From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1YJUaQ-0001mp-LE for bitcoin-development@lists.sourceforge.net; Thu, 05 Feb 2015 22:07:46 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of airbitz.co designates 74.125.82.171 as permitted sender) client-ip=74.125.82.171; envelope-from=paul@airbitz.co; helo=mail-we0-f171.google.com; Received: from mail-we0-f171.google.com ([74.125.82.171]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1YJUaP-0008TX-5h for bitcoin-development@lists.sourceforge.net; Thu, 05 Feb 2015 22:07:46 +0000 Received: by mail-we0-f171.google.com with SMTP id k11so10274246wes.2 for ; Thu, 05 Feb 2015 14:07:39 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=Ox6wh3R6YoUARtHFy4jT3/gxkRWSasYcXFuvCDc6R8g=; b=fdwvAA5WtUNC7dSZJBxNCNncBynWO77DArRTqsSATh4IIKWg0h5DyA6TN3LQlXXMAx s0UNJIfPghdOjOAccx/1J34GebzVHWwxcN4DPJP/BNTXmb6fRC+DduylBkHc5EFYWlEP SuWjCITxtXOIRf9PrgaKdYjTt7F+SY1w6xsGJZ22oLsaStxgROWPicihEtTj83t1MtqR /hhEkkaRBPVYqCIBaF0mj/kItwgeaDOkAWYfdhe+f2KXyvU67zJhVjz7wOsi4dGAm9Al Y2mxUEsyaWXWbo8Q862uPmNMl8gbtzdkuQVajHKilZ83+coW6hULF1Rt19Q2wFA799K7 fxbw== X-Gm-Message-State: ALoCoQnue2Dv3RP/5KOFZf7117VdmdhzJ9EtMte6YWHqO9mplcaH9/1/NVY+YeTy6T8kSXNmjq6/ X-Received: by 10.194.179.166 with SMTP id dh6mr724305wjc.87.1423174058967; Thu, 05 Feb 2015 14:07:38 -0800 (PST) MIME-Version: 1.0 Received: by 10.216.37.137 with HTTP; Thu, 5 Feb 2015 14:07:18 -0800 (PST) X-Originating-IP: [166.170.38.32] In-Reply-To: <6AEDF3C4-DEE0-4E31-83D0-4FD92B125452@voskuil.org> References: <54D3D636.1030308@voskuil.org> <279489A5-1E46-48A2-8F58-1A25821D4D96@gmail.com> <6AEDF3C4-DEE0-4E31-83D0-4FD92B125452@voskuil.org> From: Paul Puey Date: Thu, 5 Feb 2015 14:07:18 -0800 Message-ID: To: Eric Voskuil Content-Type: multipart/alternative; boundary=089e01419d803d1a39050e5e8814 X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.0 T_REMOTE_IMAGE Message contains an external image X-Headers-End: 1YJUaP-0008TX-5h Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Proposal for P2P Wireless (Bluetooth LE) transfer of Payment URI X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Feb 2015 22:07:46 -0000 --089e01419d803d1a39050e5e8814 Content-Type: text/plain; charset=UTF-8 So if you picked up the BLE broadcast request. All you know is that *someone* within 100m is requesting bitcoin at a certain address. Not necessarily who. The *name* is both optional, and possibly just a *handle* of the user. If I'm sitting 5 ft away from someone at dinner and wanted to pay them via BLE, I might see "Monkey Dude" on my list and simply ask him "is that you?" If so, I send it. If there are two "Monkey Dude's" Then I have to bother with the address prefix, but not otherwise. [image: logo] *Paul Puey* CEO / Co-Founder, Airbitz Inc +1-619-850-8624 | http://airbitz.co | San Diego *DOWNLOAD THE AIRBITZ WALLET:* On Thu, Feb 5, 2015 at 1:46 PM, Eric Voskuil wrote: > BLE has an advertised range of over 100m. > > http://www.bluetooth.com/Pages/low-energy-tech-info.aspx > > In the case of mass surveillance that range could most likely be extended > dramatically by the reviewer. I've seen WiFi ranges of over a mile with a > strong (not FCC approved) receiver. > > WiFi hotspots don't have strong identity or a guaranteed position, so they > can't be trusted for location. > > e > > On Feb 5, 2015, at 1:36 PM, Mike Hearn wrote: > > This sounds horrible. You could basically monitor anyone with a wallet in >> a highly populated area and track them super easily by doing facial >> recognition. >> > > We're talking about BLE, still? The radio tech that runs in the so called > "junk bands" because propagation is so poor? > > My watch loses its connection to my phone if I just put it down and walk > around my apartment. I'm all for reasonable paranoia, but Bluetooth isn't > going to be enabling mass surveillance any time soon. It barely goes > through air, let alone walls. > > Anyway, whatever. I'm just bouncing around ideas for faster user > interfaces. You could always switch it off or set it to be triggered by the > presence of particular wifi hotspots, if you don't mind an initial bit of > setup. > > Back on topic - the debate is interesting, but I think to get this to the > stage of being a BIP we'd need at least another wallet to implement it? > Then I guess a BIP would be useful regardless of the design issues. The > prefix matching still feels flaky to me but it's hard to know if you could > really swipe payments out of the air in practice, without actually trying > it. > > > --089e01419d803d1a39050e5e8814 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
So if you picked up the BLE broadcast request. All you kno= w is that *someone* within 100m is requesting bitcoin at a certain address.= Not necessarily who. The *name* is both optional, and possibly just a *han= dle* of the user. If I'm sitting 5 ft away from someone at dinner and w= anted to pay them via BLE, I might see "Monkey Dude" on my list a= nd simply ask him "is that you?" If so, I send it. If there are t= wo "Monkey Dude's" Then I have to bother with the address pre= fix, but not otherwise.

<= div>
<= div>

=
3D"logo"=C2=A0= =C2=A0=C2=A0
Paul Puey=C2=A0CEO / Co-Founder, Airbitz Inc
+1-619-850-8624=C2=A0|=C2=A0http://airbitz.co=C2=A0|=C2=A0San Diego=
=C2=A03D""=C2= =A0=C2=A0<= a href=3D"https://go.airbitz.co/comments/feed/" style=3D"color:rgb(17,85,20= 4);outline:none" target=3D"_blank">=C2=A03D""=C2=A0= 3D""
DOWNLOAD THE AIRBITZ WALLET:
= =C2=A0




On Thu, Feb 5, 2015 at 1:46 PM, Eric Voskuil= <eric@voskuil.org> wrote:
=
BLE has an advertised range of over 100m.=C2=A0

http://www.bluetooth.com/Pages/low-energy-= tech-info.aspx

In the case of mass surveillance that range could most likely be extend= ed dramatically by the reviewer. I've seen =C2=A0WiFi ranges of over a = mile with a strong (not FCC approved) receiver.

WiFi hotsp= ots don't have strong identity or a guaranteed position, so they can= 9;t be trusted for location.

e

On Feb 5, 2015, at 1:36 PM, Mike He= arn <mike@plan99.ne= t> wrote:

This sounds horrible. You could basica= lly monitor anyone with a wallet in a highly populated area and track them = super easily by doing facial recognition.

=
We're talking about BLE, still? The radio tech that runs in = the so called "junk bands" because propagation is so poor?
<= div>
My watch loses its connection to my phone if I just put = it down and walk around my apartment. I'm all for reasonable paranoia, = but Bluetooth isn't going to be enabling mass surveillance any time soo= n. It barely goes through air, let alone walls.

An= yway, whatever. I'm just bouncing around ideas for faster user interfac= es. You could always switch it off or set it to be triggered by the presenc= e of particular wifi hotspots, if you don't mind an initial bit of setu= p.

Back on topic - the debate is interesting, but = I think to get this to the stage of being a BIP we'd need at least anot= her wallet to implement it? Then I guess a BIP would be useful regardless o= f the design issues. The prefix matching still feels flaky to me but it'= ;s hard to know if you could really swipe payments out of the air in practi= ce, without actually trying it.



--089e01419d803d1a39050e5e8814--