Home / Cryptocurrency candlestick graphs / Crypto gram bruce schneier

Crypto gram bruce schneier

Автор:Meztigrel Category: Cryptocurrency candlestick graphs 2 Окт 12

crypto gram bruce schneier

His influential newsletter “Crypto-Gram” and his blog “Schneier on Security” are read by over , people. Bruce Schneier is an internationally renowned security technologist and author. Schneier also publishes a free monthly newsletter, Crypto-Gram. Hertzbleed: A New Side-Channel Attack; Hidden Anti-Cryptography. TT FOREX KOLKATA NEWSPAPER

In general, is software- It's really that law, right? Is software well-written and secure, generally? It was terrible. It can be. It's just not. This is stepping back from blockchain, but in general, that it's economic, that writing secure code is expensive. It's extraordinarily expensive. In most cases, it's prohibitively expensive with the exception of the space shuttle, which even then isn't perfect.

We've had satellites. We've had them. We had two Mars landers fail because of software bugs. There, what? We spend an enormous amount of money and time and effort and code review to make sure that software is accurate, let alone secure. So no, we don't know how to write good code.

That's fascinating. We talked earlier about how I didn't do a good job defining decentralization. Satoshi- I know. I caught you early. Satoshi, I think, partially defined it at least as one CPU, one vote. In practice, is that how crypto blockchains are working? It's not. So mining is highly centralized exchanges, and because blockchains are so efficient, a lot of Bitcoin transactions aren't really Bitcoin transactions.

They pretend they are, but they're not. So I mean, this happens for stocks. If you are a big stockbroker and one of your clients buys stock, you often don't just buy it. You have some stock and you yourself record who owns it. It's called buying it on the street, and it's just easier than engage in the actual Wall Street on the floor shouting or however they do it on computers these days, exchanges of stocks. A lot of cryptocurrencies are the same, and that's one of the reasons why when the companies go belly up, you can't get your money back.

You don't actually own what you think you own, right? The company just pretends you own it, which is great if things are going well and disaster if things are not. So it is much more centralized than people think. I mean, there are aspects of this. The ledger is decentralized. There are multiple copies of the ledge. Mining could, in theory, be decentralized. Mining has become such a profitable operation that you have centralized miners, and a surprisingly few number of miners control most of the Bitcoin mining and Ethereum and the other cryptocurrencies.

For some of the ones that are lesser, it's so bad that they'll engage in fraud because if you have a majority, if you own majority of the mining, you can engage in fraud. There are cryptocurrencies where you hit below that threshold and then the miner steal all the money.

Of course, there's no recourse because that's the way we built the system. We talked in an earlier episode for this crypto series with Igor Makarov, who's an economist at LSE, and he's got a fantastic paper on money concentration. Very interesting. It's dangerous because we require that decentralization to work, but what we know about society is power centralizes, and that's what we see in Bitcoin, the fact there are only a few exchanges because exchanges are hard and popular ones get more popular, same thing with wallets or computer operating systems.

So centralization will always creep back in. I think that if it's going to creep back in, you want to be explicit about it. You want to know what it is and control it instead of pretending it's not there, then when you get it, you're screwed. What about web3?

Again, I keep saying that you were there for the early part of this and you were. You were there for the early internet. Is web3 redecentralizing the internet? So web3 is a buzzword. I think decentralization is good and valuable. I think one of the biggest problems we have is centralization monopolies and decentralization is great. Blockchain is only one way to do decentralization. It's probably the worst way. Now, email. Email is a great decentralized system.

Unlike SMS or Facebook Messenger, you can have any email reader on any server and you can send email to any other email address, right? It's wholly decentralized. It's great. That's decentralization and that's working well. So people who are working on decentralization along those lines, I think it's very important. I think of this as a centralized web conference that happens in California. That actually happened this year.

The pandemic stopped it. There's lots of ways to think about centralization. I think it's really important. Centralization of Facebook, of Amazon, of Apple, of Google is a disaster for society, for the economy. It is bad. We're now trying to force Apple to give up its monopoly on its iTunes store to allow people to load software onto their phone like they could load software onto their computers.

The same. They are fighting it, of course, because their monopoly is very profitable, but it'd be valuable to get rid of it. If we had systems of messaging, which are not like Facebook Messenger, which are close ecosystem but more like email, where my message system can talk to your message system.

We had that in some of the primitive systems before Facebook and Instagram and Twitter took over messaging. No need blockchain for any of this. It would be really valuable. Decentralized commerce. Centralized so many things would be incredibly important. I think it's the one thing we can do to, to use the term broadly, fix the internet. It is the thing that would cascade and fix so many things to get back competition and innovation and neuter the monopolies.

So by we, I assume you mean government intervention? No other way. This is Corey's big point. Monopolies don't just amass money, monopolies amass power. Monopolies take money, use that to generate policy, to create more money, generate more policy.

It's that feedback loop, where that's enabled by money in politics that allows monopolists to launder their money into policies that give them more money. When you watch this, watch if Apple does manage to kill the bill that will force them to open up their iTunes store. If they did, they are converting monopoly profits into laws that protect their monopoly profits.

So you can see one heck of a collision coming up between libertarianism around crypto and government regulation, obviously. How do you see this playing out? Well, hopefully, I mean, ideally, blockchain just disappear.

It's not going to happen. Too big, too global. What we need to do is regulate it. We need to bring it into the financial network. Just because something stupid doesn't mean you have to ignore it, right? So we need to treat cryptocurrencies as currencies, right? You're going to have Nick Weaver on and his phrase is that, "Cryptocurrencies are speed running years of financial fraud," and they are.

Everything illegal in the financial world is happening on the blockchain, right? You've got your Wildcat banks. You've got your Ponzi schemes. You've got your unregulated securities. You've got your unregulated commodities. You've got your outright frauds. It is all happening, and innocent people, naive people are losing a lot of money. I mean, it's a joke how much money is being lost and stolen.

So we need to get those systems under the financial network, the same rules that apply to normal financials need to apply to blockchain ones. Libertarians will hate that, and it's too freaking bad. I mean, you don't get your playground. I think that's starting to happen. I mean, some states are regulating it, and the federal government is looking at it. I wish it would happen quicker because people are losing money. The website for this is, I think, it's web3 is going great, where you can go on and just look at the billions of dollars that have been stolen this week, every week.

It's sad to watch that number go up, unfortunately. Sad to watch them, right. Actually, it's sad to watch the crash. I take no delight in the crash. There are lots of people losing money they can't afford to lose in this crash. So how can it be included in the financial system?

Because this thing, it's built as a libertarian technology by its construction. It still has companies. There are exchanges. There are US companies that are exchanges. It's not the technology. It's like saying, "How do I put credit card terminals on the financial network? You put Visa on the financial network. Who cares about the technology? It's the companies. It's the people. Right now, there's a single check box on the US tax return, "Do you own cryptocurrency?

How much? Let's see a Let's see an actual form of what you own and who and where it is. Now, you now have financial rules that exchanges have to follow, and wallets have to follow in the same way that if you're a stock exchange, you have to follow certain rules.

Why is it different? So don't think of the tech. Think of the human institutions. That's what you regulate. I want to ask you about NFTs. What do you think about the future of NFTs, especially for recording artists to be able to capitalize on their creativity without being part of the centralized iTunes or some other Spotify type platform? Any thoughts on NFTs? When you talk about music, when you buy an NFT, what do you buy?

I'm asking you a serious question. I guess your own certified proof that you're at a concert or some of digital art, I'm guessing. You're buying a proof that you're at a concert. Probably lots of ways to do that. How is that helping the artist? I'm an artist. I sell you a ticket. You come to the concert, you enjoy yourself. Now you have proof. How is that better?

We can imagine it's better. You have some souvenir. Yeah, instead of buying a T-shirt. Lots of ways I can give you souvenirs. Why is this way different? I don't know. Maybe if a 20, people go and they spend, I don't know, five bucks on some sort of NFT, maybe it's an extra revenue stream for the artist. What's the NFT part that's valuable? So this is weird, right? Doesn't mean you own the art if the URL points to the art.

Doesn't mean you own the music if the URL points to the music. Doesn't actually mean anything. It could mean those things. That is a separate contract. Now, I don't need the NFT, right? It is not the case that from the history civilization until now artists have been unable to sell their work and now suddenly they can. The NFTs are a Ponzi scheme. That's what pretty much all they are.

It is not actually clear what you're buying. It's a right. That URL that is on the blockchain that says that you own could point to a different song, a different piece of music, a different piece of art, nothing later. It doesn't convey any actual ownership rights, especially not copyright. It actually isn't clear what you're buying.

So you have all the risks blockchain like client side hacking, buggy smart contracts, web content disappearing, the whole speculation. There's nothing here. The fact that it crashed so hard, I think people realized it that it really was just a Ponzi scheme. Now, Ponzi schemes are great if you're the second most stupid person, right? Ponzi schemes are only bad if you're the stupidest. The trick is how do you know if you're the second most stupid person because you're at the line.

I mean, the problem with Spotify is non-NFT. It's that Spotify's a monopoly. You have 50, different music systems. Suddenly, it's a different ecosystem and artists are going to make more money because there's going to be competition. The fact that it's a monopoly is why artists are being screwed, not because it's not an NFT. Now, some artists actually do sell music directly to customers. They don't need NFTs. They can just use normal commerce, and that works fine.

I mean, just like me selling signed copies of my book, I could go through Amazon, I could go through a bookstore, I choose not to so I capture more of the revenue. I don't need blockchain for that. What has been the impact with so many of Like my kids or young 20s. Many of their friends are into crypto. None of them that I've met can actually articulate anything about this, and you can tell that- Which is is interesting right there, right?

They're just lapping this up unbelievably. You look at the Robinhood trading app or as an example, right? People arguably speculating with this kind of stuff. What's been the impact on a generation do you think of this experience? I think these are the people being taken advantage of, especially Robinhood. The people making money on Robinhood are largely the big institutions who are capitalizing on the herd mentality because they are the faster, they are the smarter, they have more capital.

They're able to hedge. They're able to do things that kids these days are not. I worry that there's going to be a lot of money lost, but you're right. The people who expound these things can't articulate what's going on. They just know it's a mania and they want to be part of it, and they see people who make money.

So it's a little bit like gambling, right? A lot of people go to Vegas and get rich. A lot more people don't. So you go in optimism and on average, you don't make a lot of money. Betting against the house is always a mistake. That's why they're the house. The comment Cameron made about people lapping it up, I find that fascinating because it's true.

All of the narratives, which we had trouble articulating earlier, but whatever is said to support crypto, people, just some people very easily lap it up without a whole lot of basis. It's just like people think Bitcoin is private. Now, you go to the ledger, you can see the transactions, and all it takes is one mistake where you link your email address to a public key and you're forever known, and this is how we unravel criminals. Do you think that the I want to come back to trust for a minute.

We talked about web3 is going great and all the frauds and stuff that are going on. In your book, Liars and Outliers, you talk about the moral and reputational incentives to act in a way that is responsible and good. Do you think the pseudonymous nature of the blockchain reduces that or takes them away? So we know that even out of blockchain. Just think of social media and harassment. When people are anonymous, some portion of us act much worse, act far more moral, far nastier, engage in behaviors that we would never engage if our names were attached to the things we are saying, and that does seem to be true.

So it would make sense that we would engage in behaviors with currency. Nobody's going to buy child porn if their name is attached to their transaction. You're not going to buy it on Visa. You're only going to buy it if you think then you are anonymous. I have a different question for you. One of the arguments that I've heard a lot about the benefits of Bitcoin is that it will help the world's bankless. So there are things that help the world's bankless, and if you look at some of the cash transfer systems, the PayPals, and Venmos, Alipay, M-PESA, those do, and they're really valuable.

They don't use blockchain so they're better, but systems that allow the bankless to move value. There's one, I forget the name of it, that is basically cellphone minutes that are traded. These are really important, especially in the third world where you have people who are either bankless or don't have a bank anywhere near them physically, and need to be able to move money and are afraid of being robbed.

So those systems are great and they tend to be There's some big ones. They tend to be local. I mean, they work in certain countries because they really optimize for those citizens' needs, and they're often by a company like Venmo. So yeah, I mean, those are really important systems. You don't need blockchain for any of that, and you're better off without blockchain costs. Now, you can make it efficient and more secure and more trusted and more trustworthy, and you get all the good things without all the dangers of using a blockchain.

What about the other one we hear, which is the outrageous bank fees to transfer money around? Yeah, and that again, I think, is monopolies. So yes, we can use Venmo for that, right? Much reduced transaction fees. You hear about credit cards. Matt Greene made this point in a blog post, "Why are credit card transaction fees so high? At least. So credit cards, the way the ecosystem works is they're a middle class subsidy that the poor pays.

This is a disaster. The poor will more likely pay in cash. It's the same price. Those poor buyers are paying for my subsidy. This has nothing to do with blockchain. I mean, we solve this through regulation, but this is bad, and this is something that things like Venmo do solve.

Venmo has either little or no transaction fees for most users. So yes, high transactions fees are really bad. It is not a problem that is either solved by blockchain or caused by no blockchain. No one has sit around and said, "Oh, my God, suddenly there's a blockchain.

We now can charge lower fees. Let's charge them," and that is competition of monopolies. Another example while I'm at it. I heard on a podcast recently that I think it was Walmart in Canada is now able to use blockchain to track suppliers more accurately and that disputes about invoices is a big deal, and by going to a blockchain to track everything from the driver being delayed in traffic for delivery, being delayed is now live on blockchain.

So that's not blockchain. That's one example of blockchain marketing purposes only. That's the right only ledger, right? That's the singular distributed ledger of what happened. Those supply chain systems, IBM and Merck had one, met a big one, but it died because it was a dumb idea, that you can track supply chain because all of the information is on the singular data structure that everyone can look at.

Don't use a blockchain and suddenly that's so much better or what Walmart's likely doing is they're using the blockchain architecture, where they don't have the currency, they don't have the mining, all the things that make it a blockchain. This is a blockchain for marketing purposes only. That has value. The data structure has value. Now, there are other ways to do it. They chose this way, that's fine, but that's not a blockchain the same way that Bitcoin or Ethereum is.

It gets spun into the story that you want blockchain, you want crypto, and it becomes this whole- Of course, because a blockchain story sells. That's why a lot of these blockchain marketing purposes only get funding because the herd mentality, blockchain cool, let's give them lots of money because they're going to be great.

Often, you find the systems as they mature, they remove the blockchain part quietly because it's inefficient, replace it with better systems, have the blockchain in the background because they need it to look cool, but don't actually use it for what they're doing. We talked earlier about how the things that fit together to make a public blockchain work. Based on that structure set up, do you think Bitcoin is suitable as a global currency?

It's a disaster. No system where if you get your password, you lose your life savings is suitable for anything, right? No system where if I'm a millisecond faster than you in the exchange, I can defraud you is suitable for anything. No system wherever you make a mistake you're completely screwed is suitable for anything. It is not trustworthy. You would never trust that with your money. Would you refer to it as a self-enforcing protocol, the structure?

Parts of it. Man, I saw that in your list of questions, and it's a rabbit hole you don't want to go down. I'll ask you, man. We'll leave it. In your applied cryptography book, you- I know, and that was written in The world was different back then. That's why it's a big rabbit hole. Well, we'll stay on the rabbit hole. So you mentioned earlier you teach blockchain to public policy students at Harvard.

What message do you hope that they come away with after you've taught them about it? That it needs to be regulated. Now, I want to talk about how it works, what it does and doesn't do, what the truth, what the lies are.

I could talk about how useless it is, but it's here, but it's real. NFTs are there. Bitcoin is there. Ethereum is there. People are doing things. People are buying, selling, losing money, being defrauded, and government can't ignore it.

Government needs to pay attention. Consumer protection is vital. Financial regulation is vital, and that we need to start working on it, and that really is the message. You can't put your head in the sand and say, "It doesn't matter. It does matter. People we know own cryptocurrency and they need to be protected.

Is government listening? I think it's starting to. Certainly on the fraud detection part they are. I think there is resistance because there's so many voices and so much noise, but I think so and I hope so soon. You said earlier that there was genius in this creation from Satoshi Nakamoto. Does anything about the innovation excite you? I mean, it's cool. It is really a cool innovation. The innovation itself excites me. There are no useful applications of it.

It's sad, but the innovation is neat. The math is cool. The math works beautifully. The incentives are lined up. It just works. It really is a genius. Chaum wasn't able to do it. It is a true innovation. I've got one last question for you. You released a really nice talk recently about how technologists need to be more involved in policy and you refer to yourself as a public interest technologist.

From that perspective, what is your biggest concern about cryptocurrencies? I mean, everything we talked about here, that it is going to hurt a lot of people. I want it regulated to the point where it is firmly embedded in our financial system such that all the controls are in place.

I think that will largely strangle it, which is good, and to the extent it doesn't, it's blockchain. This won't matter, which is also good. Once it has infected all the running processes, it provides the threat actor with rootkit functionality, the ability to harvest credentials, and remote access capability.

No public attribution yet. This discovery reinforced the desire of some public and private entities to develop their own cryptographic standards instead of relying on a U. Yet, a decade later, no credible alternative to NIST has emerged. NIST remains the only viable candidate for effectively developing internationally trusted cryptography standards.

Cryptographic algorithms are essential to security yet are hard to understand and evaluate. These technologies provide crucial security for communications protocols. Yet the protocols transit international borders; they are used by countries that do not necessarily trust each other. In particular, these nations do not necessarily trust the developer of the cryptographic standard.

On the Dangers of Cryptocurrencies and the Uselessness of Blockchain [ Nothing in that letter is out of the ordinary, and is in line with what I wrote about blockchain in But there are other modes like proof-of-stake that are not. Yes, a blockchain is an immutable ledger making it impossible to undo specific transactions. Blockchain systems can have a little or a lot of privacy, depending on how they are designed and implemented. We can argue about whether proof-of-stake is actually an improvement.

And to the extent any of those scaling solutions work, they undo the decentralization blockchain claims to have. But I also think that these defenses largely miss the point. They still have trusted intermediaries, often with more power and less oversight than non-blockchain systems.

They still require governance. They still require regulation. These things are what I wrote about here. From its inception, this technology has been a solution in search of a problem and has now latched onto concepts such as financial inclusion and data transparency to justify its existence, despite far better solutions to these issues already in use.

Despite more than thirteen years of development, it has severe limitations and design flaws that preclude almost all applications that deal with public customer data and regulated financial transactions and are not an improvement on existing non-blockchain solutions. But the core technology is absolutely not useless. In fact, I think there are some pretty exciting things happening in the field, even if most of them are further away from reality than their boosters would admit.

Oh look, blockchain is a good solution. Oh look, there is a problem I can apply it to. Someone, please show me an application where blockchain is essential. That is, a problem that could not have been solved without blockchain that can now be solved with it. Green is right about how unfair this is. Peer-to-peer payment systems like PayPal, Venmo, MPesa, and AliPay all get around those high transaction fees, and none of them use blockchain.