In 2013, HSBC was fined for failing to appropriately monitor nearly $700B(B as in BILLION) in transactions between Mexico and the US alone. [1] Yet we're supposed to be more worried about digital currency because of $600 (dollars, not millions or billions, just dollars) worth of bitcoin found its way to the Gaza strip? [2]
The only interesting part of this article is that post publication, the bitcoin numbers were updated by a source from the Dept. of Treasury.
This article is just FUD and nonsense during a slow news cycle. Banks and wire transfers will continue to be the primary vehicle for money laundering and terrorism financing for the foreseeable future.
I think the fact that HSBC laundered $700B and got away with a slap on the wrist, while the government wants to crack down on $600 in Bitcoin, is an extremely important and telling factoid.
The article specifically says Bitcoin is thought to be too transparent for terrorists to use seriously, and that the gov't is more worried about the possibility of new, les traceable cryptocurrencies being developed.
Excellent point. Here in the US, we have payoffs to government officials on the local, state, and national levels.
I like the idea of a Bitcoin like currency with 100% transparency in universal use. Privacy is important to me, but if everyone on earth had access to all financial transactions that would help stop corruption. Use case: turning my personal software agent to free to evaluate candidates in upcoming elections, not invest in companies if I dislike who they do business with, etc.
There are many ways to evade such a system already. For example, one of our ex-PMs didn't get any money from a certain company; they just paid €25M to another guy, who was such a friend that he paid for the ex-PM's home, hired his wife and driver, bought thousands of copies of his book, etc.
Don't disagree with you that Bitcoin's current role is small potatoes. Don't disagree that Newsweek (and this author) aren't especially great sources of information.
That being said, writing it off as FUD is premature. The fact that it is getting written tells you where media and possibly government focus is now. We can either write that focus off or consider the implications.
Terrorist and criminal organizations are some of the most effective users of new media in the world. ISIS produces some of the most slickly-produced videos you'll ever see. They know and harness Telegram and other apps. If they are not stupid - and they aren't, they're looking for whatever advantages they can get. We can acknowledge this without a bias for or against cryptos.
The Bitcoin and cryptocurrency community has since birth by and large been about speculation and making stacks of cash. That's been it's reason for existence and adoption practically - otherwise it would just make for really cool tech that we all talk about on HN. It's been running straight ahead with fully anonymous protocols which while great have the most natural application in black market purchases, and early adopters/users that while they have a right to use them, practically don't need to - their actions are tracked via hundreds of other unrelated means.
The cryptocurrency community has done really poor job of policing itself. It's done a really excellent job of attracting attention through exchange after exchange being hacked and/or scams. Maybe it can't and shouldn't try to restraining itself or police itself, but the natural result of that is someone else is going to police it or shut it down.
Instead of just saying it's FUD, this article is probably ahead of the curve. This is going to become a bigger and bigger issue. Either Bitcoin advocates find out effective arguments or means or it's going to get shutdown.
If they really worried about $600 in the Gaza strip, what happens when that turns to $600k and then $6 million? Because that will happen as the technology advances. Does that give governments the right to intervene? No, but it makes a bigger and bigger target.
There might not be an effective solution, but it's the canary in the coal mine. The US government was never just going to let this stuff happen unhindered.
The fact that they are paying attention when there's not much to pay attention to is all you need to know. Just wait until there's a sizable sum a politician can make a media campaign out of...
This is some serious FUD, pretty standard for Newsweeks bitcoin reporting, which included harassment of Dorian Nakomoto.
This is probably an unpopular opinion on HN, but let's face it, P2P protocols like bitcoin are relatively easy to disrupt for nation state actors, especially the US!
For a relatively small cost, the blockchain could be flooded with bogus junk to DoS. The bootstrap mechanism could easily be MITMd to netsplit new nodes. Those are just technological mechanisms off the top of my head, which assume a perfect hypothetical cryptocurrency with none of the teething problems that all of the actual cryptocurrencies have.
ISIS could come up with "Terrorcoin" (which is the underlying vague threat of the article) but without any mechanism to transfer those coins to a fungible real world currency, it's useless anyway.
Eh, the islamic state and the likes of them dont need a bitcoin. They allready have the islamic informal banking system, which is basically - "I entrust you this money, my cousin in this or that place can withdraw that money from your family"
https://en.wikipedia.org/wiki/Hawala
Its very hard to track and certainly non-human SIGINT proof. If anyone on the planet wants those guys to pick up a systematic trackable crypto-currency, its the secrect services.
The really troubling property from a secret service point of view of this whole system is, that there is no interest in Islamic banking. Thus, you can not derive from the nature of transfers, whether they are business related.
Business related deposits would usually aggregate where the most interest can be gained. Thus unmoving fortunes become "suspicious".
In addition, this system partially prevents the usual corrupt bankers, letting unguarded illegitimate or frozen "fortunes" vanish. There are no courts for dictator money lost during a government upheaval. Of course this is idealizing the thrust-persons.
> This is some serious FUD, pretty standard for Newsweeks bitcoin reporting
Newsweek has been a tool of US propaganda for a very long time.
From his first days in power, Allen Dulles polished the public image of the
CIA, cultivating America's most powerful publishers and broadcasters, charming
senators and congressmen, courting newspaper columnists.
He found dignified publicity far more suitable than discreet silence. Dulles
kept in close touch with the men who ran The New York Times, The Washington
Post, and the nation's leading weekly magazines. He could pick up the phone
and edit a breaking story, make sure an irritating foreign correspondent was
yanked from the field, or hire the services of men such as Time's Berlin
bureau chief and Newsweek's man in Tokyo. It was second nature for Dulles to
plant stories in the press. American newsrooms were dominated by veterans of
the government's wartime propaganda branch, the Office of War Information,
once part of Wild Bill Donovan's domain. The men who responded to the CIA's
call included Henry Luce and his editors at Time, Look, and Fortune; popular
magazines such as Parade, the Saturday Review, and Reader's Digest; and the
most powerful executives at CBS News. Dulles built a public-relations and
propaganda machine that came to include more than fifty news organizations, a
dozen publishing houses, and personal pledges of support from men such as Axel
Springer, West Germany's most powerful press baron.
Dulles wanted to be seen as the subtle master of a professional spy service.
The press dutifully reflected that image.
> For a relatively small cost, the blockchain could be flooded with bogus junk to DoS. The bootstrap mechanism could easily be MITMd to netsplit new nodes. Those are just technological mechanisms off the top of my head, which assume a perfect hypothetical cryptocurrency with none of the teething problems that all of the actual cryptocurrencies have.
I don't disagree the article, but these example attacks sound pretty bullshitty to me. I don't think it is that trivial to attack cryptocurrencies in a meaningful way, so that actually it would be something else to the government than spending some money on pointless harm.
Well, it depends on how much more computing power a hypothetical nation-state has at its reserve compared to the rest of the world. I wish I could find the paper analyzing the possibilities of attacking with less than 51% power, 33% IIRC but in lieu of that, check this out:
And Quantitative Analysis of the Full Bitcoin
Transaction Graph https://eprint.iacr.org/2012/584.pdf which analyzes how lots of Bitcoin accounts are seemingly controlled by the same group (so they are closer to a 51% attack than would otherwise appear).
ISIS could come up with "Terrorcoin" (which is the underlying vague threat of the article) but without any mechanism to transfer those coins to a fungible real world currency, it's useless anyway.
The concept of hawala makes this prospect somewhat more interesting than it may seem at first. You don't need to convert to fungible currency if the blockchain is merely used to keep track of who owes what to whom.
Yeah I wondered about all these points as well. I think the real danger would appear only if people in the real world started actually accepting or desiring payment in these anonymous forms in lieu of actual money...?
[edit] like especially normal people and not just Terrorists or Criminals
With more and more negative interest rates, or attempts to lock down on how money is used (total removal of cash for example) on the horizon I think governments are quite right to fear bitcoins or any other currency that would let people get out of the attempts to "walled garden" finances
That and the mass adoption of cheap, handheld, and powerful computers with easy user interfaces and lots of short range wireless peripherals...
Imagine being able to pay your bar/coffee/restaurant/hotel tab with NFC or something, exchanging whatever virtual currency units, as an expected social norm.
The point isn't the just the payment mechanism but the network it connects back to plus the payment mechanism.
[edit] to clarify: if vendors actually accepted (something like) bitcoin at restaurants or wherever, this would cut out the banking middle man entirely. Also we already collectively have the tech to do this now.
These vendors still need to access fiat currencies to pay wages, rents, taxes, suppliers, etc. Until workers, landlords, governments, and suppliers begin accepting BTC, there's no incentive for vendors to take on the risks of accepting BTC.
> For a relatively small cost, the blockchain could be flooded with bogus junk to DoS.
It's certainly possible for a government to pay to consume the available space in a blockchain with a very small capacity limit such as Bitcoin has, but I think you miss the very important dynamics that undermine this attack vector - namely that such an attack is a wealth transfer from the attacker to the defender. This is antifragility at its finest.
Let's say that some acronym-agency decided to "spam" the blockchain as you suggest.
The result would not be a "DoS-like" disruption to the mining or node network itself, but just an increase in the cost to make a transaction (we've seen this in the so-called "spam attacks" on the Bitcoin blockchain in the last year). Beyond a certain transaction cost, the demand for space in the blockchain will just diffuse to a competing crypto with cheaper transactions and be harder to trace. Oops.
Moreover, in the meantime, the attacker is simply transferring his wealth to the miners in the form of artificially high fees. The miners will happily accept the attackers money and use it to build more mining capacity. If blocks stay full, eventually miners will decide to mine larger blocks, raising the cost of the attack. How polite of the attacker to pay the mining network to build out capacity to handle his attack!
The result is that all the activity you hoped to suppress just diffuses to other cryptos and becomes harder to track. Meanwhile the attacker is subsidizing a better mining network. That's a bad attack.
Relaxing (or removing) the block size constraint doesn't help the attacker. With a higher constraint, the attacker must spend more to fill up the blockchain, raising the cost of the attack and increasing the wealth transfer from the attacker to the miner.
Bitcoin clients like Bitcoin Unlimited that would make the limit a dynamic variable create a whole new wrinkle for the attacker: because such a limit is an emergent network property, the attack cannot even really be accurately planned or budgeted - the attacker literally has to hit a moving target.
But let's say our attacker doesn't care about plan or budget. As the attacker fills space on our "Unlimited" blockchain, blocks could bloat to the maximum size tolerated by a supermajority of the node network - the "emergent" blocksize limit. This is exactly the same size the "preplanned" blocksize limit would eventually ratchet up to in a sustained block-filling attack, the only difference is the mechanism used to raise the limit.
IOW, if you think this "spam attack" through - regardless of the block size limit - the network will automatically adjust to make the cost of the attack as expensive as possible, minimizing the disruption to normal users and maximizing the wealth transfer from the attacker to the miner.
The fact that blockchain "spam attacks" are actually wealth transfers from the attacker to the mining network is the primary reason why these events cannot even be correctly viewed as "attacks" - these are paying customers!
A blockchain spam attack is exactly like trying to shut down Starbucks by planting a million stooges at every store to purchase lattes so that regular customers can't shop there. Starbucks gets rich from all the money the attacker is feeding it, and organic demand for coffee just shifts to other stores.
TL;DR I think there's no such thing as a blockchain spam attack - the worst that an attacker could do might be to raise transaction prices on the Bitcoin blockchain and keep them artificially high for long enough that demand for Bitcoin transactions eventually collapses and (counterproductively for our attacker) goes to other cryptos.
A blockchain spam attack is exactly like trying to shut down Starbucks by planting a million stooges at every store to purchase lattes so that regular customers can't shop there. Starbucks gets rich from all the money the attacker is feeding it, and organic demand for coffee just shifts to other stores.
The US, China, et al would likely be able to blackhole most of the Bitcoin network packets on the backbone and definitely could simply take down the network with a traditional DoS. Ever won a fight for bandwidth with your upstream router?
The real question is whether they could use protocol or cryptography weaknesses to break it with less effort. Something like a weakness in the hash or signing methods could allow them to disrupt the network state in a basically unrecoverable way with many fewer packets and not requiring a persistent attack.
The problem with that attack is that Bitcoin is not very high bandwidth which makes it easy to put behind an anonymizer.
You could DoS the anonymizer but now you're into large collateral damage and the anonymizer may not be in a country where your agents control the backbone.
I agree you could harden a cryptocurrency, I was merely pointing out that Bitcoin is not. (And would require reaching consesus or having a fork to become one.)
Further, Im not sure that there's an anonymization network that could sustain being the consensus network backbone without also leaking the information to a pervasive, persistent adversary.
Things like TOR likely can already be penetrated by the US or China or Russia, and things like FreeNet are likely too slow to reach global consesus fast enough to prevent diverging chains.
Also, DoSing the network doesn't require you deanonymize them, merely that you can fill most of their anonymous routes with traffic (or that you can drop packets along them). This is problematic, because the network fundamentally must publish routes. The underlying architecture isn't meant to operate in truly adverse conditions.
> I agree you could harden a cryptocurrency, I was merely pointing out that Bitcoin is not. (And would require reaching consesus or having a fork to become one.)
You're treating Bitcoin as a black box.
The thing people care about forking is the blockchain. The DoS problem is the network transport. They're independent pieces. You could add a new hardened transport without forking the blockchain or even discontinuing the existing transports. Everyone would just naturally start using the hardened transport if the attack materialized.
> Also, DoSing the network doesn't require you deanonymize them, merely that you can fill most of their anonymous routes with traffic (or that you can drop packets along them). This is problematic, because the network fundamentally must publish routes. The underlying architecture isn't meant to operate in truly adverse conditions.
An anonymity service needs to be resistant to censorship. In one sense that means having a lot of bandwidth, but it also means having some political support. A government may have the technical capacity to launch a large DoS attack but it can't do that if the target servers are in a non-pushover country that would take the attack as an act of aggression.
And penetrating an onion routing network in this context is non-trivial. The three main categories of attack are implementation bugs in the endpoints, an adversary operating a large number of relays, and timing correlation by a global adversary. But the first group are inherently temporary and there are fewer of them when the endpoint is not a web browser with ten million lines of code. The second can be mitigated by not choosing relays in adversarial countries. And the third can be mitigated for low bandwidth services by using a fixed low bitrate and sending padding when there is no data.
> DoSing the network doesn't require you deanonymize them, merely that you can fill most of their anonymous routes with traffic
At best if you're "successful" then you merely take all the current Bitcoin users and scatter them into a hundred different competing and more anonymous cryptos. Oops.
In the south we have fire ants. The thing about fire ants is that if you disrupt the nest you had better kill them all, because if you mess with a nest today, in a few days you'll have 5 nests to deal with. And so on.
1. The strength of a currency is its ability to be exchanged, so forcing them onto several (possibly themselves compromised) networks increases transaction costs and changes the economics significantly. Similarly, hardened networks likely impose additional overhead. Finally, smaller networks are easier to perform 51% attacks on. If you can break it in to 10 networks, you only need 1/10th the power to 51% them each in turn.
2. My point was about the strength of the bitcoin network as it stands. And I think you agree that it's both vulnerable and non-trivial to fix, so Im not actually sure what your point is.
Leah McGrath Goodman, I could almost swear I've seen that name before somewhere. Google... oh yeah, she was the one who did that story about that Japanese-American guy being the inventor of Bitcoin, the one that turned out to be a rather irresponsible fabrication.
Looking at this story, the first couple of paragraphs talk about a nonvirtual currency created by a bunch of racists. Why? Does that have anything to do with Bitcoin? As far as I can tell, no, it's just an attempt to smear by insinuation.
Then it starts into "but terrorists". Stopped reading at that point.
I'm not saying Bitcoin doesn't have flaws. By all means let them be discussed fairly and with intellectual honesty. I don't think this article is the place to look for that discussion.
clearly, this is fluff. the trouble for me is evaluating whether this fluff is a float: 'we will outlaw zcash', or a flop: 'the authorities should outlaw zcash'.
I don't know if it's just me, but this article seems to give a creepy "the USA is the only that matters" vibe. For instance, the sentence "[...] while this may be handy for privacy-savvy Americans, it can make it much harder for the government and law enforcement to fight terrorists and criminals [...]" sounds as if only privacy-savvy USA citizens matter, while privacy-savvy people from the rest of the world can get lost.
Also, the idea of a foreign country being able to disrupt transactions all over the world, with the people having no recourse other than appealing to said foreign country, is creepy. If someone in Austria wants to send money to Brazil, that should be a matter only between Austria and Brazil (or perhaps the rest of the Eurozone, since their currency is shared), and a third-party country shouldn't be able to arbitrarily interfere on a whim.
> [V]irtual currencies could undermine America’s long-standing ability to disrupt the financial networks of its foes and even permanently upend parts of the global financial system.
This is one of the most compelling reasons we should adopt Bitcoin. The nationalism that tells us that we should be concerned about this is appalling.
This was written by the same journalist who claimed Dorian Nakamoto was Satoshi.
You can make Bitcoin literally unusable with about $1000 worth of transaction spam. The same applies to any non-hypothetical blockchain-based currency I can think of, including the fancy new ones. If only the International Bankers had $1000 spare on hand!
I mean, I think Bitcoin is garbage, but this is a relentlessly terrible and incompetent article.
You spend too much time in the r/buttcoin echo chamber. You're getting sloppy with the facts. :) $1000 worth of transaction "spam" would have basically no effect today-- that is only about two blocks worth of transaction fees. Meaning your costly 'disruption' would be unnoticeable against normal block finding variance.
[Come on-- do you really want to be part of the Wikipedia Review of Bitcoin skepticism? I think Bitcoin deserves better critics than that.]
The main point of the article seems to be that anonymous cryptocurrencies pose a threat to US national security since the US Governmeent can't just cut off access to funding for terrorists which supposedly was very effective so far.
Ignoring all the BS in the article, is this argument valid?
I think it's a pretty valid argument if you are talking about the US government having some people that understand cryptocurriencies. There's lots of situations where they need investigative capabilities (or to just understand where effort would be fruitless).
It's a stretch as a justification for things like acts of war against some other country (say some country in South America decided to back an anonymous digital currency...) or even just legislation banning crytocurrencies.
Wasn't middle-East terrorism funded by US and Europe in the first place? Isn't Newsweek posing a threat to the CIA (and NSA) by arguing for the ban of cryptocurrencies for illegal operations? If they want to continue their illegal things, they do need smuggling currencies, and it's the role of the American citizen to enable them to do it.
The Saudis are the principal funders and ideological exporters of terrorism and our closest friends in the region so it doesn't take genius to figure out what is happening.
Its nearly impossible for terrorists organizations and certainly not anything like ISIS to exist without state support. Its now well know they are being funded by Turkey, Saudis and the US intelligence forces.
So we are funding terrorism on one hand and then spending billions of dollars on to build a surveillance state to protect ourselves from our own actions, both of which benefit the state, intelligence agencies and defence contractors.
I think things are now are farce level and democracy is near meaningless if these state actors are allowed to do whatever they want.
Rand’s research into the dangers of virtual currencies is not meant
as an attack on bitcoin, Baron said. He believes the currency’s
publicly visible ledger of transactions is too transparent
to attract terrorists, criminals or enemies of the state. “I do not
see bitcoin as the go-to currency for terrorists,” he says.
“As it stands, it does not offer enough anonymity.”
It's worth mentioning, that in many areas wherein there are not many Tor users, the mere use of Tor can flag authorities as to who might be 'up to something'.
The guy who bombed the boston marathon I believe was caught in this manner: they knew someone in the building was doing something nefarious, and they looked to see who downloaded Tor. Bingo. Or something like that.
I'm not against Bitcoin and understand it's principles - that said - it's the most obvious use case is perhaps for situations in which people want to get around the law.
It wouldn't surprise me at all if anyone using bitcoin is flagged somewhere in an NSA database.
"white supremacists town in south africa, terrorism, human trafficking, money-laundering and many other types of criminal activity. Putin's cronies and Iran's money launderers."
he forgot child pornography.
journos like this one are a disgrace to humanity. utter contempt for reader's intelligence.
The only interesting part of this article is that post publication, the bitcoin numbers were updated by a source from the Dept. of Treasury.
This article is just FUD and nonsense during a slow news cycle. Banks and wire transfers will continue to be the primary vehicle for money laundering and terrorism financing for the foreseeable future.
[1] https://www.bloomberg.com/news/articles/2013-07-02/hsbc-judg...
[2] https://www.thecipherbrief.com/column/private-sector/new-fro...