The US:CAD rate is only 4:5, not the 1:6 BTH:BCH ratio at the time of the article. Perhaps more importantly, one can only use Canadian coins this way in person, and therefore probably at very low volume. None the less, it’s interesting to see the parallel.
* And not that near, either. I’ve seen this in Massachusetts. I never saw this growing up in North Carolina, or when I moved to California, though.
You try to buy an iPad in the US using 2000 Canadian quarters, thinking you will return it later to get 500 USD. Instead, they just tell you to 'fuck off' when you try to make the initial purchase.
So what Canadian quarters lack in currency value, they make up for in entertainment value.
There's a massive amount of Canadian currency in circulation in the US, and everyone just treats them the same as American currency and doesn't bat an eye. I mean, nobody is going to accept a Loonie or a Toonie, but all other denominations are fair game. The only vocal annoyance anyone has ever expressed to me was about vending machines not taking them. I accepted them when I worked the til because everyone just seemed to be ok with it.
I always wondered if there was a legitimate scam possible here.
you mean they accept them at par?
Canada got rid of the 1 cent piece though so there are likely more Canadian pennies in circulation in the US than in Canada.
You need liquidity to process payments on a non trivial scale, but that's par for the game for banks, credit cards companies, paypal, and everyone else in this space.
Waiting for a confirmation will do you no good anyway. No exchange accepts any less than six, which would have you take the exchange risk for over an hour. That's not a very good business case.
If you look at OTC trades on distributed exchanges, you will see that this strategy takes place there too. Make a trade, and finalize only if the exchange rate moves in that favor, otherwise cancel. Most places have reputation systems in place to suppress that behavior but they have their own problems. There's likely no ideal solution.
(Also do note that one confirmation is likely not enough anyway if you want to avoid rolled back transactions. Orphan blocks aren't really that uncommon.)
It's too late for GOG to take back its game, I've already downloaded it in the five minutes it took you to realize I've rescinded my payment.
Payments on the globally replicated blockchain can not be both quick and secure. Many soda machine experiments faced this exact problem. What all of them did in practice was the same thing as all restaurants and pubs do, eat the risk. Any guest who wanted to leave without paying, or pirate your game, would do exactly that anyway and not bother with faking payments in the first place. Every pub and café owner takes the exact same risk even when settling in cash. People leave without paying all the time.
The specific example of game keys you mentioned has some interesting aspects to it however! Trustless zero knowledge swaps have been demonstrated between them and Bitcoins, which could open for some exciting business ideas that were not possible before.
You, the merchant, can accept bitcoin (and other currencies) using Bitpay's payment system. Bitpay immediately credits your account with USD. No risk of long-term (more than a few seconds) price moves in BTCUSD.
The downside is that Bitpay, like every other authorized cryptocurrency "bank", is crippled by KYC/AML regulations and cannot process all the applications they receive for new customers.
Since all the small transactions are happening via these tokens, the cost of Bitcoin transactions would be a much smaller issue..
However, still things require an additional layer to get it to work in the physical world.
Lets not forget that this technology only became 'accepted' by the mainstream in 2017.
Before that, it was nerds volunteering to program various infrastructure.
Also, between accounting, finance, and taxes, implementing cryptocurrency for any fortune 500 company will add additional layers of complexity.
Yes, that risk is increased quite a bit, but I thought the main selling point of Bitcoin is that govt can't control your spending, which would stay
It's a good one thats already been implemented behind the scenes.
For example, transaction costs are too high to reasonably pay for a single cup of coffee. But if you know you buy a cup of coffee on a roughly daily basis, you could put down $1,000 worth of Bitcoin, get an anonymous gift card for that amount of money, and then use that over time to pay for individual coffees.
But that really raises two questions: why do you feel the need to use a semi-anonymous, public-ledger currency to pay for coffee at a shop where your status as a regular makes you recognizable, and why is it worth foregoing interest plus the risk of not using the entire gift card for the privilege?
On the other hand, Litecoin, RaiBlocks and Ripple could be used for payments and many companies seems to have started.
Is it ridiculous that the price can fluctuate enough in 60 minutes to significantly affect a transaction? Obviously.
There are 1000 other cryptos that can move money.
Bitcoin is the only reliable way to hedge money against massive government inflation that we have seen after an African Coup or hyperinflation.
I found this on the Overstock Wikipedia page :
> In the first 22 hours, they received over 800 orders worth US $126,000 in bitcoin. This represents a 4.33% increase in sales from their normal income of $3 million per day. ... In mid-2014 Overstock.com announced that bitcoin sales were averaging $300,000 per month and that the company expected bitcoin sales to add 4 cents to the company's 2014 earnings per share.
I can't find any recent information, but it might have slowed down since Bitcoin transactions are so expensive now. Overstock is also holding 50% of their Bitcoin revenue as an investment, but I presume that's in cold storage. If they were doing $10,000 USD per day in 2014, then I would guess they might be doing around $100,000 in 2018.
So the refunds are probably coming out of some addresses that hold around $100,000 to $500,000 USD. Their Coinbase integration might have a daily buy limit of around $1M, or maybe even no limit. So a hacker could have stolen 6 or 7 figures, but probably no more than that.
You could write a script to automate all of the orders and refunds. You could use Tor, or you could use Bitcoin to rent VMs and IP addresses, then connect to your VMs via Tor. I don't know if Overstock has CAPTCHAs, but that's not a big deal if you're making 4-5 figures per CAPTCHA. And finally, you just trade the stolen Bitcoin for Monero, then back to Bitcoin. The only thing you have to worry about is a guilty conscience.
It's unclear if you could only use pre-fork transactions, or if you could spend the Bitcoin Cash from new blocks. If it's the latter, then you could just buy Bitcoin Cash using your refunded Bitcoin, and create/cancel orders in an infinite loop until you emptied their account.
I find it very interesting that Bancsec specializes in bank security. It's probably a bit harder for JB Snyder to get away with something like this than your average software engineer, since the FBI and IRS are probably keeping an eye on him. He's also the founder of a very successful security company, so 6 or 7 figures probably isn't worth the risk. (And of course, he's probably a model citizen and a saint.)
Anyway, it's not every day that you come across a virtual duffel bag with 6 or 7 figures of anonymous cash. I hope Coinbase or Overstock paid a bug bounty.
You're right, there was no advantage to reporting the vuln. Most people would have jumped on that vuln like <edgy metaphor>.
But "fuck you, got mine" mentality won't get us to Mars. And as stupid as it sounds, having a story to tell is at least partly as satisfying as doing the actual heist. Zero risk, and you get to brag how smart you were. People are also much more likely to trust you in the future (as opposed to you being an unknown quantity).
Heists like that also punish the ecosystem. If Overstock lost $1m, it would forever show that moving to crypto is fundamentally a terrible idea. It would destabilize the basis of wealth you sought to acquire.
But... Yeah, passing up a $1m payday would not be easy.
It's fun to think about all the people behind these hacks. JB Snyder could have been one of them, and we'd never know. A lot of them are probably just regular software engineers and security experts who stumbled onto these vulnerabilities.
I think it's true that the "fuck you, got mine" mentality won't get us to Mars, but that's the motivation behind cryptocurrencies. We can't trust billions of strangers, but we can trust math and physics.
Except, we already have systems that allow us to trust billions of strangers (governments and laws). Governments and banks could have reversed all of these transactions. The FBI might have tracked down the hackers, and a judge might have sent them to prison. I'm starting to think that we don't really need cryptocurrencies, and the current system is actually pretty good.
Back when Microsoft was literally paying people to use Bing, bing had a promotion such that certain items were eligible for a 20% discount, which was paid via a rebate check from Microsoft.
One day, I ordered some item then canceled it, and a couple months later I got an email informing me I had been credited for the purchase via MS, and my rebate account had, $10 or something. It took me about... 30 seconds to realize the implications of this.
I ordered as many plasma TVs as I could, one at a time, and then canceled them. I got about $900 of rebate checks before someone got suspicious. They canceled my account because I was buying too many TVs. They never did figure out what was going on.
Was it ethical and moral? No. But I hate MS and they've stolen thousands from me over the years. It felt great to get one over on them.
Edit: I've hated MS since I saved all summer to buy MS-DOS 5 and it was complete crap.
I thought it was a cool story and a neat hack. I passed no ethical judgement. Until you went off the deep end with that fantasy-land justification.
MS didn't steal from you. You exchanged money for a product that, even if it was "complete crap", was the product that you desired more than others available in the market at the time of purchase.
It's not difficult to come up with a justification that passes a sniff test of conforming with reality: "I felt no ethical hesitation about this. MS shipped poor code for years. Most of the time the failures of that code most impacted their customers, I just found a case where it impacted them."
Fortunately, I don't give a damn what strangers on the internet think about me :)
My only regret is not stealing more money from them.
I used to struggle with this too, but then I realized just how much corporations steal from America.
It wasn’t always like this of course, both consumers/citizens and companies can go back to treating the other not-like-shit, but companies can go first.
This all hit me one day when I realized that, even if I dedicated my life to crime and greed, I would never be able to steal/defraud as much as many companies have in several business hours.
That being said I want to make it clear I pay my taxes in full and take only the standard deduction.
I don't have morals. I simply reflect them. You treat me ethically, I will treat you ethically.
MS stole from me, I steal from them. There's no moral high ground here. Just reality.
You were doing better in your previous comment when you admitted you were being a bad person and simply didn't care.
I destroy what is bad, and nurture what is good.
I am a person who is very, VERY concerned about ethics. I spent weeks agonizing about if I should cash the checks.
I concluded, MS had treated me unfairly, but legally. I treated them unfairly, but legally.
"But I hate MS and they've stolen thousands from me over the years."
I was just responding to the excuse.
This has all been very interesting.
That's like saying if a business left their door unlocked everything's free.
>It's not theft in the strictest legal sense
The law doesn't think you're so clever, make no mistake, this scheme is illegal. I posted another comment where a woman was convicted of wire fraud for doing essentially exactly the same thing.
The intent to defraud matters as well as the scale (which goes hand in hand with intent).
I can honestly say my relationship has been anything but mutually beneficial with MS too... and I owe them a bit of gratitude for that.
When I was a teenager in the 90's I wanted to learn programming, so I downloaded Visual Studio 6. I learned C++, and MFC. I gave them no money, but I still got my first marketable skill. Later I would go on to download SQL Server. I gave them no money, but in return, I learned SQL. Got pretty good at it.
When my career progressed, my relationship with Microsoft started to become more mutually beneficial. Employers have purchased MSDN subscriptions on my behalf (the really expensive one!) I've pushed for SQL Server over alternatives. The better I knew the unique features of their products, the more it became my preference. I wrote .NET code for years, and have been responsible for my employers purchasing probably tens of thousands of dollars worth of licenses... for products that worked very well.
Today I mostly work with open source software stacks, but I spent 10 years working with Microsoft, and I do owe them a bit of gratitude. They've improved my life for sure.
The used dirty tricks to sink their competitors, stole ideas, products, etc. They were the original bastards of the tech industry.
I have hated them since I was a kid...in the 80s.
This Simpsons scene summarizes things nicely:
You are vastly exaggerating.
At least with linux, you got some command line skills (back in the day).
"Pigs get fat, hogs get slaughtered."
At least you didn't go to jail like a women who bilked QVC for over $400,000 in merchandise obtained an identical way: https://consumerist.com/2007/10/31/woman-exploited-bug-on-qv...
Wut? The release that improved (vastly) upon 3.31 (the most common previous release as MSDOS4 was... just all over the place) and the one that added MS DOS Editor and QBasic??
It was so much better.
Also, based on your comments MS has stolen nothing from you. MS may not have been the best OS back in the day but it was better than what was generally available at the time to consumers.
Though Anecdotal, none I know even talking about Bitcoin Cash. Can we not rename it already? It would be better for investors and also Bitcoin Cash team.
Nobody "owns" the bitcoin trademark.
Bitcoin is what people call it. If you want the government to get involved, you should go back to fiat.
A thousand currencies, of all the same name
Would like to sell before BCH hits 0.
I'm not even mad about that. If anything, it has frustrated me that Bitcoin developers don't seem to want anything to do with implementing privacy features on top of Bitcoin. So I wouldn't mind Bitcoin Private dethroning Bitcoin in the future, even though I don't think they use the best cryptocurrency privacy technologies out there.
the segwit2x fork was planned for AFTER the bcash/bch fork. also, there were 2 issues at the time: block size increase and segwit implementation. the segwit2x fork didn't occur, so everybody is pigeonholed into either [yes blocksize increase, no segwit] or [no blocksize increase, yes segwit]
And while it would be welcome to increase capacity, there are many ways to do that. Coinbase fixing their broken wallet would single handedly give more spare capacity than any other measure right now. If their customers would instead choose a service where you pay low or no fees we wouldn't have the fee spikes we have right now. To argue that a globally coordinated rule change is somehow the easy way out requires some very good explanation.
That said, it might be prudent to mention in this context that we activated a blocksize increase only a few months ago. The opt-in, non-coordinated kind, which you are free to use at any time. (Unless you are with Coinbase, of course. In which case, see above.)
There are also other real life examples too, of single wayward services that made the blockchain harder to use for everyone, such as the casino which recorded a transaction in the global ledger for all eternity for every dice roll. Those are all priced out now, together with some of the more excessive tumblers, but that solution could be considered crippling the network.
Are there "too big to fail" services within the Bitcoin ecosystem? Matters are complicated further by the fact that the exchange in question foot the bill to their customers, one customer at a time, so the economic impact for them is negligible.
Why "fail", then? Well, it turns out that somebody looked at their hot wallets recently and noted that the mostly inappropriate choices of transactions to make had resulted in a non trivial amount of non-spendable dust collecting. In a bank run situation, that would result in them not being able to fully empty their wallets. The further down we investigate, the more there is to learn.
It blows my mind that an open source community has argued for two years about one single line of code, and shows no sign of stopping.
There are literally 1000 other cryptos that move money. BCH was never needed.
Also, ETH is the Bitcoin 2. BCH isnt used on exchanges, ETH is.
You answered it yourself.
>the aggressive marketing on CNBC about bcash as the original Bitcoin
The confusing naming clearly benefits them more than it harms.
That's what I thought. It helped them initially, but if you see even after launching on the biggest US exchange, their price hardly moved or there's hardly news or predictions about bitcoin cash.
People are reading, albeit slowly, it wouldn't help them in the longer run. If all they want is to use the name, pump and cash out, sure I think they succeeded.
It obviously hasnt happened, and at this point its approaching Fraud.
Moms/Casuals who bought Bitcoin in december bought BTC. They dont know what BCH is.
Take CU Sudo, for example. A fork of sudo later became the default implementation of sudo because the original development group stopped working on it. It would have been silly for it to call itself anything other than sudo, given its function.
Bcash supporters are intentionally trying to create market confusion by claiming that "bitcoin cash" isn't "bitcoin cash", it is "bitcoin", a different coin.
I think that's hostile.