I don't think you understand how credit cards "work".

Tuesday, 18 October, Year 8 d.Tr. | Author: Mircea Popescu

People in the habit of using their brain often laugh at poorly specified, horrendously designed, shodily implemented altcoins, and for good reason - there's apparently no shortage of these end products of an ambitious process which included no thinking whatsoever. Credit cards are perhaps the most egregious example of them all.

According to the whitepaperi, a credit card is a paper wallet which may contain one single address. The address is composed of 16 numeric digitsii, which are usually formatted with three dashesiii, and it is secured by a "secret" private key which is... four digits long. To further securitize this secure security, a three digit super-key is printed on the back of the paper wallet in question, and that's it, you're good to go!

How is this abomination to be used in practice ? Oh, that's simple - just like its users. For instance you can walk up to a machine, stick your paper wallet into it, and then type the private key. Yeah, that's right, you type your private key into a big box you don't own, nor control in any way, and can't inspect. What protects you from the owner of the machine selectively scamming ? A shoddy, slow, bug ridden, unauditable, ad-hoc reimplementation of the common WoT.iv And if the operator decides to charge your card twice, or fifty billiard times, the best you can do is call an Indian. They'll be thrilled to listen and eagerly try to help! Have you tried rebooting your credit card wallet sir ?

What protects you from someone spying on you while you put your private key in ? Nothing. This actually happens all the time, it's called "credit card fraud" - because evidently making the world's worst altcoin and pushing it on naive people is no kind of fraud. Fraud is only when the wind blows over a rotten reed, not when the reed was rotten in the first place!v

But suppose you don't want to do that. What else can this altcoin be used for ? Why, you could pay for your meal! Like, walk into an eatery, hand over your paper wallet to an overworked, underpaid, sub-minimum wage worker who depends on tips to survive and works such impossible hours in such miserable conditions he's about 17 times more likely to abuse psychoactive substances than the general population. Then you tell them your private key. The private key to your only public address which holds all your funds. What prevents them from making a copy ? Nothing whatsoever, this also happens all the time (credit card fraud, remember). What prevents the eatery from double charging ? The WoT which they don't call a WoT, nor does it really work.vi

How about forgetting all this silliness and just using your own computer to make payments, you ask ? Why of course! The credit card altcoin has a system for you to do just that, whereby... you send your public address, along with the secret key and the super-secret key to someone's server. In plain text.vii What prevents anyone and everyone from spying on you ? Why... nothing, of course. They'd... they'd never dare do that! And the fact that they dare, each day every day, to the tune of billions doesn't prove anything! Hillary Clinton 2016!

What prevents the server in question from being compromised ? Why, there's a special organisation dedicated to giving out a little icon they can put on their webpages. Yes, that's right, just like in the days of Altavista and Jukt Micronics, they get a little gif trophy! At least it's not animated.

What prevents the server in question from retaining your private key and then being later compromised ? Oh, that's easy, credit card altcoin wallets expire. Your lord will provide you with... another credit card altcoin wallet upon the expiration. You can even keep your public key, they'll just issue you new secret and supersecret keys. What's not to love ?!

Well, perhaps the fact that in a doomed quest to "prevent fraud", the lords of the alt-republic implement all sorts of idiotic policies, ranging from randomly and arbitrarily "rejecting" credit card altcoin wallets to see what happens (laugh all you want - but it happened to Bahamas, and it happened to you) to requiring pictures with a halibut on your head.

Credit Card Altcoin user completing almost last and final <a href=http://trilema.com/2013/time-for-europe-to-repeal-the-us-backed-aml-crap/>KYC</a> verification step

Credit Card Altcoin users verifying their iden-titty.

Credit Card Altcoin users verifying their iden-titty.

The special streamlined identity verification process for Credit Card Altcoin businesses

The special streamlined identity verification process for Credit Card Altcoin businesses

The only thing this idiocy has going for it is that it's widely used. This happens to also be the only thing this idiocy has going against it - as the moral obligation of every thinking man to "defraud" this nonsense (in the sense of separating the idiots involved from any sort of usable contents they may be carrying) becomes ever more obvious to the thinking men in question, the credit card altcoin will cry foul, be forked and the the forks forked, but eventually wither and die.

Because when it comes to money, there can only be one.

———
  1. What'd an altcoin be without its whitepaper! []
  2. 16 numeric digits means there's a total of almost ten billiard combinations available, from 1 to 9`999`999`999`999`999. For comparison, the standard address as currently implemented by Bitcoin allows 1`461`501`637`330`902`918`203`684`832`716`283`019`655`932`542`975 combinations.

    Try it out on your own computer : divide the former by the later to get for your own benefit the same 0 everyone gets when they try to compute the % of the standard the credit card altcoin actually implements.

    Yes, I'm sure fresh minds unused to mathematics will readily be persuaded by arguments to ignorance in the vein of "sixteen digits is such a humongously large lot it is enough to boggle my puny brain and so should be enough for everyone". That such persuasion is a common occurence doesn't change the fact that sixteen digits are barely enough to count the neurons in a working hominid brain. They come to almost 6 bytes, which is a as ridiculous in cryptography as it is in penis inchery.

    I suppose the only reasonable move here is to dub the credit card altcoin "the billiard standard" and move on. []

  3. It should perhaps be pointed out that in practice the credit card public address has a lot less than the sixteen digits meaningfully availabe. For instance when Bahamas inadvertently leaked his credit card public address while cutting in line, the 4147-20 lead surprised no one, as having a "select" credit card which requires $25 mn with the bank while officially declaring assets in the 500k to 1mn range with that same bank is standard practice in banana republics.

    For comparison, the standard as implemented by Bitcoin consists of 25 bytes, with a leading type specifier (=1), and a trailing 4 byte checksum (equal to the first four bytes of a double sha256 calculated over the payload). The payload itself is 20 bytes long, equal to the result of a ripemd160 hash. The 50 digit number discussed in footnote ii above refers to this payload, whereas the supposed 10 billiard space of the credit card public address readily reduces to "almost one trillion" once the protocol identifier and checksum are stripped off. Which should be "enough for everyone", especially if you stop having children. Apparently the SSN debacle has taught no one anything. []

  4. Problem ? Ah, but it's ok, because everyone involved pretends to not know what the WoT is and then it's all good, right ? []
  5. This bizarro alt-view of the credit card altcoinheads might perhaps explain their psychotic reactions surrounding the Etherape - inhabituated as they to nonsensical "rules" of the alt-world they inhabit, dentistry appears painful and to be avoided, while not brushing one's teeth appears the height of sensible, slothful self-management. []
  6. If the agent defrauds you, you can't leave them a negative rating. You have to go to one of the official lords of this system and convince them the agent defrauded you, as they're the only ones allowed to negrate. The system is also entirely opaque - you can't see how many negrates the agent has, only the lord in question can. To you it is presented, and you're required to act as if, every agent is just as reputable as every other. Let's stop here, before going into the abundant available detail as to just how broken the "convince a lord of this alt-republic" process is. []
  7. Notwithstanding all the ridiculous kludge built around the attempt to pretend otherwise, credit card based ecommerce still happens in plaintext. []
Category: Bitcoin
Comments feed : RSS 2.0. Leave your own comment below, or send a trackback.

2 Responses

  1. So much money to be milked from the credit card industry. Its pretty much just another arm of the USG, with all the inefficiencies thereof.

    Sometimes I dream of quitting my job and working a moderate paying gov't job and doing absolutely nothing, like Ron Swanson. It is my civic duty to make the government operate as inefficient as possible. Maybe the DMV has openings

  1. [...] illustrated explanation of how credit cards actually work, what the actual security of that "working" is worth in real terms and how it compares to using [...]

Add your cents! »
    If this is your first comment, it will wait to be approved. This usually takes a few hours. Subsequent comments are not delayed.