Welcome to the CoinDesk Weekly Review 6th September 2013 â a regular look at the hottest, most controversial and thought-provoking events in the world of digital currency through the eyes of skepticism and wonder. Your host â¦Â John Law.
There is a an old electrician saying about fuses. When one blows, a klutz replaces it, but an expert finds out why it blew in the first place.
So it is with computer security. It is relatively easy, once youâve found a flaw, to fix it. Itâs often much harder to find out why that flaw was there in the first place, but until you do that thereâs no way to know the likelihood of further problems.
Although itâs never possible to be perfectly secure, it is possible â indeed, essential â to know what the risks are when you make a decision to do things in a certain way, or to adopt a particular technology.
Thatâs why the latest bitcoin vulnerabilities to be fixed are particularly troubling. Theyâre not by themselves devastatingly dangerous problems; one could let an attacker crash a client, another could jam a client with bad messages. Itâs a bit more worrying that one of the bugs was introduced as part of a previous bug fix, indicating that the testing process prior to issuing a patch may be faulty.
But both of these bugs are more implementation flaws than protocol problems: thereâs no fundamental design error behind them, just that the always-fallible process of turning specifications into computer code had a couple of oversights in it.
What is most troubling is that thereâs apparently no online discussion by the people who fixed them about the process of the fixes, nor of the testing done and results found prior to release.
Bitcoin is open source, meaning that development is public, and this is one of its most profound security features. Itâs easy, when youâre human, to want to minimise the significance of mistakes you make, and particularly easy in environments where company or other security means youâre not allowed to discuss details widely.
Open source doesnât fix this particular bug in the human ego, but it does mean that others are free to find, analyse and help fix things â or raise the alarm if things are much worse than they first appear.
But that doesnât work if parts of the development process are opaque. Nobody can tell what the shortcomings were in the testing process, nor whether theyâll carry on introducing problems.
Does this matter? You could try asking Edward Snowden. Itâs come out recently that the American spooks in the NSA have previously hijacked the process of developing industry standard encryption protocols and silently introduced deliberate flaws â an old spy trick, to be sure, but far more worrying now weâre all dependent utterly on standard encryption for online security for our online lives.
Open source isnât proof against this, but it does make it substantially harder to finesse or hide â only, though, if the thinking and processes are as open as the code.
As the NSA will learn, openness leads to better security. The powers behind bitcoin will forget that at their peril.
Some of the most powerful changes in IT have come about when just the right hardware meets just the right software at just the right time.
When the IBM PC met Microsoftâs DOS, the combination of good-enough hardware with a blue chip pedigree with barely-good-enough software driven by ruthlessly ambitious techies was dynamite. The market loved it, and the combination mutated into the Windows-Intel Wintel standard that dominated computing for two decades.
Or look at when Appleâs struggling Macintosh computer got some basic desk-top publishing software at the time that cheap-enough laser printers came along. That created a bedrock niche that sustained the Mac until mainstream acceptance caught up.
So it seems to be with cryptocurrencies and the Raspberry Pi. Once the first few projects linking the Pi and bitcoin were live and documented online, it became simpler for anyone with reasonable nous to link payment from a mobile BTC wallet to making physical things happen.
The latest example of this is Liberty Gamesâ pool table, where those bereft of a 50 pence piece can scan a QR code and rack âem up. John Law can no more hit a cue ball straight than he can write Sanskrit love poetry, but in both cases applauds those who can, and itâs a darn sight more useful getting BTC into the pool hall.
Raspberry Pi is the ideal companion for this sort of experiment. Itâs very cheap and powerful, very easy to use, has enormous amounts of online support, and runs free, secure and well-understood operating systems like Linux that take care of all of the fiddly bits. Even if itâs not the absolute cheapest option, it lets you build prototypes and small production runs of your invention with minimal investment.
The evolution of a standard âadd BTC to anythingâ hardware option is tremendously important, because it hugely simplifies the invention of things that are superior to all competition.
Other options for adding electronic payment to a system come with much more overheads: merchant accounts, 24/7 access to clearing systems, rules and fees and approvals aplenty. And you have to get that right for any market youâre in.
The cost and complexity of using cash is also significant: having secure local storage in your device for the coins, having to empy the coin boxes and transport what can be large amounts of metal to the bank, being up-to-date with the many ingenious fake coin frauds.
But with BTC and Raspberry Pi â as long as you can run power to your device and thereâs some sort of wireless network present, youâve got a payment system. It costs approximately nothing to run in time, effort or cash, and can be installed somewhere in the time it takes to plug the thing in.
If â itâs tempting to say when â the idea catches on, thereâs no reason the electronics required canât be cost-reduced to a fiver or so: the total extra investment needed to let a gizmo securely collect money for you more profitably than any alternative.
And that is all you need for a revolution.
Bitcoin has nobody in charge and no central structure, which makes it very difficult to influence or shut down. Bitcoin exchanges have people in charge and live in one place: old school thinking vulnerable to old school swooping by old school feds. And indeed, thatâs where most of the regulatory and legal action has focused.
So can you have a distributed, automated exchange? Exchanges do three jobs: they match buyers and sellers based on what prices can be agreed, they publish prices, and they add security to the deals in various ways, not least by verifying traders and in some cases payments.
Most of that can be and is automated. Itâs not hard to set up a database that traders can register on, setting their buy and sell prices, and match up buyers and sellers on demand. Such things can be securely distributed among anonymous nodes â and at that point, you have a functioning exchange.
Not a well functioning one, as the individual users have to do the deals themselves, raising the question of fraud. If I send you a hundred quid for a bitcoin you donât send me, or donât send you a hundred quid for one that you did, thereâs nothing to be done about it.
A new distributed exchange from secure wallet services company StrongCoin claims to fix that particular problem by adding an escrow element. When you register with it, you must also pay in bitcoin â and any deals passed by the system can only be up to the value of that deposit.
An automated exchange can do that: even robots can own bitcoin wallets. You have to register your bank details too, and the exchange says it will âvet market makers and only allow non-reversible paymentsâ, which gets around the problem that an exchange with its own real money account is immediately vulnerable to the authorities. Instead, users transfer the fiat money directly between their own personal accounts.
John Law must admit that heâs not entirely clear how that last bit will work without humans in the middle somewhere, and indeed the exchangeâs main shield against regulatory interference isnât that there are no humans there to be locked up, but that theyâre not really running an exchange according to the letter of the law â the individuals buying and selling do the deals directly between themselves.
Well, perhaps. This is another example of an as-yet unsolved internet problem of where humans can abdicate responsibility to their machines. If a newspaper prints something libelous, itâs responsible because it has an editor who controls what goes onto its pages.
But if a distributor or retailer handles a newspaper with illegal content, theyâre not responsible: the law says that itâs not reasonable to expect them to vet content. So where do web sites sit that publish user-generated content without an editorial process? Are they publishers, or distributors? So far, the consensus is that Facebook, for example, isnât responsible for the things its users post â until it is.
So, good luck to the StrongCoin plan; itâs a step along the road to making bitcoin more appealing to more people. And really, the best of luck in persuading the regulators that the rules do not apply, and no making up any sneaky new rules along the way.
But the real win will be in getting rid of anyone in the process aside from the individual buyers and sellers. Ordinary people are the most difficult blighters to regulate, especially when they decide en masse that they donât want to be. Democracyâs really unfair on politicians that way.
John Law is an 18th century Scottish entrepreneur, financial engineer and gambler. Having reformed the French economy, invented paper currency, state banks, the Mississippi Bubble and other ideas essential to modern economics, he took three hundred years off in a small cottage outside Bude. He has returned to write for CoinDesk on the foibles of digital currency.
