Category Archives: Cryptography

Crowdsourcing Book Title & Design

Posted on June 21, 2011 by Michael Froomkin

Bruce Schneier is asking you to help him pick the title and cover for his next book.

Posted in Cryptography, National Security | Comments Off on Crowdsourcing Book Title & Design

EFF Straight Up on Bitcoin

Posted on June 21, 2011 by Michael Froomkin

Nobody’s perfect, and even the regularly sharp and interesting Technology Liberation Front blog can miss the point sometimes, a hazard of trying to push the envelope. And that’s what I think has happened in EFF Gone Wobbly on Bitcoin.

The Electronic Frontier Foundation‘s Cindy Cohn announced yesterday that EFF would no longer take BitCoins. 1 She gave several reasons:

1. EFF’s holding and spending of Bitcoins created some legal issues that EFF didn’t fully understand.

Bitcoin raises untested legal concerns related to securities law, the Stamp Payments Act, tax evasion, consumer protection and money laundering, among others. And that’s just in the U.S.

2. Doing something that raises legal questions risks making EFF the subject of a legal action, rather than the lawyer defending someone else.

While EFF is often the defender of people ensnared in legal issues arising from new technologies, we try very hard to keep EFF from becoming the actual subject of those fights or issues. Since there is no caselaw on this topic, and the legal implications are still very unclear, we worry that our acceptance of Bitcoins may move us into the possible subject role.

3. Donors might be misled. Donors who give EFF Bitcoins (and there were quite a few of them!) would expect EFF to spend them to support its mission. But because EFF feels unable to spend Bitcoins, due to the legal issues they raise, that expectation would be dashed. That’s bad for the donors — they waste their Bitcoins — and it’s bad for EFF, as it risks disappointing the donors (and, I might add, crowding out donations in currency it would actually use).

4. Some people might take EFF’s high-profile acceptance of Bitcoins as an endorsement of Bitcoins. But EFF is not in the endorsement business.

Cindy is an old and valued friend, so I’m likely biased here, but I think that in the face of true uncertainty, EFF did the wise and courageous thing.

But Jim Harper of the TLF writes that he thinks EFF’s decision is an error:

My insta-reaction was to joke: “Related: ACLU to stop bringing ‘right to petition’ cases.” That’s a little ambiguous, so: Imagine that the government took a position in litigation that suing the government was not protected by the First Amendment, but was in fact actionable. Under EFF’s logic—avoid becoming the subject of a rights fight—the ACLU would not fight the government on that issue. Luckily, the ACLU would fight the government on that issue—as fiercely or more fiercely than any other!

I think this misses Cindy’s second point above, which to me is probably the most critical one: An organization like EFF exists to fight for our rights by advocacy, by offering legal representation, and by other means. Prudent stewardship of an institution like EFF requires that it not lightly risk the organization on any one issue. (I’m not foreclosing the possibility that there might some day be some existential issue worth betting the farm on, but I think no one seriously suggests Bitcoin is The Big One.) When EFF represents clients, it donates its time, effort, and good name; it doesn’t stand as a guarantor for damages if the case goes wrong. Thus, if EFF loses — and that happens — EFF lives on to fight another day. Becoming a party directly means risking substantial direct civil (and for all I know criminal) liability. That’s unwise because it means a loss in one matter will impose costs that will undermine EFF’s ability to function in other areas and might, in the worst case, take down the entire organization.

This concern does not strike me as excessively fanciful. The US government today is busy prosecuting reporters and whistle-blowers on new and expansive legal theories. The Justice Department has taken a litigation posture in state secrets cases that is at least as aggressive as the Bush administration did. EFF has been a leader in pushing back against secret surveillance, and is undoubtedly a thorn in the Justice Department’s side. Would, say, a Stamp Act, or money laundering, or securities law charge against what may have been the largest single holder of Bitcoins be impossible to imagine? No. While I don’t know how likely such a prosecution would be, the prudent thing for EFF management to do is not to expose itself to that risk.

Jim Harper’s second complaint is that,

refusing donations in Bitcoin seems to detract from EFF’s mission because it denies the organization a source of funds. The donors who gave U.S. dollars expecting EFF to defend things like Bitcoin may feel mislead by EFF’s reluctance to do so.

Again, I think this is exactly wrong. People who give dollars to EFF will have their reasonable expectations fulfilled: EFF will use the money to fight for cyber-rights and expressive freedom. People who gave Bitcoins to EFF had their reasonable expectations frustrated once EFF decided, prudently (or even excessively prudently), that it couldn’t safely spend them without perhaps becoming a (rather visible) target itself.

Were the federal government to prosecute a participant to a Bitcoin transaction, that might well be a good case for EFF to take on, subject to the usual case intake issues. But as a lawyer or advocate, not as the defendant.

  1. I am a member of EFF’s Advisory Board. However, I had no part in the decision on Bitcoin, and have no inside info regarding the decision other than knowing from a brief personal conversation that the concerns set out in the EFF memo are sincerely held by EFF’s lawyers and result from their having put some real time into the issue. The views expressed in this blog post are my own, and I do not speak for EFF on this — or indeed any — issue.[]
Posted in Cryptography, Law: Internet Law | Comments Off on EFF Straight Up on Bitcoin

Bitcoin Gets Compromised

Posted on June 20, 2011 by Michael Froomkin

Bad times at BitCoin Mountain.

[Update – 12:52 GMT] Account recovery page will be up tomorrow morning (Japan time)

We have almost completed the account recovery page and are waiting for result to unit tests and intrusion tests (and more than anything, don’t want to put something online and go to sleep just after, best way to get screwed), so the page will be put online tomorrow morning.

It will allow every user to claim ownership of their account based on proof such as deposits, withdraws, password (if complex enough), email or notarized documentation.

Once it is deemed enough users had the chance to get their account back, the exchange will be open again (opening time will be announced at least 24 hours in advance). It will still be possible to file claims for user accounts after this.

[Update – 6:30 GMT] Still here. Still working hard to get things online.

  • SHA-512 multi-iteration salted hashing is in enabled and ready for when we get users reactivating their accounts
  • We are going to push our relaunch time to 2:00am GMT tomorrow so we have time to launch a our new backend and withdraw passwords.

Thanks to everyone sending the supportive emails and our extremely patient users. 

 

 

[Update – 3:45 GMT] DO NOT DOWNLOAD ANYTHING

If you receive ANY email which seems coming from Mt.Gox asking you to download something (certificate, generating program, etc), DO NOT DOWNLOAD. Do not either input your password on any site which is not MTGOX.COM.

 

[Update – 2:06 GMT] What we know and what is being done.

  • It appears that someone who performs audits on our system and had read-only access to our database had their computer compromised. This allowed for someone to pull our database. The site was not compromised with a SQL injection as many are reporting, so in effect the site was not hacked.
  • Two months ago we migrated from MD5 hashing to freeBSD MD5 salted hashing. The unsalted user accounts in the wild are ones that haven’t been accessed in over 2 months and are considered idle. Once we are back up we will have implemented SHA-512 multi-iteration salted hashing and all users will be required to update to a new strong password.
  • We have been working with Google to ensure any gmail accounts associated with Mt.Gox user accounts have been locked and need to be reverified. 
  • Mt.Gox will continue to be offline as we continue our investigation, at this time we are pushing it to 8:00am GMT. 
  • When Mt.Gox comes back online, we will be putting all users through a new security measure to authenticate the users. This will be a mix of matching the last IP address that accessed the account, verifying their email address, account name and old password. Users will then be prompted to enter in a new strong password.
  • Once Mt.Gox is back online,  trades  218869~222470 will be reverted. 


We will continue to update as we find new information.

Huge Bitcoin sell off due to a compromised account – rollback

 

The bitcoin will be back to around 17.5$/BTC after we rollback all trades that have happened after the huge Bitcoin sale that happened on June 20th near 3:00am (JST).

One account with a lot of coins was compromised and whoever stole it (using a HK based IP to login) first sold all the coins in there, to buy those again just after, and then tried to withdraw the coins. The $1000/day withdraw limit was active for this account and the hacker could only get out with $1000 worth of coins.

Apart from this no account was compromised, and nothing was lost. Due to the large impact this had on the Bitcoin market, we will rollback every trade which happened since the big sale, and ensure this account is secure before opening access again.

UPDATE REGARDING LEAKED ACCOUNT INFORMATIONS

We will address this issue too and prevent logins from each users. Leaked information includes username, email and hashed password, which does not allow anyone to get to the actual password, should it be complex enough. If you used a simple password you will not be able to login on Mt.Gox until you change your password to something more secure. If you used the same password on different places, it is recommended to change it as soon as possible.

SERVICE RETURN

Service will not be back before June 20th 11:00am (JST, 02:00am GMT). This may be delayed depending on what is found during the investigation.

Posted in Cryptography, Econ & Money | 2 Comments

Bitcoin Has a “Black Friday”

Posted on June 14, 2011 by Michael Froomkin

If I’m reading this chart right, Bitcoins went from a high of over 30 late last week to a low of around 10, before rebounding somewhat to their current price in the higher teens (see updated prices here). A month ago a Bitcoin was trading well under 5 — maybe around 3.

I call Tulip Bulbs.

For more on this see DailyTech – Digital Black Friday: First Bitcoin “Depression” Hits.

Previous post: Why Bitcoin Isn’t As Exciting as it May Sound.

Posted in Cryptography, Econ & Money | Comments Off on Bitcoin Has a “Black Friday”

Why Bitcoin Isn’t As Exciting as it May Sound

Posted on June 11, 2011 by Michael Froomkin

A surprising number of people, including reporters, have been asking me what I think of Bitcoin.  My reaction is to be somewhat underwhelmed, for all of its technical inventiveness.   The best single account I’ve seen of why to be cautious is in this account by John Levine, Bitcoin and tulip bulbs.

As I wrote recently in reply to a Polish journalist’s emailed inquiry:

I am somewhat skeptical for three sets of reasons.

First – A coin that fluctuates in value is an investment, perhaps, but not a reliable store of value.

Second – There is a very limited number of things you can do with a Bitcoin at present.  Projects like this first suffer from and then — occasionally — benefit from network effects.

Third – Although I have not studied the protocol carefully, I’m worried that an attacker with the services of a large botnet might be able to dominate the system of authentication.

Posted in Cryptography, Econ & Money | 7 Comments

You Can’t Hide

Posted on March 23, 2011 by Michael Froomkin

Uncovering spoken phrases in *encrypted* VoIP conversations

We evaluate our techniques on a standard speech recognition corpus containing over 2,000 phonetically rich phrases spoken by 630 distinct speakers from across the continental United States. Our results indicate that we can identify phrases within encrypted calls with an average accuracy of 50%, and with accuracy greater than 90% for some phrases. Clearly, such an attack calls into question the efficacy of current VoIP encryption standards.

(via Dave Farber’s list).

Combine that fact with this alleged fact:

Several reports have emerged that China is cutting off phone calls mid-sentence when contentious words like ‘protest’ are used.

Posted in Civil Liberties, Cryptography | Comments Off on You Can’t Hide