public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: odinn <odinn.cyberguerrilla@riseup.net>
To: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] The legal risks of auto-updating wallet software; custodial relationships
Date: Tue, 20 Jan 2015 21:33:53 +0000	[thread overview]
Message-ID: <54BEC9C1.3000600@riseup.net> (raw)
In-Reply-To: <FCDDDA53-8B1C-48EF-82B1-FED9B6DE21D5@bitsofproof.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Um ~ "jurisdiction of wallet provider?"

If that's the (perhaps ot) bit you want to run on this thread then my
comments are:

Get out of web wallet businesses now.  It's not a jurisdictional
question anymore, although I think there used to be very valid long
running debates on where it would be best to do business.  Now it just
feels like you will be bouncing from one place to another -
determining where your exit is as soon as you establish a (physical)
presence, because jurisdictions sense a serious threat from the
advancement of financial cryptography as it will evolve in the next
several years. So you have to be mobile, or do something like what
they are establishing at blueseed (see http://blueseed.com which is
just off coast of San Francisco).  Please perk up and don't just swipe
to delete, read the whole e-mail.  There are some configurations (e.g.
the zero knowledge bit) you can do to mitigate the issues but if you
are asking users to log in and log out of a service that relies on a
web site then in the end you doom them (and any service you provide)
to mandatory storage of customer data and ultimately loss of customer
resources due to identification of the customer.

I think you need to stop quibbling about the details and just get over
it and understand that the problem of web wallet users and
corporations that serve web wallet customers being forced to give up
information constantly to governments means that web wallets are
certainly no longer a viable solution.  And post-cromnibus with the
extra financial surveillance provisions now passed on 3rd party
matters, it's even worse.  This is not subject to debate, it's just a
fact.  Period.  Web wallet corps exist now only on a model that exists
to burn the users.  Convenient?  Yes.  But is it good for the users in
the long haul?  Absolutely not.  Do alternative to the web wallets
exist? Absolutely.

Back off.. Go to p2p.  Stop advocating for webby solutions.  In fact,
I don't think that anyone working for coinbase or bitpay should be,
anymore.  I think that on principle you should withdraw and end your
employment from such services.

Core?  Good.  Electrum Wallet?  good.  Mycelium? Local Trader? Open
Bazaar?  Could be better, but great.  These are the kind of things we
need.  No signups, avoids centralizations, no grabbing your data, no
ID collection and requirements.

As to the issue of auto-updating itself... I think the simplest answer
to this question (personally) is that (go ahead and attack me here)
there shouldn't be auto-updates... but that there should be
auto-notifications for update when (a) update is available, but that
(b) this notification should never "push" the user to update (e.g. the
notification should never say "oh hey user if you don't update by such
and such a date, your wallet will not work or satoshis will die
because of your inaction"
(stays quiet while likely 100-e-mail thread is spawned from this)

- -O

Tamas Blummer:
> Justus,
> 
> In contrary.
> 
> Not being in the jurisdiction of the wallet provider makes it
> harder for the user to reclaim funds taken by the wallet provider. 
> The legal hurdle to force confiscation through a wallet provider
> might also be lower if the target user is not domestic.
> 
> Tamas Blummer
> 
> 
> 
> ------------------------------------------------------------------------------
>
> 
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
> GigeNET is offering a free month of service with a new server in
> Ashburn. Choose from 2 high performing configs, both with 100TB of
> bandwidth. Higher redundancy.Lower latency.Increased
> capacity.Completely compliant. http://p.sf.net/sfu/gigenet
> 
> 
> 
> _______________________________________________ Bitcoin-development
> mailing list Bitcoin-development@lists.sourceforge.net 
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> 

- -- 
http://abis.io ~
"a protocol concept to enable decentralization
and expansion of a giving economy, and a new social good"
https://keybase.io/odinn
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJUvsnBAAoJEGxwq/inSG8CGekIAJH4lUdk81sVfQqxZ4sKOKFM
5iAvCD4JNuV+xcCZBiNNr1GxIZEVoDRQYupo7wB1A5uGW+STLHDGsEMuDNyiOcNl
oSsJQFZJabxL7dIn8g89Gw+8J8LtYKEkHHZLk5J5QF0DkRljXjEcOV4KL6WXhdl5
ToV01POMUBbSJsQt2lLznmCvQ+4QW5/GJ9Hk04HIub+kzuil0R23CgRH9QFevC9S
2/RT3NnfGFu+jU5+K/o8RbuUuzExq94x4w266IEmJc0NsLHxnxsg2PefabQbfdzp
P7FU7+D9NsIOaBGTXnQK80kpgRCJ49Gf9HXHKFYg2KCFuqgJYa8DnHm1Xlfo7DQ=
=yS8H
-----END PGP SIGNATURE-----



  parent reply	other threads:[~2015-01-20 21:33 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-01-20 15:46 [Bitcoin-development] The legal risks of auto-updating wallet software; custodial relationships Peter Todd
     [not found] ` <CAHpxFbEoDLMGKB7arHbgB+4kx8BwgcX7nBUZz6yP9k4LjZeu1A@mail.gmail.com>
2015-01-20 17:15   ` Peter Todd
2015-01-20 17:23 ` Matt Whitlock
2015-01-20 17:40   ` Peter Todd
2015-01-20 17:44     ` Matt Whitlock
2015-01-20 17:44   ` Tamas Blummer
2015-01-20 17:47     ` Matt Whitlock
2015-01-20 17:49       ` Peter Todd
2015-01-20 17:56       ` Tamas Blummer
2015-01-20 17:47 ` Justus Ranvier
2015-01-20 18:48   ` Tamas Blummer
2015-01-20 19:31     ` Justus Ranvier
2015-01-20 21:33     ` odinn [this message]
2015-01-20 21:49 ` Roy Badami

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=54BEC9C1.3000600@riseup.net \
    --to=odinn.cyberguerrilla@riseup.net \
    --cc=bitcoin-development@lists.sourceforge.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox