And Gavin moves on to the dark side. The Bitcoin project is officially hijacked

Sunday, 28 July, Year 5 d.Tr. | Author: Mircea Popescu

Back when the kids dicking around some github repository improperly named Bitcoin something or the other staunchly refused to specify and prototype, opting instead for a braindamaged "the code is the spec" line for the very transparent yet unstated reason that "code we can at least hope to hold hostage to our personal interest, specs not so much" I figured that well... on one hand they're too fucking stupid to actually manage either specification or prototyping anyway. Uncharacteristically of stupid people they actually know this, and so instead of starting a task they lack the intellectual resources to complete they wisely opt to merely steward an idea much greater than their mediocre selves in the hopes that as time goes by much better people will finally take an interest and take it places. You know, much like the beta male that doesn't dare propose to the hot chick all through highschool but instead spends his time and lunch money grooming her so she may better serve a better man later on.

Coherent with these expectations they went on to do all sorts of pointless posturing (such as), got themselves involved with the Bitcoin Foundation scami and generally wasted their time. Which isn't so bad as it all sounds, considering the one time they tried to do something substantial, ie replace the ancient BDB for some spiffy new Google product they caused an insta-hardfork of the entire network, something that might as well have never healed and probably won't, next time it happens. Let's reminisce a little

This matter was apparently for the first time discussed here, which is in itself ridiculously late, but the recent events illustrate the need of having the various issues much more clearly delineated.

Recently Bitcoin came close to unmitigated disaster, in the following way: Gavin diplomatically suggested that miners increase their block size, from the previous magic number of "250k" to something they themselves pick. This approach is flawed: the solution to the problem of having a magic number in the code is not passing the responsibility of choosing it to a larger group. It may work politically, in the sense that where large, vague groups are responsible for a bad move nobody will ever be hung. It does not work practically.

This point does not begin to get sufficient emphasis: stop thinking politically, stick to thinking practically. The political importance, usefulness or competence of a dev is nil. This is not your job, and more importantly this is one of the things you suck at the most. A casual skim through the -dev sessions is ample proof for this, more ridiculous dickwad posturing and knowshitism has never before been seen (outside of the mailing lists of some meanwhile failed open source projects). Snap out of it. Stick to writing code.

But we digress: as a result of a number of miners implementing their own version of a magic miner, a number of large blocks were created and mined by them, as long as they ran 0.8. Miners running 0.7 failed to mine these same blocks, and a fork developed.

The reason is that Bitcoin code sucks. It's not that "the blocksize", it's not that "the database", it's not that "nobody could have foreseen their using a plane like a rocket". That shit does not belong in this discussion, passing the buck is not and cannot be accepted in Bitcoin. The reason is that Bitcoin code sucks, and Bitcoin code sucks because people want to be Bitcoin devs, people want to call each other Bitcoin devs, people want to participate in idle irc chatter as if they in fact were Bitcoin devs, but those same people do not have either the ability or intellectual resources to write dependable, usable, good, clean code.

This is a problem, and this problem needs to be resolved, preferably by the people who are causing it. You know yourselves, I won't name and shame. Fix your heads. You won't be getting much more warning.

Today will go down in history as the day when Bitcoin nearly died, and its fate depended on BTC-Guild staying online. Stop and think for a minute. What are you doing here? Why are you here, really?

That final question controls the matter. What are these people doing here ? Why are they here, really ? As I was saying, I originally thought Gavin is here by accident, pretty much, and he's here to try and keep things sort-of not going anywhere so thus they can't go anywhere bad, while the rest of the idiots - not really distinct enough to merit individual nomination - are just there in the hopes that some cool may rub off the project and ennoble their otherwise unbearbly marginal, pointless lives. You know, like Taaki.

However, it seems I was sorely mistaken. Consider the latest from Gavin :

Thumbnail sketch: Two-factor (Yubikey or Google Authenticator) protected wallets

Hardware:

Computer. Shared-secret authenticator (Yubikey/Google Authenticator/etc). Server (possibly shared with millions of other users).

Motivating use case setup:

User creates a split (2-of-2 multisig) wallet on the computer and server. Keys must be securely backed up to protect against lost. GUI to be determined, but there will be some type of "Use Authenticator" checkbox specified at setup.

User also arranges for the server to know the shared secret with the shared-secret authenticator.

Motivating use case, usage:

Coins are sent into the wallet via P2SH 2-of-2 address(es).

On spend, user is prompted for authenticator one-time-password (OTP). If it is correct, second signature is created and payment is made immediately, with no further interaction required(*). If incorrect, no payment made (server should inform user of the invalid payment attempt).

(*) server might offer to further validate high-value transactions via SMS or DNA sample submission or some other authentication method. And server might enforce rules to limit BTC sent per 24-hours or have other protections.

As you can imagine, I'm outraged.

It's quite plain to anyone with a clue that 2FA/GA/whatever is roughly speaking the equivalent of the Windows antivirus, or more classically of the "spray some holy water on it". Originally it was devised to patch a fundamentally broken security systemii and it works about as well as you'd expect a patch to a fundamentally broken security system to work. It doesn't do anything for security, but it does a lot for security theater, and so it's incredibly popular among the fetishistic mass, which feels a lot safer if it has something to physically clutch. Win-win, right ?

Under the guise of this nonsense, which offers no value, no utility and no benefit, Gavin artfully inserts the proposal of utterly breaking Bitcoin. Having a server allow your transactions is simply taking Bitcoin and turning it back into PayPal. Does your government want a way to block Bitcoin transactions, Gavin ? Does all this come as part of the deal to let fatass fractional banker Karpeles outside of the pen once twice a week ? Is it because you're the cumrag of that Foundation thingee them scammers got going that you "have to" do this ? Has your misplaced pride of not calling me boss put you in this position where you don't have to call anyone boss just as long as you, to quote,

'I betrayed you,' she said baldly.

'I betrayed you,' he said.

She gave him another quick look of dislike.

'Sometimes,' she said, 'they threaten you with something -- something you can't stand up to, can't even think about. And then you say, "Don't do it to me, do it to somebody else, do it to So-and-so." And perhaps you might pretend, afterwards, that it was only a trick and that you just said it to make them stop and didn't really mean it. But that isn't true. At the time when it happens you do mean it. You think there's no other way of saving yourself, and you're quite ready to save yourself that way. You want it to happen to the other person. You don't give a damn what they suffer. All you care about is yourself.'

'All you care about is yourself,' he echoed.

You're a heel, Gavin. I had not this idea about you, originally, but you're a heel, and you're despicable.

And we're no longer friends. Fuck you.

PS. Obviously you my dear reader have little reason to care about how I feel. However, if you care at all about your Bitcoin and what all that means, the idea is to pick an older client and stick to that. Never upgrade, ever. 4.x should be reasonably safe. If you mine, use deepbit, they don't upgrade either. I used to think this is a little silly, but I see the guy understood more than me much before me. And finally, if you're one of those better guys, even should you read this a decade or a century after I'm dead, please, specify the damned thing.

———
  1. This thing is still a pretend NGO that takes donations from the public but never showed anyone any accounts, let alone publish them. It still enjoys a chairman that's also its treasurer and also the unsuccessful half-brain behind a number of failed ventures, a guy that uses the donated Bitcoin to prop up that crap and what's worse - with no visible benefit whatsoever. To cherry the cake, the recent SEC lawsuit in Texas clearly shows they've failed utterly in their only stated goal, as they've clearly not been educating anyone worth a shit. []
  2. The "website login", or in other words an attempt of making stateful connections over a stateless protocol. What can I say, it works good enough for the original use case, which was something to do with blogs cca 1995, ie back when nobody read them or cared. []
Category: Bitcoin
Comments feed : RSS 2.0. Leave your own comment below, or send a trackback.

16 Responses

  1. Peter Todd`s avatar
    1
    Peter Todd 
    Sunday, 28 July 2013

    Gavin's one-time-password thing is just one proposal; I have a different one that has much the same effect without requiring a third-party, or even anything more than a pen and paper once your wallet has been setup once: http://www.mail-archive.com/bitcoin-development@lists.sourceforge.net/msg02601.html

  2. Mircea Popescu`s avatar
    2
    Mircea Popescu 
    Sunday, 28 July 2013

    Yes, it is just a proposal. The problem is that it's just a proposal down the wrong path, and it's just a proposal of the wrong sort.

    You know, just the new kid on the baseball team makes a proposal to go get drunk the night before the game. Just a proposal.

  3. It is entirely possible that the sell-out sold out with eager enthusiasm, on his own initiative, rather than having been shown the ever-persuasive Rat Face Cage by a certain Mr. O'Brien.

    If Bitcoin really were the Schelling point many enthusiastic users seem to think it is (including, at times, yourself) - serious users would laugh at the very idea of a mere idiot fork doing any kind of palpable damage. Just try to picture some joker trying to peddle an incompatible fork of TCP/IP, for example. All you would get is a harmless circus.

    But it isn't a Schelling point. There is quite a bit of serious, bitter, "dekulakizing" envy at the early adopters (and successful persona of all stripes,) and this anger is - and will continue - making itself known in ways that cannot be laughed off indefinitely.

    As always, the idiots are mostly irrelevant. It is the reasonably-clever fellows with well-founded grudges who one ought to worry about. Like one person, who shall remain nameless, who recently posted about his eagerness to help U.S. bureaucrats in their "black budget" blockchain de-anonymization projects, when these inevitably begin. Prestige, infinite funding, an endless supply of hookers and cocaine, and an opportunity to kick your self-professed betters in the face, repeatedly and with impunity. What more could one ask for?

    When you advise the "young cocks" to Shut Up And Know Their Place (TM), do you seriously expect them to take the advice?

  4. Mircea Popescu`s avatar
    4
    Mircea Popescu 
    Sunday, 28 July 2013

    If Bitcoin really were the Schelling point many enthusiastic users seem to think it is (including, at times, yourself) - serious users would laugh at the very idea of a mere idiot fork doing any kind of palpable damage. Just try to picture some joker trying to peddle an incompatible fork of TCP/IP, for example. All you would get is a harmless circus.

    Well... it may be an artefact of my own selection of my environment, but everyone DOES seem to laugh at it. Twitter :

    @Mircea_Popescu I'd be more concerned about it if the Btcd and Bits of Proof projects didn't exist.

    Irc :

    Namworld: I just can't be arsed to go around the world and strong-arming people not to be stupid.

    And the list goes on. The agreement seems to be universal : nobody cares what stupid shit Gavin does, and it doesn't really make any difference anyway. A point I readily grant : it's not that this does anything to Bitcoin itself. It's just that I always dislike being disappointed by people.

    Like one person, who shall remain nameless, who recently posted about his eagerness to help U.S. bureaucrats in their “black budget” blockchain de-anonymization projects, when these inevitably begin.

    How do you know he's not there to fuck with them ? More's the point, how would they know ? Consider the very famous (in Romania) case of Salvador Dali : once the Ceausescu idiot decided to make himself president-king and had a sceptre actually made for this occasion all sorts of retards the world over sent congratulations. Including Dali. The prank slipped by the regime watchdogs, and ended up on the first paper of Romania's version of the New York Times, called Scinteia. (Here's a lulzy pic).

    Would you trust some guy on the grounds of cocaine ?

    When you advise the “young cocks” to Shut Up And Know Their Place (TM), do you seriously expect them to take the advice?

    That all depends. But the envy of the structurally inferior has nothing to do with what is or isn't a Schelling point. Consider the illustrative case of male-female amorous relations.

  5. Nice gay love story.

    Since transactions are enforced by gpg contracts, how is bitcoin "anonymous"? Like gpg keys don't come with a name and email. If it's a private domani(not gmail), the domain can be traced to the one who bought it?!

    Doesn't even matter if the State doesn't know the quantity of the transaction, since if it's "illegal" you would get condemned anyway?

    I.e. server logs says jew downloaded TheShit2014-Xvid. It's no longer on your hdd but server says you download so copyright cash pls.

  6. Mircea Popescu`s avatar
    6
    Mircea Popescu 
    Sunday, 28 July 2013

    It's a wonder you manage to find the keyboard.

  7. So US current law model can't be extended... that's just too bad.

    No srs, where's the fucking privacy. You even use your own name and freenode channel/etc publish public logs. There's even logs of which user exchanged bitcoin to dollars to whom, block addresses included.

    It can't be hard to trace a transaction.

  8. I'm talking about follow the money -> find block proprietary.

    U.S. bureaucrats in their “black budget” blockchain de-anonymization projects

  9. subSTRATA`s avatar
    9
    subSTRATA 
    Thursday, 8 August 2013

    Idea for centralized server allowing or disallowing transactions is serious shit. Red alert!

  10. Bitcoin is already a centralized server since bitcoin software stores all history of transactions.

    Supposedly the public transactions are private because the bitcoin address does not list who's the owner... although you can find the owner and trace the transaction because transactions are made in a web of trust, with user rankings, with payment addresses listed.

  11. Mircea Popescu`s avatar
    11
    Mircea Popescu 
    Thursday, 8 August 2013

    @subSTRATA Consider this :

    My Fellow Users,

    I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit. After significant soul searching, I have decided to suspend operations. I wish that I could legally share with you the events that led to my decision. I cannot. I feel you deserve to know what’s going on--the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise. As things currently stand, I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests.

    What’s going to happen now? We’ve already started preparing the paperwork needed to continue to fight for the Constitution in the Fourth Circuit Court of Appeals. A favorable decision would allow me resurrect Lavabit as an American company.

    This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States.

    Sincerely,
    Ladar Levison
    Owner and Operator, Lavabit LLC

    Integrity is becoming a luxury Americans can no longer afford.

    @Vexare You're not smart enough to be here.

  12. As you wish.

    You could have argued that beyond the irc nick listed on otc you can't go further without third-party info, mail, ip, hacking. Yet it's easier to act retarded.

  1. [...] implementation was better. Over time with reading and thinking, I came to realize my wrongness, the forced hijacking of this Bitcoin deal is a threat. In the aftermath I was involved in the creation of this bet:4 Probably one of Bitcoin’s most [...]

  2. [...] BOOST_LIB_SUFFIX=-mt These instructions are also on Github. Probably the last version by the so titled core developers to give too much attention to  ↩ This means accounting for changes that came with version 0.8 which lead to the great [...]

  3. [...] too little, too much, not enough or so on capacity will become an issue once someone who isn't on the dark side raises the [...]

  4. [...] longer fashionable to call them that ? Hm ? [↩]That Gavin Andresen was an USG mole had been a matter of public record for a few years at this point. I don't recall anyone ever regarding Mike Hearn as anything else at [...]

Add your cents! »
    If this is your first comment, it will wait to be approved. This usually takes a few hours. Subsequent comments are not delayed.