There’s no divorce in Bitcoin

There’s no divorce in Bitcoin

I attended a presentation hosted by the BCS, and given by Ron Ballard, based on his article in IT Now, “Blockchain: the facts and the fiction”. What he said inspired some thoughts and reminded me of others, some of which I have previously published on my blog. I wrote an article, called Learnings of Bitcoin, which was meant to be a spoof on the Borat film title and posted it on my linkedin blog, The article looks at the tight coupling of Bitcoin, and its consensus mechanism, the proof of work, together with its costs and vulnerabilities. It examines the goal of eliminating trust authorities and its questionable ability to meet the necessary roles of money as a means of exchange and a store of wealth. In the comment pushing it, I say, “This might be a bit basic for some, but you can’t have a coinless immutable blockchain, at least not one based on ‘proof of work’.”, at which point you need to consider if there are better data storage platforms for your use case.

Ballard is an anti-bitcoin polemicist and his anti-slide is comprehensive, although it misses the asynchronicity; I am less clear about his assertion that relational databases are good enough. Stonebraker in his paper, “The End of an Architectural Era (It’s Time for a Complete Rewrite) § 6.[12]” identifies five use cases where relational databases are sub-optimal including stream/feed processing and also states that SQL is not suitable for all data retrieval problems. I would add that an SQL database is not immutable, and most implementations do not come with a “four-eyes” super-user implementation; much effort needs to be invested in controlling the activities of these super-users, especially to implement the “developers can’t run code, and operators can’t change code” rule.

If the only use of Bitcoin, is paying for the electricity to keep it secure, exchanges become necessary. There’s something on how is Bitcoin valued by the market, but I haven’t found it yet also marginal utility theory requires two commodities; I wonder what the alternative to the crypto-currencies is and how liquid the exchange mechanisms are? Also are we trusting the exchanges? If so, the solution is not trustless! (I mean the alternative is cash since it’s the only way we measure energy and like cycles, electricity can’t be stored.

Some have suggested that the language used such as mining, is designed to suggest that the Bitcoin is similar and as safe as Gold, which isn’t! The use of the word ‘nonce’ which in IT security field means ‘number used once’, and is part of the chain design to my mind disguises the role of this field. It is only used once, but it is the output of the proof of work.

Ballard challenged his audience to find a good use case, and to my mind the proof of work and its costs make it hard, but I wonder if either trade confirmations or P2P name resolution are potential use cases, certainly bitcoin have had to solve the later and has inspired the namecoin project. There may be better ways to do both, but doesn’t look like anyone else is working on it.

The presentation was published on youtube here … …

E2E & Zoom

E2E & Zoom

The Zoom CEO stated at an Analysts Conference that they planned to introduce End to End Encryption (E2E) for their paying customers. At the moment, zoom does not do E2E encryption, they are encrypted between the user device and Zoom’s servers, but zoom’s servers can be tapped. This means that GCHQ can’t see what’s happening, but the NSA & FBI can. (This assumes that GCHQ can’t break properly configured TLS.) In the end, doing zoom rather than skype or google hangouts, if you believe them to be more secure, is like going to a meeting and trying to spot the special branch cop, preferably before you’ve fucked them. The rest of this blog discusses the issues of the device security, technical complexity, and the problem of user identity. See below/overleaf …  …

Big Copyright strikes again

Big Copyright strikes again

This time in the European Parliament. They want upload filters and to tax ISSP’s reuse, but you can do something about it.

Last week a committee of MEPs voted 15 – 10, reported here by one of its members, Julia Reda, the sole Pirate Party MEP, in favour of the EU Copyright Directive’s disastrous Article 13. This misguided measure will introduce upload filters that would change the way that much of the Internet works, from free and creative sharing, to one where anything can be removed without warning, by computers. They also voted in favour of Article 11, which Europeanises a German & Spanish law and places a monetary liability on internet software service providers who use snippets of news articles originally published by for-profit publishers.

This article explains why the measures are wrong, and points to the campaign sites. It was amended on the 5th July after the vote to report the result, which was that the Parliament voted to re-open the discussion in plenary.


Here are the votes, interesting splits. …

More reasons to be doubtfull

More reasons to be doubtfull

I had reason to read the Register’s front page this morning and came across these three IT Security and e-voting gems. Firstly the New Zealand Government uses NSA surveillance tools to spy on the a number of APAC governments to help in their campaign to win one of the World Trade Organisation’s elected positions. Secondly the Australian ivote’s practice system has been compromised in such a way that cast votes can be infected. This project was lead by Vannesa Teague and Alex Halderman; Teague has previously spoken of the inherent weakness of [ei]-voting., not a fan it would seem. And thirdly, CISCO’s CTO gives up on security, or at leas that’s what the Register reports as a headline; the comments by Hartman, CISCO’s CTO are more nuanced but he definitely proposes that devices cannot be secure, and need to be monitored against change and current and future threats, and how do you do that in the home. …

Coming Privacy Law

Coming Privacy Law

Yesterday, attended a session convened by the BCS North London branch, called “Data Privacy – How Private is IT?” The presentation was given by two PWC staff members in two parts, the first was a forward looking review at the proposed EU Data Protection Regulation by Kyrisia Sturgeon and the second part a scenario based exploration of good data protection practice led by Pragasen Morgan. To me the coming key changes in the law are that all companies will need to have a qualified data protection officer, and it implements a right to be forgotten, or more accurately a right to be unindexed. …