Fading out my credit card

Once upon a time there was no internet. When you went to a restaurant, you had to pay in cash. If you had no cash with you, you might have been lucky if the owner knew you good enough to think you were credit worthy. But what if you were in another city? Then some clever people invented credit cards. What they essentially did was telling the store owner that the person whose name was on the card was trustworthy, and that the credit card company would vouch for that individual. Obviously, owning such a card was quite a privilege. The companies issuing these cards didn’t want to pay the bills for people who would not pay them back, so they looked closely who would get such a card. But sometimes it happened, that the people spent more than they could afford, or they ran off. It also happened that people bought goods with stolen cards. So they introduced the handwritten signature as a security measure. As the fraud became a regular occurrence, the credit card companies, rather than just fight it, started to accept it as an inevitable part of their business. They calculated like insurance companies, and figured out that they could effectively make more money if they lowered the bar to entry. The honest users would just pay the bill for the occasional crook through the higher fees.

Then came the internet, and people wanted to buy stuff online. Because there was no appropriate payment mechanism, people just used what was available: credit cards. The combination of name, credit card number and expiration date was not sufficient against misuse. This information was on the front of the card, and every store owner where the card was used had the information. So they introduced a three digit number on the back of the card as a security measure. Criminals became cyber-criminals, and they liked this system very much. Now they could steal credit card numbers, and use them to buy stuff that somebody else would have to pay for. Credit card fraud became an even bigger issue. But the credit card companies don’t suffer from that as much as one would think. Customers can complain if something appears on their statement that they didn’t buy. The CC company then issues a chargeback, and demands the money back from the store. In essence, they charge fees for covering the risks, but don’t actually cover it themselves. For some retailers, those fraudulent chargebacks are a real issue.

Then came the internet of money. It is called BitCoin. Just like the internet in 1994, a lot of people are confused, and don’t know what to do with it. Just like the internet liberated and democratized information, BitCoin does the same with finance. The internet didn’t just replace the fax machine, but opened a wealth of possibilities noone had even thought about. BitCoin already now offers a wealth of possibilities not imagined before. And the BitCoin 2.0 space shows even more applications for BlockChain technologies. But for the moment let’s focus on online payment. BitCoin doesn’t need no trusted third parties who could charge disproportionate fees, or could even steal or confiscate the wealth flowing through them. Transactoins are final, so there are no fraudulent chargebacks. For scenarios where both parties don’t know each other and hence don’t necessarily trust each other, there’s an arbitration model already built in, in the form of MultiSig. The arbiter can be freely selected, not like with PayPal for example that always favour the buyer.

For me, the main difference between BitCoin and cash versus credit- and debit cards is this: Either I give the amount I determine, or I give the information to get from my account the amount they want. You surely saw people hand their open purse to the cashier in a store, so the cashier can take out enough money to pay for the goods. Most often these people are retarded, can not count or read the numbers. Why should we act as retards when we want to buy something online?

Just this week, I read an article about a couple whose credit card was charged by a hotel with a $156 penalty for a bad review. Even if this is part of their terms, most people (myself included) perceive this as outright theft. Now guess what, with BitCoin they couldn’t steal from their customers at will.

With all this in mind, and after reading about credit card breaches multiple times a week, I think the time is ripe for a change. For the last two years I frequently ask if I can pay with BitCoin when I buy something online. That is mainly to build awareness, and voice against excuses such as from Amazon stating they didn’t see customer demand for BitCoin payments. I am ready to shift to the next gear. I want to get rid of my credit card in a year. But I won’t just cut it in half, and then regret it. Instead, I give my best to find and use alternatives, that at least involve BitCoin, if it is not direct. I don’t really like buying gift cards for myself, but I’m willing to go that route if I have to, at least temporarily.

I received a new credit card last month, and my first passive step towards my goal was not to register it with every service where I used the old card. That includes Amazon, PayPal, SBB, SPOT, …

The first order online after that was with dealextreme. I asked them about BitCoin payments before. In fact many people did, and I had the feeling they started warming up last year. But after the Chinese government crackdown, they said they couldn’t do it. They accept PayPal however, and since I no longer have my card registered, I wired the money to a PayPal account at a Swiss bank in advance. It’s certainly a hit in convenience, but it’s more secure still.

Then I found out that Amazon doesn’t accept PayPal, but only credit cards. That’s strange, so far, I just assumed they would. So I will have to send some BitCoin to gyft.com or egifter.com when I want to order something from Amazon the next time. I don’t really like this, but well… Ah, there are also services like purse.io where you can submit your amazon wishlist and some BitCoin. Another user who wants to buy BitCoin can then order the items from Amazon and send it to you. This option looks better to me. I’ll try it for sure.

I’m not a big fan of the security I see with PayPal neither. On this blog I ranted about password based security many times. Unlike with the credit card, at least I can change the security element (the password in this case), If I suspect somebody could have sneaked it. Somewhere I thought I read something about two factor authentication with PayPal, but when I looked for it, I couldn’t find anything.

Not everything in this post is historically researched. Rather I just tried to outline how the different system work, and how they became how they are.


Here is another story worth reading.

Back to Mac (nothing to do with Apples)

After I stopped flying in competitions, I also slowly stopped flying competition gliders. So I went back to my old and proven sports class glider. I meant to replace it for a long time. But as my Gradient Aspen 1 is by now more than eleven years old, there really were no more excuses.

So, I took the time to test new gliders. The first one I tried was the successor, the Aspen 5. It felt familiar and comfortable. They also have some good results in sports class competitions. So I almost bought one.

But I wanted to try at least one other model. The most obvious was to see what Mac Para has to offer. After all most of my competition gliders were from MacPara, and I still consider the Magus 4 the best glider I ever flew. The description of the Marvel sounded good, but the model is more than two years old. So I asked if the successor is imminent. Most paragliding companies don’t announce the new models in advance, as they still want to sell the old one. I still expect a successor next spring the latest. That is probably the reason why I got such a good deal for the demo glider. Since I don’t fly cross country as much as I would like to these days, I don’t need the latest and greatest. Instead a glider that I am comfortable with, and that lasts for another decade. Ah and there is another factor. I still like the design of the MacPara gliders. When I was collecting information on the Mac Para switzerland webpage, I was pleasantly surprised to see a picture of myself and my Magus 4 over the pre pyrenees at the 2006 pre World Cup.

MultiSig with HardwareWallets

2014 is touted as the year of multi-signature for BitCoin. It is being integrated into some wallets and services. But not quite the way I expected.

  • Electrum has an implementation that assumes multiple hierarchical deterministic wallets distributed over different machines, that know the other’s master private keys. -> This should work well for corporate environments or other organizations.
  • GreenAddress has a cool, but for my taste too obscure solution. I would recommend it for new users. But for myself, I want to be fully in control.
  • OpenBazaar, although not fully functional yet, will integrate arbitration with multi-sig.
  • and I hear more announcements almost on a daily basis…

When I first read into MultiSig, I understood it like I could combine any Bitcoin Addresses of my choosing to create a MultiSig address. If one of the involved addresses was in my wallet, it would automatically display the MultiSig address as well. And I could then partially sign a transaction with the GUI, and magically forward to the other signing parties. Turns out that is not quite how it works. To combine addresses of my choosing into a MultiSig address, I have to resort to the commandline. There are a couple of good tutorials on the net on how to do that, and also on how to spend. But it’s not like executing a few simple commands. It’s quite hardcore. There are wallets where you can add them as view only addresses, but I’m not aware of a wallet where you can partly sign a transaction in such a setting.

MultiSig brings us escrow services and a load of similar stuff that was not even imaginable before the rise of BitCoin. MultiSig is also good if you want to implement a setting where at least two of your accountants need to sign transaction in a corporate environment. What this adds is security. You surely saw movies where a few generals had to use their physical keys to launch missiles. That’s done to add security. So that the terrorists would have to steal the keys from more than one general, before they could launch a missile. The same works for bank vaults. And the same idea is behind BitCoin MultiSig, only that it goes much further.

MultiSig is just one facet of pay to script (P2SH). You can implement other rules than just MultiSig. I became only recently aware of that, when GreenAddress gave me a transaction that I could use to get my funds off the MultiSig wallet in case they went out of business. What that means, is that if too many parties loose their keys, funds on a MultiSig address are rendered inaccessible. As a measure against that, they created and signed a transaction with their key to transfer all funds, but with a time restriction. This transaction will only become valid after a certain configurable point in time. BitCoin has a stack based scripting language for expressing such rules. For my taste it’s very complicated at first sight, but it’s cool what you can do with it. That’s actually, where ethereum’s main focus is to improve. That’s all good and nice, but wasn’t it possible to program rules for a long time? Of course, but with BitCoin nobody can cheat, and you have to trust nobody. You cannot just change the system time on your computer, or buy a fake certificate to trick a system into using your timestamp server. BitCoin has a distributed consensus, that is very hard to come by.

So in essence, MultiSig is about increasing the security. This is mainly against malware that can infect your notebook and steal the files of your wallet software. There is also another cure against the same threat: HardwareWallets. I wrote about the Trezor and HW1 on my blog before. Now how about combining the two measures? That should raise the level of security up to a point equivalent as storing your gold and silver and diamonds inside a bunker in the Swiss mountains, and guard it with a Russian tank, driven by a rogue artificial intelligence. But I can tell you upfront: just like that rogue AI, it’s not going to be user friendly. While user friendliness and security are often opposing, this is an extreme case. After reading this, don’t be tempted to think BitCoin was difficult to use. BitCoin is wonderful and easy – for normal use.

So let’s begin with the commandline fu. I won’t repeat every step from the gist from atweiden, but concentrate on the special parts:

You don’t need to create any wallets. I assume, the hardware wallets are initialized and ready to use. Continue reading “MultiSig with HardwareWallets”

Visiting the doctor after 20 years

My wive usually rolls her eyes, when I tell her: “No, I don’t need that medicine. My immune system can cope with that, and needs to be trained.” or “No, I don’t need that painkiller as long as the headache is not overwhelming. My body reminds me that I should not shake my head too much at the moment”. But last week I had a flue that didn’t improve even after three days in bed. Usually flues weaken me for a week, the strong ones put me in bed for a day. But this was different. For the first time in twenty years (not counting vaccination for travel, and the dentist), I felt it necessary to visit a doctor. He gave me antibiotics, and indeed I started to recover. Would be nice if it took another 20 years until I need a doctor again…

electrum server on a cubox

I don’t even remember if there were alternative wallets available when I started with BitCoin. I used the reference implementation exclusively for a long time. Now there is a wide variety to choose from. They fall in three main categories: full node, light client and web wallets. They are nicely listed and explained at bitcoin.org

full node

Every hardcore bitcoin enthusiast should run at least one full node. That’s how the system was envisioned. It expresses the peer to peer nature. A full node maintains the complete history, and can verify transactions. It has lots of connections to other nodes, and helps propagate the transactions and blocks through the peer to peer network. The downside is that the size of the blockchain has grown so large to make it impractical, especially for mobile devices.

light client

Most mobile wallets fall into this category, as well as my favorite: electrum. The main reasons why I prefer electrum are that it has been in the apt repository for a while, and it has good support for hardware wallets. Light clients communicate with servers that in addition to the blockchain of the full node also maintain an additional database. This is required to serve requests for addresses, that the full node doesn’t have in its wallet. The client is responsible for managing the keys, and thus signs the transactions locally before distributing them.

web wallets

This is mainly for new users that don’t know how to secure their private keys.

electrum server

The main downside of light clients compared to full nodes is that there is a layer between your light client and the peer to peer network. You depend on these servers to be available. The server you connect to, could connect your BitCoin addresses to your IP address. They theoretically could also selectively filter transactions. But what they have no way of doing, is steal from you. As I understand it, electrum talks to multiple servers not only to protect your privacy, but for various reasons. There are about 7’000 publicly reachable full nodes, but only about 20 electrum servers. To protect your privacy, you can run your own electrum server in your basement. That’s what I do, but it’s more to support the system then out of paranoia. There is a strong incentive to mine BitCoin, but the incentive for running a full node or an electrum server is not monetary. Still I think it is very important to have many of these around.

I had a cubox small quad core arm box around that already ran a BitCoin full node and p2pool as well as some smaller stuff. It had some more capacity, but I didn’t know if it was enough to run electrum server. As it is not really apt-get installable, I didn’t want it on my main server. Electrum server uses a leveldb to keep track of all the information that it needs in addition to bitcoind. At the moment this database has about 11GB. Building it from scratch can take a long time, so they advice to download it form the foundary, and grow it from there. It didn’t work out initially, so I tried to build it from scratch. After computing for a week it slowed down too much at the blocks of mid 2012. So I downloaded from the foundry again, and this time it worked. For about two weeks I tested it in private. Then I had to enable IRC to make it public. You find the public servers in the #electrum IRC channel,  they start with E_. My electrum server is probably one of the slower ones. The cubox is a cool device, but not a typical server. It has performance comparable to a smartphone. Sometimes it lags a few blocks, but in general it keeps up quite well. I can see hundreds of clients connect to it.