I think what he’s getting at with the privacy comparison is that with conventional online money transfer, your bank knows about your transaction history, but nobody else does (unless the bank is hacked or threatened, I suppose).
Right, hence the problem: Bitcoin has no one to target with a warrant, while the private service used by the author does.
With bitcoin, although it’s anonymised, everyone can see the complete historical record of all transactions. Although you can make a new address for each transaction, there’ll be a lot of timing information leaking out there—eg, if fifteen addresses send a total of 100 bitcoins to a new address in the space of a second, and then all those coins are sent to yet another address, chances are the original 15 addresses all belong to the same person.
True, but that’s not nearly asymmetric enough in favor of the attacker—the holder of the coins doesn’t need to use so naive a method as to do them all at the same time. They can randomize the transfers to the point where they just blend in with the noise of regular transactions. Plus, you’d have to compare traffic analysis effectiveness against regular banking.
Right, hence the problem: Bitcoin has no one to target with a warrant, while the private service used by the author does.
It depends on the the threat . Against governments with a search warrant looking for something specific, bitcoin would be better. Against governments doing secret large-scale surveillance, the bank may well be better.
True, but that’s not nearly asymmetric enough in favor of the attacker—the holder of the coins doesn’t need to use so naive a method as to do them all at the same time. They can randomize the transfers to the point where they just blend in with the noise of regular transactions. Plus, you’d have to compare traffic analysis effectiveness against regular banking
You don’t need to be that naive. But how clever do you have to be? And how clever are people actually being? Unless there’s a randomisation strategy that comes with good reason to believe it’s secure against unknown attacks, I wouldn’t want to put too much confidence in the anonymity.
You don’t need to be that naive. But how clever do you have to be?
Not at all. The protocols for bitlaundry-type arrangements just have to be updated to add random time delays all throughout. No extra effort on the user’s side.
There’s definitely a lot of extra work, though, that could be done on developing Bitcoin clients that automatically handle stuff like this. (It would have to, without being promted, generate new addresses every so often, and feed them to a service, either which has the time delays, or does it with a patter than would conceal data from traffic analysis.)
“could be” is all very well, but for the people using bitcoin right now, it needs to be “is”.
How long do the delays have to be? Does it matter if the recipient isn’t using a randomisation service? Etc? I’m not saying these questions are unanswerable, it’s just that they need real solid thinking done on them, which (as far as I know, which isn’t very far) hasn’t really been done. And then the answers need implementing.
Right, hence the problem: Bitcoin has no one to target with a warrant, while the private service used by the author does.
True, but that’s not nearly asymmetric enough in favor of the attacker—the holder of the coins doesn’t need to use so naive a method as to do them all at the same time. They can randomize the transfers to the point where they just blend in with the noise of regular transactions. Plus, you’d have to compare traffic analysis effectiveness against regular banking.
It depends on the the threat . Against governments with a search warrant looking for something specific, bitcoin would be better. Against governments doing secret large-scale surveillance, the bank may well be better.
You don’t need to be that naive. But how clever do you have to be? And how clever are people actually being? Unless there’s a randomisation strategy that comes with good reason to believe it’s secure against unknown attacks, I wouldn’t want to put too much confidence in the anonymity.
Not at all. The protocols for bitlaundry-type arrangements just have to be updated to add random time delays all throughout. No extra effort on the user’s side.
There’s definitely a lot of extra work, though, that could be done on developing Bitcoin clients that automatically handle stuff like this. (It would have to, without being promted, generate new addresses every so often, and feed them to a service, either which has the time delays, or does it with a patter than would conceal data from traffic analysis.)
“could be” is all very well, but for the people using bitcoin right now, it needs to be “is”.
How long do the delays have to be? Does it matter if the recipient isn’t using a randomisation service? Etc? I’m not saying these questions are unanswerable, it’s just that they need real solid thinking done on them, which (as far as I know, which isn’t very far) hasn’t really been done. And then the answers need implementing.