
Internal FBI risk assessment of Bitcoin network [pdf] - p3drosola
http://www.wired.com/images_blogs/threatlevel/2012/05/Bitcoin-FBI.pdf
======
JulianMorrison
Given that Bitcoin records all transactions for posterity, and given the
ongoing rise of "big data" analytics, I'd say Bitcoin is likely to be _harder_
, in the long run, to use for shenanigans. A government currency has forms in
which transactions create no paper trail. Bitcoin does not.

Really the big disruption Bitcoin could cause if it becomes well established,
is to act as a stable reference frame against which the other currencies can
be compared (versus now, where they all float against each other). No
government owns the Bitcoin printing press. It cannot be used as an instrument
of fiscal policy, and it weakens the ability to use government currency as an
instrument of fiscal policy.

~~~
tbrownaw
_Really the big disruption Bitcoin could cause if it becomes well established,
is to act as a stable reference frame against which the other currencies can
be compared_

What would make it any more (or less) stable than the traditional reference
currencies of gold, ammo, and canned baked beans?

~~~
oillio
The supply of bitcoins used as currency is fixed while the supply to all other
reference currencies are variable in some way or another.

Fiat is obviously variable on the whims of the issuing government.

Gold may be taken out of circulation to make jewelry or electronics (or
another use not yet discovered). Ammo and baked beans can be consumed. Bitcoin
has no utility value and cannot be used for anything other than as a currency.

Similarly, the supply of these other items can be expanded. An asteroid full
of gold could be mined, a new ammunition factory built, or a bean farm
planted. Bitcoin has no physical identity, it cannot be reproduced,
counterfeited, or grown outside of the well defined properties laid down in
the original protocol.

Bitcoin is truly the first pure reference currency. Manipulative games can
still be played with bitcoin markets, but the risk of external non-economic
events affecting your money supply is removed. A political party can't decide
the world needs more bitcoins, a new vein of bitcoins cannot be discovered,
and nor can a new use for bulk bitcoins be invented.

------
Groxx
Unless I misunderstand Bitcoin more than I think I do, this is flat-out wrong
(~1/3 of the way through the document):

    
    
      (U) What Users Can Do To Increase Anonymity
      ...
      • (U) Combine the balance of old Bitcoin addresses
            into a new address to make new payments.
    

Combining balances just means you have a bunch of disparate nodes in the
network which may not be related, and you are _intentionally_ connecting them.
So if you combined anonymous nodes A-Y with Z which was linked to you, A-Y are
now logically linked to you because Z tainted the whole pool. (edit: or at the
very least, all the money in A-Y)

Yeah, there are ways to make it true/er, but I'm arguing against the principle
of the suggestion. And I have doubts that combining (only your) addresses will
_ever_ increase anonymity.

~~~
feral
Actually, I think the suggestion in the report is correct.

I _think_ that what they are getting at here, is the following scenario:

Imagine that you have several addresses, with different balances, _in the same
wallet_. If you do a payment using the normal client, which requires the total
balance from all those addresses, this will create a transaction with all
those addresses as inputs. In the Bitcoin protocol this provides unambiguous
proof that the input addresses are all controlled by the same user. (With some
provisos: obviously wallet services overlaid on the network complicate this;
as do some other more sophisticated uses of the protocol; but in general, at a
protocol level, this is true).

So, that then shows any passively listening third party that all those
addresses were under control of a single user. This knowledge can then be
applied transitively, to consolidate ownership of large quantities of
accounts. (We tried explain this in our paper:
<http://arxiv.org/pdf/1107.4524v2.pdf> Fig 1.6)

What the report is probably getting at, is that an alternative thing to do,
would be to instead send all the payments to a new account, in separate
transactions. This would introduce a lot more ambiguity for a passive attacker
- passive ownership assumptions become a lot less clearcut. You can still try
make deductions, but its going to be much larger to do at large scale, and
require more statistical assumptions.

Its not completely obvious that this is what the paper is suggesting, but
thats my reading of it, and I think that makes sense.

~~~
Groxx
Yeah, it's not a clear-cut connection if you do it in multiple steps. Hence
the caveat that there are ways to make it (more) true. But what _improvement_
in anonymity does it provide over leaving them separate? If they can't infer
that X belongs to you, then if you don't send it to account Y (linked to you)
you certainly don't leak that X belongs to you. If you _do_ , it's not proof,
but it certainly doesn't improve matters.

Don't take it to extremes - this can clearly be stretched to include running
the whole process through mixers and back to a single address while improving
anonymity. It doesn't say that. In principle, is combining addresses better
for anonymity than not?

~~~
sliverstorm
I think what you're looking at is something more like, if someone employs this
tactic, they can't identify that addresses X, Y, and Z belong to the same
person, whether or not they know who that person is.

Linking together abstract pieces like that can be one of the first steps to
figuring out a very anonymous network.

~~~
Groxx
I can't tell if you're agreeing with me or disagreeing...

And yes, those links are basically all you can use in an anonymous network to
deanonymize actions. So how is linking things _better_ than not?

~~~
sliverstorm
Now I think I'm just confused by the way you're describing things. I'll hope
someone else is better able to understand.

~~~
Groxx
Hah, sorry if I am :) Not sure how I can significantly improve things without
writing a blog post or something :|

Anyway. Thanks for chiming in :)

------
sneak
> Since Bitcoin does not have a centralized authority, law enforcement faces
> difficulties detecting suspicious activity, identifying users, and obtaining
> transaction records

Yeah. Difficulty obtaining bitcoin transaction records. Good on you, FBI.

~~~
kybernetikos
Hang on, aren't the transaction records public and stored by the whole
network?

~~~
Munksgaard
I think that's the point.

------
piokoch
Nice document. It shows well the way of thinking of our governments.

"detecting suspicious activity, identifying users, and obtaining transaction
records is problematic for law enforcement." - That must deeply hurts FBI
people :)

"Despite the virtual nature of Bitcoin, users value the currency for many of
the same reasons people trust Federal Reserve notes: they believe they can
exchange the currency for goods, services, or a national currency at a later
date."

People do not trust "Federal Reserve notes" (or any other official currency) -
they are forced to use it, since they must pay taxes in it.

But it is good, that at least some people realize that there is no such a
thing like US dollar, only those "notes" printed by Ben Bernanke and his pals.

If one day Bitcoin gets truly popular governments will be in trouble. How to
tax that beast? I wonder if there is any other solution then poll tax.

~~~
peteretep
> People do not trust "Federal Reserve notes"

Really? There I was thinking foreign governments liked holding their reserves
in US dollars...

> that at least some people realize that there is no such a thing like US
> dollar, only those "notes" printed by Ben Bernanke and his pals

Wake up, SHEEPLE!

~~~
piokoch
"foreign governments liked holding their reserves in US dollars"

Yes every government _has to_ keep dolar reserve because this is the only
currency you can buy oil with. USA managed to force oil suppliers to accept
only US dollars.

This is the source of the dollar power and enable FED to print as much dollars
as they want. People all over the World must purchase dollars.

~~~
rjknight
Minor snark, but 'the Fed', as in 'The Federal Reserve Bank of the United
States of America' is an abbreviation, not an acronym. If you really want to
use a TLA, 'FRB' (Federal Reserve Bank) might work, but 'FED' is meaningless.
This undermines the credibility of your pronouncements on monetary economics.

------
bencoder
This was leaked quite some time ago and determined to be genuine. Wired's
original article: <http://www.wired.com/threatlevel/2012/05/fbi-fears-
bitcoin/>

------
johnyzee
> FBI assesses with high confidence that [...] malicious actors can [...] use
> botnets to generate bitcoins.

As far as I understand bitcoin (which isn't too far, admittedly), the
generation of bitcoins is actually encouraged, and only possible within some
well-defined boundaries which basically just ensures that bitcoins are put
into circulation up until it hits the fixed limit. Maybe someone could clear
that up for me? In that case the "malicious actors" would actually be
performing a useful service for the bitcoin ecosystem.

~~~
ewillbefull
Interestingly botnets are probably a month away from being unprofitable for
mining Bitcoins, in fact GPUs will be unprofitable for mining Bitcoins all-
together. ASIC devices are being shipped over the next six months which will
increase the mining difficulty substantially.

~~~
LaRakel
The benefit is that the electricity bill goes to the owners of the infected
computers.

What does a botnet cost?

~~~
eric_bullington
I think the comment is referring to opportunity cost, since botnet's can also
be used for other profitable activities, which may bring in more money than
bitcoins (such as renting them to interested parties).

~~~
avar
Generating Bitcoins is CPU or GPU bound. There's a lot of profitable things
you can do with botnets that don't compete for those resources.

------
willvarfar
I like the presentation style.

The particular phrasing of "assesses with low confidence" took a bit of
twisting to understand, though. Its just a convention you have to get use to
in these kind of reports, I guess.

------
wintersFright
Interesting that they don't address whether there are concerns about it
eroding tax revenue or if it is a threat to federal reserve notes.

~~~
saraid216
I'm guessing it's because that's not something the FBI cares about. The FBI is
just a police force; it ain't the Federal Reserve.

~~~
wintersFright
but you need a police force to enforce fiat :)

~~~
kybernetikos
You need a police force to enforce contracts and there is no system of
exchange that can survive without contract.

~~~
objclxt
No...you need a _justice system_ to enforce contracts: contract law and
dispute resolution pre-dates the idea of a police force by hundreds of years.
Breaking a contract is a purely civil matter.

The police usually don't investigate tort law, only criminal law. When the
police _do_ get involved in civil law disputes it can get quite controversial.

~~~
Nursie
>> contract law and dispute resolution pre-dates the idea of a police force by
hundreds of years.

So does centrally controlled currency...

------
pirateking
Impressively crafted document. Found it to be very concise and educational.

------
ninetax
I would love to participate in this discussion, but I feel like I don't know
enough about the economics of currency to make any real contribution.

Does anyone know of some good resources (online courses, books, etc)?

~~~
nhaehnle
This is always a contested subject because economics has so many competing
branches, many of them with more or less overt ideological overtones.

IMHO, you should listen to economists that (a) emphasize looking at the
operational realities of what actually happens in the monetary system, and (b)
tell you that banks matter for what happens in the economy.

(If you find it hard to believe that a majority of economists ignore banks in
their models of the economy, good for you and your common sense!)

This means you should read what Steve Keen writes and listen to what he says
(he blogs at <http://www.debtdeflation.com/blogs/>), and what the Modern
Monetary Theory crowd write, as they explain such basic things as what role
reserves and bonds play, from first principles (start here:
[http://neweconomicperspectives.org/p/modern-monetary-
theory-...](http://neweconomicperspectives.org/p/modern-monetary-theory-
primer.html)).

More generally, "endogenous money" is an important keyword to look out for,
because our monetary systems are endogenous in the sense that money is mostly
created by banks, not by the government.

If you venture into online economics resources, you will run into a lot of
(economic) Austrians. I believe this is mostly because of the Mises institute,
which is well funded by people with an ideological ax to grind. It's good to
reflect on their messages occasionally, but they should be taken with a grain
of salt. (And since they are hardcore gold bugs, they don't get endogenous
money, which means that much of what they say simply doesn't apply to our
current economic framework.)

~~~
ninetax
Thanks, I'll take a look. I am definitely more interested in case study, and
reality than an idealogical system.

------
BUGHUNTER
Another part of the global anti-cybermoney-publicity-campagne that we can see
right now starting is a study of the European Central Bank on "Virtual
Currency Schemes", Oct. 2012.

Read it:
[http://www.ecb.int/pub/pdf/other/virtualcurrencyschemes20121...](http://www.ecb.int/pub/pdf/other/virtualcurrencyschemes201210en.pdf)

Edit: BTW, if you are interested in international monetary policy you can find
many important publications on the ECB site:

<http://www.ecb.int/pub/html/index.en.html>

~~~
nhaehnle
I suspect you may be overreacting with the tinfoil-hattery. Obviously those
institutions like the ECB and the FBI are interested in virtual and new
currencies. That's part of their job!

But if you actually read those publications, you'll notice that they aren't
very urgent at all. Their stance is basically that they want to keep up with
the development, but don't see a reason to act right now.

------
mazsa
pdf:
[http://www.wired.com/images_blogs/threatlevel/2012/05/Bitcoi...](http://www.wired.com/images_blogs/threatlevel/2012/05/Bitcoin-
FBI.pdf)

~~~
BUGHUNTER
Thank you very much for the direct pdf link, I hate does sites that try to
simulate ell established office tools like a pdf viewer in a browser, fail
with this and still want to collect your data like email address to give you
the real thing. Unfortunately too many people out there are using this crap
sites.

~~~
p3drosola
Yeah, sorry about that. I submitted the actual link to the pdf, but HN turned
it into a scribd link.

~~~
andrewcooke
only the [scribd] part is to scribd. the rest of the link goes to the original
pdf. this is how hn has handled pdf links for a long time now.

------
Tyr42
What does the "(U/FOUO)" that keeps showing up mean?

~~~
natep
Unclassified/For Official Use Only. Basically means that it's not Secret, but
still can't be distributed without permission. Different organizations have
different discipline structures around leaking FOUO material, but I don't
think there are any legal implications.

------
gscott
"In July 2011 FinCEN revised the definition of money transmission service to
mean the acceptance of currency, funds, or other value that substitutes for
currency from one person and the transmission of currency, funds or other
value to another location or person by any means."

Sounds like if you make a market for gift cards you need to be a licensed
money transmitter FYI.

------
politician
"All Bitcoin transactions are published online and Internet Protocol (IP)
addresses are linked to the public Bitcoin transactions."

How are IP addresses linked to the block chain?

~~~
TazeTSchnitzel
Well, presumably if you infiltrate the P2P network, you can catch the
transaction at its source?

~~~
politician
Sure, but surely the block chain doesn't contain _Source IP Address_ fields.

~~~
TazeTSchnitzel
That is correct.

------
Monotoko
"For instance, child pornography and Internet gambling" - So, me playing the
UK National Lottery online is illegal? o.o

------
sturadnidge
s/Bitcoin/cash/ and all the negative arguments about propensity for criminal
activity are quite amusing.

~~~
Nursie
It's a bit harder for someone to take over your computer to create cash.

It's pretty hard for someone to hijack your wallet with a Trojan and if they
_do_ get into your bank account that way then the police and the bank might
take an interest.

I know this is a meme in the BTC community - any criticism of BTC as a payment
method is met with the claim that "it's just like cash" and any criticism of
weaknesses of BTC as a currency is met with the claim that "it's a payment
method and a commodity". To me it pretty much fails at all of the above.

There's no doubting it's good for purchasing contraband though.

