You knew this was coming, didn’t you?
Part of why I have not written much about bitcoin is because I don’t want to grind my teeth flatter than they already are. There are many, many things about bitcoin that make me shake my head and wonder at the gullibility of the libertarian techno-elite. So many people, who think they are so smart about technology, actually appear to understand nothing about it; they’re engaged in wishful thinking and not much else.
There are so many things about bitcoin that are wrong; I’ll just tease one of them: the blockchain is append-only, which is sort of necessary for the how it works, but because there is no central brokerage, there’s no input validation process that prevents someone from just injecting their own garbage. From a security design perspective that is a “newb mistake” of the first water. It means that, if the blockchain weren’t so damn slow and irritating to use, it’d be a great free cloud syslog store. O brave new world, take my terabytes of junk! Naturally, since it’s not public data, I’d superencrypt it so nobody else would know what it was. I do believe someone has written a filesystem driver that sits atop blockchain, not that anyone wants a glacial-speed filesystem. What a stupid design. The stupidity is an unavoidable consequence of not having a central authority: nobody exists to say “this transaction is a bunch of encrypted garbage that doesn’t look like one of our things.” Besides, that just means that my superencrypted syslog blobs now have to get formatted to look like bitcoin blobs.
I lied, here’s another one: what happens to bitcoin if someone finds a flaw in SHA-256? Go on, think that one through. All the people who have bitcoin appear not to have.
You’d think that someone who was creating the next big currency would think about operational details like that. You’d think that someone who was creating the next big currency would think about security models. Nah. Bitcoin are worth a lot of money, though, so who cares?!Raise your hand if you built your bitcoin wallet app from source after reviewing the source carefully and understanding everything that it’s doing. Because, if you didn’t, you’re probably running the special version of the wallet app that will wait until after a certain day, when you unlock it, and will transfer a few of your bitcoins to someone smarter than you.
Let’s not go further down that path, because then this will turn into a posting on software security, system integrity, trust, and trustworthiness. If you’d like to get a feeling for some of that, go read my interview with Dr. Roger Schell [search] who started working on system integrity problems around the time I was getting toilet-trained. He’s spent his life building software systems that are designed to run on hardware provided by the KGB; it’s a mind-boggling problem. If you find that interesting, also go read
Brian Kernighan’s Ken Thompson’s [wow that was an embarrassing brain-o!] Turing Award lecture on “trusting trust.” Now, I really will stop talking about that.
The idea that “they” are going to let bitcoin be the basis for a new economy that “they” don’t control is really funny. It’s actually funnier and stupider than the Texan gun nuts who think their personal small arms are going to let them defeat the US Imperial Military, when it turns on them with its jaws open and its teeth smoking with blood.
Via Caine, I learned of some more bitcoin silliness: the WND has come up with a hokey self-financing scheme involving bitcoin. [rww] It’s a special offer:
But today I want to emphasize why I am excited about our current effort to raise money around a giveaway of AML Bitcoin. Ever since I first heard about this company, I was sure it would become one of the leaders in cryptocurrencies because of two things – (1) the safety and security it offers because of its unique, patented anti-hacking technology; and (2) AML Bitcoin’s swaggering attitude that got the company’s big commercial debut on the Super Bowl banned by politically correct NBC and the NFL.
Patented anti-hacking technology?! Holy, uh, nevermind.
AML is another cryptocurrency. Not to put too fine a point on it, the value of these cryptocurrencies is – questionable. I’ll try to remember to explain how their value is established when I write my Capitalism 101 piece on Market Capitalization and Valuation. But, basically, you should think of it as one of those “fiat currencies” that goldbugs like to complain about, except instead of the Federal Reserve Bank pulling the valuation out of thin air, it’s some guy in a hotel room in Panama, sshing into a server farm in Iceland, pulling the valuation out of thin air.
A rough algorithm I use on any stock/issue-related promotion is that the degree to which the promotion tries to engender excitement and the likelihood the whole thing is a scam are directly related. The more excited the email about it is, the greater the chance that it’s all bullshit.
This week, AML Bitcoin, a company that purports to be creating an un-hackable digital currency that supposedly combats money laundering, manufactured a small outrage news cycle when it announced that the NFL and NBC rejected its Super Bowl advertisement for being “too political.” The ad, which was posted on YouTube, depicted a caricature version of North Korean leader Kim Jong Un screaming at underlings as they tried and failed to hack AML Bitcoin’s product.
But the ad wasn’t banned, according to NBC. “It wasn’t rejected because it was never reviewed because the company never made a buy,” an NBC spokesperson told BuzzFeed News. “We don’t review creative until a purchase is made.”
What does “un-hackable” even mean? Of course it’s hackable, because: system integrity. Look, the people who are going to run that AML stuff and the AML wallet are going to run it on an Intel processor, right? If they don’t know about the Intel Management Engine(IME) [wired], which is basically an in-the-processor backdoor into the entire system, they’re fools to talk about “un-hackable” – IME coincidentally looks like it was designed to be able to pull encryption keys out of memory when they’re unlocked in the wallet app. Of course, Intel swears that IME was just a mistake. Oddly, AMD made a remarkably similar mistake. So many coincidences! Quick, let’s blame the Chinese! Oh, wait, no, Intel’s American. Well, poop, that never happened.
To be fair, the North Koreans probably didn’t know about the IME backdoor; that was probably an important closely-held NSA toy. The Russians probably didn’t know about it, either – because if they did, they would have nudged Kaspersky over in that direction and served the NSA some humble pie as another expensive toy gets disclosed for public scrutiny.
It sounds a lot like the AML guys were trying to bootstrap their new currency with no assets. You can do that, if you’re really good at the capitalism and can convince them that your empty briefcase is worth $1 billion – but not if you’re such a small-time conman that you blink at paying for an ad. A real capitalist tool, like Donald Trump, would have pulled nine of his golf buddies together and told them, “look, this is yuge. If we each put in $1 million we can buy an ad in the bowl and we’ll get it back 100:1 when we float the currency.” Then, Don’s friends would have each put in $1 million and Don would have bought $9 million worth of ad time and they’d split the whole thing 10 ways. See how that works? You have to be good at capitalism 101 to pull off a con like starting a new currency; it’s basically like owning your own government.
Here’s a valuable bitcoin I am willing to sell you:
As you can see, they are 1 troy ounce of valuable .9999 copper and a thin layer of molecules of silver and gold.
I will sell these babies for 1/2 of the current cost of a bitcoin. I don’t care what that is, as long as bitcoins are more than $5.00, because those things cost me $2.50 apiece on Ebay. Being a basically honest person is a drag sometimes, I have to admit I did consider buying a briefcase-load of them and going up to Wall St to see if I could sell them to guys in suits for $5,000 apiece. (“These are the old bitcoins, from back when they actually minted them. See? They trade at the same price. You just scan the QR code into your wallet and it uploads it.”)
Maybe I should make some ‘bitcoin’ mokume gane.
In case you didn’t notice the apple I hid in the razor blade above, the “could stuff syslog into the blockchain” bit points to a potential denial of service attack against the entire bitcoin ecosystem. Would you like a fun summer project: announce that you are going to bloat the blockchain to the point where it is unusable in real-time, unless someone pays you with some useful cash really soon.
There are much worse things that can be done to bitcoin, and I believe the NSA has already done them. If any of you dear readers are using bitcoin to do anything illegal, you might want to spare some thought for how to make it look like your ex-roommate or deceased spouse was the one doing it. Because if you’ve used bitcoin for an illicit transaction, you painted a great big neon target on your back. The good news is that a) you’re small fry b) there are a lot of people with great big neon targets on their back, so you’re safe unless you try to run for political office or you piss off the establishment. If that fits you and you are not familiar with the term “parallel construction” let me know in the comments if I should do a posting about that.
There is a chance that the IME was not an NSA backdoor. It is possible that it was just utterly stupid engineering that some goober at Intel thought up, and blew into every CPU Intel has shipped since 2008. Codebros sometimes do stupid things like that, take a look at Java – a programming language originally conceived of as a weekend hack that Jim Gosling (admittedly a great programmer) threw together for elevator control system programming; then some marketing idiot said “we need an internet programming language” and someone told them to ask Jim, and … oops. Seriously, some of these codebro blunders are Napoleonic in their grandeur.
I know bitcoin uses ‘double SHA-256’ not just plain old SHA-256. But if there’s a flaw discovered in SHA-256, double SHA-256 may turn out to be worth less than a bucket of cold spit. Another possibility is that there may be some group theory trick someone comes up with that makes it easier, as happened with triple-DES in the early 90s: it turned out that triple-DES was only about 2.1-DES in terms of complexity once you understood some fancy group theory stuff. (And there are some really fun stories about how NSA taught Don Coppersmith at IBM how to make S-boxes that were better than the ones he was using; NSA apparently didn’t realize IBM was going to release the DES as a candidate standard, or they would have made it worse. I had a very entertaining chat about this with Dennis Branstad and Robert Morris Sr., once, and those old spooks thought the whole thing was “roll on the floor” funny.) Anyhow, the point is that: cryptosystems wear out. I am not sure it’s possible to do anything with bitcoin if SHA-256 needs to be replaced. Oh, boy would the value move on that day! (By the way, that’s another way of holding the whole system hostage. But I’m going to assume breaking SHA-256 is really hard.)
“You have to be good at capitalism 101 to pull off a con like starting a new currency; it’s basically like owning your own government.” – literally, look up the word “seigniorage” (I’m sure it’s derived from “seigneur” – French “lordship”)