Friday, July 29, 2011

Mysterious Russia




"I am announcing collecting donations for the ddos of mtgox for decreasing exchange rates! haxorz! please send letter to support@btcex.com and give your money for that work!" - BTCex Admin Bitcoinex[1]

A few short days after the above post on the Bitcoin forums, MTGox began to suffer a sustained DDoS attack[2]. Fingers were quickly pointed at BTCex, especially given that much of the attack originated from Russian IP's[2]. Bitcoincex denied involemnt with this, commenting that his previous post had only been a joke[3], but didn't help his case by commenting that "I welcome this attack"[4]. The Russian bitcoin community were quick to condemn the attacks, and Bitcoinex explained that he had only made that comment because he was afraid of the Bitcoin economies over dependance on MTGox. Perhaps fellow russian bitcoin forum user Yurock said it best when stating "bitcoinex, maybe you have too "Russian" nature and manner of communication. Not all is understood."[3]

The problem though may run a little deeper than a clash of cultures. The key issue, as is often the case with the Bitcoin world, is trust, especially in a pseudo-annonymous system. A good way of highlighting this problem is to look at the companies behind the key competitors in this market. Tradehill, the second biggest player, has an extensive legal policy on its website including a Privacy Policy Customer pledge. However, immediatly above this pledge is a Portland, US address for trade hill including an email address and phone number[5]. They key is that whilst they strive to ensure customer privacy rights are protected, they offer full disclosure in terms of who they are. The biggest player in the market, MTGox, goes even further. MTGox, is owned by Tibanne Co. Ltd. was incoporated in Tokyo in 2009, and has Tokyo contact details [6]. The operator Mark Karpeles, aka Magical Tux, is a 25 year old french developer who lives in Japan. You can follow him on twitter [7], check out his flickr feed[8], even follow his blog[9]. In fact he has such an extensive internet trail, you can even discover that he can make apple pies and has a cat [9]! In contrast to all of this, about the only thing you will uncover relating to Bitcoinex is that he is also the operator of gambling site probiwon.com...

Of course, it is posible to have both anonymity and trust. A good example of this are some of the more high profile members of the bitcoin community such as pool administrators who are well known and trusted by their handles. In these cases the individuals have built up trust through their contributions to the community, and the length of time they have been involved. Tsiakis and Sthephanides summarised this by stating that there are two ways to gain trust[10]. You can have a web of trust based on informal relationships as bitcoin users have with pool adminsitrators. Or you can have certificating authorities, such as those authorities that monitor incorporated companies. The former system allows greater annonymity, but takes more time to build up. This then may be Bitcoinexs problem, he has opted to build trust annonymously, but his contributions to the bitcoin community have caused some to doubt his behaviour.

A final thought is that Bitcoinex's concerns are in fact reasonable, even if his aggressive statements in regard to this were a mistake. The problem of concentrating too much traffic in one exchange is that the exchange becomes a monopoly since the large volumes allow it to grant more favourable deals. Once a monopoly of this type is established, the risk is the exchange imposing restrictions and rates as a central controlling entitiy might for a traditional currency. Encouraging competition is one avenue to avoid this porblem, and hopefully the use of geographically local exchanges will encourage this to avoid bank charges. Another intriguing option is the idea of a decentralised exchange which has been suggested[11]. One thing is for certain, as the Bitcoin economy matures, we can expect to plenty more action in the exchange market as companies and individuals live, and die by their level of trust.



[1]http://forum.bitcoin.org/?topic=6864.msg101352#msg101352
[2]http://forum.bitcoin.org/index.php?topic=6931.20
[3]http://forum.bitcoin.org/index.php?topic6950.0
[4]http://forum.bitcoin.org/index.php?topic=6864.0
[5]https://www.tradehill.com/Support/Legal
[6]http://www.tibanne.com
[7]http://twitter.com/#!/magicaltux
[8]http://www.flickr.com/people/magicaltux/
[9]https://en.bitcoin.it/wiki/User:MagicalTux
[9]http://blog.magicaltux.net/
[10]http://www.spinaltwist.eclipse.co.uk/Files/Dissertation/Tsiakis.%20Sthephanides%20-%20The%20concept%20of%20security%20and%20trust%20in%20electonic%20payments.pdf
[11]http://forum.bitcoin.org/index.php?topic=27055.0

Monday, July 25, 2011

Encryption = Security ?


Advice on securing the bitcoin wallet has always centred on isolating the wallet.dat file either within an encrpyted volume or by physically separating it from an internet connection. Some users may feel this is no longer neccesary as the upcoming version 0.4 of the official bitcoin client promises to include encryption for the wallet. However, encrypting the wallet will not stop trojans from accessing the file.Users are therfor relying on the strength of their password and the cryptographic implementation to protect them.


Given that Bitcoin is founded on crptography it would be easy, although incorrect, to assume that an encrypted wallet would be impervious to attacks. The greatest weakness of any passworded system is unsuprisingly the password rather than the encryption. So concerning is this issue that Hotmail recently banned the use of some of the most common passwords because in their own words: "Hotmail has built-in defenses against standard dictionary attacks, but when someone can guess your password in just a few tries, it hardly constitutes “brute force!”[1]. More worrying still is the list of the most commonly used passwords. A recent study[2] by security group Imperva of a security breach which revealed some 32 million passwords showed the top 5 passwords to be 123456, 12345, 123456789, Password, and iloveyou! In fact further analysis of these types of breaches has showed that more than 60% of passwords are derived either from numeric sequences, names, places, or dictionary words [3]. Password crackers are in fact even more sofisticated than that with venerable tools such as 'Crack' for unix[4] having exceptional permutation filters which can easily pick up word variations such as p@ssword. The addition of personal information, such as date of birth and holiday destinations, available on sites such as facebook only adds to the issue.

There is a further twist to this story though. When 'Crack' was released in 1991, a regular workstation cpu could test about 35 passwords a second[4], at the time this was a staggering acehivment. It meant if you left your workstation running over a weekend, you could test in excess of 6 million passwords. Compare that to a recent Tom's Hardware article [5] which estimated that with a pair of Radeon HD 6990's you could now expect to check over 3 million passwords per second against AES encryption. To put that in perspective, there are less than 1 million words in the english language. The icing on the cake of course, is that many miners have considerably more than two GPUs at their disposal. For example the SkepsiDyne Integrated Node, a Bitcoin Mining Company currently has twenty six 5850's running and is aiming to double this[6]. If a miner such as this should go rogue they would have significant processing power at their disposal. In fact as mining become less lucrative, there are already examples of mining systems being made avaialable for GPU intensive calculations with "no questions asked"[8].

All these concerns of course highlight the importance of a strong password, but more than this, they suggest that encryption of the wallet is not enough by itself. There are of course many ways of isolating your wallet from potential theft, from the simple use of encrypted volumes [9] or using online services such as mybitcoin.com, through to the more complex recording of keys on phyiscal media to remove any electronic trace of them as is offered by Bitbills[9]. Perhaps the best advice is that of splitting your coins between a savings wallet and a spending wallet as energetically described on the bitcoin forums [10]. This allows you ease of access to your normal spending money which will be encrypted (with your strong password!) in the upcoming bitcoin client release, whilst giving your savings the maximum security.

A final thought is that Bitcoins are in many ways very similar to cash. You would not keep your life savings in a wallet on your (physical) desktop. It is equally foolish to keep your savings of Bitcions on your (virtual) desktop. The implementation of wallet encryption could be viewed as the equivalent of keepying your physical wallet in a zip pocket. A zip pocket may well keep your wallet safe from pick pockets, but it only works if you keep it well zipped, and even then it would not be an alternative to keeping savings in a bank account!


Please remember! Brands or companies named here are only examples, they are not endorsed by Brief Bitcoin news!

[1]http://windowsteamblog.com/windows_live/b/windowslive/archive/2011/07/14/hey-my-friend-s-account-was-hacked.aspx
[2]http://www.imperva.com/docs/WP_Consumer_Password_Worst_Practices.pdf
[3]http://www.troyhunt.com/2011/07/science-of-password-selection.html
[4]http://dropsafe.crypticide.com/article/733
[5]http://www.tomshardware.com/reviews/password-recovery-gpu,2945.html
[6]http://www.skepsidyne.com/
[7]http://forum.bitcoin.org/index.php?topic=18203.0
[8]http://forum.bitcoin.org/index.php?topic=24235.msg340118#msg340118
[9]http://bitbills.com/
[10]http://forum.bitcoin.org/index.php?topic=17240.0

Friday, July 22, 2011

Danger: Deep Pools!





Bitcoins resistance to double spending stems from the existance of a collectivly maintained list of valid transactions. However the integrity of this list is only guaranteed as long as no single person or group controls more than 50% of the Bitcoin networks power[1]. At present almost 75% of the network is controlled by 3 mining pools, the most popular of these being the Deepbit Pool[2]. Whilst the admins of these pools are trusted members of the community, should their systems become compromised the entire integirty of the Bitcoin system would be at risk.

The posibility of the bitcoin network becoming compromised by a so-called "51% attack" has sparked much discussion over the recent months. However what "compromised" means is often poorly understood. An attack of this type would not give the attacker any access to another persons bitcoins. This type of attack would provide the attacker with the ability to create an alternative list of valid transactions which was more uptodate thant the list created by the other 49% of the network. This means that the attacker could spend his own bitcoins, wait until that transaction had been included and accepted by the list of valid transactions, and then simply replace the list with his own list. If he ommited the spending of his own coins from this new list, he would still own those bitcoins, and could there for spend them again. In effect the attacker could pay for goods with 'counterfeit' transactions, payments which later turn out to have no value.

Counterfeiting within traditional currencies has always been dealt with harshly. Currency printed by Benjamin Franklin carried the pharse "to counterfeit is death" [3] beacuse for many years that was indeed the penalty for counterfeiting. However counterfeiting of physical money within modern economies has a limited effect since paper money accounts for only a small fraction of the total money in circulation. This is not the case for bitcoins. Despite this the risk of this type of attack is often downplayed within the bitcoin community for two key reasons. Firstly, the complexity and risk of maintaining control over 51% of the network provides only a very limited reward since it gives you no access to other peoples coins and would be hard to hide. Secondly, this is a known weakness, and a system of checkpoints is already in place to miminse the impact of this type of attack. Checkpoints are snapshots of the valid transactions list which essentially lock these transactions in. This means that even if a 51%-attack were succeful it could only affect transactions since the last snapshot. Of course, even if the effects of an attack of this type were well contained, the effect on the confidence of Bitcoin users could be devastating. The recent attack on Mt. Gox has already shown how important confidence is to the bitcoin economy.

The concetration of network power into 3 main mining pools is not therefor without risks, though they may be known and relativly limited risks. Given the potential risk of this threat, a variety of solutions have already been proposed. One option would be to move control away from the de-centralised network towards trusted parties. This view as considered by Ben Laurie in a recent paper [4] has met with considerable resistance. Laurie commented on how the checkpoint system is already maintained by a central trusted source, the dev team, and went on to state that since we already have this level of this trust
it would make sense to "levarage" it to produce a more efficent system. An option perhaps more in keeping with the spirit of bitcoins is to decentralise the pool system, that is continue to provide the benefits of pooled mining, but do it through a decentralised network hence moving control away from the pool admins. This apporach is currently at an early testing stage in the P2Pool project[5]. It is still too soon to see which direction bitcoin will evolve in, though the weight of users opinions may be leaning in one direction.

A final thought is that we are still at a very early stage of bitcoin evolution. As the Bitcoin economy expands, we may well see a significant profesionalisation of it. If this is the case, a greater degree of accountability and disclosure for key players may pave the way for establishing trusted nodes. The Bitcoin stock exchange, the GLBSE, which is also at an early stage, already provides a means for at least 1 significant mining system to provide accountability to its investors. The security risks may be significant, but the solutions are almost limitless, which is what makes the new world of Bitcoins so exciting!



[1]https://en.bitcoin.it/wiki/Weaknesses#Attacker_has_a_lot_of_computing_power
[2]http://bitcoinwatch.com/
[3] http://www.librarycompany.org/BFWriter/images/large/3.7.jpg
[4]http://www.links.org/files/decentralised-currencies.pdf
[5]http://wiki.bitcoin-otc.com/wiki/P2Pool

Monday, July 18, 2011

Bitcoin ®




New York registered Lawyer Michael Pascazi, having now abandoned his US application[1] for trademark over the term 'Bitcoin' for "strategic reasons", is now seeking to register the trademark in other countries.

Mr Pascazi's "strategic reasons" appear to be the United States anomalous position in terms of intelectual property law. The US, unlike other countries, operates a first-to-use system. Mr Pascazi chose to pursue a claim under this system, submiting a letter alongside his application claiming first commercial use of the term "Bitcoin" on the 22nd of June 2011 [2]. This decision came under significant scrutiny from Bitcoin enthusiats, and in Mr Pascazis own words, "there are lots of people interested and alleging they can prove first-to-use"[3].

However, this has not been the end of the matter. Most other countries operate a "first-to-file" system. This system tends to favour corporate research departments over individual inventors, but results in less messy legal proceedings once an application has been made. It may also favour Mr Pascazi. Having seen this as an opportunity, he has remained defiant in the face of angered Bitcoin users, saying "Either it’s not important to them or it’s important but they’re not doing anything about it because… it’s easier to sit on your couch and complain than to do something".[3]

So how succesful is this new attempt at trademarking likely to be? Well its certainly not the first Open Source project to undergo this trial. In fact the term 'Open Source' itself was originally intended to be a trademark to prevent unscrupulous individuals or companies using it incorrectly. In that case the trademark application failed since this term was considered a description, instead the open source foundation now holds the trademark "OSI certified" [4]. There are many other cases with Wikipedia holding a list of some 30+ Open Source projects whose names have been trademarked [5]. None of this of course reflects on how succesful Mr Pascazis attempt to register the term Bitcoin will be, it does however suggest that those who dismiss this application out of hand may be a little too hasty.

A final reflection on this story though is that if there is one thing lawyers are good for, its sniffing out assets and money. So if Mr. Pascazi continues to chase the application for this trademark, perhaps we should view it as a professional vote of confidence in the future of Bitcoins.





[1] http://tess2.uspto.gov/ (Serial #:8535491)
[2]http://tdr.uspto.gov/jsp/DocumentViewPage.jsp?85353491/SPE20110625085727/Specimen/1/22-Jun-2011/sn/false#p=1
[3]http://www.betabeat.com/2011/07/07/bitcoin-flamers-force-lawyer-to-drop-u-s-trademark-application-so-now-hes-trying-it-abroad/
[4]http://www.opensource.org/pressreleases/osi-launch.php
[5]http://en.wikipedia.org/wiki/List_of_trademarked_open_source_software