
2

Dear Santa: Can gov.UK please stop outsourcing?

Ben Tasker
Silver badge

Re: Law against offshoring

Also a bit crap if you expand and go global. Now available in Asia, but sorry Asians, our call centre is open 9-5 UK time.

It'd probably keep jobs here temporarily, but UK based businesses would be unable to compete with non-UK business so we'd likely all end up jobless in the long run

10
2

Page:

Forums