1 2011-09-18 00:00:12 <luke-jr> hololeap: if you're wanting to get into mining, #Eligius is a better channel
2 2011-09-18 00:00:35 <hololeap> ok
3 2011-09-18 00:00:47 <hololeap> is eligius a program or something?
4 2011-09-18 00:01:00 <neofutur> a mining pool
5 2011-09-18 00:01:07 <hololeap> ok
6 2011-09-18 00:01:31 <Disposition> luke-jr lol it's suppose to be humorous :P
7 2011-09-18 00:02:29 <b4epoche_> can we quit with the pooled mining is more 'efficient'& that's just not true
8 2011-09-18 00:02:56 <b4epoche_> there are benefits and hololeap should probably go that route but efficiency is not one of them
9 2011-09-18 00:03:01 <luke-jr> b4epoche_: yes, it is
10 2011-09-18 00:03:26 <luke-jr> b4epoche_: if you don't like it, submit pull requests to improve solo mining and hope they get merged someday
11 2011-09-18 00:03:38 <luke-jr> (afaik I'm the only one to actually do that ^)
12 2011-09-18 00:03:48 <b4epoche_> pull requests on what? client?
13 2011-09-18 00:03:54 <luke-jr> bitcoind
14 2011-09-18 00:04:01 <b4epoche_> no one would mine with that
15 2011-09-18 00:04:04 <luke-jr> &
16 2011-09-18 00:04:13 <hololeap> so mining doesn't make much sense unless you have a gpu?
17 2011-09-18 00:04:13 <luke-jr> that's the weak link in solo mining
18 2011-09-18 00:04:20 <luke-jr> hololeap: no, not really
19 2011-09-18 00:04:32 <luke-jr> hololeap: if you mine with a CPU, you'll pay more in electric than you'll make in Bitcoins
20 2011-09-18 00:04:47 <b4epoche_> why would you mine solo with bitcoind?
21 2011-09-18 00:04:58 <luke-jr> b4epoche_: there's no other way to solo mine
22 2011-09-18 00:05:30 <luke-jr> other than setting up a private pool
23 2011-09-18 00:05:33 <b4epoche_> well, depends on what you mean by solo
24 2011-09-18 00:05:48 <hololeap> 1 more question: if every time someone raises the bar as far as processing power for a miner does that make it harder for everyone to mine coins?
25 2011-09-18 00:05:58 <luke-jr> b4epoche_: generally, solo means "pointing a miner directly at your own bitcoind"
26 2011-09-18 00:06:05 <luke-jr> hololeap: yep
27 2011-09-18 00:06:27 <b4epoche_> then that's bad terminology
28 2011-09-18 00:06:44 <luke-jr> b4epoche_: what else would it mean?
29 2011-09-18 00:06:54 <hololeap> so then won't it eventually just get to a point where the electricity used mining bitcoins always costs more than the bitcoins gained?
30 2011-09-18 00:06:57 <b4epoche_> solo mines 'alone'
31 2011-09-18 00:07:06 <luke-jr> hololeap: equilibrium, yes
32 2011-09-18 00:07:11 <b4epoche_> and you can mine alone in many different ways (without bitcoind)
33 2011-09-18 00:07:11 <luke-jr> b4epoche_: same thing
34 2011-09-18 00:07:18 <luke-jr> not right now, no
35 2011-09-18 00:07:28 <luke-jr> bitcoind is the only way to mine at all right now
36 2011-09-18 00:07:32 <b4epoche_> and solo pool
37 2011-09-18 00:07:34 <luke-jr> even pooled mining uses it indirectly
38 2011-09-18 00:07:54 <luke-jr> solo pool can be as efficient as any other pool, admittedly
39 2011-09-18 00:08:06 <luke-jr> but you're also still on your own, so don't benefit from the lower variance
40 2011-09-18 00:08:20 <hololeap> if somebody used a nsa supercomputer to generate coins, then nobody would be able to cost-effectively mine anymore... doesn't that seem like an issue?
41 2011-09-18 00:08:22 <b4epoche_> but lower variance != more efficient
42 2011-09-18 00:08:22 <luke-jr> and you have to set it up
43 2011-09-18 00:08:36 <luke-jr> hololeap: indeed
44 2011-09-18 00:09:02 <luke-jr> b4epoche_: yes, I already admitted that a solo pool would be just as efficient :p
45 2011-09-18 00:09:06 <b4epoche_> hololeap: NSA supercomputer would add about 2% to the total network hashrate
46 2011-09-18 00:09:22 <luke-jr> b4epoche_: just moving on to other reasons why you don't want to go that road :p
47 2011-09-18 00:09:42 <luke-jr> b4epoche_: I assume hololeap means a NEW supercomputer designed for the purpose :p
48 2011-09-18 00:09:47 <b4epoche_> luke-jr: I wouldn't complain if you told people that it's probably in their best interest to join a pool
49 2011-09-18 00:09:54 <hololeap> i just meant a really really powerful computer
50 2011-09-18 00:10:11 <luke-jr> b4epoche_: solo pool is still a pool
51 2011-09-18 00:10:14 <b4epoche_> even the top supercomputer today would add a small percentage
52 2011-09-18 00:10:24 <hololeap> or even hundreds of them, say, if somebody started marketing high-power computers for mining use
53 2011-09-18 00:10:33 <Namegduf> You mean like GPUs?
54 2011-09-18 00:10:34 <hololeap> or thousands
55 2011-09-18 00:10:36 <luke-jr> hololeap: why market them? ;)
56 2011-09-18 00:10:52 <luke-jr> better to just use them directly
57 2011-09-18 00:10:53 <Namegduf> Lots of individual people having high power stuff is a Good Thing.
58 2011-09-18 00:10:56 <b4epoche_> joining a pool != setting up a solo pool
59 2011-09-18 00:11:13 <Namegduf> The reason more miners is good is to prevent any one person from being able to get 51%.
60 2011-09-18 00:11:23 <Namegduf> Same applies to more mining power.
61 2011-09-18 00:11:38 <Namegduf> Yes, it would be bad if a single person could build one large or lots of small systems to get 51%
62 2011-09-18 00:11:43 <Namegduf> But already the feasibility of that is dubious
63 2011-09-18 00:11:55 <Namegduf> At least for that example, anyway
64 2011-09-18 00:12:16 <Namegduf> GPU miners made CPU mining unprofitable, and a new kind of mining hardware would just result in a similar shift. It's not a bad thing.
65 2011-09-18 00:13:22 <luke-jr> Namegduf: it is if someone hoards the new kind
66 2011-09-18 00:13:29 <luke-jr> like people did with GPUs initially
67 2011-09-18 00:13:57 <b4epoche_> people hoarded GPUs?
68 2011-09-18 00:14:06 <Namegduf> All mine
69 2011-09-18 00:14:12 <luke-jr> b4epoche_: GPU miner softare
70 2011-09-18 00:14:16 <Namegduf> >:|
71 2011-09-18 00:14:37 <b4epoche_> well, it's not that hard to write a GPU miner
72 2011-09-18 00:14:43 <Namegduf> (I did not ever write any GPU mining software, I was joking about the GPU thing)
73 2011-09-18 00:15:21 <luke-jr> b4epoche_: it's hard for me
74 2011-09-18 00:15:26 <luke-jr> and most people mining now
75 2011-09-18 00:15:58 <b4epoche_> sure, but it doesn't take everyone writing their own...
76 2011-09-18 00:16:48 <b4epoche_> I'm sure 20 people were working on writing them as soon as they realized it was profitable& and only one of those has to be noble enough to release the code
77 2011-09-18 00:16:57 <hololeap> my point is, as people pour more and more resources into trying to be the top bitcoin miner, there's goint to be a point where it becomes more money to mine than people can produce
78 2011-09-18 00:17:16 <hololeap> or is that supposed to happen?
79 2011-09-18 00:17:38 <b4epoche_> hololeap: you have to consider exchange rates
80 2011-09-18 00:18:04 <b4epoche_> at this point $5/btc it's marginally profitable to mine (and depends a lot on how much you pay for electricity)
81 2011-09-18 00:18:30 <luke-jr> b4epoche_: the original GPU miners were never released
82 2011-09-18 00:18:59 <luke-jr> and when GPU mining broke, Bitcoin was much smaller
83 2011-09-18 00:19:01 <b4epoche_> and how long did it take for other folks to write something?
84 2011-09-18 00:19:17 <luke-jr> a couple of months I think
85 2011-09-18 00:19:19 <luke-jr> not sure
86 2011-09-18 00:19:20 <luke-jr> it was before my time
87 2011-09-18 00:20:01 <b4epoche_> hololeap: I think the last difficulty change was negative...
88 2011-09-18 00:20:15 <hololeap> really...
89 2011-09-18 00:20:24 <gmaxwell> hololeap: sure. It's perfectly permitted to do that.
90 2011-09-18 00:20:28 <hololeap> i was just curious anyways, not trying to criticize
91 2011-09-18 00:20:39 <gmaxwell> It also has gone down in the past.. e.g. about 9 months ago or so.
92 2011-09-18 00:20:59 <gmaxwell> Difficulty adjusts in order to keep the rate of coin creation constant.
93 2011-09-18 00:21:53 <gmaxwell> You have to keep in mind that the purpose of mining is not to generate new bitcoins, the purpose of mining is to secure the bitcoin transaction log (block chain) against forgery or modification. The creation of new coin is an intentional side effect...
94 2011-09-18 00:22:18 <hololeap> ok
95 2011-09-18 00:22:20 <gmaxwell> mostly because the system needed a way to distribute the initial wealth 'fairly' and it needed to provide an incentive for people to secure a system that no one was yet using.
96 2011-09-18 00:25:00 <b4epoche_> there's a lot of 'social engineering' in bitcoin
97 2011-09-18 00:25:24 <hololeap> thats cool
98 2011-09-18 00:25:28 <hololeap> that's awesome really
99 2011-09-18 00:25:42 <hololeap> who's that guy behind the venus project?
100 2011-09-18 00:26:05 <hololeap> he had those sorts of ideas
101 2011-09-18 00:27:27 <hololeap> Jacque Fresco
102 2011-09-18 00:28:40 <luke-jr> gmaxwell: even with use, people need incentive to do it
103 2011-09-18 00:28:43 <luke-jr> gmaxwell: hence fees
104 2011-09-18 00:29:05 <forrestv> are "POTENTIAL DEADLOCK DETECTED" messages like http://im.forre.st/pb/88087994.txt normal?
105 2011-09-18 01:45:18 <LightRider> The Venus Project is great. Have you heard about the Zeitgeist documentaries?
106 2011-09-18 01:54:23 <cjdelisle> The Penis project is better and it doesn't include a documentry which is a load of horseshit
107 2011-09-18 01:55:34 <freewil> cjdelisle, you'd like that ;)
108 2011-09-18 01:59:11 <luke-jr> sipa: + printf("connect() failed: %s\n",strerror(WSAGetLastError()));
109 2011-09-18 01:59:16 <luke-jr> sipa: I suspect that is wrong on Windows?
110 2011-09-18 01:59:45 <flying> wtf?
111 2011-09-18 02:01:45 <cjdelisle> freewil: who wouldn't? :D
112 2011-09-18 02:04:47 <sacarlson> ???;;bc,calcd 1000 0.49
113 2011-09-18 02:05:23 <gribble> The average time to generate a block at 1000 Khps, given the supplied difficulty of 0.49, is 35 minutes and 4 seconds
114 2011-09-18 02:05:23 <sacarlson> ;;bc,calcd 1000 0.49
115 2011-09-18 02:08:46 <sacarlson> ;;bc,calcd 10000 0.49
116 2011-09-18 02:08:47 <gribble> The average time to generate a block at 10000 Khps, given the supplied difficulty of 0.49, is 3 minutes and 30 seconds
117 2011-09-18 03:15:47 <vsrinivas> is the code path that handles reducing block mining rewards active on testnet?
118 2011-09-18 03:16:44 <LightRider> cjdelisle likes penises?
119 2011-09-18 03:17:01 <LightRider> Well, to each their own..
120 2011-09-18 03:17:12 <cjdelisle> yup, love my own :)
121 2011-09-18 03:17:21 <cjdelisle> also music :D http://www.youtube.com/aclfestival
122 2011-09-18 04:23:08 <pointbiz> new version of bitaddress.org QRCodes now available
123 2011-09-18 04:23:09 <pointbiz> http://www.bitaddress.org/bitaddress.org-v0.4-SHA1-9d3afda22f8cf526330c0387a77e4016fd050323.html
124 2011-09-18 04:24:59 <gmaxwell> pointbiz: how much money have you made from idiots who use private keys you generate so far? 0_o
125 2011-09-18 04:26:49 <gmaxwell> pointbiz: I'm going to oppose the addition of the wallet import/export functionality due to the existance of this site. If _anyone_ uses it thats evidence enough that the functionality is bad for bitcoin users.
126 2011-09-18 04:29:01 <cjdelisle> gmaxwell: that perticular site does it all in javascript on the client side but I agree that people should not learn that pattern of getting private keys from websites
127 2011-09-18 04:30:10 <k9quaint> damnit, I was going to make a solidcoin vanity key site :(
128 2011-09-18 04:30:18 <gmaxwell> cjdelisle: it does this time you load it, what about the next time you load it?
129 2011-09-18 04:30:19 <k9quaint> talk about easy pickings
130 2011-09-18 04:31:03 <cjdelisle> gmaxwell: you accused pointbiz of stealing people's money, do you have anything to back it or is it FUD?
131 2011-09-18 04:31:22 <gmaxwell> I asked a question.
132 2011-09-18 04:31:42 <k9quaint> it is a bad paradigm
133 2011-09-18 04:32:47 <gmaxwell> cjdelisle: moreover, I am highly suspicious becausse I would never willingly run such a site: Even if I ran it completely ethically eventually someone would accuse me of keeping the private keys, and there would be no way for me to defend myself from the attack.
134 2011-09-18 04:33:11 <gmaxwell> I should also note that the domain is registered through an anonymization service.
135 2011-09-18 04:35:01 <k9quaint> that would be an excellent site to inject some javascript code into ;)
136 2011-09-18 04:35:45 <flying> (>�>)
137 2011-09-18 04:36:00 <gmaxwell> Indeed, it's not https too, which mean that basic DNS poisoning attacks would do some great stuff.
138 2011-09-18 04:37:05 <cjdelisle> Also I think blocking development of bitcoin because it might make it easier for people to be defrauded is not going to help anyone.
139 2011-09-18 04:37:16 <cjdelisle> Protecting the user from himself..
140 2011-09-18 04:37:20 <k9quaint> that is quite a leap of logic
141 2011-09-18 04:37:38 <k9quaint> one could make a perfectly secure browser based implementation of bitcoind
142 2011-09-18 04:38:00 <k9quaint> the penalty for getting it wrong would be quite severe however
143 2011-09-18 04:38:09 <gmaxwell> Of course the software should protect the user from themselves. We're humans, not super humans. Even the smartet and most careful of us make mistakes. The software protects you from yourself in many ways.
144 2011-09-18 04:38:17 <cjdelisle> there's a chrome extension which implements bitcoin
145 2011-09-18 04:38:32 <k9quaint> gmaxwell: "Are you sure you want to delete all the files?"
146 2011-09-18 04:39:05 <gmaxwell> For example, addresses have check digits to prevent coin from being lost due to typos. The software doesn't just display your private key data on the screen where it could be copied from. There is no throbbing erase all my bitcoin button.
147 2011-09-18 04:39:28 <cjdelisle> https://github.com/hach-que/Collate
148 2011-09-18 04:39:32 <k9quaint> I always found the lack of throbbing controls disturbing
149 2011-09-18 04:39:46 <gmaxwell> The notion of how private keys work is tricky and not otherwise required for bitcoin user to safely use the software. (beyond keep your wallet.dat private)
150 2011-09-18 04:40:19 <gmaxwell> The addition of import/export means that users have to understand a bit more in order to be secure and must correctly apply that understanding.
151 2011-09-18 04:40:34 <k9quaint> gmaxwell: but isn't it ok to give your wallet to people on the internet that you just met and seem like really nice people?
152 2011-09-18 04:40:50 <gmaxwell> A user who is doing so would _never_ use that website, so the continued existance of the site is evidence against the feature.
153 2011-09-18 04:41:09 <pointbiz> brb
154 2011-09-18 04:41:12 <gmaxwell> k9quaint: and hell, with wallet crypto even doing that is somewhat less terrible.
155 2011-09-18 04:41:35 <cjdelisle> I will not encrypt my wallet until there is a way to decrypt it
156 2011-09-18 04:41:49 <k9quaint> gmaxwell: I store mine in /dev/null
157 2011-09-18 04:41:59 <k9quaint> write only, 100% secure
158 2011-09-18 04:42:08 <cjdelisle> I don't care if you think I shouldn't need that. I will not encrypt something until I know I can decrypt it.
159 2011-09-18 04:42:36 <gmaxwell> Then don't encrypt it. Wallet encryption isn't that useful of a feature.
160 2011-09-18 04:42:45 <gmaxwell> I trust that you know not to give people you wallet.dat. :)
161 2011-09-18 04:42:53 <k9quaint> and why wouldn't you be able to decrypt it?
162 2011-09-18 04:43:06 <k9quaint> (assuming you do not use my method)
163 2011-09-18 04:43:13 <gmaxwell> k9quaint: there is no option to disable wallet encryption once enabled.
164 2011-09-18 04:43:25 <cjdelisle> so it's a trap
165 2011-09-18 04:43:30 <gmaxwell> There isn't a good argument for one that anyone can come up with.
166 2011-09-18 04:43:38 <cjdelisle> or at least that's the message you send to the user.
167 2011-09-18 04:43:54 <cjdelisle> because it's a UI disaster?
168 2011-09-18 04:44:00 <gmaxwell> And it would be more code that must be carefully tested, won't be tested by most wallets, and could eat you wallet if there is a bug.
169 2011-09-18 04:44:31 <k9quaint> gmaxwell: if the wallet cannot be decrypted, how do you get at the private key?
170 2011-09-18 04:44:46 <gmaxwell> k9quaint: it can be decrypted fine.
171 2011-09-18 04:44:48 <mabus> ill just keep my btc with mtgox and sue them if they lose them
172 2011-09-18 04:45:03 <gmaxwell> cjdelisle's complaint is that you can't deactivate the wallet encryption once you've activated it.
173 2011-09-18 04:45:06 <k9quaint> <cjdelisle> I will not encrypt my wallet until there is a way to decrypt it <-- did I read that wrong?
174 2011-09-18 04:45:09 <k9quaint> ah, I see
175 2011-09-18 04:45:37 <gmaxwell> The ability to deactivate also creates a security vulnerablilty, though I admit not a huge one.
176 2011-09-18 04:45:43 <k9quaint> well, you can deactivate it
177 2011-09-18 04:45:45 <mabus> well wouldnt you be able to theoretically? given you have the encryption keys and encrypted wallet
178 2011-09-18 04:45:46 <cjdelisle> Actually there are a lot of traps in bitcoin, if you update to 0.4 then it crashes when you try to send money, you can't just fire up 0.3.x, you're wallet is basicly borked.
179 2011-09-18 04:46:01 <k9quaint> transfer the money out of the encrypted wallet, make a new wallet without encryption ;)
180 2011-09-18 04:46:09 <cjdelisle> that works
181 2011-09-18 04:46:12 <gmaxwell> mabus: oh sure, in theory, there is just no option in the software.
182 2011-09-18 04:46:20 <gmaxwell> k9quaint: yep. Works just fine.
183 2011-09-18 04:46:40 <pointbiz> gmaxwell: I appreciate your skepticism. Some homework will show you the site has been live less than a month
184 2011-09-18 04:47:01 <pointbiz> gmaxwell: I don't expect anyone who can't read and understand JavaScript to trust the site
185 2011-09-18 04:47:03 <gmaxwell> There are also subtle consequences of decrypting it, for example if you decrypt it then reencrypt it you'll almost certantly end up with private key data left 'erased' on your disk. Try explaining that to users.
186 2011-09-18 04:47:29 <pointbiz> I've provided a signature of the SHA1 hash of the HTML file, that's all the assurance anyone needs that the file has not been altered.
187 2011-09-18 04:47:38 <gmaxwell> pointbiz: the most expirenced js expert in the world couldn't say without hours of review if all that code has a backdoor or not.
188 2011-09-18 04:47:40 <k9quaint> gmaxwell: explain it to users? Just start every sentence with "Hey look! Cows! over there!"
189 2011-09-18 04:47:53 <pointbiz> I recommend you download the HTML and check the SHA1 hash before using
190 2011-09-18 04:48:08 <k9quaint> pointbiz: I would rather have him download my HTML thinking it is yours
191 2011-09-18 04:48:10 <cjdelisle> pointbiz: you are teaching users bad habbits.
192 2011-09-18 04:48:24 <cjdelisle> It doesn't matter how honest you are, it's a bad habbit
193 2011-09-18 04:48:54 <pointbiz> gmaxwell: I'll give you a short cut search for "XMLHttpRequest"
194 2011-09-18 04:48:59 <gmaxwell> well, your site is also an attractive target for attackers. Of course, anyone who can change the page can change the sha1, plus no one will actually check it.
195 2011-09-18 04:49:00 <k9quaint> or a bad hobbit, which is worse
196 2011-09-18 04:49:13 <gmaxwell> pointbiz: thats not the only way that it could leak information of course.
197 2011-09-18 04:49:17 <pointbiz> my intention is that someone with more credibility than me with also sign the SHA1 hash
198 2011-09-18 04:49:33 <cjdelisle> I hope nobody with any credibility signs that
199 2011-09-18 04:49:35 <pointbiz> huh?
200 2011-09-18 04:49:52 <cjdelisle> it is going to teach people that it's just fine to import keys you found on the web.
201 2011-09-18 04:49:56 <k9quaint> pointbiz: your website is missing a letter
202 2011-09-18 04:50:14 <cjdelisle> People don't *see* that you are honest, they just see a website that tells them a key.
203 2011-09-18 04:50:47 <gmaxwell> Doesn't matter if pointbiz is honest. His site could be hacked, your DNS could be poisoned.
204 2011-09-18 04:51:02 <gmaxwell> Ninjas could hold guns to pointbiz's head.
205 2011-09-18 04:51:09 <BTCPoliceLogger> cjdelisle: Error: "and" is not a valid command.
206 2011-09-18 04:51:09 <cjdelisle> ^and the next copycat *won't* be honest
207 2011-09-18 04:51:09 <pointbiz> k9quaint: what letter?
208 2011-09-18 04:51:14 <k9quaint> pointbiz: s
209 2011-09-18 04:51:19 <zamgo> Hey look! Ninja cows! over there!
210 2011-09-18 04:51:20 <BTCPoliceLogger> cjdelisle: Error: "bash" is not a valid command.
211 2011-09-18 04:51:20 <cjdelisle> ^bash reboot
212 2011-09-18 04:51:30 <gmaxwell> You could have a browser addon that happens to be copying data about pages you view to other sites.
213 2011-09-18 04:52:50 <cjdelisle> OTOH Keeping the user safe from themselves is a thankless job, they will always hate you for restricting them and they will hate bitcoin for being broken, restrictive, and treating them like children. It is more important to provide them a user experience that makes them feel good than do things which will stop them from making bad decisions.
214 2011-09-18 04:53:13 <pointbiz> gmaxwell: please explain the ways the site can leak information?
215 2011-09-18 04:53:28 <k9quaint> pointbiz: start with adding an s to the end of the http
216 2011-09-18 04:53:58 <cjdelisle> Little things like warning them that their wallet is going to be unreadable to 3.x when they convert it to 4.0 will go a long way toward giving people piece of mind that is needed to get bitcoin to be used.
217 2011-09-18 04:54:10 <gmaxwell> pointbiz: For example, there may be weaknesses in the browser that allows other pages to find out about previously loaded data urls.
218 2011-09-18 04:54:32 <cjdelisle> Also key import/export is important because people can and will write their keys down on paper and put them away where they are physically safe.
219 2011-09-18 04:54:35 <gmaxwell> cjdelisle: I wasn't under the impresion that the bdb version change was actually intentional. Whats the status of that?
220 2011-09-18 04:54:47 <cjdelisle> bluematt says they are.
221 2011-09-18 04:55:33 <cjdelisle> IMO the absolute most important thing is to hold people's hands through the process. Explain each step and make them feel comfotable.
222 2011-09-18 04:55:41 <gmaxwell> cjdelisle: that doesn't work so well, since your money will end up spread across many invisible addresses due to change generation. If you attempt to backup that way you'll probably get burned. Better to just backup the whole wallet.dat.
223 2011-09-18 04:56:24 <cjdelisle> That's fine but the format now is bound to the bitcoin version.
224 2011-09-18 04:56:38 <gmaxwell> It's forwards compatible.
225 2011-09-18 04:57:01 <cjdelisle> It would be better if people can see 'key' : { 'private': 'hshsjld', 'public': 'shfhkjlhf' } // amount 25BTC
226 2011-09-18 04:57:49 <cjdelisle> yea but when someone installs version 4 and it updates their wallet and promptly crashes, they are going to want your balls in a jar.
227 2011-09-18 04:58:13 <cjdelisle> that is not the kind of user experience we need.
228 2011-09-18 04:58:30 <k9quaint> cjdelisle: I would never upgrade my wallet, I would install fresh somewhere else, and transfer the money from the old version
229 2011-09-18 04:58:36 <k9quaint> but I am paranoid
230 2011-09-18 04:59:13 <gmaxwell> cjdelisle: best to make version 4 not promptly crash then!
231 2011-09-18 04:59:23 <pointbiz> i like the idea of seeing my key
232 2011-09-18 04:59:26 <da2ce7> k9quaint, you should still update your wallet... in the case you receive any coins to your old addresses
233 2011-09-18 04:59:36 <cjdelisle> there will be some computer where that happens, mark my word.
234 2011-09-18 04:59:39 <pointbiz> vanitygen is cool... but when you download software you have to worry about trojans
235 2011-09-18 04:59:47 <pointbiz> javascript... solves that problem
236 2011-09-18 04:59:52 <cjdelisle> no it doesn't
237 2011-09-18 04:59:55 <gmaxwell> cjdelisle: sure. And people will help that user recover.
238 2011-09-18 04:59:56 <pointbiz> if you read the code
239 2011-09-18 05:00:10 <k9quaint> da2ce7: I am too cool to spend old coins sir!
240 2011-09-18 05:00:10 <pointbiz> and the code doesnt take that long to review
241 2011-09-18 05:00:34 <pointbiz> the Crypto and Bitcoin stuff and be diff'd against other sources of that code
242 2011-09-18 05:00:36 <gmaxwell> pointbiz: there is no way to actually validate the code. Checking software for subtle hidden compromises is quite difficult.
243 2011-09-18 05:00:38 <cjdelisle> pointbiz: we've been over this, it doesn't matter how honest you are, the next guy won't be and it will be *your* failt because you taught people that getting keys from the internet is ok.
244 2011-09-18 05:01:12 <gmaxwell> Most importantly, the validation effort isn't conserved. Every load could be different software.
245 2011-09-18 05:01:31 <k9quaint> pointbiz: at least test it out on solidcoin first ;)
246 2011-09-18 05:01:32 <cjdelisle> IMO most important is that it's a bad pattern
247 2011-09-18 05:02:02 <cjdelisle> It's like leaving your keys in your car, it works until it doesn't
248 2011-09-18 05:02:22 <gmaxwell> with the engine running and window down in the ghetto.
249 2011-09-18 05:02:49 <k9quaint> I do that all the time in GTA
250 2011-09-18 05:02:57 <gmaxwell> You have a gun in GTA, no?
251 2011-09-18 05:03:21 <k9quaint> are you saying my gun is made of javascript?
252 2011-09-18 05:03:28 <Rabbit67890> yes.
253 2011-09-18 05:04:22 <k9quaint> I hate the internet, because I am so bad at car analogies :(
254 2011-09-18 05:04:41 <gmaxwell> But would you buy an internet with the hood welded shut?
255 2011-09-18 05:04:44 <Rabbit67890> o_o
256 2011-09-18 05:04:49 <pointbiz> well as you can see from bitaddress.org i'm not really teaching anyone anything, at this point you have to have some indepth knowledge of bitcoin for the site to make any sense
257 2011-09-18 05:05:01 <pointbiz> I agree it's bad to make people think they can get addresses from websites
258 2011-09-18 05:05:15 <pointbiz> so i guess instawallet is worse then ?
259 2011-09-18 05:05:20 <gjs278> ;;bc,stats
260 2011-09-18 05:05:21 <cjdelisle> then why does bitaddress.org give people addresses?!
261 2011-09-18 05:05:23 <gribble> Current Blocks: 145836 | Current Difficulty: 1755425.3203287 | Next Difficulty At Block: 147167 | Next Difficulty In: 1331 blocks | Next Difficulty In About: 1 week, 2 days, 12 hours, 29 minutes, and 18 seconds | Next Difficulty Estimate: 1707133.74172241
262 2011-09-18 05:05:59 <pointbiz> cjdelisle: you give them to yourself. LOLOL
263 2011-09-18 05:06:00 <gmaxwell> pointbiz: The vulnerablity in the case of instalwallet is far more intutive to people.
264 2011-09-18 05:06:51 <cjdelisle> pointbiz: you know full well that users don't know where the address came from, you're trolling and you are beginning to look like a criminal now.
265 2011-09-18 05:06:57 <gmaxwell> (and considering that a webwallet site is responsible for the biggest recorded theft of bitcoin also suggests that it's bad independant of the users ability to understand the risks)
266 2011-09-18 05:07:41 <mabus> and the perpretrator still makes a tv show lol
267 2011-09-18 05:08:06 <pointbiz> so now i'm a troll? LOL
268 2011-09-18 05:08:33 <pointbiz> let me re-adjust the context here. my tool is for advanced users, who can read javascript
269 2011-09-18 05:08:36 <cjdelisle> you are pushing your site awfly hard
270 2011-09-18 05:09:07 <k9quaint> awfly: combination of awesome and supahfly
271 2011-09-18 05:09:08 <pointbiz> i'm just posting updates the bitcoin-dev channel with a new bitcoin related tool
272 2011-09-18 05:09:20 <pointbiz> i'm on version 0.4 and today people are accusing me of XYZ
273 2011-09-18 05:09:27 <pointbiz> and i'm humouring you guys
274 2011-09-18 05:09:45 <cjdelisle> it is a site that asks people to trust you (because people in reality don't read js)
275 2011-09-18 05:09:54 <pointbiz> the site is just a for fun project. 95% of the javascript i didnt even write
276 2011-09-18 05:10:13 <cjdelisle> #1 you are pushing it really hard. #2 it asks people to trust it with their money.
277 2011-09-18 05:10:15 <gmaxwell> pointbiz: so, if I put up five verions of your tool, and promise least one of which wasn't compromised, would you pick one and generate an address and send 100 btc to it?
278 2011-09-18 05:10:26 <cjdelisle> there are 2 things you have in common with a scam artist.
279 2011-09-18 05:10:39 <k9quaint> plus, at this point most of the gullible users flock to alternate crypto currencies and get their money stolen there
280 2011-09-18 05:11:00 <k9quaint> it would be interesting to see usage stats on the address creation site
281 2011-09-18 05:11:02 <pointbiz> it's one thing to be skeptical about my site then it's another thing to be mean to me
282 2011-09-18 05:11:09 <BTCTrader_> what is the time-travel attack?
283 2011-09-18 05:11:46 <cjdelisle> if you are honest then you will understand why your UI is flawed and consider chainging it.
284 2011-09-18 05:11:58 <cjdelisle> it gou are a scammer then I'm going to beat you like a red headed mule
285 2011-09-18 05:12:07 <k9quaint> BTCTrader_: one aspect is - difficulty is based on time, if you can manipulate the time, you can manipulate the difficulty
286 2011-09-18 05:12:09 <pointbiz> gmaxwell: i sent 0,10 BTC to the address i generated on my own version.
287 2011-09-18 05:12:29 <k9quaint> 0,10? A EURO!! GET HIM!!
288 2011-09-18 05:12:49 <mabus> you didnt notice from 'humouring'?
289 2011-09-18 05:13:03 <BTCTrader_> ok
290 2011-09-18 05:13:08 <k9quaint> mabus: I was too busy masturbating to my full length poster of michelle bachman
291 2011-09-18 05:13:16 <cjdelisle> wooo
292 2011-09-18 05:13:24 <mabus> k9quaint: you need to learn to multitask
293 2011-09-18 05:13:28 <k9quaint> I hit enter didn't I...
294 2011-09-18 05:13:53 <cjdelisle> pointbiz: why don't you put some of your effort into something like this: https://github.com/hach-que/Collate
295 2011-09-18 05:15:17 <cjdelisle> that's a chrome extension so as long as it's honest, people install it and from then on, they are all set.
296 2011-09-18 05:16:32 <pointbiz> and it stores your wallet locally on your computer?
297 2011-09-18 05:16:39 <mabus> but how do i steal your bitcoins with it cjdelisle ? waste of time
298 2011-09-18 05:17:38 <cjdelisle> I hope that's how it works, I have not read it.
299 2011-09-18 05:17:54 <pointbiz> so that's the same as the official bitcoin
300 2011-09-18 05:17:59 <cjdelisle> Browsers offer local storage to addons and even js running in a webpage.
301 2011-09-18 05:18:25 <pointbiz> for anonymity reason it's nice to use a tool like vanitygen
302 2011-09-18 05:18:43 <cjdelisle> there is no anonymity, this is bitcoin
303 2011-09-18 05:18:44 <pointbiz> it lets you make a wallet outside of your bitcoin wallet.dat that's all inter-associated
304 2011-09-18 05:18:55 <cjdelisle> there isn't any
305 2011-09-18 05:18:58 <cjdelisle> none
306 2011-09-18 05:19:09 <cjdelisle> big tux sees all
307 2011-09-18 05:19:11 <pointbiz> well if you read into it it's varying degrees of anonymity
308 2011-09-18 05:19:15 <pointbiz> lol
309 2011-09-18 05:19:25 <cjdelisle> really, I've seen the stuff myself
310 2011-09-18 05:19:31 <cjdelisle> money laundring is impossible
311 2011-09-18 05:19:33 <pointbiz> if an address is outside your local computer wallet.dat then it's not associated with that wallet
312 2011-09-18 05:19:38 <pointbiz> it may be associated with you in other ways
313 2011-09-18 05:19:46 <CIA-101> poolserverj:� shadders� * ebd6bd4d368e� r102� �/bitcoin-jsonrpc/src/main/java/com/shadworld/jsonrpc/JsonRpcClient.java:� -- add keep-alive header to json-rpc client requests.
314 2011-09-18 05:19:47 <CIA-101> poolserverj:� shadders� * 1614b422f504� r103� �/bitcoin-jsonrpc/src/main/java/com/shadworld/poolserver/conf/Res.java:�
315 2011-09-18 05:19:48 <CIA-101> poolserverj:� shadders� * a6436e85eaea� r104� �/poolserverj-main/src/main/java/com/shadworld/poolserver/ (9 files in 3 dirs):� (log message trimmed)
316 2011-09-18 05:19:49 <CIA-101> poolserverj:� - synchronize the change of sync status process
317 2011-09-18 05:19:50 <CIA-101> poolserverj:� - change NotifyLongpollClients thread to a Runnable task to avoid having to start up a new thread.
318 2011-09-18 05:20:15 <pointbiz> casascius has a C# tool that lets you make your own bitcoin address/private key as well
319 2011-09-18 05:20:49 <pointbiz> sometimes it's nice to make disposable addresses or whatever the use-case is
320 2011-09-18 05:20:53 <pointbiz> paper wallet etc
321 2011-09-18 05:21:08 <pointbiz> so i made a tool that is something i'd use myself
322 2011-09-18 05:21:23 <pointbiz> im not a chrome plugin guy, but im a javascript guy
323 2011-09-18 05:21:52 <cjdelisle> plugins are js
324 2011-09-18 05:22:29 <pointbiz> ok. thanks for the link.
325 2011-09-18 05:23:19 <pointbiz> someone is building strongcoin.com or .org
326 2011-09-18 05:23:33 <pointbiz> i guess it's a javascript wallet like that chrome plugin you mentioned
327 2011-09-18 05:23:41 <cjdelisle> heh speaking of c# - MrTiggr has a c# tool that pulls your financial pants down. bitcoin for money laundring = bad plan
328 2011-09-18 05:23:45 <pointbiz> i decided to just do something small
329 2011-09-18 05:24:06 <cjdelisle> well you can work it in to one of those projects I'm sure
330 2011-09-18 05:24:38 <pointbiz> i sent back some code to Stephan Thomas who manages the bitoinjs project
331 2011-09-18 05:24:51 <cjdelisle> and bitcoin in the browser might be nice for like donations and paywalls where you can practically click and drag bitcoin into a website.
332 2011-09-18 05:25:29 <cjdelisle> but the user interface needs to show the user very clearly that it's part of the browser, not part of the site.
333 2011-09-18 05:26:36 <pointbiz> ok, so im going to sleep
334 2011-09-18 05:26:58 <cjdelisle> gnight, sorry for riding you about that, I hope you understand why it is a bad path for users to take
335 2011-09-18 05:28:01 <pointbiz> yeah, i do understand regarding the bad path and I advise people to stay skeptical.
336 2011-09-18 05:28:18 <pointbiz> as Casascius mentioned to me, someone had to do this and it just turned out to be me
337 2011-09-18 05:37:59 <CIA-101> poolserverj:� shadders� * d836c0532970� r105� �/poolserverj-main/doc/config-samples/local-daemon.properties:� yet more sample config updates...
338 2011-09-18 05:39:03 <CIA-101> poolserverj:� shadders� * afd421ef8717� r107� �/poolserverj-main/etc/lib/lib_non-maven/ (4 files):� why won't these libs ever commit first time?!
339 2011-09-18 05:57:30 <CIA-101> poolserverj:� shadders� * 4fc7b3971f40� r108� �/poolserverj-main/license.txt:� license update - now a real open source license.