Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1YDqWw-0001rF-0V for bitcoin-development@lists.sourceforge.net; Wed, 21 Jan 2015 08:20:50 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.212.175 as permitted sender) client-ip=209.85.212.175; envelope-from=alonmuroch@gmail.com; helo=mail-wi0-f175.google.com; Received: from mail-wi0-f175.google.com ([209.85.212.175]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1YDqWu-00065V-PZ for bitcoin-development@lists.sourceforge.net; Wed, 21 Jan 2015 08:20:49 +0000 Received: by mail-wi0-f175.google.com with SMTP id fb4so25169576wid.2 for ; Wed, 21 Jan 2015 00:20:42 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.180.95.9 with SMTP id dg9mr24702165wib.1.1421828442747; Wed, 21 Jan 2015 00:20:42 -0800 (PST) Received: by 10.194.216.2 with HTTP; Wed, 21 Jan 2015 00:20:42 -0800 (PST) In-Reply-To: References: Date: Wed, 21 Jan 2015 10:20:42 +0200 Message-ID: From: Alon Muroch To: 21E14 <21xe14@gmail.com> Content-Type: multipart/alternative; boundary=f46d0421a87f42f913050d253b2e X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (alonmuroch[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1YDqWu-00065V-PZ Cc: Bitcoin Dev , joi@media.mit.edu Subject: Re: [Bitcoin-development] Why Bitcoin is and isn't like the Internet X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jan 2015 08:20:50 -0000 --f46d0421a87f42f913050d253b2e Content-Type: text/plain; charset=UTF-8 Bitcoin has a major crossroad ahead regarding a suitable platform for the average non technical main stream user. Until now the majority of the available solutions were at two extremes, or DIY your security and privacy *OR* let a 3rd party service do it for you. The DIY solution is obviously not scalable, but it seems that 3rd party solutions are not scalable as well. If we compare for a second a 3rd party services with traditional banks, it seems banks have two major "advantages" over them. Entry costs for creating a bank are HUGE so a priori very few people can actually create such a service, second, their physical and IT security infrastructure are heavily regulated which insures a minimum of security level to the end user (and even so money is stolen frequently). Entry costs and regulation do not exist in the bitcoin space, meaning two programers in their spare time can create a wallet/ platform and the non technical end user cannot know if his money is safe, did they hire the right security expert, did they invest enough in protecting and backing up his keys, etc. Many services tried to tackle those problems with multisig (2 of 2 and 2 of 3) to create a syntactical 2 factor authentication/ authorisation mechanism but in reality those solutions didn't really increase security and their failure point is always a single device. Coupling those said problems with the fact that bitcoin transactions are irreversible and are a scarce commodity, trying to insure them the way our money is insured by the government when we deposit it in the bank becomes a huge problem. Premiums will be very high and will only grow as the appetite of hackers to steal coins increase. I personally believe we have the tools for creating a platform that is both secure and private but most importantly it does it in a decentralised way. Creating true 2 (or more) factor authentication/ authorisation schemes can improve dramatically personal security to a point where 3rd party wallet services will become a thing of the past. Succeeding in that will mean the next billion non technical bitcoin users will have a platform to use securely and a base line for building cool services on top. Alon Muroch bitcoinauthenticator.org > > --f46d0421a87f42f913050d253b2e Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Bitcoin has a major crossroad ahead regarding a suitable p= latform for the average non technical main stream user. Until now the major= ity of the available solutions were at two extremes, or DIY your security a= nd privacy=C2=A0OR=C2=A0let a 3rd party service do it for you. The D= IY solution is obviously not scalable, but it seems that 3rd party solution= s are not scalable as well. If we compare for a second a 3rd party services= with traditional banks, it seems banks have two major "advantages&quo= t; over them. Entry costs for creating a bank are HUGE so a priori very few= people can actually create such a service, second, their physical and IT s= ecurity infrastructure are heavily regulated which insures a minimum of sec= urity level to the end user (and even so money is stolen frequently). Entry= costs and regulation do not exist in the bitcoin space, meaning two progra= mers in their spare time can create a wallet/ platform and the non technica= l end user cannot know if his money is safe, did they hire the right securi= ty expert, did they invest enough in protecting and backing up his keys, et= c.

Many services tried to tackle those problems with mul= tisig (2 of 2 and 2 of 3) to create a syntactical 2 factor authentication/ = authorisation mechanism but in reality those solutions didn't really in= crease security and their failure point is always a single device. Coupling= those said problems with the fact that bitcoin transactions are irreversib= le and are a scarce commodity, trying to insure them the way our money is i= nsured by the government when we deposit it in the bank becomes a huge prob= lem. Premiums will be very high and will only grow as the appetite of hacke= rs to steal coins increase.

I personally believe w= e have the tools for creating a platform that is both secure and private bu= t most importantly it does it in a decentralised way. Creating true 2 (or m= ore) factor authentication/ authorisation schemes can improve dramatically = personal security to a point where 3rd party wallet services will become a = thing of the past. Succeeding in that will mean the next billion non techni= cal bitcoin users will have a platform to use securely and a base line for = building cool services on top.
=C2=A0
Alon Muroch


--f46d0421a87f42f913050d253b2e--