XMR and BCH have been working great for a decade and in my mind are the ONLY Cryptocurrency projects that are not outright scams or digital ponzi schemes.
It's odd how clear the picture is but how many people have been fooled by fakes. What other industry is 99% scams and only 1% legitimate?
Why are you downvoted? XMR is among the greatest cryptocurrencies. It's everything bitcoin was supposed to have been. The fact it's not in the top charts is proof of the irrationality of the market.
The purpose of a thing is not the driver of its price. It's unfortunate that crypto's turned into speculative stocks but to say it has no purpose or utility is just wrong. It actually works.
That won't happen and would actually be much worse for Monero because it means everything becomes a giant target for thieves and scammers, even more than it already is. The reason it's failed is because the idea of cryptocurrency is fundamentally bad. Monero isn't even trying to hide it. The developers openly say that criminals should use it to commit crimes.
I believe that the ideal end goal would be that a cryptocurrency is a closed system where a person could buy, sell and earn all in one currency. At that point if it grows big enough price will stabilize and more and more day to day commerce will move to the blockchain.
Bitcoin and Monero have always been able to send transactions instantly and for Bitcoin, essentially free for over a decade with zero down time. That beats the pants off Visa and MasterCard.
Why use an inflationary currency that costs 2% to spend and takes 30+ days to settle?
For starters, any of the money laundering crimes that CZ just pleaded guilty to. That's what any of these cryptocurrencies mean when they say transactions can't be tracked.
This does have the network effect disavantage of requiring everything to move to XMR immediately.
Also, except maybe for purely digital there will be "on-off ramps" anyway, except it will be for real goods instead of fiat currency. The government can ban you from paying the gardener or buying milk with XMR.
I'm curious as to why BCH is not a ponzi vs BTC given the former is a fork of the latter - so they pretty much work the same way apart from a larger block size.
Instead of holding forever you could sell earlier. Buying coins with the intent on it going up to make money can be done with 'good' or 'shit' coins. If you have ever purchased penny stocks it's similiar in terms of risk/reward. Buying coins with a larger capitalization reduces risk/rewards.
If you believe everything is a 'shitcoin' and you want to hold them forever then on your death bed you can look at the value and determine if it really was a shitcoin or if the media made me think everything was a shitcoin.
It's nice to see level-headed crypto optimism here. It's disheartening seeing bulls who have long since stopped pretending their favorite coin has any utility beyond being a speculative asset and a get-rich-quick scheme given its poor transaction rate, or that the features they've bolted on will make it valuable, none of which make it viable as a currency.
Why would anyone bother with Bitcoin?
If you want to avoid financial regulations in transmitting value across borders or purchase black market goods and services, you're going to be caught since all/most Bitcoin is KYCd and impossible to keep private, unlike Monero.
If you want to avoid transaction fees, you're SOL since it's at $10 right now versus $0.06 for Monero.
If you want a store of value, it's poor because it's volatile, not backed, and theft is not reversible, unlike virtually any other regulated security.
If you want to make legal purchases with it, any transaction costs $10 and can take hours or days, and is not reversible if you are defrauded, unlike USD.
Bitcoin has no value proposition beyond being a speculative asset and a Ponzi scheme for early buyers.
Be mindful of potential biases. Monero is rightfully highly regarded for its privacy, but you may be overlooking certain aspects:
- Unlike Bitcoin, Monero's monetary issuance is not auditable, which could prove a major problem in case of an attack, potentially leading to inflation.
- Monero faces blockchain bloat issues due to its ring signatures. It cannot scale gracefully.
- Privacy and transaction cost concerns with Bitcoin have largely been addressed by Lightning and potentially other upcoming layer 2 solutions. A lot of work is being done here. If you are technologically inclined, you can also participate:
https://lists.linuxfoundation.org/pipermail/lightning-dev/20...
- KYC happens on exchanges. Buy your BTC on decentralized platforms like Bisq or RoboSats and be done with KYC.
- A private-only ledger can pose challenges when transaction notarization is necessary. Bitcoin lets you choose between a private L2 transaction or a public blockchain transaction.
Lightning has grown beyond its two original creators and now has a healthy community behind it. Worth mentioning are Rusty Russel (iptables, netfilter, some network layers of the Linux kernel) and the fine folks at Acinq (acinq.co).
"Usable" is a massive stretch. The only way most people will ever be able to use it is through a custodial wallet, so it's right back to bank accounts and centralized exchanges.
But the whole thing is a distraction anyway. The majority of transactions happening off-chain means that Bitcoin is an utter failure at everything it ever set out to accomplish.
Lightning does work if you're using a large provider but it undermines the utility of BTC not requiring a middle-man. Running a lightning node with personal funds is simply not likely or safe for your average hodler.
I'm not sure you've used Bisq or RoboSats if you think they're good replacements for exchanges. Barely anyone is online at a given time.
I mean has Venezuela ever claimed it was communist? I always thought it was socialist. Also its oldest standing communist party technically sits in opposition to Maduro.
FWIW The Soviet Union never stated that it was communist. They were officially socialist with the constitutional goal of establishing communism. for that matter the Mensheviks predate the Bolshaviks and always opposed Lenin.
Saying that the Mensheviks predate the Bolsheviks is kind of odd- there was one political party, then they had a big fight and split in two. Menshevik literally means "minority" and Bolshevik "majority", that's how intertwined the two are.
By the time of the October Revolution, the Mensheviks were actually a majority, and were a significant faction in the Russian Provisional government. The Bolsheviks were not.
The Bolsheviks were a minority, but controlled key elements of the army. After months of civil unrest and violence, they staged an armed coup.
My understanding is that the Mensheviks were technically a majority on the first day of the split, because Lenin had pushed so many people out before the climax of the conference. The point still stands though, that's what the words mean.
It's a tautology, as no implementation of a concept will ever be equivalent to the pure concept. The real existing examples of implementations of concepts will still tell you something about the viability of the concept.
> no implementation of a concept will ever be equivalent to the pure concept.
True crypto does exist.
Bitcoin is true crypto.
When I mine Bitcoin, and I use that Bitcoin to buy something from someone else, that is true crypto.
When I sell something for Bitcoin, that is true crypto.
When I exchange fiat for Bitcoin at a centralized exchange, and I successfully withdraw it to a self-custody wallet. That is acceptably close to true crypto.
standing committees are necessary parts of communism that always result in permanent authoritarian control of all people and all resources. humans don't have a way around that and that necessary phase is a prerequisite to the ideological phase. there is no evidence that it is worth pursuing given that irreconcilable implementation flaw.
consumers choosing mismanaged companies are consumer discernment problems that have nothing to do with the sector they're involved in. specifically with crypto, centralized exchanges and brokerage experiences are not necessary parts of the crypto ecosystem and exist in parallel to other ways of getting fiat in and out of crypto, and other ways of getting exposure to the crypto ecosystem. many proponents of the crypto asset ecosystem have always sounded the alarm on those kinds of companies and actively track how much crypto is held by the companies or in self custody.
analogies compare dissimilar things with common attributes, what is the common attribute between observers of these two concepts?
I think so too however it looks like they may have printed their (counterfeited) way into solvency.
Basically: buy cheap BTCs, print shitload of tethers, sell BTCs for real USD to the tune of tens of billions and now store these real USD in short term US treasuries (they don't own chinese treasuries anymore) bringing in 5% and more.
They're claiming they now have excess money (!) to back their tether due to the fact that they collect 5% or more of interest on the short-term treasuries they have.
Put it this way: even if they printed $40bn out of their arses out of $80bn of tether, the $40bn of actual USD they'd have would still net them $2bn a year in interest. That'd still be a big hole but...
What if they printed "only" 10 bn out of thin air out of 80 bn: they'd have near 70 bn bringing in 3.5 bn yearly at the moment.
They don't give any of the interest back to USDT (tether) holders.
So if they printed "only" 10 bn out of their arses, in less than three years they'd have these 10 bn for real on interest alone.
It's still criminal (I guess) but it may not be "0% of tether are backed".
People have tried to run the maths on how much money entered the cryptocurrency world (with Coinbase giving a huge hint).
Centre (Circle+Coinbase) has really $24 bn backing their USDC coin (they publish the individual US short term treasuries bill number).
USDT (tether) is much older than USDC.
Did they cheat? Most certainly.
Did they "fake it 'till they made it", helped, by sheer luck, by interest rates going like crazy?
Tether absolutely had the chance to become solvent in the weekend of the SVB collapse. In that time, everyone was rushing out of USDC and DAI into Tether (USDT). Liquidity pools were drained of all their USDT and smartcontracts showed all available units being borrowed at 100+% APR. Tether was trading for $1.01-$1.10 that entire weekend, with demand insatiable. They could have repeatedly issued new Tethers and sold them for more than a dollar[1], while only incurring a dollar of liabilities.
Coinmarket cap shows the USDT market cap going up by about $2 billion during that weekend, but it's not clear if they were using this strategy. (which would have profited ~1-10% of that figure).
[1] or, depending on how much risk they wanted to take, traded them for USDC and DAI! Those were trading for as little as $0.90.
The ETF will have to be approved BEFORE Tether is brought down. The powers that be need a way to control the price, an ETF is the easiest but until then they have Tether.
Why else would the US allow the largest counterfeit money printer to continue for long?
Why does BTC need an ETF at all, doesn’t that defeat the purpose of owning one’s own wallets? Also… exchanges defeating the purpose of decentralization…
The simplest answer is that alot of people would like to hold BTC in a tax advantaged account and an ETF wrapper is the easiest way to do this.
Others would like to buy it via retirement plans and having an ETF makes this doable.
Those that want to hold BTC incase the US dollar collapses will hodl their own BTC.
Those that want to hold BTC incase it really appreciates will hold it via an ETF in a tax advantaged account so they don't have to pay taxes on their gains, depending on the account type.
> Why does BTC need an ETF at all, doesn’t that defeat the purpose of owning one’s own wallets? Also… exchanges defeating the purpose of decentralization…
Many financial institutions do not care about decentralization, but they do care about investing in an asset where they do not have to worry about managing the asset (in that regard, similar to REITs). Having the asset insured against various types of malfeasance is also a requirement for investments by many institutional funds.
>Total US retirement assets were $36.7 trillion as of June 30, 2023, up 3.1 percent from March 31, 2023. Retirement assets accounted for 31 percent of all household financial assets in the United States at the end of June 2023.
I don't think experience shows most people should or want to own their own wallets. And transactions are much easier without owning one. If you just want BTC exposure as an investment an ETF is much better.
There are no criminal charges involving Coinbase or Kraken. Litigation by SEC yes, criminal charges no. There’s a very meaningful difference there. The first type can ruin your business, the second put you behind bars too.
Traditional banks aren't trying to prove that people should trust them. People already trust them, and even if they don't, they're already regulated enough that consumers know the government will step in to bail them out.
So you tell me someone has 88bn us dollar or real assets somewhere stored away safely?
Somehow I doubt that. That would mean someone invested this in a save and independent way with enough return to keep it inflation save and apparently has no other idea on how to invest that even more magical.
Most people can't redeem USDT from Tether... Read their terms. You can only redeem USDT for USD if you bought directly from them, and even then it needs to be more than $100k. If you fulfill those two requirements, they'll let you redeem if they want to. They state in their terms that redemption is entirely at their discretion, and they can just say no if they gambled the reserves away.
I'm not super savvy with money but why would anybody buy an ETF and pay their fees when the assets in the ETF don't grow or give dividends? How will they secure those assets? Cold wallet in a vault? What happens if they do their audit and the backing coins aren't there (stolen) or there's a hardware failure on the cold wallet?
Gold isn’t easy to steal because there are centuries worth of physical security demands that have evolved to protect it. Its relatively easy to take a chunk of metal from someone otherwise.
Nothing you listed applies to bitcoin besides remote theft. The whole point of a blockchain is be fault tolerant in the face of those real failures. Remote theft occurs from a failure to secure your private keys. That’s human error and will be resolved in the same way as gold with… custodians aka a bank.
Gold isn't easy to steal because it's heavy, and the more you steal, the more it weighs. There's a big difference between stealing an ounce of gold and stealing five tons of gold. But there's no difference in "weight" between stealing 0.1 BTC and 10,000 BTC.
Also, securing physical assets is much easier than securing digital assets.
If you have stored your seed securely (in a safe, preferably engraved on stainless steel), then no problem, you can re-generate your private key on a new wallet from it.
If you haven't written down your seed before generating your private key and also lost your private key, your money is lost. Thank you for this sacrifice for the common good, but you will want to educate yourself better next time.
Yes, if only one of a 2 of 3 account was lost. A person having a single seed phrase on a single cold wallet would lose coins and would probably benefit from using a service to educate them.
You can laser engrave a Bitcoin wallet seed (24 words) on titanium, store it in multiple locations and never enter your seed on a networked computer to prevent remote theft. You can also use a passphrase on top of your seed, and store it separately, so that even if the seed is physically stolen, the wallet won't be recoverable without the passphrase.
Your coins aren't stored on a computer but on a distributed ledger around the globe, secured with strong crypto, Merkle trees and proofs of work. Your (hopefully cold) wallet only stores your private key.
Gold is hard to transport, easy to confiscate and hard to divide, thus difficult to use as a currency. None of those apply to Bitcoin. Well, unless someone is dumb enough to leave his money on an exchange.
Well, BTC isn't some asset that doesn't have a track record of growth. Take a look at the rate of growth in last decade. Yes if you look in specific timeframes it will look like a wreck. but looking at a bigger picture it makes sense. And it is given that it will keep growing similarly in the long term (Why?, thats a separate lengthy conversation the answer to which also answers why some of largest finance players are rushing to put out an ETF of BTC)
Coming to the security and safety part. In theory, BTC was made with a intension to be easily usable and accessible. Once you understand it, its pretty simple and straightforward (even easier than using a bank's service). No level of hardware wallet failure will compromise the funds because the funds are not in the wallet rather the record of the funds are in 100s of thousands of BTC nodes that is being run by miners and other enthusiasts. The real threat may be letting people that share OTPs to scammer handle their private key and seed phrase. Thats where custodians like coinbase comes in.
And to the point of how to make sure the fund held by ETF/Custodian is actually there or not, This can be easily verified. Tt is a public ledger and anyone with the public key can see how much funds are held in the wallet. This aspect of transparency is one of the key selling point of BTC.
I would recommend a short and interesting read - "Inventing Bitcoin".
That’s the definition of asset appreciation. This is comparable to buying gold 100 years back vs now, no one is complaining Gold is doomed because it was dirt cheap a century ago, not did gold lose its ability to retain value because it was getting expensive. Although the rate of growth won’t be this explosive for BTC in the future as it is now.
Late adopting rich people might still get into BTC ETF for its ability to maintain its value in the long term, as simple as that and doesn’t matter at what price they buy.
Exactly they aren’t. But they have some parallels in properties (fungible, less prone to inflation etc)
But gold or any other precious metals for that matter still has a flaw of having unlimited supply. Yes the supply is limited on earth but we are only couple of decades far from mining asteroids like 16 Psyche.
Flood the market with gold, it will drastically lose its value and this will indeed help its consumption like manufacturing of electronics etc but gold as an asset would be pointless.
This cannot happen in BTC, which is programmed to have finite supply.
Most likely some sort of cold wallet. With some in hot wallets for liquidity. There are many crypto custodians who do this.
Now they do have to design redundancies for the keys. eg. they should not lose access to the assets because say they made it too safe and cant find the keys anymore :p
It's funny because it happened with Prime Trust a crypto custodian. But I'm sure a company like BlackRock can and will do better.
I have no idea, but I assume that if they get hacked they are liable for that. If the ETF is run by Bob's Bitcoin ETF incorporated in the Virgin Islands then that's not worth anything because there are no other assets to cover losses. But if it's BlackRock (or some other large US money manager) then they have plenty of other assets to pay out.
Very interesting timing of this release, amidst the turmoil at rival Open AI. I wonder if this is a clear play to capture enterprise customers who have been spooked by the drama.
In that Atlantic article last night it said that ChatGPT was turned around in a matter of weeks to match a competitors offering. I don’t think Anthropic would’ve had the lead time to deliberately time this. I think it’s either serendipitous that they planned to launch this week, or at most they were going to delay this release until after Thanksgiving and decided to put out the press release today instead.
People spooked by OpenAI turmoil should go with Azure OpenAI services. They host OpenAI's models for almost the same pricing but with enterprise-level SLA. If you are outside the US you can also choose an Azure datacenter closer to you.
> SSN and DOB data is widely available for sale in the cybercrime underground on almost all U.S. citizens. This has been the reality for years, and was so well before Equifax announced its big 2017 breach.
Again, I find that this only reinforces the fact that SSNs are not a useful identification system because there's nothing secure about them. Can someone explain where attackers obtain SSN/DOB data with such a widespread success rate?
The US government should replace SSNs. SSNs were never meant to be used this way.
Any good replacement should start with a set of APIs specifically targeting financial institutions/credit. Give the consumer a random, easily rotatable, numeric key (e.g. "14830-29928-8921-29"). The key + API can return a unique ID, but a unique ID cannot return its corresponding key (i.e. single directional flow).
The unique ID never changes for a given individual. If the consumer's key is lost, stolen, or breached the key can be re-issued and old one expired.
Make it illegal to store the numeric key itself in a database for long periods. Only the resultant Unique ID can be held. You'd never request from the consumer the Unique ID itself (otherwise it itself would become the new SSN); only their key for API verification.
Why is this a secure system? The information companies would store (Unique ID) is not the same information they need to process a new credit requests (Key).
Meaning the piece of information that identity thieves need to steel is short lived, and the long lived info cannot convert back to the short lived.
There was a good Planet Money episode on how it got to be this way. [1] The SSN maybe originally was not meant to be used this way, but starting around 1943, government agencies were required to use it when possible. [2] That's less than a decade after the first SSN's were issued.
Aren't you basically just describing a more complex, weaker form of RSA SecurID hard tokens or Authenticator-app soft tokens? With a centralized API for validating a generated key vs identification details?
EDIT: Thinking about this more, it seems like a much harder problem than this quipped solution gives credit for. The agency wishing to validate a generated key would need to have enough identifying information to isolate a single row in the centralized database to validate the token. Because we don't want every token assigned to John Smith to validate every John Smith. So now this centralized database needs to have something that's unique to every single row... Or, in other words, the same problem as SSNs have to start with.
No, and the fact you think it is anything like SecureID means I did a poor job explaining it.
It replaces cardboard cards with a SSN on them, with a cardboard card with a longer randomly generated key on it. There's no electronics involved from the consumer's perspective at all.
The key is provided on your e.g. loan application. The financial institution sends that key to the government via API, and receives back a Unique ID assigned to you as an individual that never changes. The financial institution should then dispose of the key you provided them.
The Unique ID is essentially used like an SSN; but the major differences are:
- The consumer never provides it directly
- The consumer's version of it (key) can be rotated freely
- If the Unique ID itself leaks it has no value, since the API Cycle (i.e. Key -> Unique ID) is part of the system that financial institutions would use, supplying the Unique ID would just throw an error (since it isn't a valid key).
So it completely different from SecurID, and is more akin to SSNs with most of the core issues resolved. Issuing cardboard cards with numbers on them isn't inherently complex, and is what we're already doing.
The most challenging part is getting financial institutions to implement the API calls and update application forms. You'd also have to remain vigilant that they aren't storing the Keys themselves longer than absolutely necessary.
I'm with you, except for the part where we trust the middle man to please-pretty-please-pinky-swear delete the key. That, to me, makes it weaker than a token approach. With the token approach, the intermediate value has such a short useful lifetime that it's practically not a secret. The real secret -- the value required to duplicate the token -- remains with only the client and the centralized store.
I think that is mitigated by allowing the key to be rotated freely. The shortcomings over the token based approach are outweighed by being more practical to implement. If the issuing of a new key was an annual process, or even tied to something like drivers license/state id renewal, it would still be worlds better than what we have today.
If rotation is the secret sauce, then the best strategy is to rotate after every use. In which case, why not just build that into the system:
1. Client holds key.
2. Client exchanges key with central agency for token. Token expires after a short time period, making long-term storage and leaks useless.
3. Client gives token to company.
4. Company validates token with central agency.
And now we've reinvented OpenID. And SecurID is nothing but a piece of hardware that can perform (2) in a decentralized manner. We could maybe modify (4) to potentially be more useful for this specific use-case:
4. Company exchanges client identity token with central agency for a validation token that can be stored long-term. Validation token signifies that an identity token was received and exchanged, for legal purposes.
What I don't know is how to protect this validation token from becoming valuable beyond the above use-case. If it's proof of something, then it becomes valuable for that proof... So it would would have to be scope-limited in ways that make it useless for proving anything other than that exact exchange. Off the top of my head, obvious scope limitations are: client, company, and timestamp.
I agree that the client should generate a token and provide that to the company.
Bonus points: have tokens issued in XXX-XX-XXXX format so that existing systems don’t have to change anything- it’s still a SSN of sorts, just one time use.
> please-pretty-please-pinky-swear delete the key.
In the first post I said quite the opposite:
> Make it illegal to store the numeric key itself in a database for long periods.
Using actual electronic tokens is impractical due to the costs. Even assuming just $1/each we're talking conservatively almost half a billion dollars (inc. shipping), and the upkeep would be similarly high.
The proposal above 1:1 replaces the system we have and are already paying for while solving most of the major weaknesses.
Multiple smartcard-like systems have failed spectacularly in other countries, a SecurID-like token would suffer from many of the same issues.
In the end, you're really stuck between two places. Either you have something static, in which case it's got all the negatives of a static secret. Or, you have something dynamic, in which case you have to manage the infrastructure.
The only thing that makes SSNs bad static secrets is that you should basically assume yours has been leaked at this point. Like others have said in this thread, they're not bad identifiers, but they're a terrible choice for confirming identity.
Your system is just another static piece of data to keep secret. Which is where SSNs started when this crazy train kicked off. And no, "rotation" is not the secret sauce, because SSNs can already be rotated under certain circumstances.
I also don't understand how the "unique ID" doesn't have value. OK, you can't confirm an identity with it on the centralized system. But as far as I can tell, it basically serves as proof that you did confirm the identity. There's no way to distinguish between "obtained unique ID via the key and thereby proved identity" and "obtained unique ID via any other method and thereby did not prove identity".
> Either you have something static, in which case it's got all the negatives of a static secret. Or, you have something dynamic, in which case you have to manage the infrastructure.
I just described a system that is neither fully static nor fully dynamic. It has a static part (Unique ID) and a semi-dynamic part (numerical key) that can rotate as needed.
> Your system is just another static piece of data to keep secret.
Keys can be rotated as needed. For example with drivers license renews. The Unique ID is static but it isn't security sensitive.
> I also don't understand how the "unique ID" doesn't have value.
Because having it doesn't give you the ability to open a bank account, take out a loan, or receive a benefit. It is used by the financial institutions to tie actions to an identity, nothing more.
The actual validation of identity occurs with the key and API, the Unique ID is simply the result.
> There's no way to distinguish between "obtained unique ID via the key and thereby proved identity" and "obtained unique ID via any other method and thereby did not prove identity".
The action of retrieving the Unique ID is more important for verifying identity than the actual Unique ID itself. You could steal a Unique ID but that isn't useful, and there wouldn't be another way of obtaining one.
If the secret sauce is key rotation, then the best strategy is to rotate for every use. Building that strategy into the system basically results in OpenID. Take OpenID and allow the client to generate tokens offline, and that's SecurID.
And I still see value in the unique IDs, because they serve as a type of proof that key exchange has taken place. How does the bank go to court and demonstrate the the individual has validated their identity? The best way is to retain the key. Oh, but we're supposing that's illegal. So instead they'll show the unique ID and say, well then how did I get this unique ID?
I don't think you're applying enough hacker mentality to this. If we're going to approach this problem, let's approach it will the full capabilities that modern cryptography give us. There's no reason to share a secret with the company and extend trust to them; we already know how to securely share a secret between two endpoints (client and central authority) through untrusted middle men (company).
How are you paying for giving out half a billion SecurID-like tokens?
I'm talking about a code that can be printed on your driver's license, you're talking about a piece of electronics that has to be shipped to every person in the US, the logical differences are stark.
So every OpenID provider has issued millions of dollars in tokens? No, of course not. All the tokens allow is offline generation of secrets. But if you don't need offline generation, then you don't need expensive tokens. I specifically call this out in my linked response; I don't know why you're still stuck on it.
Also, soft tokens are a thing and are basically free to generate. I've got several loaded on my phone right now, and have the code backed up in my password vault.
Also also, printing secret codes on drivers licenses seems like an amazingly bad idea... Every bar bouncer I interact with sees that thing!
> All the tokens allow is offline generation of secrets.
Which negates the whole benefit of having short lived secrets, which was the whole crux of why you were suggesting it.
> Also, soft tokens are a thing and are basically free to generate.
So now instead of buying every citizen in the US a token we're buying every citizen a smartphone or legally requiring them to have one? Seems problematic.
> Also also, printing secret codes on drivers licenses seems like an amazingly bad idea...
Then print them on a separate sheet of cardboard. Still a massive order of magnitude cheaper than what you're suggesting which could range from $0.5-20B+ depending on implementation.
I'm suggesting a more flexible SSN that solves the major issues we already facing. You're suggesting a token based system without actual tokens, smartphone apps without actual smartphones, and printed list of codes.
I'm suggesting a system where you prove that you know a secret by exchanging a token. You're proposing a system where you prove you know a secret by telling everyone who asks you for it and hope they forget it later. (And somehow think that this is a workable long-term system that resolves the problems of the values we have now which work exactly the same way...)
There's nothing about the former system that requires the things you are stuck on. (And I honestly think you're just being stubborn for some reason, because I'm pretty sure you understand the idea I'm conveying.) You could do it over the phone using a touch-tone system. You could do it through a website. You could do it with an app. You could do it with a hard or soft token. You could do it with a smartcard. The only requirement is that you are capable of telling your secret to the central authority in exchange for a token, in a way that it is very difficult for others to observe. Or, alternatively, to have come to an agreement about how to generate such tokens offline.
But the important part is that in the system I'm talking about, you get a secret value from a central authority. And then you don't tell anyone that secret except that same central authority. Everyone else sees temporary values that are useless if saved -- no pinky promises and laws required.
> And I honestly think you're just being stubborn for some reason, because I'm pretty sure you understand the idea I'm conveying.
Indeed I do, it is logistically absurd. I'm talking about replacing one piece of cardboard with a different, more secure, piece of cardboard that resolves actual problems we have today. You're talking about smartphones, tokens, calling in, and a million other complex workarounds all in the name of hypothetical security.
I'd love to see you try to explain your system to an elderly or disabled person. I can explain mine: "Instead of giving them your SSN card, give them this card instead." Done. One sentence. That's literally all they have to know.
Plus your scheme has a huge hole. The second you moved away from physical tokens (which you now seem to acknowledge is unaffordable) to smartphones and now regular phones, you need a way to authenticate who you are. Which means you'll be giving people credentials, which can then be lost, stolen, or requested from vendors creating exactly the same issues we started with.
In other words you've managed to create an expensive logistical nightmare that the general public will hate all in the name of hypothetical security benefits that won't even work in practice. Neat.
> Indeed I do, it is logistically absurd. I'm talking about replacing one piece of cardboard with a different, more secure, piece of cardboard that resolves actual problems we have today. You're talking about smartphones, tokens, calling in, and a million other complex workarounds all in the name of hypothetical security.
And you're talking about zero improvement in security stance. You could literally implement your idea by just making it illegal to store SSNs, because that's the only salient point where you've improved over current state.
> I'd love to see you try to explain your system to an elderly or disabled person. I can explain mine: "Instead of giving them your SSN card, give them this card instead." Done. One sentence. That's literally all they have to know.
Print card with secret. Give them card. Card has phone number on it. Call the number. It asks for what's on the card. You enter it. You get another number. Give that to the person asking.
Also print on the card to not give the card or the number on it to anyone.
> Plus your scheme has a huge hole. The second you moved away from physical tokens (which you now seem to acknowledge is unaffordable) to smartphones and now regular phones, you need a way to authenticate who you are. Which means you'll be giving people credentials, which can then be lost, stolen, or requested from vendors creating exactly the same issues we started with.
Physical tokens are a "something you have". So is a piece of cardboard. If there's no need to authenticate a hardware token, there's also no need to authenticate a number on a piece of cardboard. And there's no reduction in security stance by doing so.
Also, I make no acknowledgement of the in-/affordability of tokens. Rather, I assert that you can simultaneously support multi-modal methods of exchanging a secret for a token.
> In other words you've managed to create an expensive logistical nightmare that the general public will hate all in the name of hypothetical security benefits that won't even work in practice. Neat.
Really? My proposal is literally the same mechanism by which OpenID and web tokens work... And I'm done because I don't know how to work with someone who's idea of a good security posture is give away secrets to people who ask for them.
> And you're talking about zero improvement in security stance.
Rotatable consumer keys. Mitigating the danger of vendor hacks/leaks. Both at the main problems with SSNs today.
> You could literally implement your idea by just making it illegal to store SSNs, because that's the only salient point where you've improved over current state.
SSNs cannot be rotated. SSNs have already leaked. Stealing an SSN allows you to open accounts/credit/etc neither of which my proposal allows.
I'm wondering if you've even read my proposal. Either you haven't or you're pretending you haven't, in either case it seems bad faith.
> It asks for what's on the card. Also print on the card to not give the card or the number on it to anyone.
So this card of yours is identical to existing SSNs. SSN cards even contain that exact text. You need to go back to the drawing board (or just read my proposal and think about it a little).
> Physical tokens are a "something you have".
So now we're back to spending billions on physical tokens? How are you funding it.
> My proposal is literally the same mechanism by which OpenID and web tokens work...
OpenID won't scale to half a billion people, it isn't affordable or practical. Something you've already conceded, that's why you're talking about calling a phone number using your SSN-v2 secret.
> And I'm done because I don't know how to work with someone who's idea of a good security posture is give away secrets to people who ask for them.
We're on the tenth post and you still haven't even read my proposal, that isn't something in it, and you'd know that if you had taken the time to read it.
> You really aren't discussing in good faith here.
This statement seems to be about the only thing we agree on. You keep shifting your goalposts or simply repeating "but rotation!" when I've already addressed exactly that.
So if everybody knows your SSN/DOB, I'd say that makes a very good identity system in the sense that we can all unambiguously refer to the same person. It's just not any use as a means of authenticating that you are the person who has that identity.
> So if everybody knows your SSN/DOB, I'd say that makes a very good identity system in the sense that we can all unambiguously refer to the same person.
If that was all it (SSN) was used for, a "unique-id", it would work ok for that usage.
The problem is that far too many companies also make use of SSN as a "secret only you know" to authenticate that you are in fact the individual identified by the SSN. I.e, your "login name" is identical to your "password". It is this miss-use that leads to the problems around SSNs.
It could be worse. At the pharmacy, they ask you for your date of birth whenever you go pick up a prescription. That's how they verify that you can pick it up. You can send a spouse or family member or friend or personal assistant to pick up your prescriptions, too: you just tell them your date of birth and the pharmacy will just give them your prescription drugs, no questions asked. And if they have your insurance on file, they'll run it through, too.
OK, fine, whatever, except this is the same even for controlled substances. Which is quite weird considering all the other regulations around controlled substances. One time I had to get rid of some excess oxycodone after a surgery, I ended up having to go into a little booth at the sheriff's department where they had a drop box and a sheriff's deputy sitting at a desk behind a window watching me. But all my wife needed to pick it up in the first place was my name and DOB.
I do agree with you, even though SSN/DOB can be used to identify a person, it should not be used to identify a unique person [1].
As you said, Identity should not be confused with proof of identity. Hopefully it will get better with time.
It's the difference between a user ID (be it a small integer or a long string) and actually authenticating to perform actions AS said user.
SSN as a user identifier - to uniquely describe an entity
Actual PKI including a secure public/private key with a signature from a trusted agent (like a government ID authority), and maybe also web-of-trust signatures? THAT is what is required to securely sign things.
Accurint is a big one. The people selling SSN lookups have big DB collections, but the primary source tends be realtime access to DBs like these.
I'd imagine it's trivial to pretend to be a cop and just purchase access to this stuff, not that it's going to be hard to hack most police departments either.
Having looked at getting Accurint and Clear back in 2013, I can tell you the process is not trivial but not comforting either.
On the non-trivial side: I was doing a startup where we sublet from a law firm. We had an on-site audit by someone who came in and we were cautioned that we had to have an independently locking door on our office. We also had to give a reasonably thorough explanation of what we wanted to do with the data and certify, as well as convince the auditor, that we would be using it for GLBA (anti-fraud in financial transactions) purposes.
We actually failed one of the audits the first time because some paperwork wasn't in place (I think we had changed the Delaware company name and not re-filed something, like our local jurisdiction foreign corporate registration, in the new name).
On the not comforting side: the sales reps for these products have full access and will let you do lookups and surf through on whatever. 100% unmasked details on any numbers you want. DMV, aircraft, SSN, judgments, etc., all linked and at the ready.
Also, GLBA is a giant Sherman-tank sized loophole that means that essentially anybody can fully legally use these databases as long as there's some cognizable financial transaction that you're protecting from fraud (even proactively / research wise).
So no, you can't just "pretend to be a cop" but if you actually go to the trouble of being some sort of fraud-prevention business, you can just go wild.
>An identity theft service that sold Social Security and drivers license numbers — as well as bank account and credit card data on millions of Americans — purchased much of its data from Experian, one of the three major credit bureaus, according to a lengthy investigation by KrebsOnSecurity.
>An individual who read a story about the operators of a similar ID theft service online having broken into the networks of LexisNexis and other major data brokers wrote to say that he’d gone back and reviewed my previous stories on this topic, and that he’d identified the source of the data being resold by Superget.info. The reader said the abbreviations matched data sets produced by Columbus, Ohio-based USInfoSearch.com.
>Contacted about the reader’s claim, U.S. Info Search CEO Marc Martin said the data sold by the ID theft service was not obtained directly through his company, but rather via Court Ventures, a third-party company with which US Info Search had previously struck an information sharing agreement. Martin said that several years ago US Info Search and CourtVentures each agreed to grant the other company complete access to its stores of information on US consumers.
>Founded in 2001, Court Ventures described itself as a firm that “aggregates, repackages and distributes public record data, obtained from over 1,400 state and county sources.” Cached, historic copies of courtventures.com are available through archive.org.
>In March 2012, Court Ventures was purchased by Costa Mesa, Calif.-based Experian, one of the three major consumer credit bureaus. According to Martin, the proprietors of Superget.info had gained access to Experian’s databases by posing as a U.S.-based private investigator. In reality, Martin said, the individuals apparently responsible for running Superget.info were based in Vietnam.
SSNs are used widely enough that they can leak from anywhere. For example, my wife made an appointment with the eye doctor the other day and they needed to look up her vision care insurance. Since she's on my insurance, that means they needed my SSN. I asked my HR department what's up with that and where I can just get a plan number for the vision plan instead of having them look it up by SSN, and they said, "oh yeah, your plan number is just the last four digits of your SSN."
So, yeah. I bet you could obtain tons of SSNs from fucking Lenscrafters if you wanted to.
Yes, but let me ask you a question as a potential user first... Would you be willing to give my webapp access to your S3 account (read-only)?
I'd of course not look through the content your files (only the filesizes)... but you as user would have to trust me not to do that (unless there is some s3 permission level I am not aware of).
"The Zerocash protocol extends Bitcoin and enables users to pay one another directly, via payment transactions that reveal neither the origin, destination, or amount of the payment."
I can't see many governments being happy with a service like this.
Upon its initial launch, most of the criticism around it pertained to it not being open source. I think we can certainly expect to see its growth overtake that of Sublime Text, and I'm interested to see how the community interest will stack up against other open source editors like Light Table.
Hopefully Atom may join the legendary ranks of Vim and Emacs.
