Hacker News new | comments | show | ask | jobs | submit login

If a lay person were to ask how they get back their Bitcoins if they are stolen from their account, say due to a person gaining access to their computer, what do you tell them?

This is an important question to raise. One of the only reasons that credit cards were able to take off was because the credit card companies promised to limit your liability if your credit cards were stolen.

Similarly, there are countless examples of people's bank and investment accounts getting hacked, with the banks and brokerages reimbursing their customers to prevent bad PR.

Given this, I imagine that it would be a long time before the average person would be comfortable maintaining any store of money as Bitcoins (versus quick conversion and payment for things, but then what's the point?).

Agreed this is a main reason BTC is struggling.

But also, Bitcoins can increase greatly in value especially since at a certain point it's guaranteed there's no inflation. I just don't see people willing to spend something that can increase so much in value. It's like paying for Reddit with fractions of Facebook stock.

Regarding your second sentence:

Are you suggesting that bitcoins are struggling because people will not want to spend something that increases in value?

So bitcoins aren't purchased because they will increase in value too much?

That is the same circular logic that is used to explain "deflationary spiral", and it doesn't make sense.

Consider high tech equipment like a computer. You know that the price of a computer (or TV, or hard drive, or graphics card) will fall rapidly but you buy it anyway because you want to purchase it. It doesn't actually matter much that the price of the item is deflating. And these are for luxury items. Price deflation of goods matters even less when it is for something essential, like basic food items.

In other words, what you are saying is that the price of items priced in bitcoins will fall (because your bitcoins will become worth more and more), and therefore people will not spend their coins. However, we already see real world examples of deflating prices, where people still buy these items.

"since at a certain point it's guaranteed there's no inflation."

I'm sorry, but this is a statement you cannot make.

To make this claim, it would need to be true that the cost, in Bitcoins, of goods and services in the real world, would never rise.

There is no basis to believe this is true.

"The most important thing to remember is that inflation is not an act of God, that inflation is not a catastrophe of the elements or a disease that comes like the plague. Inflation is a policy." -L. Von Mises

It is worth noting that in (the crazy cult of) Austrian economics, inflation is defined as increasing the money supply. This sometimes makes discussions with them difficult, since for rest of the world (all serious economists) inflation means increasing prices


The Austrians are 'crazy' when they inexorably link inflation to the supply of money growing faster than the demand for money, but when someone quotes Friedman on inflation, to wit: "Inflation is always and everywhere a monetary phenomenon in the sense that it is and can be produced only by a more rapid increase in the quantity of money than in output," heads nod, and no one calls anyone crazy.

The difference between the two views is little more than semantics.

You don't understand how Austrians define inflation. If they had said it's "the supply of money growing faster than the demand for money" we wouldn't have an argument (oh, we would, but not over the definition of inflation) They claim it is the increase in money supply that is inflation. They don't care about prices. Also - Friedman (with his famous VM = PY ) obviously acknowledged the importance of demand for money affecting prices)

Both the Austrians and Friedman overestimated the role monetary policy can play. We've had a huge increase in the monetary base, but no price inflation since 2008. Austrians and to some extent Chicago-economists have predicted runaway inflation, and ended up with egg on their faces. But self criticism is of course nowhere to be seen as usual.

In that statement, L. Von Mises is presuming some things that are not true of BitCoin. In particular, the BitCoin creator has essentially made it impossible for anybody to change the number of BitCoins in circulation. Thus while it may be true that no governmental entity or currency controller will choose to inflate the currency through some activity, it is not true that the currency will therefore not vary in value over time when compared to some other things, and it isn't unfair to say that if I need more BitCoins to buy something now than I did last year, the currency has inflated, and vice versa. It may not be precisely the same as fiat currency inflation in every detail, but it's broadly the same, but it won't be the result of changing policy. (Arguably one could call it the result of an unchanging policy set at the beginning.)

In the sense that the quantity is not controlled by a government, BitCoin can be compared to gold. And the value of gold is highly unstable.

He meant the inflation of the _money supply_, not the inflation of the price of goods.

He is actually suggesting the opposite about the price of goods -- that they will deflate.

You absolutely can make the statement that the money supply of Bitcoin will not inflate in the long run, by the nature of their design.

Well, if you have enough bitcoins, you are probably pretty happy to spend small amount of them. It is usually pretty rational to spend some of your collected wealth before you die.

No need to conflate spending with savings/investment. Just keep some USD in an exchange and convert it to spend it.

I'm really surprised nobody has mentioned Coinbase, which is YC funded, as an answer to this question.

Coinbase is a hosted bitcoin wallet.

In terms of security, I'd certainly be happy trusting them with several hundred dollars worth of bitcoins at a time, which more than enables e-commerce using bitcoins.

I think the correct response is asking how they would get back their money if cash was stolen from their house.

BitCoin is like cash, not like a credit card. You wouldn't want to leave a significant amount of cash laying around your house and you shouldn't keep a significant amount of BitCoin on your computer.

>I think the correct response is asking how they would get back their money if cash was stolen from their house.

But stealing Bitcoins doesn't require physical access to your property. That seems like a pretty big distinction to me.

Edit: And if Bitcoins are like cash, why should I bother using them? I already have cash (that I don't use very often) available to me readily. And since I get paid in dollars, what advantage do I have to use a separate currency solely for rare and unimportant transactions?

Actually, yes, stealing bitcoins will increasingly require physical access as technologies for storing them offline evolve: brainwallet, paper wallet, credit-card sized electronic bitcoin wallets (at least 2 in development).

I personally think the latter is what will propulse mainstream adoption of Bitcoin, as it will make it impossible for inexperienced users to leave unsecure bitcoins on their computers.

You can't send cash over the Internet.

Goronmon: a Paypal account is in no way similar to cash. It can be frozen by authorities. It is centralized. It is not anonymous.

Bitcoin is like cash (pseudo-anonymous, nobody can technically interfere with your transactions...) except it is digital while preserving these advantages. This is why it cannot be compared to Paypal.

I've used Paypal in the past.

Bitcoin is like cash (pseudo-anonymous, nobody can technically interfere with your transactions...) except it is digital while preserving these advantages. This is why it cannot be compared to Paypal.

So, Bitcoin is like cash, except in the important ways in which it is different. And along with also gaining some more disadvantages as well.

But you're right, Paypal isn't cash. But then again, neither is Bitcoin.

Being digital and decentralized are 2 significant advantages. Unless you are a luddite preferring to send cash in the mail!

I'd trust it more on my own computer than on any of the bitcoin exchanges. There have been a number of pretty giant security and backup lapses, and they haven't been around long enough for me to trust any of their reputations.

My own computer on the other hand, is pretty definitely secure. And I can encrypt the wallet if I'm extra paranoid.

This doesn't really extend to your average computer user, and I don't think BTC will take off in any meaningful sense until we have a user friendly and secure architecture for it. But the current state of being a currency for the tech-savvy isn't necessarily a bad thing.

If a lay person were to ask how they get back their dollars if they are stolen from their wallet, say due to a person mugging them, what do you tell them?

To put their money in a bank. But there are no secure Bitcoin banks.

But it is too late to use a bank. He was mugged and his money stolen. What do you tell him?

You avoid answering because you know that cash theft is a big hassle.

Bitcoin shares some of the properties of cash. This includes its advantages (direct people-to-people transactions, no account can be "frozen", pseudo-anonymity, etc) but also its inconvenients (thefts are hard to recover). And smanek's point is that if cash is good enough despite its weaknesses, then surely Bitcoin is good enough too.

Furthermore, unlike cash, Bitcoin has numerous ways to palliate these inconvenients. Two examples:

0. You cannot "back up" cash (if you put it in a bank, you lose all its aforementioned advantages), but you can back up bitcoins by making copies of a wallet file. Very useful especially when using deterministic wallets.

1. Cash can only be secured in primitive ways (physical security), but Bitcoins can also be secured by using wallet encryption, storing them offline, remembering them (brainwallet!). Soon you will be able to store them on tamper-proof credit-card-sized hardware Bitcoin wallets protected with PINs or similar.

I will be the first one to admit that Bitcoin is not yet easy enough to be used securely by inexperienced users. But these problems are solvable, and are being solved.

You can buy and sell bitcoins on Coinbase, which is also a wallet (bank). They keep 87% of their funds offline to prevent customers from loosing their funds in the case of hacking.


There's no such thing as 'offline' Bitcoins. It's not like your client has to be connected to the Internet in order for someone to steal your shit.

I would suggest researching a little bit next time before making a post like this.

There are in fact some very clever ways to make completely offline and non-physical Bitcoin wallets.

Yeah, and I know what they are, although I wouldn't describe generating a wallet on an offline PC and keeping it offline as 'very clever'. At any rate, after reading it again I think I confused what the parent was insinuating, so nevermind.

You print the bitcoin hash. That's offline to me.

Right, and while you could store cash or bitcoins physically in a bank, there's no point in doing so for the average consumer. Cash is comparable to bitcoins in this regard: it's a riskier form of money because it's anonymous and can be stolen relatively easily, but it's also really convenient for financial transactions.

Coinbase is giving it a go. Seems like they've convinced some investors to help them along with that plan too.

Yes, they were funded by both YCominator (YC S12) and FundersClub (>$600k)

Nothing preventing there from being one, aside from the good 'ol risk of 51% attack.

all that would do is to enable the attacker to double-spend their own btc. Not much else.

That sounds pretty catastrophic to me.

Similar frauds occur every day with "normal" currencies, though.

Would their be a market for a Bitcoin bank?

I'm willing to bet that I have more protection securing the contents of my Bitcoin Wallet than Wells Fargo has protecting my account at any level.

The endgame security isn't provided by Wells Fargo, it's provided by the federal government.

Not security, insurance.

I'm not sure why he was downvoted. FDIC isn't the only insurance. Banks have other insurance to protect against theft.

Also, banks are protected in a way since they don't really hoard cash or valuables. They invest it which spreads out the risk.

Furthermore, the federal government will go after criminals to recover money. Good luck getting them to help you with BTC theft.

Same result.

People in the thread were talking about computer security mostly, though. In the end, the best "protection" is that insurance will reverse your losses in case security fails. Something a lay person "securing" their bitcoins on their own computer won't have.

Items not covered by FDIC: "Losses due to theft or fraud at the institution."


FDIC Regulation-E.

Consumer liability for unauthorized transfers. The consumer has limited liability if reported expediently.

You should read up more closely on the FDIC regulation -- they don't just provide insurance.


Also, a clever little loophole: if the bank goes insolvent paying their accounts back, you are then covered under FDIC insurance.

>I'm willing to bet that I have more protection securing the contents of my Bitcoin Wallet than Wells Fargo has protecting my account at any level.

Would you say this is true for most users?

Currently? Of course not. But when the idea of storing money on your computer (e.g. in a file) becomes more widespread, then the answer would be yes. Or at the very least it would be equally secure.

It's not that hard to provide people with a secure environment, as long as that environment is designed with with security in mind. A non-jailbroken smartphone is probably good enough, though a dedicated device might be better. And you can use live boots.

I can see a future where we use such (or similar) things to do money transfers.

Wells Fargo is a bigger target, but they also have many more layers of protections and an interest in providing customer service. My hunch would be that it would be easier for a criminal to profit off of attacking WF than attacking a personal bitcoin user, but that it would be easier to actually cause financial harm to a personal bitcoin user (even without profiting themselves). But to clarify that, I have a couple of questions about how storing your own bitcoins works, since I've never used it:

* How does bitcoin storage work with offsite backups? If someone compromised the backup, would that give them access to your money?

* If you lose the file (hard drive crash, home burns down, backup system fails, whatever), does neither you nor anyone else have that money anymore? I.e., someone wouldn't have to gain access to the money themselves to deprive you of it?

keep your wallet file encrypted and back it up to multiple locations on a regular basis (to update the backups with new private keys that are created by your client software).

there are also ways of generating bitcoin keys completely offline as well as producing signed valid bitcoin transactions completely offline. This way you can forward funds to keys that are not on a machine connected to the internet, or keys that are backed up only on paper (in multiple safety deposit boxes if you like). And also you can then put signed transactions from the offline machine onto a usb stick or whatever and then use a networked machine to forward those valid transactions to the bitcoin network.

Coinbase is doing something like this for their storage of customer funds. Coinbase seeks to be a bitcoin bank that wont get hacked or that if it somehow does get hacked (cough inside job, cough) that only very small losses could occur.

For what it's worth, Coinbase has no reported cases of fraud. We are tracking these kinds of things here:


For example, Bitfloor (which had 250K USD stolen): http://howdoyoubuybitcoins.com/from/bitfloor/

Verses Coinbase, which has no such history: http://howdoyoubuybitcoins.com/from/coinbase/

Absolutely not. But then again, I used Android at version 1.6, I run a 12 hour old nightly rom and my desktop is my server running 3.7-rc5 and running a 12TB BTRFS RAID. "Stable" or "mainstream" isn't really in my vocabulary.

To be sure, I'm not advocating that my parents start using BitCoins. I just tire of this implication that somehow USD is, by virtue of being USD, automagically more secure than Bitcoins.

Armchair loud mouths (I have one in mind who went into hiding after trolling HN repeatedly) stop by for months following an online wallet incursion to tell us how stupid Bitcoin and Bitcoin users are.

Yes, but somebody can have illusion that he can sue Wells Fargo in case of broken security.

Sure, but if you use a "real" Bitcoin bank, theoretically there is someone you can go sue as well. They won't have the bank roll that WF has, you're right, but there is still grounds for a civil case I'd imagine.

Are those protected contents stored in a computer that can be carried away?

If they're protected by a strong password and backed up, a stolen computer isn't a problem.

For long-term storage of large amounts of value, use redundant flash drives in a safety deposit box.

:) I'd be happy to send you a copy of the image of my flash drive if that's your concern. I also do not only have one copy of my wallet, if that was your concern as well.

But this is in fact the reason people don't pay for goods and services by mailing cash.

"That wasn't your fault - at least your wallet wasn't somehow accessible from the Internet, heh heh..."

Nothing mandates that you keep your bitcoin wallet networked.

That mugging is a terrible analogy, considering these Bitcoin owners are giving their money willingly to their muggers.

Well, nothing yet, but multi-signature Bitcoin accounts are the current top priority of upstream Bitcoin developers, so I suspect we'll soon see hardware tokens and/or 3rd-party services acting helping to prevent Bitcoin theft.

Actually, this could be a boon for computer security: We might actually get some real security, rather than the ex post facto "security" that antivirus products supposedly provide.

You tell them it's the same as cash.

So I can deposit it in my checking account?

Yes, using a 3rd party service such as Coinbase.com.

The current answer is, you can not.

In the long term, I suspect you'll see insurance companies arise that would handle that. In the end they'd probably build a better system than the one that currently exists, which sort of uses rollbacks as a crutch to avoid needing really solid security. (There are many reasons for that. Not all of them are bad.) But there's many a theft betwixt here and there.

The same way you would go about getting back cash that was stolen from your wallet when you left it lying around in an unsecure area.

to be honest, if someone is handling BTC then as long as they password protect their wallet then the only way the BTC can be stolen is if someone gains access to their password. as with any online banking facility, or debit card facility, if your password or PIN becomes compromised and money stolen from your account you have no automatic right to restitution.

Use a wallet like Coinbase, which stores 87% of funds offline.


Get some physical BitCoins


Can you help me understand how this works? How is there both physical and bitcoin value?

The normal[1] physical Bitcoins have no physical value; they're just a paper wallet[2] with a certain balance, glued to a brass coin. The tamper-evident holograms are pretty cool.

[1] The silver/gold ones are so confusing that I won't address them.

[2] https://en.bitcoin.it/wiki/Paper_wallet

They're made out of gold/silver, and have an associated BTC value.

At this point in time, I'd say lay persons aren't using bitcoin to begin with.

The same thing I'd tell someone if they left their wallet on a coffee table in public and it were stolen.

Why is this being downvoted? What am I supposed to say? I'd say the same thing as if they were hacked and malware stole their credit card. Computers aren't magic; there is an expectation that you know what you're doing with them. If you don't know how to secure a wallet, don't use Bitcoins. If you don't know how to keep malware from stealing your credit card, don't download virus-infested porn or go buy an iDevice.

I'm assuming I was being seen as cynical but as with "the command line" and "Git", I'm not sure what people want. A magic, easy, secure solution? Sure, we'll just ignore the fact that identity management, authentication and security aren't complex issues that are still evolving today.

If we're just rehashing "Centralized currency is easier to use" then by all means, whatever, yes, Bitcoins are currently harder to use than cash both because they're more complicated and because there is almost no infrastructure to support their use. But frankly, that's really a completely separate issue from whether or not they can be used securely. I can give you tens of security and usability problems that cash has day-to-day that Bitcoins are unaffected by.

Same thing you tell them if someone accessed their computer and transferred money out of their bank account. "Secure your [stuff]."

That's actually not what a bank typically tells you in that situation, so you've sort of proved the point.

Banks are happy to tell people that "chip and pin" credit cards are secure, and thus any transactions on them cannot be fraudulent.

In England there's a voluntary code to protect consumers; that code says that the burden is on the bank to prove that transactions are not fraud. Banks were using chip and pin as "proof" that the transactions were fraud.


This is all a tangent to the security of Bitcoin. Bitcoin is horrifically insecure, and there are no trustworthy banks for Bitcoin.

The bank would try to work with you to investigate and possibly reverse the transaction and refer your case to law enforcement. (Wire transfers cannot be reversed, but EFT payments often can.) A bank would most certainly not say, "secure your stuff" and leave it at that.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact