Bitcoin transaction reversal and arbitration is built in. How it works.

Eli Dourado has a well written and easy to understand article about how Bitcoin transaction reversal and arbitration works. The feature built into Bitcoin is known as m-of-n or “multisignature” transactions. Here’s a brief extract:

The simplest variant is a 2-of-3 transaction. Let’s say that I want to buy goods online from an anonymous counterparty. I transfer money to an address jointly controlled by me, the counterparty, and a third-party arbitrator (maybe even Amex). If I get the goods, they are acceptable, and I am honest, I sign the money away to the seller. The seller also signs, and since 2 out of 3 of us have signed, he receives his money. If there is a problem with the goods or if I am dishonest, I sign the bitcoins back to myself and appeal to the arbitrator. The arbitrator, like a credit card company, will do an investigation, make a ruling, and either agree to transfer the funds back to me or to the merchant; again, 2 of 3 parties must agree to transfer the funds. This is not an escrow service; at no point can the arbitrator abscond with the funds.

The full article is on Eli’s blog.

Another feature of the currency that adds intrinsic value, along with no intermediaries, very fast transaction time and negative inflation which makes it a great value store.

Instrument failure after takeoff and becoming an outside-in pilot.

This is my first post as a relatively newly minted private pilot (about 4 months ago). The learning curve has been steep and it’s the kind of thing that humbles one, so I haven’t felt the sense of entitlement that one needs to write. But I am beginning to spot a few things that may help others, so here goes:

I was taking two friends for a cross country from Centennial Airport (KAPA) to Rocky Mountain Metro (KBJC) and had a learning experience. Preflight went great, the Cessna 172SP I was flying was in great shape and a nice plane with airbags and great avionics. I taxied to 17L  for departure, cleared for takeoff, took her up to 60 knots before rotating because we had 3 people on board with full tanks at 6000 ft with a 180HP plane, so I wanted plenty of speed as I rotated.

Climbing out KAPA tower told me to turn west, cross over I25 and then continue on-course. I looked at my gyroscopic magnetic heading indicator and west was to my left and the I25 was to my right. I got that sinking feeling of “something’s wrong” without consciously realizing what it was. If you fly out of KAPA you probably already know what happened.

I radioed tower with “Tower just to confirm, you want me to turn left? and then cross over I25 and on course?”. Reply: “No, turn right and then on course to Metro”. My spatial orientation kicked in and I turned right and all was well.

My vacuum powered magnetic heading indicator had seized. I had set it correctly before takeoff. I had plenty of vacuum on the gauge. All other instruments were fine, but that one instrument seized in exactly the opposite position to where it should be pointing. I realized that as I turned right, checked my magnetic compass was working, and started thinking about whether I should turn back or continue. I decided to continue and my subsequent reading of FAR 91.205 looks like I made the right call. Required equipment for VFR is a “magnetic direction indicator” which means I was OK just using a magnetic compass.

Besides some serious turbulence at Metro on landing caused by a strong mountain breeze, the rest of the flight was fun and uneventful.

So my takeaway from this is to become more of an “outside-in” pilot rather than an “inside-out” pilot. Meaning that I need to focus on orienting myself using external landmarks and the attitude of the plane and then verify with instruments, rather than focusing on instruments and then verifying with external landmarks and plane attitude.

 

And so the next Bitcoin Crash Begins…


Screen Shot 2013-12-01 at 12.42.39 PM

UPDATE on Dec 7th, 2013: Looks like the crash started Dec 5th, so I was off by a few days. The lowest I’ve seen has been $666, so it’s still a little off my prediction of $600. There’s still some major selling activity out there and we may still see $600. Bitcoin crashes historically have taken between a few days to 6 months (max) to recover. If you’re speculating on this currency I hope you’re only betting (because it is gambling) money that you can lose and are taking a 18 month view. I’m also morally oblidged to suggest that you actually spend some of your bitcoin on buying stuff to help get the currency off the ground as an actual currency and not just a vehicle for speculation.

Original post from Dec 1st:

Volume has just spiked and the price is about to break below $1000 for Bitcoin on Mt Gox. This is going to be a big crash down to around $600 bucks and it’s going to be fast. It’s already down to $750 on BTC-e but that is generally much cheaper than MtGox due to higher risk (based in Bulgaria & anonymous owner). If you’ve been watching BTC price for a while you’ll recognize this as just another profit taking crash after a big runup. They’ve happened over and over since Bitcoin broke through one buck per coin.

Then, as has happened before, it will climb back up to $1200 and beyond, probably up to somewhere between $4K and $10K before the next big crash. If you do want to speculate on crypto currencies, wait a day or three and you’re about to get a great deal on Bitcoin. 

If you’re new to Bitcoin, you’re going to need a strong stomach to ride this one out. Enjoy!

PS: I will add one Caveat. There is a fundamental issue that may be causing some paranoia and that’s the block size approaching 1 MB and miner software incompatibility with block sizes over 1 meg. But it’s something we’ve seen before.

How to Buy Bitcoin

As someone who recently purchased Bitcoin and two other crypto currencies using three different methods, I thought I’d share how to buy Bitcoin because I know there’s precious little information out there:

Coinbase:

The easiest way I found without leaving your computer is to sign into Coinbase.com and add your bank account. They’ll do 2 small deposits, you need to wait around 2 days for them to show up, then you verify your account by telling them what the deposits were. Once that’s done you can make your first Bitcoin buy using coinbase.

NOTE that when buying with Coinbase, you only get to make one purchase until it clears which takes around 7 days right now. So buy whatever the maximum bitcoin is that you want to purchase on Coinbase in the next week. The good news is that the bitcoin price will lock in at the time of purchase so even though you’ll only be able to spend your bitcoin after the transaction is approved 7 days later, you still benefit from locking in the price at the time of purchase. For me that meant several hundred dollars in gains because the price was rising steeply when I bought and it continued to rise over the next week.

The benefit of Coinbase is that you don’t need to leave your computer to do it and you don’t need to meet strangers in a dark alley (see below). The down side is that it takes 7 days before you can spend your bitcoin and you need to give them your bank account details.

In Person:

LocalBitcoins.com is a reputable site which is popular with the Reddit community and they have ads for people local to you who are selling Bitcoin. The sites popularity has grown enormously in the last few months and every town world-wide (including South Africa) that I’ve checked has bitcoin for sale.

LocalBitcoins has a reputation system similar to eBay that lets you find someone who has a good reputation for not scamming folks. I found someone in Denver, Colorado yesterday and within about 30 minutes of contacting them via the site they phoned my cellphone. We arranged to meet in a parking lot outside a well known computer store. The guy was a typical twenty-something computer geek type – really nice guy actually. I was happy to give my first name but he seemed to want to go by his online handle. I handed him a rather large stack of cash and then we spent a few minutes figuring out what the best way was to send the Bitcoin. I ended up using the Bitcoin wallet for Android, he scanned my QR code, sent me the coins at the current localbitcoins.com exchange rate (which was quite good) and within 10 seconds my phone went KACHING and I had my Bitcoin. We said our goodbyes and that was it. Except…..

PRO TIP: If you’re buying Bitcoin from someone in person, make sure they include a small transaction fee with the Bitcoin when they send you the coins. If they don’t, the coins will show up in your wallet but it may take several days until you can actually spend them. The guy I was buying from had a wallet that added zero transaction fee and I had to wait just under 5 hours until the transaction was finally completed by the network and the coins became spendable. I did a few tests later and added everything from 10 US cents to $9 as a transaction fee and it radically improved the processing time. The $9 transaction fee took 30 minutes to complete and when adding a few cents it takes about an hour. Many wallets don’t give you the option of adding a transaction fee. The Bitcoin-QT client does give you that option and I understand that the “Mycelium wallet” for android lets you modify the transaction fee but I haven’t verified this. The miners who process your transaction get the fee and they prioritize transactions with fees associated with them first.

The benefits of buying in person are that you get your bitcoin immediately and you usually get a better price that you do if you’re buying at an exchange or a service like Coinbase. The down-side is obviously that you might get mugged or scammed. But with a reputation system like LocalBitcoins and meeting in a crowded place, there are ways to minimize that risk.

Buying on exchanges:

After buying bitcoin I wanted to buy some Litecoin and found BTC-e exchange which offers trading in several other Crypto currencies. Note that BTC-e is based in Bulgaria and no one knows who the owner is so it’s highly risky. You’ll notice that all crypto currencies are cheaper on this site and it’s because of the risk premium. So I send them some Bitcoin as a deposit and started trading – bought some Litecoin which has yielded a nice profit along with some Feathercoin which is still extremely cheap and new and has also behaved quite nicely since the purchase.

I haven’t used Mtgox, but I understand that it only offers Bitcoin trading at this point which seems a little pointless because that doesn’t really make it an exchange – more of a place to buy Bitcoin like Coinbase.

Conclusion and my recommendation:

If you’re going to buy Bitcoin in the USA at this point, and if I buy again, I’ll definitely buy in person. It’s very fast, fun and with the reputation management that LocalBitcoins offers it seems fairly safe. If you have patience, Coinbase seems like a good option but in a fast moving market it moves a little too slowly for my liking.

Happy crypto currency trading!!!

Update:

Since I posted this 6 days ago, I’m still trading occasionally on BTC-e, but only alternative crypto currencies. I do all my Bitcoin buying on Coinbase. Today there were claims on Reddit that some folks couldn’t get their money out of BTC-e. Turns out BTC-e’s email servers were down for a while, so anyone who had email verification for withdrawals couldn’t withdraw their money. Sounds like an honest bug that hit BTC-e. I’m still quite happy there although I never leave a positive balance on the system. I’ll deposit, trade and then get out. Also note that they charge 0.1 Litecoins (About $4 today) for a litecoin withdrawal and .001 Bitcoins (About $1.20 today) for a Bitcoin withdrawal. The Litecoin folks are up in arms about this.

Since I wrote this I’ve made another trade on Coinbase on Dec 1st and am happy, although the delay to get coins is 6 days, even for your second trade. [Rather than the 4 days I wrote in the comments below]

I’ll also note that since the writing of this article I have been trading more alternative crypto currencies including Litecoin, PrimeCoin and Feathercoin. There is a lot of “pump and dump” activity around these currencies. They’re being treated like penny stocks. A cartel of people will get together, spend a few hours either boosting or insulting a particular currency to try and generate buy or sell activity, take the opposite action, and then send the opposite message. They use forums, live chat, twitter, blogging and so on. Litecoin is getting too large in market capitalization to do this (passed $1 billion compared to Bitcoin’s $13 billion and the third place Peercoin’s $136 million market cap). But smaller crypto currency perception is being manipulated by groups of folks, so beware. I still think it’s fine to trade in these currencies, but wait for a drop to buy and ignore the intra-day noise you see on forums and social media.

 

Why security back-doors for governments are a bad idea

Bruce Schneier has written yet another spectacularly lucid piece on why the the FBI shouldn’t be able to force technology vendors in the USA to add back-doors to their products.

The current proposal which is probably going to get the backing of the Obama administration, will levy fines of $25,000 per day on technology vendors that don’t add back-doors to their systems to allow government monitoring.

Schneier argues that history has shown that those back-doors are inevitably used by criminals and foreign governments with ill intent and leave people, the vast majority of whom aren’t criminals, less secure and less free.

 

 

 

What Musk and Tesla are up against

Go now to Tesla.com and listen to Elon Musk’s portion of the shareholder meeting that occurred today from minute 49:00.

It’s probably the best insight you’ll get into how entrenched the USA is on traditional cars and traditional sales channels. It’ll also explain why you consistently have a crap experience buying cars in the USA and why servicing your car costs so much.

Musk gets emotional and my sense is that he is emotionally invested in his company and has big dreams that are being blocked effectively by industry incumbents.

I just became a Tesla fan.

 

Personal Cybersecurity 101

Defense Secretary Chuck Hagel used his first visit to Asia to ask China to stop hacking into and spying on our networks. You don’t need the perspicacity of Nostradamus to see that: Spending on Cybersecurity over the next few years and decades by the defense department will skyrocket and rival every other division of the US DoD. It is also a harbinger of the risks and attacks to come.

Today cyberattacks are what we use instead of misiles to slow down a country when they’re trying to make nuclear weapons. And that was 3 years ago.

While governments may be rapidly building armies of cyber warriors, like the US Cyber Command in Maryland, individuals are relatively defenseless and most of us aren’t even aware of the risks of being attacked in cyberspace.

To illustrate the risk, here’s how I’d target a specific individual:

  • Create a payload designed to infect their OS X or Windows workstation. The infection would log all keystrokes and send them periodically to my anonymous email address. It would also give me remote access on demand to their workstation to peruse and download files. 
  • Leave the infection lying around their home and place of work on USB thumb drives hoping they’ll install it.
  • Mail a thumb drive to them with the Google logo on it on an envelope that appears to come from Google with a nice letter explaining how they won something.
  • If that doesn’t work I’d crack their home WEP or WPA wifi encryption, gain access to their network and run a vulnerability scanner like OpenVAS on their workstation to find holes. Then I’d fire up Metasploit and exploit and access whatever I want to.
  • Gain access to all the target’s online and offline data.
  • I’m looking for as much personal data as I can find, specifically a social security number.
  • If I’m still unable to get access to that, I’d try social engineering. I’d send them a piece of mail with a bank letterhead and logo warning that an account is about to be suspended with an 800 number that is actually my number. Authenticating themselves when calling my number would require they provide their full social security number and other valuable data.

The point here is that if someone who knows what they’re doing decides to target you, you’re in trouble. You can use stronger encryption on your home network, use strong passwords, install anti-virus and firewall software and so on. But at some point you’re going to slip-up and they’re going to gain access to sensitive data that lets them do a lot of damage in your life.

Once you’ve taken the obvious precautions, here’s what I suggest to help protect yourself.

  • Sign up with a reputable identity monitoring or credit monitoring service. I particularly like the feature of receiving SMS alerts when a threat is detected.
  • Get a reputable credit card like Visa Signature that reverses fraud transactions no-questions-asked and immediately issues a new card. Use this for online purchases and keep a close eye on your account activity.
  • Only use your debit card to draw cash from trusted ATM machines. Never use it for online transactions.
  • Keep your cash in several savings accounts, monitor them carefully and make sure that all authentication to access those accounts is strong. Two factor authentication where you enter a password and then also have to enter a code sent to your phone is an excellent additional layer of security.
  • Pull your credit history yourself from time to time to monitor it.
  • Dont get social-engineered. If someone calls you up, says they’re from an institution you bank with or trust and starts trying to get information from you, ask them for their full name, position and a callback number. Then don’t call it back. Instead call the main switchboard of the institution and ask for that individual. If they don’t exist, try the callback number, if they answer, hang up and call the cops with the info.
  • Never use the same password across services or websites. If you do, when one website gets hacked, your username/email and password will get out and at some point a hacker will try that combo on all other major online services. You could choose a base password, and then add something to that password that uses some attribute of the website (like the domain name) and runs it through a formula you’ve memorized. For example, you could have a base password of ‘1c00ld01phin’ and take the first four letters of the domain name, rotate the letters by one and add the position of the first letter in the alphabet as digits to the end. So ebay.com would become ‘1c00l101phinfcbz5′. That’s a simplistic formula and you can beef it up by adding letters or digits at the beginning or at a specific position within your base password.
  • If you run a website or a server on the net, make sure all software on the system is up-to-date. Install OpenVAS or Nessus, learn how to use it and run a vulnerability scan on your own system every quarter. You can also find out what your home IP address is using whatsmyip.org and use the same tools to run a scan on your home IP address. You can also run the scan from your home network to any workstation or mobile device like an iPad or iPhone on your network to find out if your own machines have security holes.

It’s surprisingly easy to hack into someone’s life. I’ve had websites hacked and my family has been hit with identity theft (drivers license stolen from mailbox) and it’s a real pain to dig yourself out. But with a little preparation you can minimize the risk and if it does strike, catch it early and recover quickly.

The Chinese Wall that Isn’t

I used to work at a Swiss bank. At investment banks they have a virtual Chinese wall that exists between folks who do deals and the trade floor for obvious reasons.

At my bank, and this is back in 2000/2001, the people who did the deals and those who traded shared elevators, lunch rooms, pubs and so on. So you can imagine the level of cross pollination.

The US government, just another organization, has been given the green light to dig through your data if you’re storing that data in the cloud with Google using, for example, Google Drive, Google Docs or GMail. We’re trusting that they’ll keep their perusals limited to national security concerns and not tax enforcement, criminal investigation, foreign intelligence gathering or background checks and won’t leak data to credit rating agencies or anyone else. The old virtual Chinese wall.

The latest development with Google sets a precedent for other companies and their obligation to hand over data to government employees. That includes Dropbox, Intuit and their web based Quickbooks app, Facebook and so on. The trove of data the government now has access to makes the NSA’s traditional intelligence gathering look positively pedestrian. Oh for the good old days of Echelon.

As Google’s executive chairman once said, “If you don’t have anything to hide, you have nothing to fear.”.

This was where I was going to end this post. But lets take this idea a little further. Lets assume underpaid government employees are rifling through our data and habeas corpus is still as optional as extraordinary rendition. If you’re like me and are, at least in your own eyes, basically a good guy or girl, what’s the best thing you can do to prevent being falsely accused of something?

In a future world where people who have the power to accuse and convict are reading your docs, you can encrypt, encapsulate, misdirect, protest and so on. Or another approach is to provide an overwhelming amount of data on who you are, what you’re up to, what your views are, who you associate with, what you buy and so on. Remove all ambiguity on whether you’re a good or bad person. Essentially open source your life to avoid accusation.

I’m not sure what the right approach is, but as counterintuitive as it seems, I tend to favor the latter.

Finding Cheap Fast Internet in South Africa

I’ve been in Cape Town for a little over two months now and will be here for a few more weeks. I’ve hunted around for fast Internet and tried a few options. Here’s what I’ve found and maybe it’ll help you.

I’m specifically interested in international bandwidth to the USA and my benchmarks are based on buying 1.5 to 2 gigabyte movies from the iTunes store and downloading them or transferring big chunks of data from our Seattle data center via SCP [or what you might think of as SFTP].

  • Mweb home ADSL is generally slow for international bandwidth. You’re lucky if you get 200 kbps on the 1 megabit line. This is my absolute-in-case-of-emergency option I’m using at the place I’m staying because it is so slow. 
  • The 10 megabit business ADSL option that Mweb provides is nice and fast and you’ll get 3 to 6 megabits per second international bandwidth but it’s quite expensive. A friend has this at a building where I rent office space in Cape Town city bowl. As a side note: When the Seacom cable went down recently they didn’t slow down at all even though Mweb home subscribers were horribly slow because Mweb prioritizes their business customers much higher than home.
  • Vodacom’s little USB 3G pay as you go modem is very nice and fast at around 3 to 5 megabits international bandwidth, but it’s quite expensive. They charge per gig transferred and it’s something like $20 per gigabyte. I’ve run through my Vodacom little red USB modem and won’t be refilling it because it’s too pricey, although very reliable.
  • Vodacom’s portable hotspot option if you have a pay as you go sim card and a cellphone that supports portable hotspot also performs well and is also expensive for data transfer. This is currently my backup option to my Cell C modem. Whenever I use it, it’s wicked fast but I can see the dollar signs racking up.
  • The real winner in my opinion is Cell C’s 100 Gig USB pay as you go modem. It’s horribly unreliable but I get 6 megabits per second international bandwidth at times. More below:

Cell C has a package called Giga100 which is R2499 or $270 for 100 gigabytes of transfer which is not limited to off-peak hours. You have to go into a Cell C store and they might not have stock, so call ahead. This option gives you a little white USB modem but you need to know how to use it to get fast speeds. Here’s how:

  • Get a USB extension cable as long as you can get. I use a 5 meter extension. 
  • Put the modem at the end of the extension preferably outside and make sure it isn’t raining.
  • Try to put the modem on a ledge so it’s hanging off with space underneath it for better signal. What also works is hanging it from the top of an umbrella.
  • Another trick that works is putting it into a small metal pot with the lid off. Believe it or not this can boost signal. I think some Russian posted a video proving this a while back on Youtube.
  • Even if your software is telling you you’re getting 5 bars of HSPA signal inside or outside, you’ll still notice a better transfer rate when it’s outside.
  • When connecting, here’s the process: Connect, start transfer, if it’s slow, disconnect and reconnect and start transfer. Repeat until you’re getting a fast transfer speed. Cell C seem to have 3 subnets they allocate IP addresses from. They start with 10.*.*.*, 41.*.*.* and 197.*.*.* and you’ll randomly get assigned an IP address from one of those. Sometimes I’ll connect and an entire subnet will be down. I’ll have no connectivity. So I’ll reconnect and get a different IP address and get wicked fast international transfer. So just keep trying.

It’s 1:20pm on Wednesday and here’s my current transfer rate downloading a movie from iTunes:

Screen Shot 2013-04-03 at 12.52.07 PM

My theory is that Cell C has bought a large international pipe, but their engineers are wildly incompetent and their cellphone network is spotty. The result is that unless you know how to get a kick ass signal and land on a working subnet, you are not going to get a working connection. So the fat pipe that Cell C has is underutilized and those who manage to actually get a working connection enjoy an empty international super-highway.

To summarize: If money is no object, just buy a Vodacom USB modem and pay an extra $20 to $30 in bandwidth charges for every movie you rent from Apple. If you want a deal and don’t mind hacking the system a little and putting in some effort, get a Cell C modem and pay $2.70 per gigabyte with (when it works) a kick ass connection.

Disclaimer: If you do get a Cell C modem and it’s awful, don’t blame me.

 

A thought experiment on liberty and the survival of our species

I came up with a thought experiment a few months ago and have been testing it on the smartest people I know.

This thought experiment relies on you agreeing with three premises:

1. Our knowledge of the natural universe will continue to increase.

2. Our ability to share information among each other will continue to increase.

3. Imagine everyone on the planet has a button in front of them that will destroy planet Earth and everyone on it. You can assume that we haven’t colonized space yet. You agree that a few thousand people will rush to press that button.

I agree with these three premises. If you don’t, please post why in the comments.

If you agree with these three points, it would seem we’re heading towards a world where it’s likely that our knowledge of the natural world will increase to a point where we know how to develop something that can kill all humans on planet Earth. It will also become feasible for individuals to implement that knowledge.

If you agree that information sharing will become very efficient and information will be accessible to all, the knowledge of how to create the destructor-thing that kills all people on Earth will be shared among all very quickly and efficiently.

We then have a situation where everyone on Earth has a button in front of them that can kill everything. And you’ve agreed a few thousand will rush to press the button – or implement the destructor-thing in this case.

So it seems our self destruction is inevitable.

As the conclusion to this thought experiment, I pose a question: How do we solve this problem. Specifically the problem of our inevitable self destruction through our increased knowledge of the natural universe, our ability to share information and the minority’s desire to implement self destruction. 

Thinking about this yields some interesting opinions from friends and acquaintances. These are various conclusions from different people, so don’t misunderstand and combine them:

  • Secrets are necessary.
  • A Police State is inevitable.
  • Governments will use the fear of destruction among the populace to sieze vast amounts of power.
  • Individuals will sense the inadequacy of the government to protect us from this threat and will police themselves.
  • This knowledge already exists and is kept secret which is why we haven’t seen breakthroughs of the magnitude of E=mc²

If you run across this article I’d love to hear your thoughts.