Month: September 2012

Attention on Bitcoin has increased considerably in 2012 based on a number of sources. Although the Google Trends volume, a rough indicator of the number of eyeballs looking for something on the internet, is not nearly as high as it was at its all-time high in June 2011, indicators of the slower-paced and more durable sort of attention that ultimately leads to success for any new product of technology have arguably only become stronger. In 2011, indicators that there was any high-level institutional acceptance of the technology were scant, and any kind of connection between an established government or business and Bitcoin, even an independent time project of a Google employee, became the focus of attention for weeks.

There are good reasons to be concerned about this kind of institutional attention; even if it has little effect on Bitcoin directly, there is reason to believe that many businesses are holding out on accepting Bitcoin because they are waiting for official acceptance. BitPay’s Tony Gallippi writes about the experiences of Bitcoin users in Finland: “As a result of the secretary of the Central Bank of Finland publicizing that bitcoin is legal to use in Finland, many businesses have seized the opportunity to accept bitcoin. Some of the rather unique merchants in Finland include a dentist office, a veggie burger restaurant chain, and a funeral service.” There are likely many potential Bitcoin-using businesses in the US and elsewhere that are holding out for just such a ruling; in the case of Google, Sergey Brin all but admitted that that was the case. Since 2011, however, there have been many telltale signs that there are a number of individuals and teams in the upper echelons of government and business around the world that have begun to pay attention to what the mainstream media still, arguably correctly, describe as a fledgling currency, and this article will list some of the more important indicators.

• Bitcoins are a Unit of Value in Germany – Germany’s financial supervisory authority, Bafin, has published a report (translation of relevant text here) delineating their status under German law. The document has the following to state on the subject: “tokens of value meant to be used as a method of payment which are issued by barter-clubs, private exchange-rings or other payment systems in exchange for real economic goods or services or like for example Bitcoins, which are issued in computer networks without any service in return, are therefore exempt from the definition of e-money, even though they fulfill the same economic function as e-money and have the actual potential of privately issued currencies.” The legal concept of e-money in Germany applies only to instruments that ultimately derive from legal tender currencies, and so Bitcoin is effectively classified as a commodity. Incidentally, this is similar to the way more recent government decisions have treated Bitcoin donations – as an “in kind” donation of material but not monetary form, similar to donating food or supplies. Note that classification as a commodity does not exempt Bitcoin transactions from taxation; in most jurisdictions, barter income is taxable too.
• Being A Bitcoin Exchange Is Not Illegal in France – Although it makes no claims about the legitimacy of Bitcoin itself, this little-known ruling is arguably the first true “Bitcoin ruling” ever to take place. In the summer of 2011, Crédit Industriel et Commercial, the bank which MtGox was using for their activities in France, closed MtGox’s account, arguing “Bitcoin is an electronic money, Macaraja [the entity representing MtGox in France] is not a bank, therefore it’s illegal for Macaraja to be handling this”. MtGox challenged the decision, and took CIC to court claiming its right to a bank account under French law. In response to the CIC’s position, MtGox argued that “bitcoins are not an electronic currency but rather an immaterial good, like software”, and the court decided (French) that it was not competent to determine the issue of Bitcoin’s validity. Nevertheless, this did establish one important legal precedent: without any judgment on what Bitcoin was, MtGox was safe to continue operating by default.
• FBI Internal Report on Bitcoin – in early May, a report from the FBI titled “Bitcoin Virtual Currency: Unique Features Present Distinct Challenges for Deterring Illegal Activity” was leaked. The fortunate news for Bitcoin shown in the report was that the FBI was less fearful of Bitcoin than some had suspected. The report read “The FBI assesses with medium confidence that, in the near term, cyber criminals will treat Bitcoin as another payment option alongside more traditional and established virtual currencies which they have little reason to abandon. The FBI assesses with low confidence, based on current user and vendor acceptance, that malicious actors will exploit Bitcoin to launder money.”
• HSBC says Virtual Currencies Will Go Mainstream In 3-5 Years – HSBC’s global head of e-channels strategy and innovation, Andrew Davis, stated that he believes that virtual currencies are going to enter the mainstream soon. “We have a planning assumption that virtual currencies will become mainstream in three to five years,” Davis said. “One of the reasons why we need to reach a view two to four years out is to influence our decisions around enterprise architecture, because it doesn’t change very often. How people place value on things won’t just be with hard currency in the future and we’re already seeing micro-currencies emerge around the world.” Although Bitcoin itself was only mentioned by secondary sources, no virtual currency other than Bitcoin is anywhere close to “becoming a normal way of buying goods and services,” around the world, making it highly likely that the HSBC has Bitcoin in mind.
• The Financial Supervisory Authority of Norway Mentions Bitcoin – This report paints Bitcoin in a less charitable light than some of the others. A translation of the pertinent text reads: “Bitcoins can for instance be compared to ‘Monopoly money’ where each single actor buys virtual money called Bitcoin to do commercial transactions in a gated environment of trade. Liquidity in fiat money must always be available if the trade actors wish to exchange from bitcoins to, for instance, US dollars or Euros. At the moment, this system is outside governmental control, and the risk is unknown. The system is virtual and the American government has signalized that they want to remove this system before naive and gullible users become too involved. For such a system to work, it needs a ‘rich’ sponsor.”
• Brazil Whacks Bitcoin Investment Group – In August, the president of the Comissāo de Valores Mobiliários, Brazil’s equivalent of the Securities and Exchange Commission, ordered the administrator of the “Grupo de Investimento Bitcoin” to suspend what the CVM considered to be an illegal investment fund. What the GIB was offering was similar to many other investment opportunities popular at the time: shares which anyone can buy which pay an interest of 12% every 30 days. After the shutdown, operator Leandro Cézar restarted the operation by reclassifying the investments as loans – a subtle distinction, but one which does give depositors more power to go after him if he fails to pay interest – and by not guaranteeing a fixed interest rate. Although the CVM’s ruling makes no difference to Bitcoin itself, it may set a precedent for the legal status of the wide array of Bitcoin-based financial instruments available for purchase on the Bitcointalk forums and the Global Bitcoin Stock Exchange.
• Ron Paul’s Domestic Monetary Policy Subcommittee Hearing – US Congressman and, for a few months, potential Republican presidential candidate, Ron Paul had a subcommittee meet on August 2 to explore the concept of parallel currencies. About 48 minutes into the conference, congressman David Schweikert began talking about the concept of alternate currencies in a variety of contexts. “What happens tomorrow if a handful of our trading partners move to a basket of currencies? Does that actually create a new method of exchange?” Schweikert asked, and other topics such as contracts which require payment physically using US dollars but peg the value to gold were brought to the table. At one point (49:10), another congressman off-screen mentioned Bitcoin by name. Although Bitcoin itself was mentioned only briefly, the hearing provides clear evidence that the idea that the monetary landscape is changing is one that is understood by many beyond the internet fringe, and is something which at least some government officials have already accepted as a reality.
• Mitt Romney Blackmailed for Bitcoins – on September 5, an anonymous individual posted a message on Pastebin claiming to be in possession of all of Mitt and Ann Romney’s tax records for several of the most recent tax years, demanding $1 million in ransom, to be delivered in bitcoins. The letter stated that an encrypted form of the documents had been sent to all major media outlets, and the Secret Service confirmed that a letter as well as a flash drive containing encrypted files had been received at and subsequently confiscated from both Republican and Democratic party offices. Hustler’s Larry Flynt offered to pay the entire million, but by the end less than $50 had been contributed, and no information was released. Since then, the SEC has started investigating the blackmail, but as far as is public knowledge no leads on the perpetrator have yet been found.
• Finnish Central Bank Agrees Bitcoin is Legal – Bitcoin has made considerable progress in Finland in the past few months, with a veggie burger restaurant chain, a dentist office, a funeral service, soon a movie theater, and many others accepting Bitcoin in Finland. When a reporter for YLE 2, a Finnish TV channel, asked a representative of Finland’s central bank what the legal status of Bitcoin was. The representative replied (3:40), “There are no guarantees that bitcoins can be exchanged back into official money. Such guarantees don’t exist in unregulated virtual currencies such as Bitcoin.” When the reporter asked “But isn’t it illegal?”, the representative replied “Not at all, people can invest in and use any money they prefer. Finland is a free country, after all.”
• AUSTRAC Typologies and Case Studies Report 2012 – Australia’s anti-money laundering association, AUSTRAC, published a report in August describing possible mechanisms for money laundering, and a section of this report focused on digital currencies and virtual worlds. The section argued that “Criminal groups and individuals may increasingly use digital currencies, as opposed to
  online trading of real currency, due to the anonymity some digital currencies provide,” and “these digital currencies present challenges for government agencies in following the money trail.” The report then focused specifically on digital currency exchanges, arguing that the ability to exchange between digital currency and traditional currency offers a convenient way for criminals to break the trail of their illegally obtained funds. The perspective is not a new one, and confirms the general consensus that if there will be an attempt to increase regulation on Bitcoin it will be through the exchanges.
• France’s 2011 Tracfin Report – France’s TRACFIN, or “Traitement du renseignement et action contre les curcuits financier clandestins” (“Treatment of Information and Action Against Clandestine Financial Circuits”, essentially an anti-money laundering association) published a report describing various schemes of money laundering using virtual currencies and corporations located in various financial havens around the world. Among other cases, the report described “the illegal exercise of the profession of banker with a virtual currency with no legal value”. Although the focus of the report was money laundering, the use case which the page described for Bitcoin was in fact a perfectly legitimate one: using bitcoins “to avoid fees associated with currency exchange and monetary transfer” between the Euro zone and entities outside the Euro zone using US dollars.
• New Hampshire Deputy Secretary of State Okays Bitcoin – Many people within the Bitcoin community have heard that Mark Warden, an incumbent and candidate for State Representative in New Hampshire, is accepting Bitcoin for donations. At first, there was considerably legal uncertainty about the offer, and most people now agree that the first iteration of Warden’s attempt at accepting bitcoins, putting up a donation address for anyone to send bitcoins to just like Wikileaks does, was in fact illegal, due to the anonymity of the procedure. Mark Warden himself soon agreed, returning all of the funds that had been sent to the addresses from which they came. Then, however, Warden created a new donation page, presenting a more conventional BitPay merchant form, which asks for personal information like name and physical address before providing a donation address. What many people do not know is that when Warden asked the New Hampshire Deputy State Secretary if what he was doing was acceptable, the Secretary said yes. As long as donations are accompanied by the donor’s name and address and contributions are only acceptable from US citizens and permanent residents, there are no problems accepting Bitcoin for political donations at least in New Hampshire. Although no government confirmation of this has been published, Warden confirms that this happened, and links to this announcement on a Bitcoin forum through a post on his Twitter account. Since then Jeremy Hansen, an independent candidate in Vermont, has started accepting Bitcoin donations as well, and Josh Jones, the creator of Hansen’s donation system, has made it open for any politicians, or other charities, to use it as well.
• Lockheed Martin Wants Someone Experienced in Unconventional Money Transfer, like Bitcoin – A job posting by Lockheed Martin, an American global aerospace and security company with strong ties to the US military, asking for a “Counter Threat-Finance Analyst” was discovered on LinkedIn very recently. The job description read “Analysts should also have financial investigatory/forensic accounting experience in non-traditional arenas including drug money laundering, Sharia-compliant banking, terrorist finance, informal and formal money transfer mechanisms (hawala), trade based value transfers, and parallel reconstruction. Knowledge of emerging alternative and mobile payment methods is also desired (Bitcoin, Secondlife, etc).” The general theme is similar to that of the monetary policy subcommittee hearing; the interest is not so much in Bitcoin specifically, but in emerging methods of money transfer as a whole.
• SEC Investigates Bitcoin Savings and Trust – About a month after the Bitcoin Savings and Trust Ponzi scheme shut down, Philip Moustakis, an investigator from the United States’ Securities and Exchange Commission sent out email messages to some prominent individuals who were connected to BTCST’s operator pirateat40 asking for information for anyone who invested in BTCST and has information on the scheme to contact him by email or phone. However, the scope of Moustakis’s involvement was limited. One person who talked to Moustakis by phone wrote: “Here is the deal. This is NOT a criminal investigation. This is a civil action. Philip is essentially on a fact finding mission. At the end of this fact finding he has to present the FACTS to the Commissioners and they decided if there is enough evidence to make a case against Trendon Shavers. If there is not enough evidence, Trendon Shavors [possibly the real-world identity of pirateat40] remains on the Beach in Mexico spending what remains of your Bitcoins.” So far, the SEC has not followed through on any civil action against pirateat40, and there is a chance that there will never be enough information to find him to make the case.
• BitInstant Introduces Bain Capital to Bitcoin – Charlie Shrem and Erik Voorhees represented BitInstant (and by extension Bitcoin itself) at the Money 2020 conference in Las Vegas from October 22-24, which focused on emerging and innovative financial services. BitInstant managed to get a booth directly next to that of PayPal, and Charlie Shrem reports that the president of Bain Capital, a firm now famous for its connection to US presidential candidate Mitt Romney, had breakfast with him and Voorhees, and responded very positively to Bitcoin when the two introduced the currency and the Blockchain mobile Bitcoin client to him.
• European Central Bank Report – On October 29, the European Central Bank released a report entitled Virtual Currency Schemes. The report is by far the most detailed government examination of Bitcoin to date, as nearly a quarter of it deals specifically with Bitcoin. It contains a detailed technical description of how Bitcoin works, an examination of Bitcoin’s economic background including the now famous acknowledgement that “the theoretical roots of Bitcoin can be found in the Austrian school of economics”, and a description of the risks that Bitcoin poses to central banks. The report concludes that while volume is low it is not a threat to price stability, and although it could make it more difficult for law enforcement authorities to locate criminals due to its anonymity properties “practically identical problems can also occur when using cash;” however, Bitcoin may pose risks to its users due to its lack of legal status and could have a “negative impact on the reputation of central banks”. All in all, a review by BitInstant’s Erik Voorhees called the report “generally, very good.” However, others are less optimistic. The section on Bitcoin ended by recalling that in June 2011 two US senators had expressed their concerns about Bitcoin and its ability to allow people to more anonymously purchase and sell illegal drugs, and claimed that “further action from other authorities can reasonably be expected in the near future” – a phrase that some have interpreted as a foreboding hint of what is to come.
• Italian Gnosis Report – On October 29, Gnosis, a magazine published by the Agenzia Informazioni e Sicurezza Interna (Italy’s domestic intelligence agency), released an article entitled “Bitcoin: Currency of Cyberspace”, describing Bitcoin in as much detail as the European Central Bank’s report. The report touches on Satoshi Nakamoto and the possible meanings of his name, Bitcoin’s technical characteristics and the currency’s economic model, once again giving credit to Bitcoin’s Austrian-economic roots with the statement that “decentralization of Bitcoin is an added value for the money, due to the fact that it is not affected by any possible economic and financial instability that can be traced to the behavior of central banks (which happens almost systematically for other currencies which are legal tender).” The report even discusses Bitcoin Magazine itself, claiming that “the magazine is a tool able to transmit a message to the masses clearly and precisely: there is a payment system which is secure, confidential, and not subject to the uncontrolled costs of banking and financial intermediation. It is also a way to spread the culture of electronic money, which is essential to sensitize the masses to its use.” However, although the report did portray Bitcoin in a threatening manner in several places, it was largely neutral to positive to Bitcoin in tone, ending with the words “As Abraham Lincoln once said, the best thing about the future is that it comes one day at a time. Confident we wait…”

Although the reports are, for now, still few and far between, the New Hampshire decision and the statement by the Finnish Central Bank undoubtedly represent significant milestones for Bitcoin acceptance. Currently, there are two ongoing court cases relating to the Bitcoinica situation which may lead to further legal decisions when they are resolved, although it remains to be seen just how much the cases will actually involve the issue of the validity of Bitcoin itself. Nevertheless, over the past two months, the amount of government attention on Bitcoin around the world has grown considerably. The ship of the government and corporate establishment may be slow to steer, but a growing number of signs suggest that at least parts of it are finally coming around.

Image by cometstarmoon of Flickr.

  
 

Mihai Alisie (left) conducting an interview with Roman Shtylman (right), the founder of Bitfloor, to be published in an upcoming article.

[divider]

Bitfloor, a New York based Bitcoin exchange, is now back up and running after a thief stole $250,000 worth of Bitcoins^[1] from a backup on one of its servers. Roman Shtylman, the founder and operator of Bitfloor, wrote a blog post^[2] promising that he is still working to return users Bitcoin funds, but that it was important to get the exchange back up and running quickly so as to not erode confidence in the continuation of the exchange any further.

Currently, any Bitcoin balances held prior to the hack are on “hold” status within the exchange. They cannot be traded or withdrawn.

The plan to return users funds currently rests on the profitability of the exchange – as profits are generated, Shtylman plans to distribute some or all of them towards releasing the Bitcoin balances currently on hold. Each user will have the same percentage of their balances released any time a dispersal is made.

Shtylman also mentioned he was pursuing potential options with investors to pay back users sooner rather than later, though no specific timeline was given in either case.

The security of Bitfloor has reportedly been heavily solidified. No longer will any customer funds be risked in a hot wallet on the server – 100% of customer funds will be placed in cold storage. Bitfloor will still operate a hot wallet, but it will only risk its own funds, not any customer funds. The REST API has been bulletproofed with a secondary passphrase to prevent unauthorized withdrawals from customer accounts. Bitfloor’s servers now reside in a PCI-compliant data center, with disk encryption making the drives useless to anyone attempting a theft while physically at the location. And, perhaps most importantly, all backups are now encrypted.

Roman ends his blog post with the following message to his customers:

\”“I am committed to keeping Bitfloor alive, strong, and growing for the bitcoin ecosystem. I would like to say thank you to all of the support I have received pressing for the return of Bitfloor and the service it provided. Bitfloor will continue to excel in both service and quality as it goes forward.”\”

Do you have Bitcoin balances on hold at Bitfloor? Do you expect Roman to keep his word and pay them back? Post in the comments below, or send your side of the story to ed@bitcoinmagazine.net.

Sources

1. http://bitcoinmagazine.com/bitfloor-hacked-250000-missing/
2. https://plus.google.com/109620439233076225324/posts/bLJRDHApjSP

 

Following the success of the first Bitcoin conference in 2011 in Prague, another conference organized by the Bitcoin Consultancy has just finished in London. This conference was much larger than the previous, with hundreds of attendees present, and individuals prominent in a wide variety of fields shows up to speak. A wide range of topics was discussed, ranging from Bitcoin itself to open source projects like mesh networking and 3D printing and even underlying social and political themes.

Particularly unprecedented was the level of interest coming in from outside the Bitcoin community itself. Although the last conference in Prague did bring in Pirate Party founder Rick Falkvinge, Russia Today journalist Max Keiser and electronic payments expert David Birch, the amount of interest coming from outside this year was much greater. Almost as many speakers at the conference came from the Linux community as from Bitcoin, and there were many speakers who were heavily involved in both. Other open source projects were also represented, and the conference even featured the founding father of the free software movement itself, Richard Stallman. This level of outside involvement, combined with the highly interactive nature of the conference, created an opportunity for the world of Bitcoin to integrate into the larger free software, cryptography and free culture community as a whole, and paves the way for greater cooperation between all of the various movements that are seeking to use technology to empower the individual in the digital age.

Among the speakers were:

• Richard Stallman – creator of the GNU project, a key precursor to modern GNU Linux operating systems, and world-renowned free software advocate
• Dennis Roio (Jaromil) – long-time activist within the free software movement, and significant contributor to the development of multimedia applications for the Linux platform
• Amir Taaki – the main organizer of the conference
• Birgitta Jonsdottir – a member of the Icelandic parliament largely responsible for bringing the country to the top of the Press Freedom Index in the world.
• Tony Gallippi – CEO of BitPay, the Bitcoin merchant platform which handles payment processing for over 1000 Bitcoin-accepting merchants
• Mike Hearn – the primary developer of BitcoinJ, a Java implementation of Bitcoin, who is also involved in researching the idea of cryptographic contracts
• Caleb James Delisle – developer of the cjdns mesh networking system
• Cody Wilson – founder of Defense Distributed, a group that is attempting to design functional 3D printable firearms for self-defense
• Mihai Alisie – editor-in-chief of Bitcoin Magazine itself

A more complete list can be found [here](http://www.bitcoin2012.com/speakers). The Bitcoin Magazine team has taken a large number of pictures and exclusive interviews, and some of these will become available in an upcoming issue of the magazine.

 

After months of stagnation, the virtual goods trading forum Ogrr has just announced a move that will dramatically increase the size of its userbase: a merger with MMOExchange.net. Ogrr, with 3611 users currently, will be merging in 14643 users of MMOExchange, creating a new combined community over 18000 users strong.

The transition is designed to be smooth. MMOExchange itself will soon be shutting down, but all MMOExchange accounts will be transferred over to Ogrr in their entirety. After the switchover happens, which is scheduled to take place on the 22nd or the 23rd of September, MMOExchange users will be able to log in to Ogrr using the same username and password. The first time they log in, they will be taken to a setup wizard that verifies their MMOExchange account. If an Ogrr account exists with the same user name, MMOExchange users will be required to change theirs, but otherwise everything about the account will stay the same; verification levels, donation tags and even threads and posts will all be transferred over. Users who have been ignored or banned should not count on a fresh start either; undesirable statuses and labels will be carried over as well.

MMOExchange users will also gain access to the key feature that makes Ogrr what it is: Bitcoin integration. Ogrr originally launched last December when Jesse Powell, then using the trading forum d2jsp, was scammed for 20,000 units of d2jsp’s centrally managed internal currency, “forum gold”. When he reported the incident to d2jsp’s moderators, he was forced to pay another 20,000 forum gold to the scammer as a penalty for making an unsubstantiated claim. Powell decided that he had had enough of d2jsp, and resolved to make his own trading forum instead, this time using Bitcoin as the default currency. Although users are free to finalize payments using whatever mechanism they want, a Bitcoin wallet is integrated into the site, and the site also offers an escrow mechanism to protect buyers by ensuring that sellers cannot run away with the money before the buyer signals that the transaction has successfully been completed.

MMOExchange is largely oriented toward gamers playing the MMO RuneScape; the forum currently shows over 300,000 posts on the RuneScape board, compared to a mere 1148, 4085 and 16069 for Diablo, World of Warcraft and Other, respectively. Ogrr, on the other hand, sees its greatest volume with Diablo. However, Ogrr’s user base is much more diverse, and over a dozen games have their own subforum. Even if the new forum will predominantly be focused around RuneScape, the two communities are bound to be a great complement to each other. Many of the game-specific groups on each community, currently too small to be self-sustaining, will gain new life as their much larger counterparts are merged into them.

Altogether, the combined forum is significant not just in the video game trading community, but also to Bitcoin itself. A side-by-side comparison of various metrics of the Bitcointalk forums and MMOExchange (two links) shows that MMOExchange is over half as large as the forum that has remained by far the largest in the Bitcoin community up to this date. By the total number of posts, MMOExchange is just under half of Bitcointalk’s size, with 578,665 posts to Bitcointalk’s 1,137,508. By the average number of users online, MMOExchange’s 213 per day is nearly two thirds Bitcointalk’s 348. By the number of posts per day, however, MMOExchange’s 1023 is almost as large as Bitcointalk’s 1154. What the numbers show is that once MMOExchange merges with Ogrr, the forum that will arise as a result will be large enough that it may prove a serious competitor to Bitcointalk itself; Bitcointalk users who are unhappy with the quality of the forum’s community will finally have another option.

It should also not be understated just how significant a step forward this is for Bitcoin adoption as well. Virtual goods trading is arguably a perfect market for Bitcoin; with digital goods, traditional methods of payment offer no protection from chargebacks. Also, in most online games, prices are highly variable, as negotiations must often be done for each individual item and even with commodities, new patches and updates can change the value of a good by an order of magnitude – exactly the kind of market that is best at dealing with the volatility introduced by Bitcoin itself. With the acquisition of MMOExchange, Ogrr has a significant opportunity to secure for Bitcoin a strong niche and open the doors to widespread Bitcoin adoption in the area of massively multiplayer online gaming as a whole.

 

The WalletBit website and service came under DDOS attack on September 15, 2012, completely disabling the services as of around 9:00 PM GMT. The attackers sent the following note to Kris Henriksen, the services’ founder, creator and CEO:

Hello,

Your service is currently under our control, and will remain so until you’ve fulfilled our request.

All you need to do is settle 1000 BTC to the following receiver: 1PBvDW74Qm7pSFMfi5h4AgyDLGcb86LtTg

Should you ignore this message, then keep in mind that we’ll have no problems keeping your service.

You have exactly 24 hours to initiate the money and get back to us, and if you fail to do so, then we’ll keep your service offline for an additional week.

Good luck!

Kris refuses to give in to the demands, sending the following response back to the attackers:

Hi Yuri,

I can see that you have the possibility of bringing down my network provider and keep it down.

The thing is, I don’t have 1000 BTC and neither do WalletBit in liquidity. So I am unsure how we are going to come to an agreement or solution.

I know this way of getting bitcoins most be very efficient, but maybe there is another way?

Awaiting your response.

Regards
Kris

It remains to be seen whether the attackers will follow up on their threat to continue crippling the service for a full week, or if they will divert their resources to another target. The ransom has subsequently been lowered to 150 BTC after the attackers received Kris’ response, but Kris still refuses to give in to the attacker’s demands.

The attack appears to be a SYN flood style distributed denial of service, and large enough to defeat WalletBit’s existing redundancy.

WalletBit is a Bitcoin payment processor, allowing merchants to easily accept Bitcoins for payment and collecting the relevant customer information.

ResponsePay is the mobile solution for utilizing WalletBit and BitInstant, and includes features that allowing users to send Bitcoins via email, SMS, or Bitcoin address, scan QR codes, and create location-based coupons.

At this time, BitPay also appears to be under a similar attack, but have not been available for comment.

Would you give in to the ransom, or wait out the attack? Leave your comment below, or send it to ed@bitcoinmagazine.net.

 

BitPay first opened its doors in the summer of 2011, seeking to help solve what founder Tony Gallippi believes to be one of the greatest problems preventing consumers and merchants from using Bitcoin: usability. The company’s main offering is a payment processing service, which merchants can sign up for to provide customers wishing to pay them in bitcoin with a convenient interface to do so similar, but usually much simpler, than that provided by traditional merchant services like PayPal. For a small additional fee, BitPay also provides the option for merchants to have any bitcoins that they receive instantly deposited into their bank account, allowing them to bypass Bitcoin price fluctuations entirely.

BitPay has grown rapidly since its inception, and has added a number of new offerings in the past 12 months. Though independently of BitPay itself, in December 2011 Gallippi announced LoveBitcoins, a Bitcoin adoption campaign that set for itself the audacious goal of bringing to Bitcoin 1 million new users. In January, BitPay released a plastic card which one can carry to allow anyone to pay them simply by scanning the card with a smartphone Bitcoin wallet, while BitPay’s back-end automatically converts the bitcoins and immediately deposits money into the owner’s bank account. The core merchant system has also added a shopping cart, smartphone-based checkout mechanisms, and customized solutions for use cases like event tickets and taxis and limousines.

But BitPay truly started to pick up this spring. Transaction volume more than quadrupled each month from March to May, and BitPay finally broke out into the Bitcoin mainstream in June, when Butterfly Labs announced that they would be releasing a new line of Bitcoin mining computers based on a technology known as ASIC which will be dozens of times faster than anything available at the time. Butterfly chose BitPay as their payment processor, and BitPay received considerable media attention after their payment processing service handled a total of over $250,000 worth of transactions in a single day after pre-orders for Butterfly’s new machines opened up for sale. Over six months, BitPay has grown from almost nothing to being the leading platform for Bitcoin e-commerce, used by everything from retail stores to political donations and even Bitcoin Magazine itself. Now, BitPay is celebrating another important milestone: one thousand merchants.

1. Three to four months ago, you gave some figures that showed extremely rapid growth for BitPay – $10,000 transaction volume in March, $40,000 in April, $170,000 in May and a record of $250,000 in one single day in June when Butterfly Labs released their ASIC machines. How much has the volume of your business grown since then?

Our business continues to increase. After the big single-day record, our business is running above $550,000 in monthly transactions. Probably what is more exciting is the much larger number and diversity of our merchants. Since we launched our new website at the end of August, the number of merchants we have accepted has exploded by 30% in three weeks.

2. What kinds of businesses and what specific industries make up the bulk of your client base? Are there any categories that either struck you or would strike the Bitcoin community as being particularly surprising?

The majority of our merchants are eCommerce businesses. Whether they are shipping merchandise or just delivering a digital product or service, the businesses who accept payments online see the most value in accepting bitcoin in its early stage. The category where we get many merchants is in IT services, which would cover webhosting, domain registration, and internet access.

3. Are there any industries which are not yet well represented in Bitcoin business but you feel are ripe for adoption? What is BitPay doing to target them?

The one that seems ripe to widely adopt bitcoin is VPN services. We have a couple dozen merchants that offer VPN services, which is a service designed for internet privacy. Using bitcoin as a private payment method would make perfect sense, both for the business and for the customer.

4. In your speech at the Bitcoin conference in Prague last November, you identified three factors that were preventing merchants from adopting Bitcoin: first, the catch-22 issue that no customers were asking for it, second, the problem that it’s too hard to buy bitcoins, and, third, that the price is too volatile. In the ten months since then, how much do you feel that Bitcoin has progressed in each of these areas?

Progress is being made in all three areas. We are starting to talk with larger and larger companies about accepting bitcoin. Bitcoins are becoming easier to purchase, but the price volatility for the buyer still remains. This is where wallets and exchanges can better work together, to let users load their wallet with their local currency, and keep their balance and purchasing power in their local currency. Then, only buy the bitcoins at the moment they are needed to send a transaction. On the receiving side, we already insulate our merchants from the volatility by guaranteeing the exchange rate, and we automatically convert the incoming bitcoins to their local currency.

5. What else could the Bitcoin community be doing to address these concerns?

There are some brilliant people in the Bitcoin community, and if the problem is big enough, someone will take the initiative to solve it. This is the beauty of bitcoin. You don’t need to ask your boss, if you see a need to solve a problem, you can just build it yourself.

6. Aside from your work with BitPay, you have done considerable work in the effort of promoting Bitcoin to merchants and ordinary people around the world. What, in your experience, is the single most compelling argument to convince the average merchant to care about Bitcoin?

Merchants start to see the value that bitcoin brings once they understand one basic concept – credit cards were never designed for the internet. Credit cards were designed in the 1960s, and meant to be presented and used in person. Accepting credit cards over the internet is a risky business. When thieves get hold of stolen credit cards today, they don’t go shopping at their local electronics store, because there are security cameras everywhere. They go shopping online. The amount of payment fraud is staggering, and costs businesses as much as $100 Billion per year in chargebacks and disputes (source)

7. Aside from your basic payment processing system, BitPay has experimented with adding features targeted to very specific use cases and businesses. You have a Bitcoin deposit card that allows anyone with a smartphone wallet to pay into your ordinary bank account, you have a product offering scannable tickets for events like movies, plays and concerts, and you have a page dedicated to taxis and limousines. Has this side of marketing approach been successful, or has a more generic strategy of focusing on one core product proven to be the better way forward?

It has been successful in certain cases, and we would be interested in doing more branding like this. Bitcoin is a whole new concept and difficult for many business owners to grasp. The idea is to try and connect with a certain type of business, and make a simple bitcoin payment system just for their needs, without too many confusing options that they don’t need.

8. What are BitPay’s next steps for the near future? Are there any specific areas in which you are planning to expand, or any new services which you plan to introduce?

We are continuing to innovate on the core platform and add new features. Our plans for growth are mainly through our Integrator network. This would give programmers around the world the opportunity to help merchants in their local area get setup to accept bitcoins with BitPay, rather than try to build a do-it-yourself solution. We believe that tech support is best handled as close to the merchant as possible, so we would share a percentage of the fees we earn from these accounts with the local integrator. The Bittiraha.fi group in Finland is a great model for other teams around the world to emulate.

9. Anything else you would like to add?

Bitcoin Magazine is a quality product, and it really helps us sell bitcoin when we meet with businesses in person. Keep up the great work!

 

An anonymous poster published a message^[1] claiming to be in possession of all of Mitt and Ann Romney’s tax records for several of the most recent tax years, demanding $1 million in ransom, to be delivered in bitcoins. The letter stated that an encrypted form of the documents had been sent to all major media outlets. The Secret Service confirmed^[2] that a letter as well as a flash drive containing encrypted files had been received at and subsequently confiscated from both Republican and Democratic party offices.

The perpetrator threatened that if a specified bitcoin address does not have a net value of at least $1 million at some point between now and September 28, the encryption key to the documents will be released, opening the records up for all to see. If the money is received, “the keys to unlock the data will be purged and what ever is inside the documents will remain a secret forever.”

The blackmail message has another twist: as the message itself describes the rules, “And the same time, the other interested parties will be allowed to compete with you. For those that DO want the documents released will have an different address to send to. If $1,000,000 USD is sent to this account below first; then the encryption keys will be made available to the world right away. So this is an equal opportunity for the documents to remain locked away forever or to be exposed before the September 28 deadline. Who-ever is the winner does not matter to us.”

So far, the two addresses combined have received a combined value of over 1 BTC, some of it undoubtedly from enthusiastic individuals who are eager to see what Mitt Romney’s tax accountants have been up to. However, it is important to note that there is no proof that the information has been leaked at all. The files could easily be random data and the extortionist could simply be a clever fraud sitting there, waiting for eager activists to donate money to a pool that they think is going toward the goal of financial transparency. A statement by PricewaterhouseCoopers, a firm mentioned in the letter, stating^[3] that there was no evidence that any unauthorized access was made, lends further credence to this possibility. However, the possibility that such a fraud will lead to any significant donations is exceedingly small. No Bitcoin charity to date has managed to raise anything more than about $40,000. Given that there is not even a money-back policy in case the funds do not reach their goal, the ultraminiscule probability that the donations would reach $1 million becomes a self-fulfilling prophecy.

Even if this particular case of Bitcoin extortion turns out to be a hoax, it is important to keep in mind that the next one may not be. Transferring money has always been the hardest part of any extortion operation. An easy-to-use and nearly untraceable method to do so may increase the ease of such a means of making profit considerably. Extortion will not always come in the form of something as trivial as blackmail either; a sniper asking a billionaire for a fee of $1,000 per day if he wants all of his family to be able to venture outside of a secure bunker and live is entirely possible. Assassination markets have been around as a science-fiction concept for decades, but the sheer ease with which money can now be transferred is bringing such ideas far closer to reality than was ever imagined possible.

Perhaps the only option that society may have is to simply accept this new reality, but choose to see the good as well as the bad. Thanks to Bitcoin, sites like Wikileaks can now receive anonymous donations even if the entire traditional payments bureaucracy has turned against them, helping to promote government and corporate transparency at a level that was never before thought possible.

Although the tools of communication and financial privacy are granting the small thieves an unprecedented ability to carry out their business with impunity, the large thieves that have so far been able to hide in the bureaucratic shadows of governments and large corporations are finding themselves more and more thrown into the limelight. This is the world we are moving towards: one that is perhaps more anarchic, and in some respects more dangerous, but one that is at the same time more just.

Sources

1. http://pastebin.com/1j1yzQ9S
2. http://nashvillecitypaper.com
3. http://www.cnbc.com/id/48916562

 

Bitfloor, the fourth largest exchange dealing in US dollars, has just announced^[1] that it has been hacked, and the service has taken a loss of 24,000 BTC, worth about $250,000 at the time of the theft. As Roman Shtylman, the founder of Bitfloor, describes it, “last night, a few of our servers were compromised. As a result, the attacker gained accesses to an unencrypted backup of the wallet keys (the actual keys live in an encrypted area). Using these keys they were able to transfer the coins. This attack took the vast majority of the coins BitFloor was holding on hand.” As a result, BitFloor has paused all exchange operations and, depending on the effect that this will have on BitFloor’s finances, BitFloor may take one of two options. They may either take the loss and continue running in an attempt to eventually earn the money back or, in the worst case, shut down entirely and begin an account partial refund process out of the available funds.

The unencrypted backup that allowed the thief to carry out the attack was made when Shtylman made a manual upgrade earlier and put the data into an unencrypted partition on his disk; Shtylman has so far declined to comment further on the details of the attack, saying that “my current focus is on the future and not the past.” As Bitcoin security experts point out, Bitfloor made not one but two errors that were both necessary to lead to such a severe loss; the first, leaving data stored unencrypted, was an honest and perhaps unavoidable mistake, but it would not have had nearly as much of an effect if there had not also been the second error of leaving so much money in an online-accessible “hot wallet”. Since the Bitcoinica Linode theft, in which an unknown attacker made off with $222,000 worth of bitcoins from Bitcoinica’s hot wallet in March, it has been generally understood that any Bitcoin-holding service should keep the vast majority of its funds in “cold storage”, a term referring to a setup where the private keys never touch any computer that is accessible from the internet.

ThomasV, the lead developer behind the Electrum client, lists some security recommendations for Bitcion exchanges here; his seven key points are:

1. Don’t store more bitcoins outside of cold storage than you can afford to lose and remain solvent. This ensures that your business will be able to financially survive a hack.
2. Deposits should be sent to cold storage addresses directly.
3. Transfer from cold storage to hot storage should be manual only.
4. An attacker should not be able to disguise a theft as a series of withdrawals from customers.
5. If a withdrawal request exceeds the amount available on the hot wallet, the customer should have to wait. Receiving coins 24 hours later is better than not receiving one’s coins at all.
6. Clone your database to a place where an attacker cannot irreversibly modify or delete it from the server.
7. Send digitally signed account statements to customers regularly, using a key that is not on the public server.

Taking greater care to protect one’s server from being hacked in the first place is of course the best defense. However, any single layer of defense will invariably make mistakes, and sound Bitcoin service security requires a strong and detailed strategy for mitigating losses based on a defense in depth. Not following proper security procedures may mean seeing your prospering Bitcoin business meet a sudden and untimely end. Given the amount of information and experience available on such matters, not taking the most trivial standard precautions may even open one up to liability due to gross negligence. No matter how big, small, young or established your Bitcoin business may be, it is better to be prepared earlier rather than later.

Sources

1. https://bitcointalk.org/index.php?topic=105818.0&action=printpage