I think Heebie is right. All the crypto currency people want is a new system they can profit from founding.

Why do we want anonymous transactions?

Isn't it "principal agent"?

2: Similar reasons to why many of us use pseudonyms here.

This is the public web. Nothing has to be public about bank transactions.

I keep changing the post back and forth between "manipulables" and "manipuables". Is this even a word? (I know K12 teachers use it all the time.)

I looked it up, fine, manipulable.

Also: semantic satiation achieved.

3 is correct (darn it).

2: so that you can't find out the video rental history of Supreme Court nominees: https://en.m.wikipedia.org/wiki/Video_Privacy_Protection_Act

More seriously, I think the concern is trying to prevent entities (government or credit reporting services) from aggregating purchase history across all sellers.

3 is correct (darn it).

2: so that you can't find out the video rental history of Supreme Court nominees: https://en.m.wikipedia.org/wiki/Video_Privacy_Protection_Act

More seriously, I think the concern is trying to prevent entities (government or credit reporting services) from aggregating purchase history across all sellers.

That's why I pay cash at the bar. I don't want Visa knowing how much I drink.

This sounds on the face of it like a problem solved by legislation, not cryptography.

Have you seen our legislators?

Don't drag me down to your level.

I guess there's some EU-reg kerfuffle going on right now that creates more context for that post, but it could really benefit from an "I am going to lay out a concept for how we could accomplish X, Y, Z while avoiding W" intro, because, man.

8.2: I remember reading the article about Bork's video rentals. I'm glad he didn't get to be a Supreme Court Justice, but that was wrong.

Should I read the OP link? Because fuck do I not want to.

15: I also saw the original article when it came in the DC City Paper. The context was that Bork had specifically said that that there is no constitutional right to privacy because the word "privacy" isn't in the constitution, a hot issue then and now.

So the reporter got a list of videos from his buddy at the video store. The joke was that Bork had nothing to be embarrassed about, there was no porn and nothing remotely off color, but everyone was outraged that this wasn't against some law (presumably, except for Bork himself).

Also an amazing accomplishment by the reporter. How many other City Paper jokes led to federal legislation, and are still being talked about 30 years later?

The OP link is amazingly badly written.

That's O.K. I'm not going to read it.

I think it was in the paragraph using the word "crypto-gable" that I gave up trying to understand the post.

Thanks ttaM!

It sounds like it will contain the phrase "block chain" and I long ago figured out that learning about that in a financial context was the functional equivalent of watching libertarians masturbate.

the paragraph using the word "crypto-gable"

Cryptoable? Cryptoguable? Cryptoluble? These things are hard.

18: agreed. And I read this sort of thing for a living. It is not written, as far as I can tell, by someone who knows what they are talking about.

23: cryptogable. The property of being able to be cryptogged.

To have ones' running shoes sealed in a burial chamber?

Stupid tendons anyway.

This sounds on the face of it like a problem solved by legislation, not cryptography.

From the linked post, here's the problem that he uses to introduce the question.

E-books get pirated automatically, inevitably, and with malicious intent. (The usual malice is to use the purportedly free ebook as a malware vector.) Thinking about what would have to be true in order to stop this is instructive; every ebook would have to have a unique identifier, you would have to have a unique identifier, and there would have to be some sort of central repository of transactions that kept records in perpetuity. It wouldn't be restricted to media purchases, because then you have to define "media purchase" (as distinct from "turnips"), which is hard, and if you did, someone could claim to be selling turnips when they were really selling media and cheat the system. So every transaction would have to be uniquely and permanently recorded.

That's a problem which is difficult to address with legislation (to say the least).

it could really benefit from an "I am going to lay out a concept for how we could accomplish X, Y, Z while avoiding W" intro, because, man.

Agreed. Part of what I was trying to say in the OP is that I find the topic interesting but the linked post made me not want to be individually responsible for selecting the best solution.

It sounds like it will contain the phrase "block chain" and I long ago figured out that learning about that in a financial context was the functional equivalent of watching libertarians masturbate.

[J]ust saying, if you're typing in the comment box right after you read the first paragraph and responded to the bell in order to drool "teh blockchainz is teh answer!!!" you will be soundly mocked when I get back to the keyboard.

That's at least a relief. I'm still not going to read it because I'm shopping online for a turnip.

25: Gullibuable? gullibulable? manipuable? ajayable?

it could really benefit from an "I am going to lay out a concept for how we could accomplish X, Y, Z while avoiding W" intro, because, man.

This, in the comments, is another explanation of what he's going for.

The point of the thought experiment is "what do yo have to do to make it impractical if not impossible for $MALIGN_ACTOR to search everybody's transaction history for purposes of social operant conditioning in $MALIGN_ACTOR's interests." (As is being rolled out in China, with special attention being paid to erasing the cultural identity of non-Han populations.)

I bought a turnip once before, except it was a parsnip.

E-books get pirated automatically, inevitably, and with malicious intent. (The usual malice is to use the purportedly free ebook as a malware vector.) Thinking about what would have to be true in order to stop this is instructive; every ebook would have to have a unique identifier, you would have to have a unique identifier, and there would have to be some sort of central repository of transactions that kept records in perpetuity.

This is the bit at which I gave up, actually, because the described solution would not, repeat not, stop ebook pirating. As long as you have ebook reader software which converts an ebook into a stream of characters and displays them on a screen, you can have ebook pirating software which captures that stream of characters and puts them into a file which you can then sell without the author's permission.

The system described would allow us to ensure that everyone who has bought a copy of the ebook would be able to read it. But this is not the problem we're trying to solve! And it contains no mechanism to stop me from legally buying a copy of the ebook, illegally making a copy, and selling the copy to someone else.

28.1: That's a problem for software and data sales, only a small fraction of all transactions.

All these blockquotes are reminding me why I gave up on Stross' blog, anyway.

Blogs are a dying medium anyway.

If I weren't drunk I would compose a borderline coherent argument that the the Strossblog is but a microcosm of all social media, creating by its own success a self-referential echo chamber which poisoned all the virtues on which it was nourished.

This, in the comments, is another explanation of what he's going for.

Look, I'm already going above and beyond by actually trying to read the link, don't add its comments to the corpus.

37: Don't let drunkenness stop you. Be the tipsy change you want to see in the world.

My apartment smells of dead rat. It's all a bit overwhelming.

I think the live rats will eat it and the smell will go away.

Surely they would have eaten it before I smelled it?

aggregating purchase history across all sellers

I went out for a meal with my dad, paid with a credit card, we both had the same dish. 2 days later, my fb feed includes ads for restaurants serving the dish with representative photos.

10 to 43.

Thinking about what would have to be true in order to stop this is instructive; every ebook would have to have a unique identifier, you would have to have a unique identifier, and there would have to be some sort of central repository of transactions that kept records in perpetuity.

Central coordination isn't required. Note that this scheme requires two things: First, the user has a private key (the "unique identifier") that isn't shared. Second, the piece of software (the ebook) has information embedded in it that can't be altered (this must be true of both the ebook's identifier and the identity or address of the correct central repository).

If both of these are possible, then information can also be embedded in the ebook that would allow authentication of that private key and no others without requiring contact with a central authority. What the post's argument demonstrates the need for is public key cryptography as a solution to distributed authentication problems. Cryptocurrencies can also be deployed to solve this sort of problem, but that's because they too are built on public key cryptography. Transaction histories (which is the further capability a cryptocurrency has) are irrelevant.

What the post's argument demonstrates the need for is public key cryptography as a solution to distributed authentication problems.

I'm glad to hear that there's a simple solution. How concerned should I be that Bruce Schneir is saying this (emphasis mine)?

Quantum computers promise to upend a lot of this. Because of the way they work, they excel at the sorts of computations necessary to reverse these one-way functions. For symmetric cryptography, this isn't too bad. Grover's algorithm shows that a quantum computer speeds up these attacks to effectively halve the key length. This would mean that a 256-bit key is as strong against a quantum computer as a 128-bit key is against a conventional computer; both are secure for the foreseeable future.

For public-key cryptography, the results are more dire. Shor's algorithm can easily break all of the commonly used public-key algorithms based on both factoring and the discrete logarithm problem. Doubling the key length increases the difficulty to break by a factor of eight. That's not enough of a sustainable edge.

46: I'm not qualified to judge, sorry.

(Not qualified to judge how close we are to practical quantum computing, that is.)

Just a leap away.

46: All we'd have to do is find a problem in NP that isn't in BQP (or in the corresponding functional classes). Of course, as a side-effect that'd solve one of the greatest open questions in the field, so we'd settle for finding an NP problem that looks like it probably isn't in BQP.

(Oh, and we'd have to completely reconfigure our cryptographic infrastructure to use this new problem, but that's an implementation detail.)

I read Graydon's post at Stross' blog. Start skimming a bit near the end. This suffers from the same problems as every other attempt by the crypto-kiddies to imagine how to rebuild the Western World's payment systems. BTW, a great book on payment systems (required reading for anybody who *actually* wants to do what Graydon theorizes about doing) is David Nacamuli's _Payment Systems: From the Salt Mines to the Board Room (Palgrave Macmillan Studies in Banking and Financial Institutions)_. It's ridiculously expensive, so maybe check it out of the library?

Anyway, (simplifying insanely) there are two kinds of "faults" -- things that can go wrong, that matter in building distributed payment systems: "crash" and "Byzantine" faults. "Crash" faults are where some computer crashes (perhaps irrecoverably) and hence somebody loses data -- evidence of a transaction. "Byzantine" faults are where some computer (or the operator of the computer) lies about a transaction. Graydon's right, that our modern payment systems world is built on the assumption that there are no Byzantine faults. More precisely, our modern payment systems focus on crash-fault-tolerance. There's fraud-detection, but it's after-the-fact typically. All the crypto-currency folks, the blockchain folks, and frankly, Graydon, is all-fired-up about Byzantine faults, and that's what they focus on.

But, it turns out, they ignore and completely lose track of "crash" faults, and crash-fault-tolerance. I could give a bunch of examples of how they do that, but it would be *hilarious* for the techies and boring as hell for non-techies. If you can take my world for that, then, well, perhaps you can see that they're doomed and hopeless.

The most important part of a payment system is that the *parents* of the non-techies on this blog can use it. Those folks are NEVER going to be able to deal with a system where they have to do all the work of ensuring that they don't lose data (proof of transactions) when a crash occurs. It's never going to happen. They're going to hire banks to do it for them. And at that point, the banks will know all about your transactions, and .... we're kinda done, right?

So why did these crypto-geeks fail to deal with crash-fault-tolerance, when it was the key feature of the pre-existing payment systems? B/c they never actually looked at the existing systems and demanded of themselves that they do at least as well. They're children, and like all children, they imagine being able to rebuild the world as they see fit.

The world doesn't work like that.

P.S. I can't resist chiming in with Moby Hick and NickS. When you hear somebody say "block-" in "blockchain", start running, b/c by the time they get out the rest of the word "-chain", they'll have their fingers in your wallet. Knaves and fools.

The blockchain world is in some ferment, with new purported ideas for how to do better than Ethereum and Bitcoin. Some of you might have heard of "payment channels (aka Lightning)" and Plasma and Casper. They're all bullshit, in the sense of the above argument. The authors failed to account for and build in critical properties that are required fo real people like my mother to use it. Plasma is *completely* useless. I mean, like a bag-of-hammers useless. Casper is no better than our current payment systems.

It's all so disappointing.

10. 43 -- Is just going into the restaurant with your phone in your pocket enough for this? It wouldn't surprise me, but then I don't know anything either.

10. 43 -- Is just going into the restaurant with your phone in your pocket enough for this? It wouldn't surprise me, but then I don't know anything either.

I do know how many times I hit post, though.

Not precisely the same, but on my work computer I got a bunch of ads for high end sneakers recently, on several different sites. My son had looked at the particular items on Amazon, without buying or even signing in. His phone and my laptop had on previous occasions used the family Amazon account.

Your site is very meaningful. Thanks again for the info.
https://www.baneh.com
goodluck

56 to 55.

QED, I think.

The map is not the territory. At some point actual people have to be identified, and this turns out to be a surprisingly hard problem. My father, for example, used a name not on his birth certificate. His father had to sign an affidavit that his son was a chip off the old blockchain. A friend of mine who never learned to drive had a similar problem. Luckily he had a 30 year old college photo ID and had kept enough of his hair.

In theory, it is possible to create cryptographic money, but it gets harder and harder as computing improves and algorithms advance. To be useful as money something has to be hard to make, but relatively easy to validate. If you try to do this with numbers, you have to trust your mathematicians, and there are too many reasons that mathematicians would be likely to cheat.

Chet, I have no doubt as to your expertise, but I can tell you that your opinions here are as fringe as the crypto-geeks. The banking industry is taking the threat from blockchain seriously. They don't care about non-technical parents. That's a legacy business. They care about getting cut out of new markets, or getting outcompeted by a startup who gets all of the new customers.

I don't think that cryptocurrency is a serious threat to the banking system, but that's because the banking system is going to steal all of the parts that stop them from losing too many customers.

The banking industry is taking the threat from blockchain seriously.

They're taking the potential of blockchain technology fairly seriously, especially when it comes to things like post-trade settlement. They're not thinking that their basic business model is going to be eroded by blockchain any time soon. Nor are they taking cryptocurrency seriously.

Sure, Bitcoin, etc. is not directly a threat. But Chet makes it sound like the whole class of technologies is completely misguided, and will have no real-world impact.

37 is completely true, and why I don't really read it any more.

62: Actually I read Chet as talking pretty much exclusively about cryptocurrencies, and the general topic of using blockchain for retail payment processing, and I think he's talking sense (as long as that's all he's talking about).

What would the banking system use cryptocurrencies for? I assume money laundering but I don't know how exactly it would help.

They might provide custodian services for people who want to invest in cryptocurrencies as an asset class; they might offer their services for people who want to be able to buy in BTC but don't want the hassle alluded to by Chet above of having to run their own show; they might offer BTC-denominated financial products and services including FX services just like they do with existing currencies. And, yes, money laundering and tax/sanctions evasion, since that's really the only practical reason to use cryptocurrencies.

Speaking of sanctions evasion, I was surprised to learn from Adam Davidson's reporting that Trump had been making a profit helping Iran avoid Obama's sanctions. I feel like subverting nuclear politics for emoluments should be a bigger story.

Oooh. Link?

I heard it somewhere in this conversation with Ezra Klein. Worth a listen. They don't claim that he is currently profiting, but I can't imagine that he isn't.

What would the banking system use cryptocurrencies for? I assume money laundering but I don't know how exactly it would help.

A company called Ripple really wants banks to use XRP as a crossing currency in FX trades, but it's not really happening, because there already is a stable, highly liquid crossing currency, the dollar.

Give Trump a few more months.

One of the major points of Tooze's new book is just how resilient the dollar system is. 2008 actually made it stronger. Trump is a different kind of problem though.

"Trump is a different kind of problem though."

It's the Project for a Post-American Century!

...this time with feeling!

Outstanding quest there. What occurred after? Take care!