After the sucky Star Trek reboot, I assumed the series would get better. It didn't, the second installment in the series is much worse. If you are a fan of the Star Trek canon, do yourself a favor and don't see this movie. Once seen, it cannot be unseen.
The best analogy for this film is Transformers 3, a terrible movie consisting of one long action sequence with less plot holding it together than a porno. The critics hated that movie, giving it a score of 36% on Rotten Tomatoes. But, like porno, it's the low-brow entertainment that people want, making Transformers 3 the fifth highest grossing movie of all time (over $1-billion).
Similarly, this new Star Trek likewise is less a movie and more a spectacle. If you like lots of noise, shiny big things crashing into other big things, and men grunting at each other, then you'll like this movie. But, if you want to think, you'll hate it.
Star Trek 2 takes the low-brow concept even further. The unoriginal plot is just pulled bit by bit from the more famous episodes and movies in the Star Trek canon. It's designed to stroke your ego, making you think you are intelligent because you recognize what's going on. And that's the biggest problem: this new movie not only craps all over the Star Trek series as a whole, but over many of your favorite parts in particular.
Verdict: avoid like plague
Wednesday, May 15, 2013
Saturday, May 11, 2013
Nobody reads the ToS -- not even those who write them
GoGo Inflight is running a promotion right now giving you free Internet access on airplanes from your Blackberry phone/pad. Even if you don’t have a Blackberry device, you can still get the free service by changing your browser identifier to match a Blackberry (instructions below). Here’s the question: is spoofing your browser ID like this in order to get free Internet service illegal under laws like the CFAA ("Computer Fraud and Abuse Act")?
That’s an interesting debate, but there is a further twist: GoGo Inflight’s promotion violates their own Terms of Service (ToS). According to the ToS, you need a "user account" to use the service. However, the Blackberry promotion doesn't give you one, because it triggers off the browser ID. Thus, even if you have a valid Blackberry (and aren't cheating), you are still technically in violation of the Terms of Service.
The relevant text, edited a bit, from the Terms of Service is:
That’s an interesting debate, but there is a further twist: GoGo Inflight’s promotion violates their own Terms of Service (ToS). According to the ToS, you need a "user account" to use the service. However, the Blackberry promotion doesn't give you one, because it triggers off the browser ID. Thus, even if you have a valid Blackberry (and aren't cheating), you are still technically in violation of the Terms of Service.
The relevant text, edited a bit, from the Terms of Service is:
In order to use the Service, you must either
(a) create an account to become a registered User of the Service, or
(b) sign in through an existing account with a Roaming Partner.
With GoGo’s Blackberry promotion, neither (a) nor (b) happens. Instead, some sort of undocumented (c) event happens.
What I’m trying to show here is that nobody reads the Terms of Service – not even the people who write them. The marketing droids who negotiated the deal with Blackberry clearly had no idea that the promotion violates their own ToS.
That’s why Internet activists are up in arms about the anti-hacking law known as the CFAA. It’s so vague that it’s impossible to tell the line between legal or illegal. Even lawyers can't tell if you if cheating on the browser ID is legal/illegal. Prosecutors often try to use the ToS as a guide, but as this example demonstrates, companies don’t even mean what their ToS says.
Even though I paid the $12.99 for GoGo Inflight service (with a user-account), I also flushed the cookies and change the MAC address in order to test getting the free service. (Actually, I just rebooted -- my machine automatically flushes cookies and resets the MAC on reboot). I used a Chrome addon called “User-Agent Switcher” to change the browser identifier to:
What I’m trying to show here is that nobody reads the Terms of Service – not even the people who write them. The marketing droids who negotiated the deal with Blackberry clearly had no idea that the promotion violates their own ToS.
That’s why Internet activists are up in arms about the anti-hacking law known as the CFAA. It’s so vague that it’s impossible to tell the line between legal or illegal. Even lawyers can't tell if you if cheating on the browser ID is legal/illegal. Prosecutors often try to use the ToS as a guide, but as this example demonstrates, companies don’t even mean what their ToS says.
Even though I paid the $12.99 for GoGo Inflight service (with a user-account), I also flushed the cookies and change the MAC address in order to test getting the free service. (Actually, I just rebooted -- my machine automatically flushes cookies and resets the MAC on reboot). I used a Chrome addon called “User-Agent Switcher” to change the browser identifier to:
Mozilla/5.0 (BB10; Z10) AppleWebKit/534.55.3 (KHTML, like Gecko) Version/5.1.3 Mobile Safari/531.21.10
GoGo Inflight sees the “(BB10; Z10)” portion and assumes I’m using a Blackberry Z10 device and offered me the free service instead of paid service. The sequence of screens activating this are shown below:
From this point on, I had free Internet access from my MacBook Air. I didn’t use it, but switched back to the account that I’d paid for. But, what you are supposed to see in these screenshots is that even with a real Blackberry device, no user account is created. This means all Blackberry users are technically in violation of the ToS.
You can go read the Terms of Service yourself and find some reading that makes sense, thus refuting this blogpost. I’ve spent some time at it, and as far as I can tell, GoGo Inflight does not mean what its own ToS says.
You can go read the Terms of Service yourself and find some reading that makes sense, thus refuting this blogpost. I’ve spent some time at it, and as far as I can tell, GoGo Inflight does not mean what its own ToS says.
Tuesday, April 23, 2013
@AP hack: the stock market did not "plunge"
According to all press outlets, the stock market "plunged" today due to @AP getting hacked and reporting explosions at the White House. In fact, stock prices didn't change much at all. Below I've graphed today's S&P 500 stock price. As you can see, it's a flat line hovering within 1% of 1580:
So how does the press create a story that it plunged? By changing the baseline. Instead of using '0' as the baseline, they use a baseline of '1560'. This magnifies the change for dramatic purposes. It makes the graph look like the following:
This looks scary indeed, but it's not true. Yes, the @AP hack had a noticeable effect on stock prices, but not necessarily an important effect.
Let's look at it from another perspective, the ^VIX volatility index. As you can see, today was the least volatile of the past five trading days. In addition, the brief event related to @AP is only barely noticeable, and unremarkable compared to volatility later in the day.
Wednesday, April 10, 2013
A wonkish look at bitcoin economics
Bitcoin is an increasingly popular electronic currency, used both for legitimate and illegal transactions. Economists haven’t taken a serious look at bitcoin yet, so I thought I’d take a stab at it. In particular, I’m going to look at the “intrinsic value” of bitcoin, answering the question whether the recent rapid rise in price (to $240 at the time of writing this) is justified.
The TL;DR version is this: bitcoins have real value (they are not a fantasy), and that value is between $0.01 and $15000.
There have been many un-serious looks at BitCoin. Take, for example, this 2011 blogpost by Nobel-prize winning economist Paul Krugman, where he compares bitcoin to the gold standard. He’s completely wrong.
The mistake economists make is assuming that bitcoin works like real money. It doesn’t. While bitcoin is designed as a “medium of exchange”, it doesn’t serve the other traditional functions of money, such as a “store of value”, “unit of account”, or “measure of value”.
In recent months, the price of bitcoins has skyrocketed. In classic economics, this means that the bitcoin economy has experienced massive “deflation”. Likewise, when the bitcoin bubble bursts and the price goes down, the bitcoin economy will experience hyper “inflation”.
But this inflation/deflation has no effect. Prices aren’t denominated in bitcoins, but in some hard currency like dollars or euros. Buyers exchange their dollars for bitcoins, give the bitcoins to the seller, who then immediately changes them back to euros. The entire process takes about 30 minutes. The only requirement is that the exchange rate for bitcoins not fluctuate wildly during this half-hour window. Since bitcoins are electronic, they can easily be subdivided, so "billionth of a bitcoin" is a workable value. When analyzing bitcoin, we have to toss out this idea that it is a “measure of value” and the related ideas of inflation/deflation.
Bitcoins are not legal tender. That’s entirely the point: it’s a rebel currency designed to evade normal government controls. But that means there is no government protection, either. This means that you cannot borrow bitcoins, because the government won’t force you to pay back the loan. While might be able to store bitcoins in a “bank”, rather than paying you interest on your deposit, the “bank” would charge you a fee. Thus, there is no bitcoin financial system. Our entire economic system isn't based on money but derivatives of money -- all that goes away leaving bitcoins by themselves.
Bitcoins are not a “store of value”. Sure, speculators are hoarding bitcoins, but that’s a different thing. You can’t safely store bitcoins on your computer, because they will be lost when your hard drive crashes or a hacker infects you with a virus. You can’t rely upon somebody else to store them for you, because as mentioned above, there’s no law forcing them to give them back. And, as recent hacks of bitcoin businesses have shown, it’s unlikely that an online site is safe enough. Only experts have enough skill to safely store their own bitcoins over long periods of time.
This is the failing of economists. They’ve built up a bunch of assumptions and rules-of-thumb about how “money” works, but bitcoins aren’t really money, and those assumptions break down. We have to go back to first principles.
Bitcoins are currently above $200/coin. Is this price justified? Or is this due to speculators? What’s the “true” value of bitcoin? To answer this question we have to first find out the “true value” of any currency, like the dollar or euro. Why is $1 worth $1? Or, better asked, why is $1 worth a quarter of a Big Mac hamburger? The answer is this: economists don’t really know. They have theories, and some evidence, but they aren’t certain.
The basic theory of money is simply “supply and demand”. People demand money both as a medium of exchange and store of value. People demand money because barter is inefficient. If you want your car fixed, you might try to offer the mechanic some chickens, a goat, or a year of free haircuts. But if your mechanic is a long haired hippie, he’s not going to want any of these things in trade. What he wants is something that he can easily exchange elsewhere. In other words, your mechanic demands money.
The same goes with savings. Long term savings are in things like your house, but in an emergency, it’s hard to sell your house. Therefore, people want some savings in something more liquid, which is to say, money.
That’s where the value of $1 comes from: supply and demand. People demand a thing that can easily be exchanged, and that demand creates value. This value is as real as the value of anything.
That’s the theory, and there is evidence to back it up. For example, when governments print more money, the supply goes up, and as you would predict, the value of money goes down. That means it then takes more money in exchange for the same goods. In other words, prices go up, and inflation occurs. That’s what happened in pre-war Germany and Zimbabwe more recently: the governments printed more and more money, causing hyperinflation with prices doubling daily.
There are other theories about where the value of money comes from. Some people believe that the value of currency comes from the government who prints it. The evidence for this theory is not good. Saddam-era Iraq is a good example. The 1991 Guld War cut off Iraq from the outside world. Instead of using high-quality “Swiss” printing presses, Iraq printed new money on low-quality presses. They also printed more of it, causing devaluation and inflation. The old currency continued to be used in the semi-autonomous Kurdish region, even though it was no longer officially recognized by the government. Moreover, when Saddam’s regime fell, both forms of Iraqi currency continued to be used, even though no government existed to set its value. Even bad money is better than bartering three chickens and a goat -- the value comes from the demand, not from the government.
Yet another theory about the value of money is that it's due to irrational "faith" or "perception" of value. Economists disagree. A fundamental axiom of economics is that people are rational. When they value gold, dollars, or bitcoin, the assumption of economists is that people have a rational reason for doing so. Bubbles may seem irrational, but it's from people rationally betting. Some will be winners, some will be losers. It's like betting on who wins the superbowl: just because they lost the bet doesn't mean the losers were irrational choosing that team. All evidence suggests that valuing money is the "rational" thing to do, and trying to setup a barter system is less rational.
So if the “true” value of bitcoin is set by supply and demand, what are the "suppy" and "demand" for bitcoin?
The entire premise of bitcoin is that it can be used in the underground economy. This includes illegal activity, such as buying drugs, but also a lot of legal-but-shady activity, like buying porn or transferring money to your cousin overseas. The IRS estimates that the unreported underground economy is about $2-trillion per year (out of a total GDP of $14-trillion). So let’s use that number as our “demand” part of the equation.
What is the “supply” of bitcoin? That’s determined by mathematics of the bitcoin algorithm. There are about 10-million bitcoins now, which will rise to a maximum of 20-million bitcoins over the next decade. So that’s 20-million bitcoins chasing $2-trillion in transactions.
Compare this to the official economy, with $2.4 trillion in money (M1) chasing $14-trillion in transactions, or a 6.553 ratio. Simply divide $2-trillion by 6.553 by 20-million and poof, you get the precise value of bitcoin: $15,260 per coin (fifteen thousand dollars).
That seems like a lot, much more than today's $240 price, but it's based on an enormous number of probably invalid assumptions. Changing the assumptions changes the valuation. For example, if we assume bitcoin is only used for 10% of the underground economy rather than 100%, then the value is 10% that number, or $1,526.
Put another way, with bitcoins approaching $300, that means punters are assuming bitcoins are going to take over 2% of the underground economy. If you think bitcoins will take over more of that, then you should be buying bitcoin. Likewise, if you think bitcoin will take over less, then you should be selling bitcoin.
Note that I use the M1 measure of the money supply in this calculation. Let’s talk about money supply for a moment.
There are three good measures of the money supply: M0, M1, and M2.
If you think bitcoins will be used primarily for transactions and not for savings, then M1 is the more appropriate measure. If you think there will be more saving of bitcoins, then M2 is likely a better measure, so increase your estimate of bitcoin value by four times.
Since there is no banking in bitcoins, that makes M0 and M1 equivalent. If you think banking services like “fractional reserve lending” are likely to appear, then reduce your estimate of the value of bitcoin by three times.
The above discussion is a top-down analysis from the “economics” perspective, comparing bitcoin to money. Let’s also do a bottom-up analysis looking at bitcoins as a “network protocol”, as a means of exchanging money -- but not being money itself. That last bit is important: we call bitcoins money, but technically, it's just a protocol for exchanging dollars into other dollars.
An essential part of bitcoin is that it takes 10 minutes for a transaction to complete. That number is baked into the protocol. Your transaction gets added to a blockchain, and that chain gets computed and rebroadcast out to the rest of the network. There is a new blockchain every 10 minutes. A typical transaction will therefore take 30 minutes: 10 minutes for the buyer to convert hard currency to bitcoins, 10 minutes to exchange the bitcoins, then 10 more minutes for the seller to change those coins back to hard currency.
Let’s assume a $2-trillion economy where bitcoins are converted back to hard currency as fast as possible, where nobody holds onto the coins longer than they have to. Running these numbers ($2-trillion divided by (365*24*60*2) divided by 20 million) comes out to 10 cents per bitcoin. Assuming a smaller economy, such as bitcoins handling 2% of the underground economy, and you get 0.2 cents per bitcoin. Since there’s a little slack in the system, let’s call this 1 cent.
This assumption that people get rid of bitcoins as fast as possible won’t be true, of course. Take a hypothetical gambling site that deals only in bitcoins. It'll take bets over the season on which baseball team will win the superbowl, and only then paying the winners at the end of the season. The value of 10 minutes is only the minimum, the average will be larger.
Your belief in how long a bitcoin will be held (on average) therefore changes the equation. If the average built coin is held for a day rather than 30 minutes, the value of a bitcoin goes up 50 times. Conersely, the time between block chain confirmations can do down (it's actually 7 minutes now instead of 10), reducing the value of bitcoins. Today's alue of $240/bitcoin implies the average length of time somebody holds onto a bitcoin is 7 years (assuming bitcoins handle 2% of the underground economy).
Can the government outlaw bitcoin, driving its value to zero?
The government has an excellent track record in this respect. They’ve bankrupted other popular electronic currencies, like “e-gold”. Americans can no longer obtain Swiss bank accounts, because the Swiss are tired of the U.S. government harassing them all the time. This means there is a serious risk that the government can either shut down bitcoin completely, or drive it underground severely reducing it’s usefulness and value.
But here’s the thing about bitcoin: it’s based on math, no organization controls it. Even if the government bankrupts public facing sites like Mt. Gox and throws its owners into jail, bitcoin transactions will continue.
Indeed, you could have the reverse effect: the more government shuts down competing currencies, the more valuable bitcoin becomes as the one currency the government cannot shut down. There will always be a huge demand for an underground, non-governmental currency that government will never successfully squash.
I've laid out arguments why bitcoins are worth as low as 1 cent and as high as 15 thousand dollars ($0.01 to $15000). So, should you be buying or selling right now with the value around $200?
Let’s say you bought Amazon.com at the height of the dot-com bubble. How much money would you have lost? At the height of the bubble, their stock price was $100 a share. Now it is near $300. You wouldn't have lost money, you would have instead tripled your investment. Of course, the other 99% of dot-com companies either went out of business or lost most of their value. Amazon is one of only a few companies that have held onto their value.
The point is this: just because it's a bubble doesn't mean it's a bad time to invest. Given certain assumptions, I've laid out a good argument why bitcoins could be worth thousands of dollars, much higher than the current price of $240. If you agree with those assumptions, you should be buying bitcoins.
The point is also this: the Internet did take off, exceeding the wildest dreams of even the most optimistic visionary. But this didn't mean that early dot-com investors made any money; most lost their shirts in the dot-com crash. Bitcoin could become wildly successful, accounting for a trillion dollars a year in transactions, all with a valuation of pennies-per-bitcoin. That means you can still lose a lot of money while being "right".
Full disclosure: I own 4 bitcoins (that I got from mining), and I have no plans to sell them. Neither do I have plans to buy any.
Update: since starting this post and completing it, the bitcoin bubble appears to have burst:
The TL;DR version is this: bitcoins have real value (they are not a fantasy), and that value is between $0.01 and $15000.
Bitcoin vs. Money
There have been many un-serious looks at BitCoin. Take, for example, this 2011 blogpost by Nobel-prize winning economist Paul Krugman, where he compares bitcoin to the gold standard. He’s completely wrong.
The mistake economists make is assuming that bitcoin works like real money. It doesn’t. While bitcoin is designed as a “medium of exchange”, it doesn’t serve the other traditional functions of money, such as a “store of value”, “unit of account”, or “measure of value”.
In recent months, the price of bitcoins has skyrocketed. In classic economics, this means that the bitcoin economy has experienced massive “deflation”. Likewise, when the bitcoin bubble bursts and the price goes down, the bitcoin economy will experience hyper “inflation”.
But this inflation/deflation has no effect. Prices aren’t denominated in bitcoins, but in some hard currency like dollars or euros. Buyers exchange their dollars for bitcoins, give the bitcoins to the seller, who then immediately changes them back to euros. The entire process takes about 30 minutes. The only requirement is that the exchange rate for bitcoins not fluctuate wildly during this half-hour window. Since bitcoins are electronic, they can easily be subdivided, so "billionth of a bitcoin" is a workable value. When analyzing bitcoin, we have to toss out this idea that it is a “measure of value” and the related ideas of inflation/deflation.
Bitcoins are not legal tender. That’s entirely the point: it’s a rebel currency designed to evade normal government controls. But that means there is no government protection, either. This means that you cannot borrow bitcoins, because the government won’t force you to pay back the loan. While might be able to store bitcoins in a “bank”, rather than paying you interest on your deposit, the “bank” would charge you a fee. Thus, there is no bitcoin financial system. Our entire economic system isn't based on money but derivatives of money -- all that goes away leaving bitcoins by themselves.
Bitcoins are not a “store of value”. Sure, speculators are hoarding bitcoins, but that’s a different thing. You can’t safely store bitcoins on your computer, because they will be lost when your hard drive crashes or a hacker infects you with a virus. You can’t rely upon somebody else to store them for you, because as mentioned above, there’s no law forcing them to give them back. And, as recent hacks of bitcoin businesses have shown, it’s unlikely that an online site is safe enough. Only experts have enough skill to safely store their own bitcoins over long periods of time.
This is the failing of economists. They’ve built up a bunch of assumptions and rules-of-thumb about how “money” works, but bitcoins aren’t really money, and those assumptions break down. We have to go back to first principles.
Measuring the bitcoin money supply
Bitcoins are currently above $200/coin. Is this price justified? Or is this due to speculators? What’s the “true” value of bitcoin? To answer this question we have to first find out the “true value” of any currency, like the dollar or euro. Why is $1 worth $1? Or, better asked, why is $1 worth a quarter of a Big Mac hamburger? The answer is this: economists don’t really know. They have theories, and some evidence, but they aren’t certain.
The basic theory of money is simply “supply and demand”. People demand money both as a medium of exchange and store of value. People demand money because barter is inefficient. If you want your car fixed, you might try to offer the mechanic some chickens, a goat, or a year of free haircuts. But if your mechanic is a long haired hippie, he’s not going to want any of these things in trade. What he wants is something that he can easily exchange elsewhere. In other words, your mechanic demands money.
The same goes with savings. Long term savings are in things like your house, but in an emergency, it’s hard to sell your house. Therefore, people want some savings in something more liquid, which is to say, money.
That’s where the value of $1 comes from: supply and demand. People demand a thing that can easily be exchanged, and that demand creates value. This value is as real as the value of anything.
There are other theories about where the value of money comes from. Some people believe that the value of currency comes from the government who prints it. The evidence for this theory is not good. Saddam-era Iraq is a good example. The 1991 Guld War cut off Iraq from the outside world. Instead of using high-quality “Swiss” printing presses, Iraq printed new money on low-quality presses. They also printed more of it, causing devaluation and inflation. The old currency continued to be used in the semi-autonomous Kurdish region, even though it was no longer officially recognized by the government. Moreover, when Saddam’s regime fell, both forms of Iraqi currency continued to be used, even though no government existed to set its value. Even bad money is better than bartering three chickens and a goat -- the value comes from the demand, not from the government.
Yet another theory about the value of money is that it's due to irrational "faith" or "perception" of value. Economists disagree. A fundamental axiom of economics is that people are rational. When they value gold, dollars, or bitcoin, the assumption of economists is that people have a rational reason for doing so. Bubbles may seem irrational, but it's from people rationally betting. Some will be winners, some will be losers. It's like betting on who wins the superbowl: just because they lost the bet doesn't mean the losers were irrational choosing that team. All evidence suggests that valuing money is the "rational" thing to do, and trying to setup a barter system is less rational.
So if the “true” value of bitcoin is set by supply and demand, what are the "suppy" and "demand" for bitcoin?
The entire premise of bitcoin is that it can be used in the underground economy. This includes illegal activity, such as buying drugs, but also a lot of legal-but-shady activity, like buying porn or transferring money to your cousin overseas. The IRS estimates that the unreported underground economy is about $2-trillion per year (out of a total GDP of $14-trillion). So let’s use that number as our “demand” part of the equation.
What is the “supply” of bitcoin? That’s determined by mathematics of the bitcoin algorithm. There are about 10-million bitcoins now, which will rise to a maximum of 20-million bitcoins over the next decade. So that’s 20-million bitcoins chasing $2-trillion in transactions.
Compare this to the official economy, with $2.4 trillion in money (M1) chasing $14-trillion in transactions, or a 6.553 ratio. Simply divide $2-trillion by 6.553 by 20-million and poof, you get the precise value of bitcoin: $15,260 per coin (fifteen thousand dollars).
That seems like a lot, much more than today's $240 price, but it's based on an enormous number of probably invalid assumptions. Changing the assumptions changes the valuation. For example, if we assume bitcoin is only used for 10% of the underground economy rather than 100%, then the value is 10% that number, or $1,526.
Put another way, with bitcoins approaching $300, that means punters are assuming bitcoins are going to take over 2% of the underground economy. If you think bitcoins will take over more of that, then you should be buying bitcoin. Likewise, if you think bitcoin will take over less, then you should be selling bitcoin.
Note that I use the M1 measure of the money supply in this calculation. Let’s talk about money supply for a moment.
There are three good measures of the money supply: M0, M1, and M2.
- M0 is just the amount of physical money, which is about $800-billion in bills (mostly $100 and $20 bills). The 20-million possible bitcoin is the M0 of bitcoin.
- M1 includes M0, plus checking accounts. When you deposit money, your bank immediately lends out most of it. The borrower spends that money, which gets deposited in a bank, which likewise lends out most of it. This “fractional reserve banking” multiplies the effective amount of money available to about $2.4 trillion.
- M2 includes M1 and M0, plus liquid savings like money market funds. This is money that households can easily spend, but which they generally choose not to. This is roughly $10 trillion.
If you think bitcoins will be used primarily for transactions and not for savings, then M1 is the more appropriate measure. If you think there will be more saving of bitcoins, then M2 is likely a better measure, so increase your estimate of bitcoin value by four times.
Since there is no banking in bitcoins, that makes M0 and M1 equivalent. If you think banking services like “fractional reserve lending” are likely to appear, then reduce your estimate of the value of bitcoin by three times.
The value of protocol
The above discussion is a top-down analysis from the “economics” perspective, comparing bitcoin to money. Let’s also do a bottom-up analysis looking at bitcoins as a “network protocol”, as a means of exchanging money -- but not being money itself. That last bit is important: we call bitcoins money, but technically, it's just a protocol for exchanging dollars into other dollars.
An essential part of bitcoin is that it takes 10 minutes for a transaction to complete. That number is baked into the protocol. Your transaction gets added to a blockchain, and that chain gets computed and rebroadcast out to the rest of the network. There is a new blockchain every 10 minutes. A typical transaction will therefore take 30 minutes: 10 minutes for the buyer to convert hard currency to bitcoins, 10 minutes to exchange the bitcoins, then 10 more minutes for the seller to change those coins back to hard currency.
Let’s assume a $2-trillion economy where bitcoins are converted back to hard currency as fast as possible, where nobody holds onto the coins longer than they have to. Running these numbers ($2-trillion divided by (365*24*60*2) divided by 20 million) comes out to 10 cents per bitcoin. Assuming a smaller economy, such as bitcoins handling 2% of the underground economy, and you get 0.2 cents per bitcoin. Since there’s a little slack in the system, let’s call this 1 cent.
This assumption that people get rid of bitcoins as fast as possible won’t be true, of course. Take a hypothetical gambling site that deals only in bitcoins. It'll take bets over the season on which baseball team will win the superbowl, and only then paying the winners at the end of the season. The value of 10 minutes is only the minimum, the average will be larger.
Your belief in how long a bitcoin will be held (on average) therefore changes the equation. If the average built coin is held for a day rather than 30 minutes, the value of a bitcoin goes up 50 times. Conersely, the time between block chain confirmations can do down (it's actually 7 minutes now instead of 10), reducing the value of bitcoins. Today's alue of $240/bitcoin implies the average length of time somebody holds onto a bitcoin is 7 years (assuming bitcoins handle 2% of the underground economy).
The value of politics
Can the government outlaw bitcoin, driving its value to zero?
The government has an excellent track record in this respect. They’ve bankrupted other popular electronic currencies, like “e-gold”. Americans can no longer obtain Swiss bank accounts, because the Swiss are tired of the U.S. government harassing them all the time. This means there is a serious risk that the government can either shut down bitcoin completely, or drive it underground severely reducing it’s usefulness and value.
But here’s the thing about bitcoin: it’s based on math, no organization controls it. Even if the government bankrupts public facing sites like Mt. Gox and throws its owners into jail, bitcoin transactions will continue.
Indeed, you could have the reverse effect: the more government shuts down competing currencies, the more valuable bitcoin becomes as the one currency the government cannot shut down. There will always be a huge demand for an underground, non-governmental currency that government will never successfully squash.
Conclusion: is this a bubble?
I've laid out arguments why bitcoins are worth as low as 1 cent and as high as 15 thousand dollars ($0.01 to $15000). So, should you be buying or selling right now with the value around $200?
Let’s say you bought Amazon.com at the height of the dot-com bubble. How much money would you have lost? At the height of the bubble, their stock price was $100 a share. Now it is near $300. You wouldn't have lost money, you would have instead tripled your investment. Of course, the other 99% of dot-com companies either went out of business or lost most of their value. Amazon is one of only a few companies that have held onto their value.
The point is this: just because it's a bubble doesn't mean it's a bad time to invest. Given certain assumptions, I've laid out a good argument why bitcoins could be worth thousands of dollars, much higher than the current price of $240. If you agree with those assumptions, you should be buying bitcoins.
The point is also this: the Internet did take off, exceeding the wildest dreams of even the most optimistic visionary. But this didn't mean that early dot-com investors made any money; most lost their shirts in the dot-com crash. Bitcoin could become wildly successful, accounting for a trillion dollars a year in transactions, all with a valuation of pennies-per-bitcoin. That means you can still lose a lot of money while being "right".
Full disclosure: I own 4 bitcoins (that I got from mining), and I have no plans to sell them. Neither do I have plans to buy any.
Update: since starting this post and completing it, the bitcoin bubble appears to have burst:
Monday, April 01, 2013
How to Dress Like a Cyber Warrior OR Looking Like a Tier-Zero Hero
-->
1. Uniform – Just
because you are not actually with them does not mean you should not dress like
them. Stock up on tactical pants and combat shirts. The preferred brand is a
company called Crye Precision. Their combat pants and shirts will help you
blend in considerably. The Tier-One guys use all the pockets to carry things
like first aid kits, high tech military gear, secondary weapons, etc. A
Cyberwarrior can carry things like USB doodads (microphones and thumb drives),
extra Ethernet cables, your secureID card, multiple cell phones, a tablet, and
your office badge. The combat clothes also have removable knee and elbow pads.
I suggest you use these when you have to rewire a server room, plug something
in under your desk, or reach under the vending machine when a Mountain Dew
slips out of your hands.
3. Helmets – Just
because you are not on a kinetic battlefield does not mean you do not need a
helmet. Tier-One units have a variety they use, but I suggest you stick with
the Crye Precision Airframe. Other operators will recognize how high-speed you
are when you wear it. It actually serves two functional purposes. First, your
brain is all you have going for you. In cramped office and cubicles
Cyberwarriors will often stack collectibles. You can’t have one of these action
figures falling on your head and putting you out of commission. Second, the
Crye helmets have side rails for quickly attaching several high tech devices
like flashlights. I recommend the SureFire brand, since the guys doing the
shooting may have to borrow yours one day and you don’t want to hand them
anything cheap. Make sure yours can do regular white light or green tinted
light. The best is a red tinted light that won’t ruin your night vision when on
an all night “op.” Believe me, giving away your position in your office at your
desk is a definite no-go.
A lot of ink’s been spent lately on
the idea of cyber warfare, cyber defense, the enemies, the allies, what would
we do if we had a cyber Pearl Harbor, etc. As one of the foremost experts on
all things cyber, I thought I would take a day to explain some of the finer
points of this new realm of warfare and how to fit in.
Organization
Now despite what anyone may say,
Cyber Warriors are going to be a huge part of any future war. In the military
there is a name for highly skilled Special Mission Units (SMUs). They are
referred to as a “Tier-One” units. These units are well known secrets like the
Army’s 1st Special Forces Operational Detachment-Delta (Delta Force), the Navy’s
Naval Special Warfare Development Group (DEVGRU or SEAL Team 6), and the Intelligence SupportActivity (ISA). These are the men and women our country calls upon to solve the
“big boy” problems. Cyber Warriors will soon join their ranks, but not as a
Tier-One unit.
Every true Cyber Warrior worth his
deck knows that counting starts at zero. Be prepared to see DoD messages about
Tier-Zero units. These will be the cyber warriors with access to military-grade
exploits and viruses. They’ll be the guys with the authority to infect an
enemy’s computer with e-sheep in the name of freedom.
How To Join
The training required for Tier-One
operators to arrive at the “tip of the spear” is a highly classified secret. Expect
no less for Tier-Zero operators. Various methods of recruitment could be, but are
not limited to:
2. Lurking on IRC channels that elite hackers are known to
frequent.
3. Breaking into your Call of Duty clan meeting to taunt you. This
will test your mental stamina and toughness. They need to see if you have what
it takes. There’s no good time during a mission to cry over getting flamed.
4. Sending out mass flyers advertising “military style” boot camps
for MCSEs. Do you have the guts to respond?
However the recruiting is done, you
can be sure it will be subtle. It will in no way resemble a NSA recruiting
booth at Defcon.
How to Dress
Since Tier-Zero and Tier-One units
will work together closely, it makes sense to dress as much alike as possible.
Generally, if you are a sniper you wanna take out the guy that looks like he is
in charge. You’re looking for the guy who looks somehow “different.” Different
means important. Important means “target.” This is why saluting unpopular officers
in the field is called a “sniper check.” If the “different” looking guy doesn’t
get shot, it’s just because there wasn’t a sniper around to shoot him. Here is
how to blend in with a Tier-One unit while carrying out your Tier-Zero mission.
As a word of caution, go for the Khaki, Black or Green. The Multicam will make you blend into your surroundings,
causing you to be counted absent at work or a no-show for a boring meeting. You
don’t want to lose a vacation day because you blend in too well.
2. Footwear – Tier-One
assets can expect to go anywhere and do anything. For that reason, they wear
specialized shoes and boots from makers like Oakley and Salomon. This footwear
is designed to withstand jumping out of airplanes, trekking across deserts, and
slogging through jungles. The ankle support is key. Getting a sprained ankle in
a firefight is just embarrassing.
A Tier-Zero operator needs the same
support. A hallway could be getting mopped. A data center could have a pulled
tile you don’t notice, or someone could spill their Big Gulp at lunch and cause
a slip hazard. Fire drills and offsite meetings are also concerns. Take care of your feet, and they will take care of you.
4. Armor –
Cyberwarring is a dirty business. Sometimes things get hot. For those times, I
suggest you have a “plate carrier” and a good set of armor plates ready to go.
Tier-One guys expect their armor to stop AK-47 rounds and fragments from
explosives. You should as well. If it can stop a speeding 7.62x39mm bullet, think
of the wonders it will do in office airsoft fights. You can stride through a
hail of Nerf projectiles like they aren’t even there. These plate carriers are
designed to carry extra magazines for weapons, explosives, and other tools of
the Tier-One trade. You can use that space to carry extra Limitless energy
shots, snacks, your ID, or reloads for your own Airsoft/Nerf weapons. Don’t cut
corners on the cost here. Your enemies can tell the difference between a Condor
vest from the local Airsoft store and a real deal London Bridge Trading Company6094 plate carrier used by Navy SEALs. Learn the difference and make fun of the
nerds with the cheap stuff. They are not Tier-Zero.
5. Belt – Real “shooters”
in the thick of it have special belts they can use to clip to a helicopter
during a hairy exfil or while going into a hot LZ. These are known as “rigger’sbelts,” and they have an extra hook that the operator can attach a lanyard to.
This keeps the operator in place. Tier-One ops don’t fall out of aircraft or off
of rooftops. A Tier-Zero specialist has a very similar use for a rigger’s belt:
when the cyber fighting goes hot, you will become a kidnapping target. You
probably already are, and just don’t know it yet. A rigger’s belt and lanyard
will allow you to clip yourself to a stationary object and foil any foreign
intelligence agents’ attempts to kidnap you. I suggest LBT for these items. Do
not clip yourself to something mobile, like a car, or something easily movable,
like your chair or an orange emergency cone. I would not put it past a spy to
just steal the car or road cone to get to you. Protip: bulk up. Your natural
obesity will make pulling you into a van or helicopter against your will much
harder. If they want you, make them work for it.
6. Guns – Of course
Cyberwarriors need guns. We’re talking about blending in with the big boys,
here. I could spend hours on this topic alone, but I’ll just give you a few
tips and let OJT training cover the rest. You need good military-grade weapons.
Not having them would be like a kid showing up to do pentests without
installing NMap first. Poseur.
Since civilians can’t get military-grade
weapons, buy weapons that look military-grade. I suggest a Daniel Defense M4A1SOCOM with a Leopuld HAMR scope. Daniel Defense makes a lot of gun parts for
SOCOM, so the rifle makes you blend right in. For a pistol, go with a Sig Sauer226. The rifle needs to be in 5.56mm, and the 226 needs to be in 9mm. If
anybody gives you crap about the weapon calibers, just smirk and blame the
Geneva Convention or liberals, either works. The secret to dealing with caliber
snobs is to know they aren’t listening to you, anyway. They are just waiting
for their turn to talk.
Here is the hard part, though (you
didn’t think this was just a shopping trip, did you?): you actually have to be
able to shoot. Any time someone looks at your rifle, dropping some shooting
lingo like, “Yeah, its zeroed to two hundred meters,” is a great response. The
lingo is not a substitute for shooting, though. You have to be able to keep an
inch group at 200 meters with your rifle and a two-inch group at 25 meters with
your pistol. Frown and silently shake your head at anyone who can’t.
7. Random other stuff - The Devil is in the details. Here’s a list of the small things you’ll need that
don’t warrant their own sections:
a. Knives – you need at least two. A really good general purposeknife and a fighting/stabbing knife. You can use them to open boxes, envelopes,
or cut the crust off bread if the sandwich delivery place forgot.
b. Flashlights - Carry two of these, as well. One should be an
insane 500 lumen-powered light, and the other should be something like a
surefire X300 that you can use on a rifle or pistol. If people ask why you have
a weapon light when you aren’t carrying a weapon, just tell them you are always
prepared. (Add a smirk here. It’ll make them think you’re prepared to take
someone else’s weapon if you don’t have your own on you.)
c. Paracord - This stuff is almost as useful as duct tape,
without the disadvantage of making everything in your pockets stick together.
Paracord can come in the form of bracelets you can wear and unwrap when you
need it, but that’s not Tier-Zero cool. Get a paracord sling for your rifle, a
paracord strap for your computer bag. paracord bootlaces, paracord keychain. Make
some toys for your desk out of paracord. Finally, when you’re good enough, make
your underwear out of paracord. Nobody ever expects paracord underwear.
d. Multitool – You don’t know what’s gonna happen any time you step
outside. Get a good multitool, like the Leatherman EOD MUT. It comes with a C4
punch. Tier-One guys use C4 punches to put detonators in plastic explosives.
You can use one to deflate potato chip bags to fit in your desk. You can even
use it on bubble wrap.
e. Gloves – With all this dangerous stuff, you need some gloves to
keep your typing assets in order. Do you know how hard it is to type with one
hand? I suggest Oakley. Good, well made, hardcore protection for your knuckles,
and they will insulate you from a very hot cup of coffee (Protip: Studies have
been done on the body’s ability to uptake caffeine more quickly from hot
liquids. Elite Tier-Zero operators microwave their Mountain Dew.)
f. Patches – As a Tier-Zero operator, you will be in a unit
that doesn’t exist, so you won’t have a unit patch. It’s not cool to wear other
units’ patches. You don’t wanna give those dweebs credit for your awesome
missions. I wear Foxhound or Mandalorian unit patches as a form or psyops.
Enemy intel agents will waste time and effort trying to figure out what unit
you are with. Let them. It’s all part of the game.
How to talk
Strangely, there’s not much
difference between a Tier-Zero operator and a regular InfoSec professional.
Think about it: DMZs, payloads, and perimeter threats? The language isn’t that
difference. Throw in some gun lingo, and you’re talking like a badass. Don’t
talk about zombies, though. That’s a dead giveaway that all of your tactical training
came from the Walking Dead. Instead
of “Zombie Killer,” you should say “Non-permissive environment specialist.”
Wrapup
That’s all the space I have for this issue. Next week we’ll
talk about hacking techniques, identifying Nation-State weak spots, and getting
access to SCADA environments for testing new malware. Until then, stock up on
Tier-Zero uniforms and gear, and get some time in at the gun range. Oh, and be
careful. It’s a jungle out there.
Wednesday, March 27, 2013
Let me hadoop that for you
We are a tool using species. It started with sticks to knock down bananas. For the modern homo sapiens, it's tools like JavaScript and Hadoop.
Today, I was working on a technical problem. I came across this blogpost from 2012 that had close to the answer I was looking for, but it missed a key detail that was important to me.
Well, I follow the author on twitter, and the author follows me. So I sent him a tweet asking if he still had the data around, and whether he could analyze it again to solve my specific question. He responded with "Just let me run a quick hadoop query for you".
Minutes later, he posted the results of the query to GitHub that had exactly what I was looking for.
This all took place within 30 minutes from start to finish. It's possible because we tool using homos have opposable thumbs that can grasp the blogs, the twitters, the github, and the hadoop. I don't know how many servers @jedisct1 has at his disposal, but in theory, with a few keystrokes, he could reach into the cloud (like Amazon's service) and marshall a thousand machines equalling a million dollar super computer to answer this small question for me.
Today, I was working on a technical problem. I came across this blogpost from 2012 that had close to the answer I was looking for, but it missed a key detail that was important to me.
Well, I follow the author on twitter, and the author follows me. So I sent him a tweet asking if he still had the data around, and whether he could analyze it again to solve my specific question. He responded with "Just let me run a quick hadoop query for you".
Minutes later, he posted the results of the query to GitHub that had exactly what I was looking for.
This all took place within 30 minutes from start to finish. It's possible because we tool using homos have opposable thumbs that can grasp the blogs, the twitters, the github, and the hadoop. I don't know how many servers @jedisct1 has at his disposal, but in theory, with a few keystrokes, he could reach into the cloud (like Amazon's service) and marshall a thousand machines equalling a million dollar super computer to answer this small question for me.
Monday, March 25, 2013
Ubuntu low-mem install for VMs
For those of you who play with virtual-machines like VMware, the Ubuntu server .iso contains an option for dramatically reducing the amount of memory needed. Using this option reduces the default installation's memory usage down to 66-megabytes. This is probably basic information for most of you, but I didn't know it, so I'm writing it up here.
Subscribe to:
Posts (Atom)
