A cunning plan.
Smash the system you leach millions of hours of processing time off just to exist.
Let me know how that one works out.
Blockchain-fanciers have been told to stop the "sexy noises" about its use in fintech and get real – though others remain hopeful the tech can hitch its cart to the techlash bandwagon. "The world we're talking to only sees the crypto hype, and at the moment they're also seeing the crypto demise," Lisa Short, founder of Changer …
"There's no reason to know [it's using blockchain]," he said. "Why do you care? It should be that you use an application and it works."
One reason to want to know whether a system is using blockchain is that one might wish to avoid systems built on hype and snake-oil, and one might consider the use of blockchain to be an indicator of just such a system.
Even at the end of this article, on applications of blockchain, I have heard 'in shipping', but no actual instance where it would come in handy.
Blockchain needs a situation there is no central authority, many actors who cannot band together to sully the record, and a regularly updated database of information, but not very regularly (to stop the record getting too big). The actors will need to want to do this repeatedly, as it will require some setup to work.
Everything was going well for the Land Registry until the last statement. Once that falls, I don't see the point of it in any situation that cannot be replaced by a cryptographic signing. Smart contracts are bullshit: just encrypt the contract with both of your private keys: then you both keep the double-encrypted version. There's a dispute? You both decrypt the contract in front of the court. One of you refuses to hand over the key? Fine, you lose the dispute. You lose the key? Well, that happens with contracts as well.
You don't need to *encrypt* the contract - just sign it with your private key. Losing the corresponding public key should be harder because you don't need to protect it - you can stuff it in the cloud, print in on paper, make thousands of copies (and you opposite number can keep a copy of it too).
"You don't need to *encrypt* the contract - just sign it with your private key."
How does that stop the contract being changed after the signing process? Unless the signature contained a checksum of the contract, which is from my perspective the same thing as encrypting the contract.
I was also discounting the existence of public/private keys. If you allow them then that's fine, but private/private keys are more secure, as this is a situation when other people don't need to encrypt stuff for you.
""You don't need to *encrypt* the contract - just sign it with your private key."
How does that stop the contract being changed after the signing process? Unless the signature contained a checksum of the contract, which is from my perspective the same thing as encrypting the contract."
The whole point of digital signatures is they actually indeed contain a secure checksum of the contract. Otherwise, it would be useless.
>Unless the signature contained a checksum of the contract, which is from my perspective the same thing as encrypting the contract.
No they are very different.
A digitally signed contract can be read by third-parties, an encrypted contract cannot be read by third-parties unless they have the key and means to use the key...
I don't see the point of it in any situation that cannot be replaced by a cryptographic signing.
That's really what it is. The decentralisation stuff is really just a distractiion. In any contract the parties can agree to use an indepedent third party to hold the signed contracts / chain. There is just no need for chains that span multiple, mutually independent contracts, hence requiring the spectacularly expensive infrastructure of the crypto-currencies.
And, if Oracle is offering it, you can be almost certain it's something you neither need nor want.
Most hype comes from parties who by default think you should not trust anything and anybody. Just, it means you should not trust the blockchain too - which is still an agreement from multiple parties, and if can control enough parties, you can control the blockchain. They believe the sheer number of the parties won't allow it, but there's actually no warranty about it.
Cryptography could allow to hinder frauds inside centralized systems as well. Obviously if you believe centralized systems should not exist because they are symbols of Pluto-judaic Masonic Lizards power, thatìs another matter.
That's not fair. Smart contracts are also an opportunity for stealing massive amounts of money. Like tens of millions of dollars in a single attack.
Karen Levy and others have argued that smart contracts are not contracts. As currently implemented, they're not very smart, either.
Ah, you misunderstand, it is a solution to aid in the business case of needing ever more data centre capacity.
My understanding is the blockchain is mind-bogglingly inefficient requiring huge amounts of compute to achieve bugger all and in the process creating yet more problems for energy use.
The only winners here are the energy and data centre suppliers.
the blockchain is mind-bogglingly inefficient requiring huge amounts of compute to achieve bugger all
That's true of large proof-of-work applications built on blockchain, such as Bitcoin. It's not necessarily true of all blockchain applications.
That said, I too think blockchain is wildly overhyped. There are some potential valid use cases for Merkle trees and other chained-hash graphs, but the attributes popularly attributed to blockchain (decentralization, etc) rather miss the point. The real advantage of a Merkle graph is that you don't have to recompute the verifier over the entire domain for each insertion. There are various applications of such a primitive.
But that isn't some sort of differentiator that explains what problem blockchain solves in this space. Public audit trails have been possible and used from long before computers existed, after all. How, taking into account all of the benefits and drawbacks of each, is using blockchain better than the existing methods?
Wow - 3 politicians read El Reg!
For those that didn't understand the joke, I wuz stating the bleedin' obvious, not agreeing with it's use!
@JohnFen Totally agree - as I see it, there's no obvious benefit over any other system that existed before. More smoke and PR puffery. And don't get me started on the waste of resources that are cryptocurrencies...
PS. For the downvoters, I've got a bridge for sale, hardly any wear & tear. No payments accepted in Bitcoin.
I still struggle to think of a single scenario where blockchain can be used where the problem isn't already solved or solvable with other simple solutions.
Sure it's an interesting idea but none of the use cases tend to hold up to scrutiny - often the only reason for looking at or using blockchain as the solution is 'because it's blockchain' and the attached hype.
So not so much a solution looking for a problem as a solution to problems that were already solved.
And what problem is crypto-currency solving? You can hardly buy anything with any of them, I don't know about this conference but in the past, even many crypto-currency conferences didn't accept crypto-currencies as payment. If you want to pay for something anonymously you could pay cash. If it's a large amount where cash is impractical and you need to remain anonymous then odds are that what you are doing isn't legal.
So other than facilitating money transfers for criminals, what good is crypto-currency?
You can't send cash remotely other than by courier or mail service. Both have a significant risk to your money with no insurance available for the transfer and very limited tracability.
If you want anonymised, decentralised currency token transfer with full auditing and accountability then that is problem it is solving. If you don't want that and want to pay someone face to face with cash then there is nothing to solve.
"You can't send cash remotely other than by courier or mail service."
Sure you can. I've done it. There are several methods available, but prepaid debit cards are the easiest (you can load the card from anywhere, without having to physically possess the card).
That's not entirely anonymous, as the card company knows when and where you withdraw the money, but you can, at least, load the card anonymously.
Not to take away from your point (which is valid, although an edge case), but...
if the payee is willing to cooperate (and payees always have to cooperate for any payment method, anonymous or not) then there are several mostly anonymous options including the use of prepaid debit cards, using masked virtual credit cards, or even using PayPal, if you're careful (there are a few considerations to take into account to do this, but the most important are to make a PayPal account that is only used for this, access it only through a VPN that hides your real IP, and to link your account to a prepaid debit card so that it is not associated with a bank account that can be traced to you.)
It solves*1 the problems of "I want to carry money with me in such a way that it can't be robbed from me"*2, "I want to be able to send money without involving a bank or credit company"*3, and "I want a store of value that is difficult for some entity to devalue"*4.
*1: Solves the problem, problem is only solved with good implementation and good usage, which is not really there. However, it is capable of solving that problem if people started treating it as a currency instead of a high-risk investment opportunity.
*2: It can't be robbed from you: Without the encryption code for the device, the robber has only gotten your phone/computer. Your private key can and should be stored elsewhere, and you would still be able to retrieve the money. Cash would just be gone, and credit and debit cards could be used until you manage to cancel them.
*3: Pay without needing a bank: For example, when traveling in a country where skimming and fraud are common.
*4: Difficult to devalue: It is difficult for an entity to identify that you have it and decrease its value or steal it from you. This isn't a major concern in our countries, but could be a big deal in countries whose control of their monetary policy is inept. This would require its value to be stable, but unstable value isn't an intrinsic quality of cryptocurrency as a concept, but instead how it is run.
All this said, I am skeptical of most cryptocurrency ideas and very skeptical that there is any good use for the blockchain outside of that.
"It can't be robbed from you: Without the encryption code for the device, the robber has only gotten your phone/computer."
It only solves the problem if you restrict the problem space to burglary. It doesn't solve the problem of getting mugged. The mugger would just do what muggers do with ATM cards: force you to do the transaction yourself.
1. While the blockchain is secure, wallets are not. And in reality, you are at far higher risk of having bitcoins stolen than having your bank balance stolen.
The threat model that blockchain mitigates is people hacking into the bank's servers and changing the ledger. However, that is not something that happens in reality. What actually happens is that people steal bank staff credentials and use them to make transactions. This also happens with a much greater frequency at bitcoin exchanges. Also, if my bank balance is stolen, I have a much better chance of getting it back.
2. How is this more secure than Apple Pay, or a banking app on my phone?
3. You need to elaborate why using a bank to make payments is a bad thing, and using bitcoin mining companies to do it is better.
4. Bitcoin performs a lot worse as a predictable store of value than almost all government issued currencies out there. To keep the value of a currency stable, you do need a central bank to control the supply, and bitcoin makes this impossible. I'm worried about the future value of Sterling, but I deal with this by keeping my spare cash in Euros, not in a cryptocurrency.
I addressed most of those issues in my original post. I'll cover them again here and fill in some gaps.
"1. While the blockchain is secure, wallets are not. And in reality, you are at far higher risk of having bitcoins stolen than having your bank balance stolen."
True in some cases, false in others. Against your standard street criminal, the cryptography on mobile devices is a lot more of an impediment than typical antitheft systems on credit cards. Money can be stolen from online we-buy-the-crypto-for-you systems, but I'm not talking about those. I'm talking about the systems where you have your own wallet stored on your own devices.
"2. How is this more secure than Apple Pay, or a banking app on my phone?"
It isn't particularly, but that isn't supported in very many places because Apple, the bank, and the payment location all have to work together on the thing, subject to local laws, etc. In most cases, I'd rather use this, but it is worthwhile to consider that cryptocurrency processing is less centralized. If it had a value (see point 4 and the original post), payments would be more straightforward with a similar level of security, and it would be supportable in most locations. And you wouldn't have to have a specific device, accounts with any company, or credit system.
"3. You need to elaborate why using a bank to make payments is a bad thing, and using bitcoin mining companies to do it is better."
Wrong. I didn't say that. I said that banks have downsides. They include the problems of skimming (this happens more frequently in some places, and even if you can get your money back, it's not ideal to have it stolen in the first place). Crypto can deal with some of those in theory, and you would be doing it with your own wallet rather than an untrustworthy speculation system.
"4. Bitcoin performs a lot worse as a predictable store of value than almost all government issued currencies out there. To keep the value of a currency stable, you do need a central bank to control the supply, and bitcoin makes this impossible."
I specifically noted this. I said it doesn't work with the current use of cryptocurrency. However, supply is limited by the maths, and a central bank (Venezuela's, for example) can't devalue it on a whim. It isn't so necessary for us, but people who live in countries with less stable currencies might see this as a major benefit assuming we eventually create a cryptocurrency that gets used as a currency. I'm talking about the theory. The theory isn't working right now because people think that ridiculous volatility is a good investment system, but it has useful elements.
Once again, I don't trust cryptocurrency. I don't have any. I don't see it as necessary, and it doesn't hold value at this point. But it is unfair to deny that it does fix some problems that do exist, even if they aren't problems for us.
Apple Pay maybe isn't supported in that many shops, but it is certainly a lot more than the number of shops that take Bitcoin. I'm told that Bitcoin-accepting shops exist, but I've never seen one. Even blockchain conferences want real money rather than Bitcoin.
"Crypto can deal with some of those in theory, and you would be doing it with your own wallet rather than an untrustworthy speculation system."
Crypto is an untrustworthy speculation system.
"Better than the Venezuelan Bolivar" isn't much of a selling point, and I'm not even sure it is true. Imagine if you had signed a rental contract denominated in Bitcoin. A few years back, 40BTC per month might have sounded pretty reasonable. When I first heard about Bitcoin, that would have been about $600. At the peak, it would have been a little under $800,000. If that was the real economy with that level of deflation, the situation would be way way worse than Venezuela.
The fact that central bankers sometimes do a bad job doesn't mean that you get rid of them altogether and replace them with a very rudimentary formula that doesn't take into consideration the size of the economy. You are replacing a small chance of failure with guaranteed failure.
People who are constantly banging on about blockchain in the supply chaiin, forget that it doesn't really map onto real physical goods without some massive changes to the supply chain. c.f. the romaine lettuce scare in the US recently.
Just because you can prove on the blockhain that something was done, doesn't mean that it really was, or that the item supplied wasn't substituted en-route. There's nothing stopping a bad actor from swapping out the goods for something inferior (c.f. ebay scams with empty boxes etc). Blockchain doesn't help with that problem. It might work for some use-cases (diamonds are an example?, it's heavily controlled and they have the data points to uniquely identify the origin of diamonds) but these are rare and far between.
Lets take the example of soya that is destined to be animal feed (probably to pigs, which are processed into something tasty at the appropriate time). If there was a food scare and your favourite supermarket wanted to know how the hell contaminated soya made it into their "finest bacon sandwiches"...
There are a lot of actors in that particular chain, the soya farmer, the harvester?, then the port authority, the shipping, then the distributor in the UK, the feed processor (cos they do add additional "nutrients" right), then the pig farmer, the abattoir, the people who turn pork into tasy tasty things, and finally the supermarket. There's probably more than that, so at least 10 different actors which probably means at least 10 different backend systems (if any). Every one of those would have to somehow participate in the blockhain public ledger; which is certainly possible, but I can't see a farmer in China really giving a toss about doing that, they're too busy farming (ditto the UK pig farmer, IT isn't their focus).
However, the problem isn't changing the software that manages the supply chain, the problem is *how the soya is stored*. Basically a harvest truck comes in and dumps its soya into a massive silo, that silo might be for everything that was harvested for Brazil in the past week. This happens first at the port prior to shipping to the UK, and then again at Harwich (or Milford Haven; choose a port), and then at the feed processor again; prior to mixing.
Lets say that random testing has found that Batch 47B of supernutri-mix made on the 12th/Never was contaminated. It's going to a tall order for the feed processor to be able to determine to any level of confidence which farm / region that the soya came from regardless of what the blockchain tells them. They might be able to track it to which delivery they got from Harwich, but further back up the chain?
So,blockchain; it's brilliant at focusing us on the wrong things. Sometimes it's not a technology problem, it's a people & process problem.
Anon; cos all companies need to have a story on blockchain...
Most food supply chain problems are caused by mistakes, accidental contamination, or in rarer cases fraud. I have not heard of a case where the likely source of the problem wasn't tracked down eventually. Food safety is important and even the dimmest get it. So there are procedures in place to track food from the farm to the store. They do not use blockchains.
How about journalism?
Someone, somewhere, writes a story. They pass it to a local journalist, who rewrites it to suit their own prejudices and editorial line. The journalist passes it to their editor, who makes more changes before passing to a sub editor who makes yet more.
Then it gets published - locally. It gets picked up by aggregators (think Google) and wire services (Reuters), distributed all over the world, and republished in everything from the Daily Telegraph to that weird rag you read when you're waiting for your takeaway pizza. Then it becomes fodder for approximately 80,000 half baked blog and Facebook posts. And finally it makes it all the way to Fox News and thence to the White House, becomes a presidential tweet and the whole cycle starts over, only messier.
Imagine if all these people, at every stage, could trace the whole story right back to its original form, or at least its original publication. Most of them wouldn't, of course, but if maybe 1% of those bloggers take the trouble, that's a huge boost to fact checking.
"that's a huge boost to fact checking."
I don't understand how knowing the full provenance of a given story helps with fact-checking. Whether you know path the story has traveled or not, the fact-checking process is exactly the same: you read the story, and every time it asserts a fact, you check to see if that fact can be substantiated.
> I don't understand how knowing the full provenance of a given story helps with fact-checking
It does actually. French rag Libération, to take an example, run a lot of fact-checking stories and many of them rely on determining the correct context for a photo or a report. Typical case of re-running a ten year old picture of something somewhere and claiming that it is from a recent event somewhere else.
That said, I don't believe the poster you are replying to was being entirely serious.
But with that said, if all the news stories in the world were committed into one giant Git repository, then finding the author of a given sentence or word would be just a quick "git blame" away. :-)
"How about journalism?"
That sounds wonderful! A full audit trail of how stories were written, by whom, with what modifications... That could be useful in a number of places. It would give academics a large dataset for valuable research. It would be great.
Unfortunately, it requires every person in the chain to a) record what they did on the blockchain, b) report what they did accurately, c) report all sources, even ones they don't feel proud to use or want to remain anonymous, d) explain any interference or get the interfering party to write their own blockchain entry, e) maintain the blockchain so it doesn't break, f) come up with a method of encoding all this information, for everything bigger than a tweet. So I would have to have a mechanism for citing your comment, a method for marking that I disagree because I think your theory isn't implementable, indicating that this article is how we met, citing everyone quoted in the article, the editor at The Register that looked over this article, etc. It isn't doable, especially as the thing it is designed prevent is dishonesty or laziness on the part of the writers of this stuff. If they're dishonest or lazy, they surely aren't going to build blockchain entries to point that out.
"They're on the backfoot with concerns over privacy, data, consent... the politicians are in there, and they want to legislate. For the blockchain community, this opens the door for you. Go for it."
Really? So privacy legislation requires you to remove a record but your records are being kept by blockchain. Now you find you can't remove the record without breaking the integrity of the chain.
Blockchain tech has a lot of potential when it's fully understood by the grown ups. It effectively allows the creation of a virtual computer which can be programmed to undertake tasks independently of any individual actor.
We need to flush out the speculators and scammers who piled in early.
Seems to me that what you say 'ruined it' is in fact all it's good for. It has no real-world application because it can't be directly tied to any physical process or goods. As has been pointed out above, when you use it to record the existence or movement of goods, that data input is as vulnerable to corruption as any other recording system. It is purely a virtual paradigm that can only process virtual goods. That leaves purely financial transactions and speculation as pretty much the only application.
Blockchains claim is to be a scalable distributed ledger, all bitcoin and its peers have really demonstrated so far is that they are a distributed ledger with scaling issues peddling a new trust model that requires further testing.
Bitcoin showed it could work on a small scale as a currency (albeit one for the grey/black market) but the bet was it could scale up to country or global level. So far that that scaling is clearly unproven and a lot of money was lost in the process....
For enterprise use, my question would be does blockchain supplement an existing system or replace it? If it replaces it, I suspect you have snake oil. If it supplements the existing system to provide additional “trust” I suspect you’ll fall back on contractual law if anything goes wrong, so what has really changed? Oh right, you used blockchain.
... only the blockchain itself is utterly unnecessary in every single one of them.
There is one real and useful thing that utilizes the principle on which blockchain is built. The thing is called Git. It works, pretty well at that, and its working principles are very easy to understand which makes it appealing, transparent, and bullshit free. Which, sadly, can't be said of the whole blockchain "ecosystem" (I would like to, ahem, coin the term blockchain biotope, which I believe better describes this crock of rubbish in which there is no system and with electricity requirements similar to those of a ten million nation is completely anti-eco).
There is one real and useful thing that utilizes the principle on which blockchain is built
There's one you know of, you mean.
Mercurial also uses Merkle trees. The QNX Merkle filesystem uses Merkle trees, as does the Bazil filesystem, and ZFS, and a bunch of others. Some candidate post-quantum signature schemes, such as XMSS and SPHINX, use Merkle trees.
Maybe you should do a few minutes' research before making sweeping claims?
anything claiming to be able to handle a fiscal transaction must be immediately fungible at the point of purchase, or subject to verification on purchases large enough for proper fiduciary responsibility on both sides to be managed. The blockchain process offers neither right now, and therefore will not be useful to anyone trying to use it for "legal" transactions - illegal or black market channels have other ways of enforcing that they will get their payment/merchandise.
Can someone help me with this:
"It's almost like you need to decide if you're the pipes or the water," Rowley said. "If you're the pipes, then it's not important what you're called. If you're the water, then blockchain is the thing to highlight."
So if you're the pipes, it doesn't matter what you're called? But surely you're called "the pipes" and you need to distinguish it from "the hamsters", right? Or maybe you don't care because you can put things other than water through pipes, so the pipes don't care? But you can only put a few types of things through pipes and they need to be different types of pipes for each thing. And if you're the water, then you need people to know that because they would want water service, and that's the important element. But they would also need pipes to have water service, so they need to know both that you have pipes and that you're going to put water through them. If you have water but no pipes, it wouldn't be so helpful. If you're the pipe manufacturers, you need to know that you're using these for water, both so you can build the pipes right and so the people who are hiring you for pipes can have them connected to the water systems. Which means that the people concerned are really buying water, and the pipes are just a vehicle for that. So that means we're the water, or in this analogy, we are blockchain and need to make sure that blockchain is highlighted. But if we highlight the blockchain, we are telling the politicians that we're only talking about crypto. Wasn't the original argument that we should talk less just about blockchain and instead talk about the systems you can build with it? But in that case, isn't the blockchain the pipes, not the water? The water would be the data, and the system that integrates the blockchain would be ... the underground trenching or something?
Am I the only person for whom this quote doesn't make any sense.
My big problem with the Block-chain is that at a certain point it will grow too large for anything resembling decentralization to be feasible. As the number of transactions increase, so does the storage requirement. Sure the average punter can probably afford the current storage requirements for a block-chain in its infancy, but at some point it'll grow to the point of needing specialized storage hardware to hold the thing. At that point it becomes essentially centralized as the only entity that would be willing to spend the money to store that information are the entities that couldn't be trusted with centralization in the first place.
Sure it would give the public the ability to 'audit' the government in the beginning when the chain is only a few gigabytes, but when it grows to terabytes, no one is going to think its worth the cost when it grows to hundreds of terabytes. Even watchdog agencies will give up keeping copies of it once it becomes too much of a burden and just go back to normal methods.
Really, it seems like the best way to avoid transparency, just fill the blockchain with so much data that no one wants to store it except you, at which point there is nothing to stop tampering.
The point is you have a distributed ledgers, all then agree, all round he world.
The snag to this is the speed of light. It will never be instant. If you you are trying to transact something fast, as in finance, you will prefer to have it authenticated locally, within a few metres, and so better not bother with a distributed ledger and block chain at all.
Blockchain is good tech, a downside is it is expensive to operate.
Speculators can feckup any good thing and turn it to serve their own pockets.
Blockchain is much more than short term speculation,
it really can help businesses supply chains become more efficient.
And why is it better than what is currently used? (Hint - it's worse because blockchain is slower and has larger storage requirements)
No, you can't quote IBM or Oracle. They'd gleefully tell you eating your grandmother was a good idea if they thought you'd pay them to cook her.
Biting the hand that feeds IT © 1998–2019