Is Bitcoin subversive?

The debate on whether Bitcoin presents a credible opportunity to become a world currency has two components…

You could add a dozen other discussion points, such as “Is the math reliable?”, “Will it be outlawed by government X or Y?” or “How can a virtual fiat that lacks intrinsic value ever be a value store?” But for this discussion, we flush out the two remaining questions of viability that keep insiders awake at night:

• Can it be adopted as a transaction medium, like a gift card or credit card?
• Can it be accepted as a value “in and of itself”, based simply on supply & demand?

Most early adopters and even some governments acknowledge that a historic time may be upon us. It certainly appears that the time may be ripe for a gradual shift to secure, electronic currencies, whether by design or by a groundswell of adoption.

LinkedIN icon (3D)-sI am a frequent contributor to a LinkedIN discussion group that is a place of intense debate. Participants are cryptocurrency enthusiasts, and so the debate doesn’t address the viability of Bitcoin as a valid mechanism. We all believe that adoption is likely—at least as a transaction medium. Rather, our debate is focused on adoption mechanisms, geopolitical fallout and intrinsic value. Among issues that we address are:

1. Must a cryptocurrency be tied to a government backed fiat currency? — Or can it float based only on trust, supply & demand, and a supply that is capped but divisible?

Most in our group believe that it can float and be a value store on its own merits.

2. Does a cryptocurrency need a perpetual supply-growth mechanism to be viable? — Or can it serve commerce and act as its own stored value with fixed supply cap?

Bitcoin has a fixed, ultimate supply cap of 21M units. Some analysts and pundits are concerned that the supply cap will cause large scale deflation as it is adopted, even if used for only a fraction of Internet commerce. They believe that the deflationary mechanism is a liability. Most people in this group believe it is an asset—maybe, even, the whole point.

3. Could government regulation and disparate national rules eventually damn the whole virtual currency experiment?

Most people in this group believe that certain grassroots movements cannot be easily squashed. Moreover, even strong supporters of government believe that—in the long term—Bitcoin presents more of an opportunity than a threat. There really is no maxim that says national governments must be in charge of a treasury and tinker with value, growth and incentives through a national currency. Bridges can be built and wealth can be redistributed through tax policy and by other means. In the age of global commerce and the Internet, we are beginning to recognize that the trust upon which a currency relies can be based on something that is less political and more involatile than regional authorities.

4. Some wonder if a currency can survive without an underlying asset like gold, or the requirement that taxes be paid in the new form. But the US dollar is not tied to a specific asset and virtual currencies do not need to be the mechanism/unit for paying taxes. For those using any currency with a supply cap and growing adoption, dollar conversion will always get cheaper and cheaper.

Does Bitcoin facilitate crime?

Bitcoin-08One member of our group points to the black eye that Bitcoin acquires after news events such as the take down of Silk Road (a market for criminal activity), mismanagement at Mt. Gox, government intervention or high profile hacking. They wonder if an early association with greed, graft, drugs or p○rn○graphy is an inevitable step (or a necessary step?) toward wider market adoption.

That question is not only insightful—it is brilliant! On the surface, Bitcoin has no more role in facilitating crime than cash transactions. But the question is valid, because large amounts of cash are difficult to slip into and out of monetary systems, and it cannot easily be transmitted with impunity.

Vice and markets with prurient appeal often drive adoption of new technology. This connection is a widely recognized axiom by economists. In fact, it suggests a good reason as to why non-criminals should not be alarmed. Even though they represent the underbelly of a paradigm shift, Silk Road and other news making scoundrels or events are playing a role in the early diffusion of a fascinating technology. Law enforcement can address these things as they arise. But, they no more spell long-term doom than p○rn did for the VCR.

This same discussion participant opined that wild gyrations in the Bitcoin exchange rate (the relationship to national currencies) would retard adoption for quite some time.

Bitcoin Volatility: A Wild Duck opinion

The wild gyrations of Bitcoin are a byproduct of (any) rapidly growing and somewhat misunderstood technology. These will iron out. On this point, I am certain. Eventually, as a subset of Bitcoin users store the coins rather than convert them with each transaction, these gyrations will be perceived to be instability in the Dollar, Euro or Yuan and not with Bitcoin. That is, for now, vendors are setting a price in legacy currency (Dollars) and offering to Bitcoin buyers at the current exchange rate. Then, they are converting back out of Bitcoin. But a gradually growing body of vendors will hold their BTC either for future transactions, or because they trust and value it as a holding. This simple fact will gradually iron out the wild swings. As adoption grows; as supply and demand find a reasonable meeting point; and as individuals retain their holdings, the volatility will abate.

The Virtual Currency Collaborative

Incidentally, a newly formed collaborative was formed earlier this week by members of the LinkedIN group, Bitcoin P2P Digital Currency (same thread). It is already playing a role in the long term viability of Bitcoin. These entrepreneurs are defining mechanisms and policies that will ensure that Bitcoin is just as friendly to business and commerce as it seems to be for parties to anonymous or unreported transactions. The Virtual Currency Collaborative (working title—the developer’s site is still under wraps), is the working group that will specify secure, trusted protocols and mechanisms for legitimate businesses everywhere. These businesses often require user identification, escrow, recourse and the support of audits & forensics.

Slippery Slope: Japan seeks to ban Tor

The Electronic Freedom Foundation (EFF) often finds itself on the opposite side of legislation that is initiated or supported by media rights owners. In fact, the Recording Industry Association of America (RIAA) and its Hollywood counterpart, the Motion Picture Association of America (MPAA) have thwarted every promising technology since the dawn of the photocopier and the 8-track tape cartridge.

We could list delayed technologies or those that were threatened with a use tax, such as the VCR, writable CDs, file sharing networks, and DVD backup software. But the funny thing about grumbling rights owners is that they are, well, right. Sort of. After all, anyone who believes that it is OK to download a movie with Bit Torrent or trade music with friends (while maintaining access in their own playlist) has a weak argument. They certainly can’t claim the moral high ground, unless they are the only person on earth that limits file copies to back ups and playlists in strict conformity to exceptions allowed under DMCA.

But this week, it isn’t the RIAA or MPAA that seeks to squash the natural evolution of the Internet. This time, it is the government of Japan. Japan?!!

Napster-ShawnFirst, some background…

In July 2001, Napster was forced to shut its servers by order of the US Ninth Circuit court. Despite legitimate uses for the service, the court agreed with a district court and the US Recording Industry Association (RIAA), that Napster encouraged and facilitated intellectual property theft—mostly music in that era.

The decision that halted Napster was directed at a specific company. Of course, it de-legitimized other file swapping services. (Who remembers Limewire, Kazaa, Bearshare or WinMX?) But, it was never intended to condemn the underlying technology. In fact, Napster was a pioneer in the emergence of ad hoc, peer-to-peer networks. It is the precursor of today’s Bit Torrent which merges distributed p2p storage with swarm technology to achieve phenomenal download speed and a robust, nearline storage medium. In fact, over the next few years, AWildDuck predicts that the big cloud services will migrate to a distributed p2p architecture.

Akamai has long used the power of distributed networks for storing data “at the fringe”, a technique that serves up web pages rapidly and reduces conserves network resources. But a similar network, grown organically and distributed among the masses strikes fear in the hearts of anyone who believes that power stems from identification and control.

In 2000 and 2001, p2p networks were perceived as a threat, because they facilitated the sharing of files that might be legally by few peers–or none at all. Today, p2p networks are fundamental to the distribution of files and updates and are at the very core of the Internet.

how_tor_works

Tor facilitates privacy. User identification is by choice.

Peer-to-peer networks are no more a tool of crime than telephones. Although both can be used for illegal purposes, no reasonable person advocates banning phones, and no one who understands the evolution and benefit of modern networks would advocate the regulation of peer-to-peer networks. (Please don’t add guns to this list. That issue has completely different considerations at play. With guns, there is a reasonable debate about widespread ownership, because few people use it as a tool for everyday activities and because safe use requires training).

But p2p networks are evolving. The robust, distributed nature is enhanced by distributing the tables that point to files. In newer models, users control the permissions as a membership criteria and not based on the individual source or content of files. For this reason, anonymity is a natural byproduct of technology refinement.

Consider the individual users of a p2p network. They are nodes in a massive and geographically distributed storage network. As both a source of data and also a repository for fragments from other data originators, they have no way to determine what is being stored on their drives or who created the data. Not knowing the packet details is a good thing for all parties—and not just to confound forensic analysis. It is a good thing every which way you evaluate a distributed network.*

The RE-Criminalization of P2P Networks

tor-crop

Japan’s National Police Agency (NPA) is much like America’s FBI. As a federal agency equipped with investigators, SWAT teams and forensic labs, their jurisdiction supersedes local authorities in criminal matters of national concern.

This weekend, the NPA became the first national agency in any country to call for a ban on the use of anonymous web surfing. They want Internet service providers to monitor and block attempts by their subscribers to use proxy servers that relay their internet traffic through remote servers, thereby anonymizing web traffic and even emboldening users to browse areas of the Internet that they might otherwise avoid.

But the Japanese NPA has a naïve and immature view of humanity. The use of proxy servers is not only fundamental to many legitimate purposes, many netizens consider web-surfing privacy to be a legitimate objective on its own merits. We could list a dozen non-controversial reasons for web surfing privacy—but if we had to do that, you probably wouldn’t be reading this page.

* The statement that anonymity and encryption is a good thing for distributed, p2p networks—not just for data thieves, but for all legal and business purposes—may not be self-evident to all readers. It will be the topic of a future discussion in this Blog.

Ellery Davies is an author, privacy consultant and cloud
storage architect. He is also editor at AWild Duck.com.

New York & Hawaii: Frightening bedfellows lacking perspective

New York and Hawaii are bookends to 50 American states. Although separated by 8,000 km, each is rich in heritage, and with a very different political and cultural perspective. Yet, despite the distance and political differences, they are embarking on an identical and ruinous path. Bills introduced in both states suggest that legislators lack fundamental knowledge of history, democracy, economics and, especially, the nature of the Internet. More importantly, they care not a whit of personal freedoms, privacy and individual rights.

NY & HI senate: Lacking historical perspective

I should end here with my favorite tag line, “So Sayeth Ellery”, but that would deny readers chilling facts. Facts that ought to shock the senses of every New Yorker and Hawaiian, and humiliate by association. Let’s cut to the chase: Lawmakers in the Aloha state want to criminalize anonymous internet posting while senators in the Empire State plan to create a database of every web site visited by each resident. Yes! They plan to track & archive your internet surfing history. I am not making this up!

A government dB of everyone’s web surfing… Now, Isn’t that just special?!

With regrets to Dana Carvey, Isn’t that just special? After all, an individual concerned about being carded at the door is an individual with something to hide—most likely, guilty of a crime. Who else would object to registering a DNA sample before speaking on topics of the day? A law-abiding citizen doesn’t fear a government that tracks thought, medical history, private communication, bedroom fantasy, or corporate negotiation. Just what are those people afraid of?

Dear Wild Ducks: We are all those people. I am too blinded by disappointment and pity to name names or plow through the facts. (N.B. Names of the proponents are in the tags below this article). So, I offer links to well written summaries. Read along with me and weep. The US is already constructing the world’s biggest database of everything that you say, do and think. Perhaps New York and Hawaii feel left out. Or perhaps legislators in those states skipped out on high school history. More likely, they are decent individuals with good intentions, but simply poor stewards of liberty in an era of ecommerce, the Drudge Report, AWildDuck.

Does anyone not find this frightening? Forget about “confidential sources”. Want to comment on a breastfeeding blog? Sure. But first, register your fingerprints with an ISP and web host! I can think of three reasons that this won’t fly. More importantly, I am concerned that our legislators don’t see this:

Reasons to avoid suppressing a privacy technology

  • If a government bans free expression, the business of internet hosting & access simply migrates to jurisdictions that understand democracy. It’s the nature of any fungible medium.
  • Political restrictions on existing technologies or platforms create incentives for the rapid deployment of methods that circumvent or thwart the restrictions. This has the unintended effect of causing even more interference with legitimate investigations and forensic tools.
  • History demonstrates the dangers of surrendering free, anonymous speech to a government, no matter how ethical the current leaders. Governments are transient, though they try hard to be self-preserving. They do their best work when prodded by free and democratic constituents.

So sayeth Ellery.

Ellery Davies is not generally known as a liberal commentator.
But he is a political wonk, privacy advocate and editor of AWildDuck.

Big biz & Uncle Sam like Tor, sort of…

Oceans of Data
Try to visualize all the data about you that is recorded, stored or transmitted each day in one form or another. Consider every possible source, both public and private. What if it could all be put together, correlated with data about every other person on earth and sifted by detectives whose only task is to look for subtle patterns of behavior?

Let’s start with phone calls: In addition to the number dialed, the phone company knows your location, the caller of ID of incoming calls, and even has access to the actual conversation. (Believe it or not, your government is listening). Check the phone bill of both parties and we can figure out how often you call each other. If we then learn everything we can about the people that you talk to, we can probably learn a thing or two about you. And speaking about location, did you know that both iPhones and Android phones log your precise location every few seconds and then transmit your location history to Apple or Google several times each hour? An even more ominous program discovered this week is embedded in Android phones. It sends every keystroke to your carrier even if you opt out.

What about your health records, magazine subscriptions, tax filings, legal disputes, mortgage records, banking transactions including charge card purchases? Now add your internet use – not just the sites at which you are registered, but every site you have ever visited. Suppose we add videos from convenience stores, traffic enforcement cameras and every ATM that you pass. Don’t forget the snapshot at the toll booth. They have one camera pointed at your face and another at the license plate. Of course, there is also a log entry from the toll payment device on your windshield and the key chain FOB that you use when you buy gas.

What about the relationships that are revealed by your old high school yearbook, old newspaper articles or that 4th grade poetry contest your daughter was in. There was a handout that night and so it counts as information related to you. How about that camera in the elevator at work? Suppose that it could recognize your face immediately and match it up with your fingerprints from your last international flight and your phone calls, web visits, hotel reservations and TV viewing habits.

Whew! That’s a lot of information to recognize or sift through in any meaningful way. But for a moment, ask yourself “What If”… What if all that data from every transaction record, GPS device, tax return and historical log could all be accurately attributed, correlated, matched and analyzed. What could be accomplished with all of this? Who wants it and for what purpose? Would their goals align with yours?

Person of Interest
In the CBS Television series, Person of Interest, a government computer looks for clues to the next terrorist event by monitoring virtually everyone and everything. The project doesn’t require its creators to build a new surveillance network. Massive amounts of data are already floating around us every day.

Of course, the data is fragmented. It was gathered for different reasons – mostly for private commerce (banking, medicine, safety). Few people consider it to impact privacy or personal freedoms, because we assume that It is too disparate and unwieldy for analysis by any single entity. Yet, in Person of Interest, the computer taps into all of these sources and mines the data for suspicious patterns.

As patterns emerge from all of this data, the computer finds converging threads based on individual behavior. Taken alone, the data points are meaningless — someone in Oregon signs for a package; someone using a different name in Rhode Island makes a plane reservation; someone in Pakistan fitting both descriptions checks into a motel and visits a convicted arms smuggler. The mobile phone carried by the last person accepts a phone call at a number previously used by one of the other individuals. Normally, no one could have ever fit these pieces together.

Eventually, the computer begins to identify suspicious activity. Depending on the programming and based on past findings, it even predicts events. But wait! Many of the patterns it finds are unrelated to terrorism. It finds clues to likely mob hits, crimes of passion, kidnapping, guns at school, and regional crime. The results are irrelevant to the machine’s purpose and in this fictional drama, the government decide that analysis would constitute illegal domestic spying. So they order the programmer to purge “irrelevant data” by adding a software routine to periodically delete extraneous results.

Of course, if the “personal” results were deleted, we wouldn’t have a new and exciting television series (my personal favorite). So, the middle-age geek who gave life to the analytics, recasts himself as a vigilante. He teams up with a former special ops agent (in the mold of Harrison Ford) and together, they follow data-mined leads in hope of saving innocent individuals.

In the US, our government has such a program. In fact, there are many Total Information Awareness projects. Unlike the Hollywood version, there was never any intent to purge personal information. In fact, it’s collection and analysis is the whole point. Another difference with the television series is that our government is not satisfied to mine public data or even legally obtained data. Instead, The federal government adds new primary data mechanisms every month and builds enormous enterprises to spy on individuals. This results in voluminous information daily, all of it available for future data mining without anyone’s knowledge or consent.

Of course, information and videos of individuals are routinely recorded wherever we go. But typically, we assume that this information is not centrally gathered, compared or analyzed. Most people assume that they are “off the radar” if they are not being actively tracked as part of an investigation. But with data mining techniques, no one is really off the radar. Machines make decisions about patterns that should be flagged and escalated for additional scrutiny.

Mixmaster: An Innocent Tool or Antiforensics?
In the 1990’s, despite a background in cryptography and computer science, I wasn’t aware of these programs. In the fields of political science and sociology, I was a ninnyhammer. It is either coincidence or perhaps prescience that I proposed and then participated in a project called a Mixmaster more than a decade ago…

The idea was simple: As you surf the web or send mail, your digital footprints are randomized so that an interloper or investigator could not piece together the participants in an internet exchange, nor determine the habits of an individual user. Well, they’re not really random, but the IP address reported to the email service or web page you visit is substituted by one associated with another participant in the project. That’s because each data leaving your PC is relayed through internet services associated with the others. We added a few simple facets to further obscure tracks:

  • Recognizing that a rogue participant might keep a log on the individuals who hand off data through his own relay (or may be compelled to do so in the future), our code automatically increased the number of ‘hops’ in relationship to the number of available peers. Anonymity was enhanced, because an unfriendly investigator attempting to trace the source of a web visit or email would need cooperation from a larger pool of participants.
  • Data between participants ware encrypted and randomized in length and even timing, to thwart possible forensic analysis.
  • A backward channel was added, but with very tight rules on expiration and purging. This allowed packet acknowledgement, web site navigation, and even two-way dialogue while still preserving anonymity.

Privacy & Politics
For most of us involved in the project, we had no endgame or political agenda. We simply recognized that it is occasionally comforting to send email, browse the web or post to a public forum without leaving a traceable return address. To those who claimed that our work might aid money launderers, terrorists or child molesters, we explained that identification and authentication should be under control of parties involved in a conversation. The internet is a new communications medium. But it was not designed to undermine the privacy of every conversation for the purpose of facilitating future forensic investigation. Investigators – if their purpose is supported by judicial oversight –have many old school methods and tools to aid their detective work. The growth of a new communication medium must not become a key to suppression or compromised privacy.

Vacuum-cleaner surveillance

Anonymous, but authenticated
There is a big difference, between identification and authentication. In a democracy, citizens are authenticated at the polls. But they enter a private booth to cast their vote and they turn in a ballot without a signature. They are identified (or even better, authenticated without identification) for the purpose of verifying eligibility. But their identity is not carried over to their voting decision. The real business is effectively anonymous.

This isn’t to say that all authorized entry systems should allow anonymous access. Of course not! Access entry systems typically might asks “Who are you?” (your User ID) and then ask for proof (typically a password). Your identity is not always required, but proof of authorized access can come in 3 forms. Very secure systems (such as banks) require at least 2 of these before allowing access:

  • something you know: A password or challenge
  • something you have: Evidence that you have a token or card
  • something you are:    A fingerprint, recognizable face, or voice match

In each case, it is the person behind the door that needs your identity or authorization and not your government.

Anonymity and encryption go hand in hand. Both technologies are used to ensure that internet communication is private and does not become the affair of your friends, employer, former spouse, or government overseers. So where, exactly, does your government stand on the use of internet encryption or anonymity? In most of the world, the answer is clear. Governments stand for propaganda and crowd control. They are against any technology that enhances privacy. But this is not a universal axiom: In Germany, they stand on the side of citizens. Your data and your identity belong to you. Very little of your affairs are open to the government. But in the United States, the answer is very murky…

The NSA conducts vacuum-cleaner surveillance of all data crossing the Internet–email, web surfing… everything!  –Mark Klein

Under George W. Bush, every bit of information was Uncle Sam’s business. With oversight by Dick Cheney (and hidden from legislative or judicial oversights), the executive branch concocted mechanisms of blatant domestic spying. Of course, the ringleaders realized that each mechanism violated the US constitution protection from unreasonable search, and so it was ordered and implemented covertly until a technician working for AT&T blew the whistle. Suddenly stories were surfacing that Uncle Sam was implementing a Reagan era project that had been shelved during the Clinton era. This launched a scramble to win public support for The Patriot Act, an absurd euphemism which attempts to whitewash illegal snooping as the patriotic duty of each citizen (talk about ‘deceptive’! Our leaders must think that we are sheep. Not just your garden variety grass-eating sheep, but really, really dumb sheep that feed on bull chips!).

       -=-=-=-=-=-=-=-   (writing in progress)

… until  and  (including preemptive data mining with programs like Dick Cheney’s “total information awareness”), back doors built into encryption chips, “deep packet” data sniffing installed at  major switching center, satellite interception of phone calls, and national security letters (a euphemism for warrantless snooping).

Before the Obama administration, the answer was clear. These technologies are barely tolerated for banking, medicine and commerce. But they are to be weakened, subterfuged or thwarted when used by private citizens. In each case, the government sought to block the technology or insert a back door into the programming code (and into actual data centers) for use during any future investigation. Of course, in a bold era of predictive behavior modeling, authorized investigations often gives way to fishing expeditions for the sole purpose of information gathering.

But something has changed in the past 2 years. As news spread about Internet censorship in China, the Arab spring, and covert schools for girls in Taliban controlled regions of Afghanistan, the US government began to recognize that uncensored and even untraceable Internet use sometimes coincided with foreign policy objectives. Imagine the conundrum this revelation must have generated within the state department! On the one hand, the Patriot Act sanctions blatant acts of domestic spying (including preemptive data mining with programs like Dick Cheney’s “total information awareness”), back doors built into encryption chips, “deep packet” data sniffing installed at  major switching center, satellite interception of phone calls, and national security letters (a euphemism for warrantless snooping). Yet, they also support freedom of speech and privacy for anything that supports US policy amongst our friends.

-=-=-=-=-=-=-

Today, this model has been widely adopted and greatly enhanced by an open source project called Tor. In this blog, I won’t try to justify the need for robust anonymous relays. Better writers and social philosophers than me have explained why free and anonymous communications channels are central to a free and democratic society. Better writers than me have chronicled the abuse of the Patriot Act, Echelon, TIA and numerous other abuses of government forms of overreach. Better writers than me have explained how open and free communication leads to increased safety even if it sometimes facilitates communications among terrorists, digital pirates or pornographers.

-=-=-=-=-=-=-

Turn of Events: Government as Advocate

  • Obama lends support to Tor
  • Tor to users: Use Amazon Cloud as bridge to anonymity  (this section under development)

Additional Reading

  • Carrier IQ (CIQ): A secret routine is embedded in Android phones sends every user keystroke to the network carrier, even when you opt out of every single connectivity feature. It cannot be uninstalled and cannot be uninstalled nor even shut down!
  • Surrounded by Surveillance: Is Everything Spying On You?

    Pigeons aren’t the only ones listening. The light pole itself broadcasts conversations.

    Even municipal light posts send conversations to government agencies, supposedly to aid first responders in an emergency. But wait! The manufacturer “proudly contacted DARPA” to suggest a more sinister use for the data collected from hidden microphones?

  • Wikipedia entry: Information Awareness Office (introduction & overview)
  • Official DARPA site: Information Awareness Office
  • The Smoking Gun: Discovery of Massive “Vacuum Sweep” Domestic Spying
    Leads to Patriot Act (euphemism for act of Profound Anti-Americanism)