Thanks a lot for sharing. Having young kids of my own, this have me a lot to think about. We have a couple of similar arrangements on other matters here, but the way you put it will most probably help me make it clearer and applying it better.
I understand that this isn't a very great article, but like I thought would happen, it started a nice discussion here. I love the quality of comments on HN.
The part that I've been asking myself for years, is how do you create an atmosphere without (or almost without, can't remember) a magnetic field. Is it possible or we would have to generate one?
> While it is true that the solar wind has stripped Mars of much of its original atmosphere (due to the lack of the planet's magnetic field), and that any man-made atmosphere on Mars would eventually be dissipated by the solar wind - the speed at which this occurs is measured over geological time frames - on the scale of tens, if not hundreds of millions of years. If humanity were to create an artificial, life-conducive atmosphere on Mars, any atmospheric output due to economic activity (CO2 + other gases) would easily exceed any atmospheric losses. Thus, the atmosphere would be stable.
I didn't even realize that. I guess that with hopes of finding new life at their highest ever, we wouldn't want to contaminate that (if that's the right way to say it).
I'm not sure that is the right way to see it. If we did find life on Mars would that mean humans could never travel there? I don't so. More than likely we need to transplant Earth life to Mars for large scale terraforming.
Very interesting. I've been looking for something like Syncthing for a while now, without luck. I ran into TLS/https issues (can't remember what exactly) while configuring OwnCloud/NextCkound, and realized it had some security flaws I wasn't ready to live with. I decided to stick with Google Drive. I'll give a try to Syncthing this summer. Thanks!
I use Nextcloud since a few years and I am very happy with it (especially with the desktop integrations, e.g. KDE/Dolphin). I even use the Nextcloud WebDav server as a backend to store and sync data for my own Progressive Web App :D
The only security flaw I see is that it is written in PHP, which makes it harder for the devs to write secure code, but not impossible.
Syncthing is great once you get it set up correctly. On my first attempt it accidentally wept my $HOME[1], but on my second attempt it was really easy. Now I have it on all my devices and I don't want to live without it.
[1]: Still not sure if some sequence of commands looked like I intended to delete stuff, or if it was a bug that has since been fixed.
I had problems with SyncThing's reliability, and although it is proprietary am using Resilio Sync (was BitTorent Sync). Hope SyncThing is much better now and I can switch back next time I set it all up!
Still nice to control my syncing and files with Resilio.
I'm in the province of Quebec (Eastern Canada), and we're having huge problems with most websites. Strangely enough, LTE network is working on the three providers I've tried.
Same here. I was going crazy trying to diagnose potential WiFi issues. Since LTE worked fine on my phone I assumed the culprit had to be the WiFi link.
I've said it before: Zcash has nothing Monero isn't already offering. And like others said, right now, I still haven't seen a mining pool or an exchange that can handle anonymous transactions. An example: http://zcash.flypool.org/
Also, Zcash had an initial trusted setup ceremony after which the 6 participants supposedly all deleted their private keys. You DO have to trust none of those have colluded to someday, for example, start creating zcash coins for their own good without anyone knowing. All the info here: https://petertodd.org/2016/cypherpunk-desert-bus-zcash-trust...
And as others said before, Monero does some sketchy weak mixing of something like a 100 tx, which is really not enough for long term anonymity (think what happens when the other 99 outputs are spent). EDIT: there are a couple papers linked in a child comment that seem to analyze this which I haven't read entirely yet; the following two points still stand.
You don't need an exchange to use z-addresses, just receive into a one-use t, and then make it disappear into your main z-address yourself.
Finally, you have to trust that AT LEAST ONE won't collude, because you need all pieces to fake Zcash, which is very different.
Enough with this FUD. It's innovative tech, I expected HN to appreciate it more than the usual cryptocurrency circles.
Hello Mr. Cloudflare,
Your whole understanding of how XMR works seems to be wrong; theres no concept of spend outputs at all, to deanonymize tx with a certain certainity one would have to own around 83% of the networks outputs.
Optional privacy a la ZCASH is broken by design and cannot work, you are still able to have tainted coins and do blacklisting etc, its effectily useless, also it opens up a whole world of other attack vectors like this one: https://github.com/zcash/zcash/issues/1360#issuecomment-2461...
Your lack of understanding of how Monero works is embarrassing. Please educate yourself before commenting!
As to the trusted setup, there are a few salient points:
- you don't have to "just trust one participant", what if 3 of them collude and 3 were compromised?
- every participant booted off the same ISO which was provided by a single person. The claim is that the ISO can be built deterministically, but that still does not prevent it being compromised in subtle ways, and it seems that hardly anyone has bothered to try verify the ISO build process even subsequent to the ceremony.
- even when there was clear evidence that someone's phone was compromised, the ceremony went ahead. This is a huge red flag - why not just stop the ceremony and rethink it, given the fact that there was obvious infiltration?
- why only 6 participants? Why were they chosen by Zooko? Why was there no open application process where applicants could be considered by the community? Why were no members of academic institutions involved as participants?
The way the trusted setup was conducted is shocking, this is privacy theatre at best.
On your closing remark about it being innovative: nobody doubts that the ZeroCash white paper is innovative, but it is also too new for us to be trusting it. Would you advocate for TLS 1.3 to default to only use some encryption method that was in a very recent, largely unreviewed whitepaper, especially when that whitepaper contains math that is particularly hard to grok (Greg Maxwell calls it "moon math")? Why do we hold all of our cryptography to such high standards, distrusting everything that is new and unproven, but we're expected to give a financial system a pass? Would you feel the same if all of your net worth was held in that financial system?
Both Zcash and Monero (plus perhaps Dash, but it has some issues) try to augment Bitcoin with some privacy guarantees.
Ethereum is extending Bitcoin with Turing-completeness.
I follow Bitcoin, Ethereum and Monero with interest. I wonder whether any of these additional features will prove advantageous enough to surpass Bitcoin, which is more mature and has much bigger market cap right now.
IMHO, Bitcoin is secure enough for its current main use-case, which seems to be escaping Yuan / Bolivar. But I might be proven wrong. It's also interesting to note some other black swans may trigger cryptocurrency adoption in 2017 [1].
Ethereum seems advantageous for many business applications which are impossible with a traditional blockchain, but they really need to ensure Turing completeness doesn't lead to more fiascos. Perhaps by enforcing much much better static analysis than currently available [2]. You can err on the safe side and reject contracts that don't pass whatever static analysis. Seems the only way to retain Turing-completeness and safety.
However, given EVM semantics is complicated, perhaps a redesign will be needed so that static analysis does not rule most contracts as potentially unsafe.
> IMHO, Bitcoin is secure enough for its current main use-case, which seems to be escaping Yuan / Bolivar. But I might be proven wrong. It's also interesting to note some other black swans may trigger cryptocurrency adoption in 2017 [1].
I don't follow bitcoin very closely. Could you please tell me more about escaping yuan/bolivar?
It seems to me that if you have access to bitcoin, it means you have banking capabilities and access to the internet. Once you have these two, you can use paypal or similar and store EUR or USD. Volatility of USD is way lower than bitcoin?
You can buy bitcoin with cash via localbitcoins.com in most countries except Germany (or at least, with a German IP address).
In China it seems the preference is to buy bitcoin mining equipment in yuan and generate bitcoin to sell, taking advantage of the cheap electricity available in China and writing off some of the capital investment via tax. Although there is significant trade on Chinese exchanges much of this is often thought to be suspect due to the lack of trading fees which means fake/self trades are available at no cost.
> you can use paypal [to] store EUR or USD [from yuan]
How would you do this?
If it is possible to exchange yuan to usd and keep it in paypal without a US account, I would still be very uncomfortable storing hundreds of thousands of dollars in it. It is a centralized entity that can freeze funds for any reason, be compelled to report things, make mistakes, paper trail, etc.
Being able to exchange currencies is also a step above regular banking I believe. You need access to forex markets and the associated setup and trails.
Bitcoin will get all features that Monero has, but security is still the most important aspect, so the maintainers take a very slow, conservative path (which I think is awesome for something so important). Segwit is still a great first step. It will take multiple years to get there...there's no rush though. People who really believe in BTC understand that it's not something that will be finished in 5-10 years.
Bitcoin will get a minimum block reward that ensures miner incentives in perpetuity? Bitcoin will switch from secp256k1 to Curve25519? Bitcoin will get a dynamic block size limiter that adjusts with transactional demand?
Dynamic block size makes it harder to reason about security of the system, so it's not a conservative choice. Adding another curve for signing won't be hard with segwit, the only question is if there is really enough demand for it (and it doesn't need a ,,switch'', both curves can be supported at the same time, and users can select which they want to use). One of the most interesting ideas right now that may be implemented in the future is mimblewimble, unless something better comes. But there are many other, easier to implement ideas talked about on the scaling bitcoin conferences.
I have read almost all comments, and it seems like nobody has pointed out that the supposedly anonymous transactions (using z addresses) are still not working. All mining pools are warning about it. For example:
If anonymity is so important for people, there are already excellent solutions, Monero being one of the best, if not the best, with a strong and serious dev team.
Disclaimer: I am not a Monero dev and I own a huge total of 0.6 XMR. This is only my opinion as a software dev.
Fixed in Zcash 1.0.3. (They were always "working", despite the bugs that were recently fixed. You can see plenty of successful z-address transactions on the blockchain.)
