BitCoinnnnnnnnzzzzzzzzzzz
-
LOL
-
In other news, drug cartels have increased enforcement activity regarding customers' non-payment.
-
You should maybe not press your keyboard's buttons all the way down when writing "z"s ...
-
BitCoinnnnnnnnnZZZZZZZZZ
Huh...didn't expect that to happen.
-
I apologize in advance for being uneducated about how bitcoins work and stuff, but could somebody please explain this to me?
From how I read the article, the program:
1, Tries to fetch a random number
2, fails- for some reason assumes random.org is a good place to look for numbers
- finds random numbers on random.org
- always sends money to the same wrong spot that is apparently always some guy who now has 34 bitcoins
- confuses me
Like, I get getting random numbers over HTTP is probably a dumb idea... but how does that give that one dude money? doesn't the number on random.org change ?
-
doesn't the number on random.org change ?
They hashed the literal 301 response... That created a lot of identical addresses. This Is a major wtf.
(as in they made a private key, but with the same seed for all the people that got a 301 response)
-
They expected a response like:
0.3427842637462374632764273
And instead got:
301 - Permanent Redirect, this site has blah blah blah
They used the latter value in their hashing code, which resulted in identical hashes for hundreds of users.
-
They hashed the literal 301 response
They used the latter value in their hashing code
Oh god, now that you mention it and I can look out for it, you guys are right.
Welp, I understand how thats a WTF now...Filed Under: bitcoins are stupid!
-
now at a keyboard:
This could only happen because :- They were complete idiots, never get important fucking data over http.
- They tried to get something important over http, without even checking the response
- NEVER DO YOUR OWN FUCKING CRYPTO. USE THE GODDAMN STANDARD
- They used an api that could take two sources of entropy (good in theory) One source was something like /dev/urandom the other was random.org.
In some cases android failed to return any data (this was not checked ). This was not a (big) problem because they got some entropy from random.org (over http - which could have been set to 0 if an attacker had bothered )
Then random.org started to return 301 responses, which were neither followed nor checked this caused the crypto function to essentially use 0 and
@blakeyrat said:301 - Permanent Redirect, this site has blah blah blah
as entropy sources.
When you create an bitcoin address you just invent one yourself (using a defined algorithm), but you need entropy to ensure they're unique.
(Note: I'm not a bitcoin expert - i might be off somewhere important. The only important point here is: NEVER ROLL YOUR OWN FUCKING CRYPTO)
-
bitcoinspeopleare stupid!I really like the idea of bitcoin, but there are clearly a lot of issues that need to be solved...
-
The real
Is using a non-cryptographic random source for any cryptography at all, and particularly for bitcoin.
-
Is using a non-cryptographic random source for any cryptography at all, and particularly for bitcoin.
Especially considering that ECDSA is very vulnerable to non-crypto-random k's...
-
-
-
Well there was a point where, for some unknown reason, the value of Bitcoins increased a silly amount and people actually made some decent money. If you'd got in at the right point then it was, for no logical reason, not too stupid because your magic computer dollars turned into decent money.
These days, not so much. Especially since there are 7 bazillion other magic computer dollars that do nothing but make the electricity companies money.
-
True, but then you could get the same effect by playing the stock market. In fact, the only reason the value went up is for the same reasons stock market prices go up; somebody somewhere decides 'Oh, that's worth more now'.
-
True, but then you could get the same effect by playing the stock market.
I haven't been following bitcoin - is the stock market still considered stable compared to it?
-
Yes and no.
Stock markets involve actual companies. Bitcoins (and the other magic computer dollars) are some how money that's magically generated by some computer program running on someone's computer. Which is only guaranteed to generate lots of money for the company supplying them electricity. Or the companies that make the mining things. Or the more likely companies which claim to sell you a mining thing and in fact just steal your money.
-
No idea; I don't follow either.
But Bitcoin is supported by Google's currency converter, and it has a graph of historical values.
-
3. NEVER DO YOUR OWN FUCKING CRYPTO. USE THE GODDAMN STANDARD
Funny, last major vulnerability was that GetSecureRandom on Android (the absolutely proper function to get secure random numbers) was not secure or random.
Stock markets involve actual companies. Bitcoins (and the other magic computer dollars) are some how money that's magically generated by some computer program running on someone's computer.
Bitcoins have all the useful properties of money (scarcity, fungibility, etc.), and something that has all the useful properties of money automatically becomes money when people use it.Why do you think gold is so valuable? (the industrial applications are only a small part of the value)
-
was not secure or random.
So instead of actually fixing it, and verifying the fix. They instead tried to get data over http from fucking random.org. With zero checks on validity of any data.
I mean, in cryptography you never apply duct tape like this. If you do this is exactly what happens...
-
I'm not justifying this one, it's absolutely retarded from head to toes.
Just pointing out that sometimes bugs can come from unexpected places.
-
Well there was a point where, for some unknown reason, the value of Bitcoins increased a silly amount and people actually made some decent money.
It didn't really overlap much with the period during which it was easy to turn Bitcoins back into dollars. Having a Bitcoin that's in theory worth $800 only helps you if you can convert it back into a currency people actually use to buy things.
So a lot of people made a huge profit on paper, but did anybody actually get rich?
-
Just pointing out that sometimes bugs can come from unexpected places.
Indeed. *cough*
-
Why do you think gold is so valuable?
Gold is a tangible thing though. I don't understand (or care) why its value fluctuates, but it's still a real thing.
No-one's ever explained to me, without sounding like a moron, how a computer runs some program for some time and magically creates a virtual currency which can be exchanged for real currency.
-
Why do you think gold is so valuable?
Mainly because of its rarity, and the fact that it can act as a physical backup for liquid assets
-
Gold is only worth something because people collectively decided it should be worth something. Dollar is only worth something because people collectively decided it should be worth something. Bitcoins are only worth something because people decided it should be worth something. As soon as peoole decide sticks should be worth something, they'll instantly gain value. As soon as people decide a dollar shouldn't be worth anything, its value will become that of bad toilet paper (historical example: hyperinflation in Germany after WW1).
-
Gold is only worth something because people collectively decided it should be worth something. Dollar is only worth something because people collectively decided it should be worth something.
And you can hold both in your hands; you can't hold a Bitcoin
-
I have never held most of the money I have in my hand, and I'm fairly certain you didn't either. Not to mention buying and selling gold as a form of investment doesn't involve any physical gold from hands to hands either. Your argument is handicapped.
-
I have never held most of the money I have in my hand, and I'm fairly certain you didn't either.
But I could if I wanted.
@Gaska said:Not to mention buying and selling gold as a form of investment doesn't involve any physical gold from hands to hands either.
And now you're talking about selling shares in gold, not selling gold.
@Gaska said:Your argument is handicapped.
Not in the slightest. Your argument, on the other hand, makes no sense.
-
But I could if I wanted
Only because someone agreed to deduce some value in some bigint somewhere in database and give you free sheets of paper that would make a history textbook if the paper supplier swapped destinations of its delivery trucks. It's not that different from exchanging bitcoins for cash if you think about it.Not to mention only 3% of the numbers on bank's server can be exchanged for cash cumulatively by all people at any given time.
-
And now you're talking about selling shares in gold, not selling gold
So I didn't really buy gold if I don't have it in my hands? Can't it be just stored in some safehouse, far away from me? Can't it be the same safehouse my contrahent uses?
-
Only because someone agreed to deduce some value in some bigint somewhere in database
They had databases in 1786?
@Gaska said:give you free sheets of paper
- This may not apply to all currencies, but all UK banknotes are made of linen, not paper
- Nice of you to totally ignore metal coins; obviously you only trade with banknotes
So I didn't really buy gold if I don't have it in my hands?
You said 'buying gold as an investment'; that's done by trading shares.
-
They had databases in 1786
You had money in 1786?This may not apply to all currencies, but all UK banknotes are made of linen, not paper
Linen then. Doesn't change my point, though I'd need to change analogy to something else. Sadly, I'm not entirely sure what linen is to start with.Nice of you to totally ignore metal coins; obviously you only trade with banknotes.
Metal coins are somewhat more valuable than paper coins due to potential industrial use, but still rather low compared to nominal value (except for lowest nominals).You said 'buying gold as an investment'; that's done by trading shares
As investment, as opposed to as material for further processing - because then it loses its money-ish aspect. And investment gold is traded via shares because it's easier that way.Once again, you've neatly sidestepped the original issue by highlighting rough edges in my posts and focusing only on them.
-
You had money in 1786?
@Gaska said:Linen then. Doesn't change my point, though I'd need to change analogy to something else. Sadly, I'm not entirely sure what linen is to start with.
Fabric; been around a while. You probably have some already.
@Gaska said:Metal coins are somewhat more valuable than paper coins due to potential industrial use, but still rather low compared to nominal value (except for lowest nominals).
And that is relevant why?
@Gaska said:Once again, you've neatly sidestepped the original issue by highlighting rough edges in my posts and focusing only on them.
You mean I have to address the entire post, not just the parts that make no sense?
-
, how a computer runs some program for some time and magically creates a virtual currency which can be exchanged for real currency.
Because anything that two people will agree to use as a medium of exchange is money. That's what money is.
Yeah, it's kind of tautological, but there you go.
-
They had databases in 1786?
>Gaska:
You had money in 1786?It's kind of mildly interesting watching the two of you try to out-Blakey each other.
-
They had databases in 1786?
Pfft. That's ridiculous. If they did, wouldn't SQL Server's DateTime field go all the way back to 1753-- oh it does?
Shit.
(Of course that's small beans compared to the Mac Classic, which would happily track times back to 32768 BC.)
-
If they did, wouldn't SQL Server's DateTime field go all the way back to 1753-- oh it does?
You should let Raymond Chen know about that time machine.
-
1753 is the first full year after the US (er, colonies) adopted the Gregorian calendar.
-
And you can hold both in your hands; you can't hold a Bitcoin
So? Just because two exchange mediums share one characteristic, doesn't mean that characteristic is required to be an exchange medium. You might as well say "they both have a D in them" ( ), and point out how Bitcoin doesn't.
As @FrostCat says, anything two people agree to use as an exchange medium is money by definition.
For example, even though gold has "value", you (probably, don't know UK legislation that well) can't pay your taxes with gold. You have to convert it to pounds. I know I can't pay my taxes with dollars. And black market dollars are priced differently to official market (restricted) dollars. So not even "money" is money, or is worth the same, if you change the context.
-
By a strict technical definition, that may be. However, when you bring in the practicalities of reality, the truth is that money needs to be backed by something (resource, legislation, whatever) that guarantees it has value; gold and dollars do, but Bitcoin doesn't.
-
money needs to be backed by something that guarantees it has value, but Bitcoin doesn't.
Clearly you are wrong. QED.
Now if you want to quantify that with something like "a currency intended to be widely used and around for the long haul" then you might have a point. But reality would like to let you know it disagrees.
-
I… wait, what?
-
I… wait, what?
The definition of value is "what someone will pay for it". The definition of money, as has been mentioned, is "an acceptable medium of exchange."
You can argue that Bitcoin shouldn't be money and most people would probably agree, but you can't say it isn't money because it clearly is, because people are using it that way.
-
You can argue that Bitcoin shouldn't be money
That's what I've been trying to say; because it's not backed by anything, there's no security to its value. At least the dollar and gold are backed by something; in the case of the latter, it's backed by it being a tangible resource.
-
not that i'm silly enough to say one should put their life savings in bitcoin, but....
Ultimately money is trust, a medium of exchange.
When i accept payment for my time i am trusting that the money will be negotiable for a certain value of stuffness at a later point.
whether that payment is in gold, or sheep, or dollars, or pesos, or gold pressed latinum, or even bitcoin, what really backs it is trust. large currencies (USD/GBP/EUR to name three big ones off the top of my head) have this trust because of the governments that back them. sheep, and gold have this trust because they are things that we can trust someone else will want.
bitcoin? that doesn't have that trust. the few times i've dealt in it it's always been as a momentary medium of exchange. i either received payment and immediately converted to a more sensible currencly or i bought it with a more sensible currency and immediately transfered it to someone who wanted it in exchange for something i wanted.
maybe crypto currency will become a thing that people can put trust and real value into, but that was never going to be with bitcoin (or derivatives). for now they are a toy for geeks and an extremely difficult to track momentary medium of exchange for everyone else (oh and an unregulated market to manipulate for the wolves of wallstreet)
-
Not to mention that, eventually, someone somewhere will mine the last Bitcoin. What happens then? With no way to generate more, it'll lose its value, and eventually be worthless. OK, thanks to inflation, the dollar loses value too, but at least with the dollar, you can always make more; there's no limit (well, except for the practicalities of coins, notes, and database field sizes).
-
well bitcoins are routinely traded in partial coind (no i don't pretend to understand that either) so.... you just split them tinier and tinier.
or you start an entirely new block chain with a much improved technology.
-
you just split them tinier and tinier.
I guess. But then you'd end up with trading 0.0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001 Bitcoin, and quite frankly, that's just ridiculous. And with no way to rebase it, it will eventually become unmanageable.
At least the dollar et al can be rebased; I think Zimbabwe did that with their currency relatively recently.or you start an entirely new block chain with a much improved technology.
But then it wouldn't be Bitcoin ;)