A 3-D model of a bitcoin - not an actual bitcoin, which is purely digital. Photo: Trader Tim/Flickr
The FBI sees the anonymous Bitcoin payment network as an alarming haven for money laundering and other criminal activity — including as a tool for hackers to rip off fellow Bitcoin users.
That’s according to a new FBI internal report that leaked to the internet this week, which expresses concern about the difficulty of tracking the identify of anonymous Bitcoin users, while also unintentionally providing tips for Bitcoin users to remain more anonymous.
The report titled “Bitcoin Virtual Currency: Unique Features Present Distinct Challenges for Deterring Illicit Activity,” (.pdf) was published April 24 and is marked For Official Use Only (not actually classified), but was leaked to the internet on Wednesday.
In the document, the FBI notes that because Bitcoin combines cryptography and a peer-to-peer architecture to avoid a central authority, contrary to how digital currencies such as eGold and WebMoney operated, law enforcement agencies have more difficulty identifying suspicious users and obtaining transaction records.
Though the Bureau expresses confidence that authorities can still snag some suspects who use third-party Bitcoin services that require customers to submit valid identification or banking information in order to convert their bitcoins into real-world currencies, it notes that using offshore services that don’t require valid IDs can thwart tracking by law enforcement.
Bitcoin is an online currency that allows buyers and sellers to exchange money anonymously. To “cash out,” the recipient has to convert the digital cash into U.S. dollars, British pounds or another established currency. Bitcoin is used as a legitimate form of payment by numerous online retailers selling traditional consumer goods, such as clothing and music. But it’s also used by underground sites, such as Silk Road, for the sale of illegal narcotics.
To generate bitcoins, users have to download and install a free Bitcoin software client to their computers. The software generates Bitcoin addresses or accounts — a unique 36-character string of numbers and letters — to receive Bitcoin payments. The currency is stored on the user’s computer in a virtual “wallet.” Users can create as many addresses or accounts that they want.
To send bitcoins, the sender enters the recipient’s address as well as the number of bitcoins she wants to transfer to the address. The sender’s computer digitally signs the transaction and sends the information to the peer-to-peer Bitcoin network, which validates the transaction in a matter of minutes and releases the coins for the receiver to spend or convert.
The conversion value fluctuates with supply and demand and the trust in the currency. As of last month, there were more than 8.8 million bitcoins in circulation, according to Bitcoin, with a value of about $4 and $5 per bitcoin. The FBI estimates in its report that the Bitcoin economy was worth between $35 million and $44 million.
It’s easy to see the attraction for criminals.
“If Bitcoin stabilizes and grows in popularity, it will become an increasingly useful tool for various illegal activities beyond the cyber realm,” the FBI writes in the report. “For instance, child pornography and Internet gambling are illegal activities already taking place on the Internet which require simple payment transfers. Bitcoin might logically attract money launderers, human traffickers, terrorists, and other criminals who avoid traditional financial systems by using the Internet to conduct global monetary transfers.”
Bitcoin transactions are published online, but the only information that identifies a Bitcoin user is a Bitcoin address, making the transaction anonymous. Or at least somewhat anonymous. As the FBI points out in its report, the anonymity depends on the actions of the user.
Since the IP address of the user is published online with bitcoin transactions, a user who doesn’t use a proxy to anonymize his or her IP address is at risk of being identified by authorities who are able to trace the address to a physical location or specific user.
And a report published by researchers in Ireland last year showed how, by analyzing publicly available Bitcoin information, such as transaction records and user postings of public-private keys, and combining that with less public information that might be available to law enforcement agencies, such as bank account information or shipping addresses, the real identity of users might be ascertained.
But the FBI helpfully lists several ways that Bitcoin users can protect their anonymity.
But the bigger risk for crooks and others who use bitcoin might not come from law enforcement identifying them, but from hackers who are out to rob their virtual Bitcoin wallets dry.
There have been several cases of hackers using malware to steal the currency in the virtual wallet stored on a user’s machine.
Last year, computer security researchers discovered malware called “Infostealer.Coinbit” that was designed specifically to steal bitcoins from virtual Bitcoin wallets and transfer them to a server in Poland.
One Bitcoin user complained in a Bitcoin forum that 25,000 bitcoins had been stolen from an unencrypted Bitcoin wallet on his computer. Since the exchange rate for bitcoins at the time was about $20 per bitcoin, the value of his loss at the time was about $500,000. A popular web hosting company called Linode was also infiltrated by an attacker looking to pilfer bitcoins.
And there have also been cases of hackers attempting to use “botnets” to generate bitcoins on compromised machines.
According to the FBI, quoting an anonymous “reliable source,” last May someone compromised a cluster of machines at an unidentified Midwestern university in an attempt to manufacture bitcoins. The report doesn’t provide any additional details about the incident.
Traveling the Silk Road: A measurement analysis of a large ...
31 Jul 2012 ... arXiv:1207.7139v1 [cs.CY] 31 Jul 2012 ... A measurement analysis of a large anonymous online ... Carnegie Mellon INI/CyLab email@example.com ... First version: May 4, 2012. ... of the marketplace for nearly six months in 2012. ... being sold on Silk Road, and of the revenues made both
http://www.arxiv.org/pdf/1207.7139 Academic study of illicit uses
People shouldn’t fear their government; government should fear its people. Publishers and journalists will not be intimidated nor silenced. Now entering day 626 of the financial blockade against WikiLeaks, Julian Assange sits in the Ecuadorian Embassy in London awaiting safe passage.
Following a massive release of secret U.S. diplomatic cables in November 2010, donations to WikiLeaks were blocked by Bank of America, VISA, MasterCard, PayPal and Western Union on December 7th, 2010. Although private companies certainly have a right to select which transactions to process or not, the political environment produced less than a fair and objective decision. It was coordinated pressure exerted in a politicized climate by the U.S. government and it won’t be the last time that we see this type of pressure.
Fortunately, there is way around this and other financial blockades with a global payment method immune to political pressure and monetary censorship.
On its public bitcoin address, Wikileaks has taken in over $32,000 equivalent in more than 1,100 separate bitcoin donations throughout the blockade (1BTC = $10.00). But these amounts may be significantly higher, because it does not even include the individually-generated bitcoin addresses that WikiLeaks provides for donors upon request.
Also announced last month, WikiLeaks appears to have found another way around the VISA and Mastercard blockade by using the French national credit card system, Carte Bleue, to process these payments (at least temporarily).
According to WikiLeaks, VISA and MasterCard are contractually barred from directly cutting off merchants through the Carte Bleue system and the French non-profit FDNN (Fund for the Defense of Net Neutrality- Fonds de Défense de la Net Neutralité has set up a Carte Bleue fund for WikiLeaks.
Time Magazine declares that WikiLeaks “could be as important a journalistic tool as the Freedom of Information Act.”
It used to be that people had secrets and the government was transparent; now it’s the people that lack privacy and the government has secrets. Freedom of payments is an extension of financial privacy and digital cash-like transactions without financial intermediaries become a critical piece of that foundation. Money was never intended to act as a form of identity tracking or payments restriction and this is why the option for anonymous and untraceable transactions is so vital as society moves to a world of digital currency.
“It is the privatization of censorship, because this is being done because of extreme pressure by the U.S. Government,” says Kristinn Hrafnsson, spokesman for WikiLeaks. “It’s extremely important to fight back and stop this process right here and now so that we won’t see in the future, ….where we have the financial giants deciding who lives and who dies in this field.”
To those that don’t support freedom of payments, consider this financial blockade invoked in the name of political correctness before you dismiss the inherent value of a nonpolitical unit of account and of a decentralized medium of exchange. It should be offensive to most free-minded people that you are not the final arbiter of how and where you spend your money. Bitcoin restores the balance.
Follow author on Twitter.
WE have spent our careers as filmmakers making the case that the news media in the United States often fail to inform Americans about the uglier actions of our own government. We therefore have been deeply grateful for the accomplishments of WikiLeaks, and applaud Ecuador’s decision to grant diplomatic asylum to its founder, Julian Assange, who is now living in the Ecuadorean Embassy in London.
Ecuador has acted in accordance with important principles of international human rights. Indeed, nothing could demonstrate the appropriateness of Ecuador’s action more than the British government’s threat to violate a sacrosanct principle of diplomatic relations and invade the embassy to arrest Mr. Assange.
Since WikiLeaks’ founding, it has revealed the “Collateral Murder” footage that shows the seemingly indiscriminate killing of Baghdad civilians by a United States Apache attack helicopter; further fine-grained detail about the true face of the Iraq and Afghanistan wars; United States collusion with Yemen’s dictatorship to conceal our responsibility for bombing strikes there; the Obama administration’s pressure on other nations not to prosecute Bush-era officials for torture; and much more.
Predictably, the response from those who would prefer that Americans remain in the dark has been ferocious. Top elected leaders from both parties have called Mr. Assange a “high-tech terrorist.” And Senator Dianne Feinstein, the California Democrat who leads the Senate Select Committee on Intelligence, has demanded that he be prosecuted under the Espionage Act. Most Americans, Britons and Swedes are unaware that Sweden has not formally charged Mr. Assange with any crime. Rather, it has issued a warrant for his arrest to question him about allegations of sexual assault in 2010.
All such allegations must be thoroughly investigated before Mr. Assange moves to a country that might put him beyond the reach of the Swedish justice system. But it is the British and Swedish governments that stand in the way of an investigation, not Mr. Assange.
Swedish authorities have traveled to other countries to conduct interrogations when needed, and the WikiLeaks founder has made clear his willingness to be questioned in London. Moreover, the Ecuadorean government made a direct offer to Sweden to allow Mr. Assange to be interviewed within Ecuador’s embassy. In both instances, Sweden refused.
Mr. Assange has also committed to traveling to Sweden immediately if the Swedish government pledges that it will not extradite him to the United States. Swedish officials have shown no interest in exploring this proposal, and Foreign Minister Carl Bildt recently told a legal adviser to Mr. Assange and WikiLeaks unequivocally that Sweden would not make such a pledge. The British government would also have the right under the relevant treaty to prevent Mr. Assange’s extradition to the United States from Sweden, and has also refused to pledge that it would use this power. Ecuador’s attempts to facilitate that arrangement with both governments were rejected.
Taken together, the British and Swedish governments’ actions suggest to us that their real agenda is to get Mr. Assange to Sweden. Because of treaty and other considerations, he probably could be more easily extradited from there to the United States to face charges. Mr. Assange has every reason to fear such an outcome.The Justice Department recently confirmed that it was continuing to investigate WikiLeaks, and just-disclosed Australian government documents from this past February state that “the U.S. investigation into possible criminal conduct by Mr. Assange has been ongoing for more than a year.” WikiLeaks itself has published e-mails from Stratfor, a private intelligence corporation, which state that a grand jury has already returned a sealed indictment of Mr. Assange. And history indicates Sweden would buckle to any pressure from the United States to hand over Mr. Assange. In 2001 the Swedish government delivered two Egyptians seeking asylum to the C.I.A., which rendered them to the Mubarak regime, which tortured them.
If Mr. Assange is extradited to the United States, the consequences will reverberate for years around the world. Mr. Assange is not an American citizen, and none of his actions have taken place on American soil. If the United States can prosecute a journalist in these circumstances, the governments of Russia or China could, by the same logic, demand that foreign reporters anywhere on earth be extradited for violating their laws. The setting of such a precedent should deeply concern everyone, admirers of WikiLeaks or not.
We urge the people of Britain and Sweden to demand that their governments answer some basic questions: Why do the Swedish authorities refuse to question Mr. Assange in London? And why can neither government promise that Mr. Assange will not be extradited to the United States? The citizens of Britain and Sweden have a rare opportunity to make a stand for free speech on behalf of the entire globe.
Michael Moore and Oliver Stone are Academy Award-winning filmmakers.
Jail time for refusing to comply with mandatory key disclosure hasn’t occurred in the United States yet. But, it’s already happening in jurisdictions such as the UK, where a 33-year-old man was incarcerated for refusing to turn over his decryption keys and a youth was jailed for not disclosing a 50-character encryption password to authorities.
Similarly harsh, key disclosure laws also exist in Australia and South Africa which compel individuals to surrender cryptographic keys to law enforcement without regard for the usual common law protection against self-incrimination.
Key disclosure laws may become the most important government tool in asset seizures and the war on money laundering. When charged with a criminal offense, that refers to the ability of the government to demand that you surrender your private encryption keys that decrypt your data. If your data is currency such as access control to various amounts of bitcoin on the block chain, then you have surrendered your financial transaction history and potentially the value itself.
These laws will impact not only money laundering prosecution but almost any asset protection strategy that attempts to maintain an element of financial privacy such as private banking or family trusts. Prior to all these money laundering laws being enacted, I once heard it said that the practice of moving money around was simply referred to as banking.
Doug Casey famously said that “it’s a completely artificial crime. It wasn’t even heard of 20 years ago, because the ‘crime’ didn’t exist.” Furthermore he said, “The War on Drugs may be where ‘money laundering’ originated as a crime, but today it has a lot more to do with something infinitely more important to the state: the War on Tax Evasion.” And, if they can’t track it from the outside via the banks and financial institutions, they’ll track it from the inside via access to an individual’s passwords and private keys.
In the United States, relevant case law has revolved around the Fifth Amendment privilege against self-incrimination as there is currently no specific law regarding key disclosure. The definition of a password is alarmingly broad too — all the way from an extension of your personal memory to an illegitimate tool that only hides something tangible from law enforcement.
The first case to address directly the question of whether a person can be compelled to reveal his or her encryption keys or password was In re Grand Jury Subpoena to Sebastien Boucher in 2009. Here a magistrate judge ruled that producing the passphrase for the encrypted hard drive would constitute self-incrimination, but on appeal the District Court overturned that decision, holding that decrypting and producing the complete contents would not constitute self-incrimination since Boucher initially cooperated in showing some of the computer files to border agents.
Next, there was the federal criminal case of United States v. Fricosu in 2010 in which the Federal District Court ordered a criminal defendant to decrypt the contents of an encrypted laptop. Although the defendant claimed Fifth Amendment rights against self-incrimination and the Electronic Frontier Foundation (EFF) filed an amicus curiae brief, the Court sided with the government in ruling that since defendant admitted to ownership of the laptop and knowledge of the passwords in a recorded conversation, the existence of evidence was a “forgone conclusion” and therefore Fifth Amendment privilege could not be implicated. In early 2012, the Tenth Circuit Court of Appeals rejected an appeal and let that decision stand.
In a blog post, Orin Kerr cited In re Weiss (703 F. 2d 653) in summarizing testimonial obduracy and what a future Court’s likely posture would be if defendant refuses to comply with a key disclosure order or claims to have forgotten the password. On the specific Fifth Amendment issue in United States v. Fricosu, Kerr states:
If I’m reading Fricosu correctly, the Court is not saying that there is no Fifth Amendment privilege against being forced to divulge a password. Rather, the Court is saying that the Fifth Amendment privilege can’t be asserted in a specific case where it is known based on the facts of the case that the computer belongs to the suspect and the suspect knows the password. Because the only incriminating message of being forced to decrypt the password — that the suspect has control over the computer — is already known, it is a “foregone conclusion” and the Fifth Amendment privilege cannot block the government’s application.
In another case upholding the constitutional right against forced decryption, the Eleventh Circuit Court of Appeals in United States v. Doe on February 24th, 2012 overturned a contempt of court ruling for refusing to decrypt. Arguing that without any specific knowledge of a hard drive’s file contents or file existence, the government cannot assert that certain items can be described with “reasonable particularity” and therefore compelling a defendant to produce those files would violate the Fifth Amendment’s protection against self-incrimination. The Electronic Frontier Foundation (EFF), which again filed an amicus curiae brief in the case, called it a major victory for constitutional rights in the digital age.
To say the cryptocurrency bitcoin is disruptive would be an understatement. Bitcoin not only disrupts payments and monetary sovereignty, it also disrupts the legal enforcement of anti-money laundering laws, asset seizure, and capital controls. It is very likely that a key disclosure case will make it to the U.S. Supreme Court where it is far from certain that the Fifth Amendment privilege, as it relates to a refusal to decrypt bitcoin assets, will be universally upheld.
Many observers have suggested defensive techniques that deploy TrueCrypt disk encryption with hidden volume partitions or PGP Whole Disk Encryption rendering the entire computer unbootable thereby making even file time and date stamps unavailable. Another legal strategy to complicate matters could be to split the passphrase with another person and claim that you are never in possession of the entire real passphrase. Then, at least there would be “plausible deniability” as to who provided the invalid portion of the passphrase or you would have a cellmate if held in contempt.
The anti-cashists are right about one thing. A briefcase full of paper cash is a dirty, inefficient way to move money around.
Upon hearing the news that a hacker had seized presidential nominee Mitt Romney’s prior year tax returns and was asking for $1,000,000 to destroy them, you could be excused for thinking that you had stumbled into a Dr. Evil film. But, this blackmailer was demanding payment to be made in the cryptocurrency bitcoin, not dollars. A bitcoin receiving address was provided so that the public could monitor the progress.
But, is blackmail really an illegitimate act? In the fictitious case of Dr. Evil’s demands, he was threatening a violent crime as a consequence. With the Romney tax hacker, the consequence of merely revealing the truth is not a crime. If the alleged hacker(s) acted alone to break in and obtain the information from PricewaterhouseCoopers, rather than discovering the information, that break-in would of course be considered a criminal act. However, the act of blackmail itself is a separate issue.
Professor Walter Block of Loyola University New Orleans reflects on the old axiom that “the truth shall make you free” and says that a blackmailer is simply setting the truth free to do whatever good or bad it is capable of doing. In his book Defending the Undefendable, Block suggests:
We will find, however, that the case against the blackmailer cannot stand serious analysis; that it is based upon a tissue of unexamined shibboleths and deep philosophical misunderstandings.What, exactly, is blackmail? Blackmail is the offer of trade. It is the offer to trade something, usually silence, for some other good, usually money. If the offer of the trade is accepted, the blackmailer then maintains his silence and the blackmailee pays the agreed-upon price. If the blackmail offer is rejected, the blackmailer may exercise his rights of free speech and publicize the secret. There is nothing amiss here. All that is happening is that an offer to maintain silence is being made. If the offer is rejected, the blackmailer does no more than exercise his right of free speech.
We will find, however, that the case against the blackmailer cannot stand serious analysis; that it is based upon a tissue of unexamined shibboleths and deep philosophical misunderstandings.
What, exactly, is blackmail? Blackmail is the offer of trade. It is the offer to trade something, usually silence, for some other good, usually money. If the offer of the trade is accepted, the blackmailer then maintains his silence and the blackmailee pays the agreed-upon price. If the blackmail offer is rejected, the blackmailer may exercise his rights of free speech and publicize the secret. There is nothing amiss here. All that is happening is that an offer to maintain silence is being made. If the offer is rejected, the blackmailer does no more than exercise his right of free speech.
Professor Block also posits some good effects of blackmail, such as diminishing real crime (robbery, murder, rape) because it increases the penalty associated with crime if a criminal has to share the loot or pay up to avoid the reporting of an ‘anonymous’ tip. The legalization of blackmail could also have a beneficial effect on non-aggressive actions that are generally at odds with societal mores such as sadomasochism and adultery, according to Block.
Vitalik Buterin of Bitcoin Magazine extends that thinking to the potential beneficial effects on governments and the corporate world:
Although the tools of communication and financial privacy are granting the small thieves an unprecedented ability to carry out their business with impunity, the large thieves that have so far been able to hide in the bureaucratic shadows of governments and large corporations are finding themselves more and more thrown into the limelight. This is the world we are moving towards: one that is perhaps more anarchic, and in some respects more dangerous, but one that is at the same time more just.
It is not yet known whether the threat to disclose tax return information is a real threat, but I suppose we will all know on the expiration date of September 28th. For its part, PricewaterhouseCoopers stated “we are working closely with the United States Secret Service, and at this time there is no evidence that our systems have been compromised or that there was any unauthorized access to the data in question.”
Transactional privacy in the digital age is a double-edged sword. It has the potential to liberate individuals from many aspects of political tyranny but it also creates new challenges as the physical cash drop-off point is no longer a deterrent to getting caught. Regulating a bitcoin is like regulating an air guitar. The only thing we know for certain is that it’s not going away.
Hyperinflation has hit Iran hard. The government has stepped up censorship of currency exchange websites such as Mesghal.com and Mazanex.com, which had rates blanked out for the rial’s value against other nations’ currencies on Tuesday. Several major foreign airlines announced that they were discontinuing service into Tehran due to the volatility of the Iranian rial and shipping giant Maersk halted all port calls to Iran.
If severe currency devaluation and disruptive Internet cyber-attacks were not enough, the regular people of Iran have had access blocked to certain open source software sites for downloading applications such as Bitcoin. The 20-month-old blockade hasn’t been instigated by Iran’s mullahs but by the U.S.-led embargo which prohibits certain persons from receiving services via open source hosting sites.
The original and official Bitcoin client is hosted in the United States on GeekNet’s SourceForge.net who explained their denial of site access policy on their blog:
The specific list of sanctions that affect our users concern the transfer and export of certain technology to foreign persons and governments on the sanctions list. This means users residing in countries on the United States Office of Foreign Assets Control (OFAC) sanction list, including Cuba, Iran, North Korea, Sudan, and Syria, may not post content to, or access content available through, SourceForge.net. Last week, SourceForge.net began automatic blocking of certain IP addresses to enforce those conditions of use.
Then, after an angry reaction from project administrators and developers, SourceForge removed the blanket blocking and modified their policy to put the power of determining a block trigger in the hands of each project’s leadership, as announced in their February 2010 blog posting:
Beginning now, every project admin can click on Develop -> Project Admin -> Project Settings to find a new section called Export Control. By default, we’ve ticked the more restrictive setting. If you conclude that your project is *not* subject to export regulations, or any other related prohibitions, you may now tick the other check mark and click Update. After that, all users will be able to download your project files as they did before last month’s change.
Therefore, the export control determination has to be made by the project’s registered administrator on SourceForge, which for Bitcoin is lead developer Gavin Andresen after assuming the role from Bitcoin creator, Satoshi Nakamoto.
Export of software from the U.S., including software that deploys encryption functions, is controlled by the Bureau of Industry and Security (BIS) in accordance with the Export Administration Regulations (EAR).
Andresen, who is also Chief Scientist for Bitcoin Foundation, stated that Bitcoin compiles against the full OpenSSL library and the wallet encryption feature uses AES-256 which is what places Bitcoin in the above category. The SourceForge option that Bitcoin.org selects to remain in compliance with U.S. law states, “This project incorporates, accesses, calls upon or otherwise uses encryption software with a symmetric key length greater than 64 bits (“encryption&rdquo. This review does not include products that use encryption for authentication only.”
Forget about the mere difficulties of obtaining and trading bitcoin for national fiat currency in Iran — without the client software, they are not even there yet. Other Bitcoin “experts” have alluded to alternative methods of downloading the Bitcoin client such as using non-U.S. independent mirrored sites, Virtual Private Network (VPN) for IP address masking, Tor if your country has an exit node, or BitTorrent file sharing.
Aside from the inherent weaknesses within the entire SSL infrastructure, other download channels, and even SourceForge itself, present challenges. The initial install code would need to be verified for authenticity and the only way to accomplish that is to have the core developer sign the code personally or have a neutral third-party like the Bitcoin Foundation sign downloadable code with their certificate as a registered developer.
In extreme circumstances the verified source code can be compiled directly by the user so that downloading binaries is not necessary. Source code can also be distributed in text-based form like a PDF or scanable book which is what MIT did for Phil Zimmermann and later what 70 international volunteers did for the PGPi Scanning Project in 1997. More and more, the Bitcoin Project is starting to look like the Pretty Good Privacy (PGP) secure email program with each passing day.
(Photo: The (Nashville) Tennessean)
7:27AM EST November 12. 2012 - FRANKLIN, Tenn. -- Michael Brown, a self-employed "computer guy," said he read the reports in early September of an anonymous computer hacker claiming to have copies of presidential candidate Mitt Romney's tax returns.
His knowledge of computers, Brown said, made him curious how such a stunt may have been managed.
A couple of weeks later, the Secret Service, acting on a search warrant, smashed through his front door and spent the next 18 hours pulling laptops, hard drives and all manner of digital storage devices from his Franklin home.
Now, almost two months since his home was searched, Brown has not been charged with a crime.
Brown, who offers a wireless Internet service, is a target of an investigation into an apparent attempt to to extort money by claiming to have the former GOP nominee's tax returns. The purported heist was announced in a letter posted online that solicited $1 million either to release the information or to keep it from the public. That same letter, along with supposedly encrypted flash drives containing the tax returns, was delivered to county Democratic and Republican offices in Williamson County.
The Secret Service isn't saying whether someone actually downloaded Romney's tax filings, but Brown is now going public with his denial of having any role in the plot. He even created a website, mbdonationfund.com, drawing attention to the case.
"If there was anything they could use," Brown said of the items seized from his home, "I wouldn't be here."
David Boling, a spokesman for the U.S. Attorney's Office in Nashville, said he could not comment on whether charges are expected. The federal judge who granted the search warrant for Brown's home ordered the documents sealed, but Brown posted them online.
"We've taken the unusual step of confirming an investigation by the Secret Service," Boling said. "The matter is under investigation, so there's nothing really we could say."
Though investigators won't talk about the case, the search warrant offers a glimpse into how they might connect Brown to the caper.
Craig Ball, an attorney and certified computer forensic examiner in Austin, Texas, noted that authorities can use the serial numbers from the two flash drives left at the political offices in Williamson County. The drives themselves won't likely reveal much, but computers keep a log of all the external storage devices ever plugged into them. That means, Ball said, that investigators are looking for a record of those flash drives having been used on the machines confiscated from Brown's home.
The search warrant also lists several IP addresses that could be used to identify which machines posted the apparent extortion letter onto the website, Pastebin.com. Similarly, authorities are looking for connections to a digital currency site, Bitcoin, through which the money was to be paid.
Several years ago Brown paid $5,000 to acquire about 371,000 bitcoins and, according to a 2011 article in Wired magazine, was the "richest man in in the bitcoin realm."
Brown acknowledged the circumstantial connection but said that, after the value of bitcoins tanked, he created another form of digital currency to compete with bitcoin. Why would he demand payment in a digital currency that competes with his own? Brown countered.
A quick perusal of the search warrant led Ball to conclude that investigators have leads in the case, though it is not clear what led them to Brown.
"Short of an abacus and a stone tablet, there's nothing they can't take from this person's home," Ball said. "They're not fishing."
Brown said he could not explain why the Secret Service is targeting him, but he noted that in 2009 the same agency came to his house looking for evidence tying him to the alleged theft of thousands of Social Security numbers held by an insurance company. He was never charged, and Brown said he met with federal agents four times to answer questions; he even agreed to a polygraph, he said.
"I'm pretty sure I'm profiled as a computer guy, and not just a layman at Best Buy," Brown said.
Critical of agents
Brown, a husband and father, said he isn't too worried about antagonizing federal authorities in talking about the case. That said, he has a few pointed criticisms of the agents who searched his home.
Authorities missed at least four flash drives that were sitting on a desk in his office, he said, and left behind some forensic software they were using to examine his machines. Brown said he's familiar with the brand and was surprised at the simplicity of the program, describing it as "'forensics for dummies' kind of software."
The agents also were clumsy in their removal of his equipment, Brown said.
"They left me with the impression of a bunch of apes with screwdrivers punching away at stuff."
Another element of this case is that the author of the letter claims to have visited the Franklin office of PricewaterhouseCoopers, the accounting firm that handles Romney's taxes, and hacked into the company's network. PricewaterhouseCoopers has repeatedly denied that any such thing occurred.
"At this point there's nothing to suggest our systems were tampered with," Chris Atkins, a spokesman for the company in New York City, said last week.
Ball, the forensics examiner in Texas, said that, in his experience, the claim of having been to the accounting firm's office could make it easier for investigators to confirm various facts of the case. Setting aside any video surveillance of the property, the firm's computer network probably monitors user logins and could show when files were accessed.
"It's probably premature to treat this guy as anything but a hapless innocent," Ball said of the raid on Brown's home. "The Secret Service also deserves the benefit of the doubt that they haven't tried to pin this on somebody."
Best CEO Toni Schneider in 2007 (Photo credit: Lisa Brewster)
I awoke to incredible news this morning. Leading web publishing service WordPress.com announced that they will begin accepting the nonpolitical cryptographic money Bitcoin as a payment method for various upgrades.
Then I remembered that WordPress.org powers our online publishing platform. It also powers the blog platform for The New York Times, CNN, Reuters, Mashable, NBC Sports, GigaOm, TechCrunch, ELLE Girl, RealClearPolitics, TED, National Football League, General Motors, UPS, eBay, Sony, and Volkswagen.
Not only does this strategic move bring new unserved customers into the WordPress fold, it paves the way for the online publishing platform run by parent company Automattic not to be restricted by the choices of its payment partners. Companies doing business and accepting payments globally are subject to increasing fees and sometimes arbitrary chargebacks which no doubt impact their bottom line. WordPress would probably not even mind if a large chunk of their mainstream payment processing migrated to bitcoin.
Over 57.8 million WordPress sites are written in 120 different languages creating nearly 32 million new user posts each month.
Criticizing the centralized bankcard associations and citing payment method deficiencies, WordPress spokesperson Andy Skelton said, “Unlike credit cards and PayPal, Bitcoin has no central authority and no way to lock entire countries out of the network. Merchants who accept Bitcoin payments can do business with anyone.” And thus the planet becomes immediately open to their products and services.
“PayPal alone blocks access from over 60 countries, and many credit card companies have similar restrictions,” continued Skelton. “Some are blocked for political reasons, some because of higher fraud rates, and some for other financial reasons. Whatever the reason, we don’t think an individual blogger from Haiti, Ethiopia, or Kenya should have diminished access to the blogosphere because of payment issues they can’t control.” [Note: WordPress.com updated their original blog post which mentioned Cuba and Iraq.]
Vitalik Buterin of Bitcoin Magazine brings up an equally significant reason for accepting payment in Bitcoin, “Another argument which WordPress did not mention is anonymity. Many bloggers that operate in restrictive regimes do so using pseudonyms for their own protection, and traditional payment methods like credit cards and PayPal are unusable for those bloggers because they expose the payer’s physical identity.” With user-defined anonymity and identity privacy, bitcoin offers unparalleled safety to dissident bloggers and free speech advocates.
Initially, processing will be managed by payment service provider BitPay, Inc. of Orlando, Florida. BitPay shields WordPress from having to handle actual payments by immediately converting and transferring sales proceeds into a WordPress merchant bank account. This minimizes the currency risk for the accepting merchant. An important configurable option also allows the merchant to retain Bitcoin balances for their own account and subsequent usage.
Although WordPress states that they are not waiting for a sufficient number of confirmations from the bitcoin block chain, it is largely irrelevant for e-services since upgrades can simply be deactivated or reversed due to a failed payment.
WordPress may not stand as the lone giant for very long since Reddit CEO Yishan Wong hinted last week at the social news site’s willingness to begin transacting in Bitcoin for Reddit Gold subscriptions. Reddit is a subsidiary of Condé Nast’s parent company, Advance Publications.
As the bitcoin juggernaut continues to roll forward absorbing merchants and customers globally it leaves archaic and unsuspecting payment methods in its wake. As one bitcoin forum member articulated, merchants will increasingly be asked: “What’s your Bitcoin strategy?”
Typical wireless electronic card reader (Photo credit: USDA)
Travelers leaving or entering the United States have long had to declare aggregated cash and other monetary instruments exceeding $10,000. Now, under a proposed amendment to the Bank Secrecy Act, FinCEN (Financial Crimes Enforcement Network) will also require travelers to declare the value of prepaid cards that they are carrying, known now as “tangible prepaid access devices.”
Expected to be finalized by the end of this year, the cross-border reporting modifications stem from a broader October 2011 definition of payment methods and form factors that replaced the term “stored value” with the term “prepaid access” in an effort to more accurately describe the process of accessing funds held by a payment provider.
Enforceability falls to U.S. Immigration and Customs Enforcement and U.S. Customs and Border Protection both within the Department of Homeland Security, which is already developing advanced handheld card readers that can ascertain whether a traveler is carrying a credit card, debit card, or prepaid card. This differentiation is important because only prepaid card balances will need to be added to declaration report forms.
Acknowledging that many questions still remain and that enforcement may not be straightforward, Cynthia Merritt, assistant director of the Retail Payments Risk Forum at the Federal Reserve Bank of Atlanta, had this to say about the handheld readers:
Furthermore, according to the comments, the enforcement challenge is not new, nor is the concept of a device or document that can be used to access value. The current challenges are similar to those presented in the past with other monetary instruments such as checks, money orders, and traveler checks.
Merritt also stated that, “When law enforcement takes possession of a cash or monetary instrument at the border, they are effectively holding the funds, but not so with a prepaid card or other device. Holding the card does not provide access to the underlying funds.”
Other questions to be settled include how to determine mobile phone wallet and key fob balances that can function in a manner similar to card swiping, how to distinguish between reloadable and non-reloadable prepaid cards, how to distinguish between bank-issued and non-bank-issued prepaid cards, should closed loop gift cards be included in the cross-border reporting requirements, what to do about cards that clear customs with a minimal balance but are then subsequently reloaded with an amount in violation of the reportable limits, and what to do about a large number of nonpersonalized, unembossed cards.
Also, would a traveler have legal recourse for damages if agents seized a proper debit card in the mistaken belief that it was a reportable prepaid card?
These complications and others imply that FinCEN’s NPRM [Notice of Proposed Rule Making] may yet undergo some revisions in order to bring the regulations in sync with the realities of the prepaid card industry.
In the meantime, travelers with a memorized Bitcoin private key can breathe a sigh of relief, because according to an important April 9th, 2012 letter to FinCEN Director James Freis from Homeland Security Investigations it appears that intangible brainwallets are safe for the moment:
Should the border declaration apply to codes, passwords and other intangibles as well as to any tangible object that is dedicated to accessing prepaid funds?HSI believes that border declaration should not apply to codes, passwords and other intangibles. Identification and verification of intangibles in the context of border enforcement poses logistical and potential legal issues that are not contemplated by currency and monetary instrument declaration regulations. The structure of the currency and monetary instruments declaration regime, hinges on the existence of a physical object. The language requires something that can be passed from one individual to another in order to be presented to a third party for execution/payment.
Should the border declaration apply to codes, passwords and other intangibles as well as to any tangible object that is dedicated to accessing prepaid funds?
HSI believes that border declaration should not apply to codes, passwords and other intangibles. Identification and verification of intangibles in the context of border enforcement poses logistical and potential legal issues that are not contemplated by currency and monetary instrument declaration regulations. The structure of the currency and monetary instruments declaration regime, hinges on the existence of a physical object. The language requires something that can be passed from one individual to another in order to be presented to a third party for execution/payment.
The ECB (European Central Bank) has produced the first official central bank study of the decentralized cryptographic money known as bitcoin, Virtual Currency Schemes. Ignoring for a moment the ECB’s condescending and derogatory use of the virtual currency phrase and scheme phrase, the study produced at least one landmark achievement.
In claiming that “The theoretical roots of Bitcoin can be found in the Austrian school of economics,” the ECB forever linked Bitcoin to the proud economic heritage of Menger, Mises, and Hayek as well as to Austrian business cycle theory. This recognition is also a direct testament to the monetary theory work of Friedrich von Hayek who inspired many with his 1976 landmark publication of Denationalisation of Money.
Bitcoin fully embodies the spirit of denationalized money as it seeks no authority for its continued existence and it recognizes no political borders for its circulation. Indeed according to the report, proponents see Bitcoin as “a good starting point to end the monopoly central banks have in the issuance of money” and “inspired by the former gold standard.”
Economists from the 19th and mid-20th centuries can be forgiven for not anticipating an interconnected digital realm like the Internet with its p2p distributed architecture, but modern economists cannot be. From their own conclusions (on page 48) which inaccurately lump Bitcoin together with Linden Dollars, here is what the modern-day economists at the ECB are still not getting:
1. ECB concludes that if money creation remains at a low level, bitcoin does not pose a risk to price stability. This is incorrect on two levels. One, the creation of new bitcoin is capped at 21 million with eight current decimal places so it grows through adoption and usage rather than monetary expansion. And two, as with gold, silver, and other commodities having a monetary component, price stability is a function of the market not central planners;
2. ECB concludes that bitcoin cannot jeopardize financial stability due to its low volume and limited connection with the real economy. Conversely, bitcoin will tend to increase financial stability and overall soundness. Bitcoin’s connection with the real economy is only a concern for the regulated and taxed economy, whereas bitcoin independently may thrive in the $10 trillion shadow or “original” economy. Besides, with its repeated market interventions, no one has done more to jeopardize financial stability than the ECB itself;
3. ECB concludes that bitcoin is currently not regulated and supervised by any public authority. It would be more accurate to say that State-sponsored regulation is largely irrelevant because of the inherent design properties of a peer-to-peer distributed computing system. But happily, this is still a conclusion that I can agree with and recommend that it remains the case;
4. ECB concludes that bitcoin could represent a challenge for public authorities, given the legal uncertainty and potential for performing illegal activities. While public authorities will certainly be challenged by the introduction of a monetary unit that cannot be manipulated for political purposes, bitcoin in some cases does have the ability to provide tracking capability that far exceeds that of national cash or money substitutes. What authorities will find most troubling though, with bitcoin, is that money flows between individuals and businesses will no longer be exploitable for purposes of unlimited identity tracking and unconstitutional ‘fishing expeditions’;
5. ECB concludes that bitcoin “could have a negative impact on the reputation of central banks, assuming the use of such systems grows considerably and in the event that an incident attracts press coverage, since the public may perceive the incident as being caused, in part, by a central bank not doing its job properly.” Pretentious as it may seem, the ECB is stating here that central banks as protector of the general public with respect to payments have a role to play because it is their reputation that suffers in the event of a bitcoin-related security incident. Firstly, that is an assumed responsibility — not a delegated responsibility; and reputational impact aside, I would prefer to rely on lex mercatoria;
6. ECB concludes that bitcoin does indeed fall within central banks’ responsibility as a result of characteristics shared with payment systems. Of course it does not. Central banks are a form of centralized economic planning so their stated responsibilities are suspect from the outset. Bitcoin represents an intangible math puzzle whose existence is solely restricted to transfer rights on a cloud-based public ledger. It more closely resembles an air guitar than a payment system for purposes of oversight.
Now, in affirming the superior attributes of bitcoin in the role of financial innovation, the ECB correctly identifies why the profligate issuers of national fiat currencies will ultimately feel threatened by such a decentralized nonpolitical unit. The report acknowledges the following with respect to bitcoin: (a) “higher degree of anonymity compared to other electronic payment instruments,” (b) “lower transaction costs compared with traditional payment systems, and (c) “more direct and faster clearing and settlement of transactions” from the absence of intermediaries.
Overall, the fear of the monetary overlords is palpable as the study concludes by basically promising continued scrutiny and oversight. Also forecast for the plebeians is a possible remedy to the global scope and unclear jurisdiction of the regulatory challenge:
“One possible way to overcome this situation and obtain some quantitative information on the magnitude of the funds moved through these virtual currency schemes could be to focus on the link between the virtual economy and the real economy, i.e. the transfer of money from the banking environment to the virtual environment. Virtual accounts need to be funded either via credit transfer, payment card or PayPal and therefore a possibility would be to request this information from credit institutions, card schemes and PayPal.”
However, Michael Parsons, a former executive with Emirates Bank (Dubai), Moscow Narodny Bank, and KPMG Moscow, believes that those efforts will prove futile and he explains, “Bitcoin is ‘regulated’ by its peers and mathematics. And Bitcoin is not a currency like fiat money. It is a value transfer system which is given value only by its users. So the ECB, FED, etc. have no mandate to control a ‘virtual currency’ just because they call it (bitcoin) that! It will just go underground. Bitcoin is like Light and Air. Free to use and transfer. Owned and issued by the people and NOT the State!”
It evokes an image of central bankers huddled comfortably on the safe shoreline as they look out into the horizon and see the dangerous, unstable virtual currencies approaching. The opposite is actually the truth because it is the central bankers who are floating precipitously out at sea. As James Turk famously said about bitcoin’s analog cousin, “When standing in a boat and looking at the shore, it is the boat (currencies) – and not the land (gold) – that is bobbing up and down.”
Photograph by Vahid Salemi/AP Photo
A money changer holds an Iranian banknote on Ferdowsi Street in Tehran
Under sanctions imposed by the U.S. and its allies, dollars are hard to come by in Iran. The rial fell from 20,160 against the greenback on the street market in August to 36,500 rials to the dollar in October. It’s settled, for now, around 27,000. The central bank’s fixed official rate is 12,260. Yet there’s one currency in Iran that has kept its value and can be used to purchase goods from abroad: bitcoins, the online-only currency.
Created in 2009 by a mysterious programmer named Satoshi Nakamoto, bitcoins behave a lot like any currency. Their value is determined by demand, and they can be used to buy stuff. Bitcoin transactions are encrypted and handled by a decentralized global network of tens of thousands of personal computers. Merchants around the world accept the currency, from a bakery in San Francisco to a dentist in Finland. Individuals who own bitcoins and wish to exchange them for physical currencies like euros or dollars can use exchange sites such as localbitcoins.com, a Finland-based site founded by Jeremias Kangas. “I believe that bitcoin is, or will be in the future, a very effective tool for individuals who want to avoid sanctions, currency restrictions, and high inflation in countries such as Iran,” Kangas wrote in an e-mail.
The advantage for Iranians is that bitcoins can be swapped for dollars that can then be kept outside the country. Another plus: Regulators can’t easily track the transactions, since bitcoins aren’t issued from a central server. Bitcoin users can conduct business on virtual private networks, which hide customers’ identities.
At online store coinDL.com, shoppers can use bitcoins to buy Beyond Matter, the latest album from Iranian artist Mohammad Rafigh. Anyone in the U.S. downloading songs, which fetch .039 bitcoins or 45¢ each, risks violating U.S. sanctions. That doesn’t bother Rafigh, who’s studying computer engineering as well as playing music. “Bitcoin is so interesting for me,” Rafigh wrote in an e-mail. “I wish the culture of using digital money spreads all over the world, because it does not have any dependency on anything like politics.” Rafigh has translated some bitcoin software into Farsi for his friends. “I love Iran, and if bitcoin is good for me, it can be good for more Iranians like me.”
Iranian-American bitcoin consultant Farzhad Hashemi recently traveled to Tehran and talked up bitcoin to his friends. “They are instantly fascinated by it,” he says. “It’s a flash for them when they realize how it can solve their problems.” Iranians working or living abroad can send bitcoins to their families, who can use one of the online currency matchmaking services to find someone willing to exchange bitcoins for euros, rials, or dollars. Bitcoins are useful to Iranians wishing to move their money abroad, either to children studying in Europe or America or simply to stash cash in a safe place.
As the value of the rial plunges, many Iranians are trying to acquire foreign currencies. “We have no idea what will happen,” says Amir-Hossein Madani, who says he’s traded tens of millions of street market dollars in Tehran over the past two years. “These days prices change every 10 minutes.”
The uncertainty has led some Iranian software developers to ask clients to pay them in bitcoins. “Anyone with a computer is able to own, send, and receive them. You can be at an Internet cafe in Iran and managing a bitcoin account,” says Jon Matonis, a founding board member of the Bitcoin Foundation, a Seattle nonprofit that promotes the currency. The exchange rate in Iran is 332,910 rials per bitcoin. It isn’t known how many Iranians use bitcoins to skirt sanctions. According to localbitcoins’ Kangas, 32 people in Iran have contacted each other through his site.
An internal FBI report in April expressed concern over the online currency. The report was leaked to Wired and Betabeat. “Since Bitcoin does not have a centralized authority, law enforcement faces difficulties detecting suspicious activity, identifying users, and obtaining transaction records—problems that might attract malicious actors to Bitcoin,” says the report. For now, Iranians are using bitcoins to maintain a fragile connection to the outside world.
The bottom line: Iranians are resorting to virtual currency to move money into and out of the country in a way that Western authorities find hard to detect.
Bitcoin Foundation board member and Forbes contributor Jon Matonis (@JonMatonis) in a post on the Bitcoin Foundation’s forum gives reasons for individuals and organizations to support the Bitcoin Foundation (@BTCFoundation). Excerpts:
“The Bitcoin Foundation is an educational and software research organization offering annual memberships and a standard donation program.”-“Some of the significant initiative areas where we are already having a measurable impact: - Human Rights and Social Justice - Privacy - Sound Public Policy - Math and Science”
- https://bitcoinfoundation.org/blog/?p=41 - http://bitcointalk.org/index.php?topic=126763.0 (Further discussion of this post)
0948.pdf RATS: Guide to Protection Against Informants November 30, 2012
Inaugural Issue of Bitcoin Magazine
Last Thursday’s news that French company Paymium and their exchange division, Bitcoin-Central, partnered with a licensed and regulated Payment Services Provider (PSP) ignited a heated debate within the bitcoin community. Eventually, Bitcoin-Central tempered their overly-enthusiastic initial announcement.
“It feels like these French dudes are bringing saltpeter to a rave,” declared Daniel Stuckey, a writer at Motherboard ridiculing the company for dismissing the founding concepts of bitcoin.
Not singling out the Paymium effort, there is a powerful undercurrent rejecting the notion that bitcoin exchange companies should seek approval to operate within the existing regulatory framework at all. That undercurrent has some validity. That is if larger forces at work don’t settle the issue before then. However, it is the jurisdictions that they elect to operate within plus the specific exchange types that determine the level of required compliance. Legal counsel willing to challenge the status quo is sorely needed for the days ahead.
Floating-rate, rather than fixed-rate, exchanges are going to require the holding of customer funds in national currencies. Exchanges for actual delivery, rather than cash-settled futures exchanges quoted only in bitcoin, will also require holding customer funds in national currencies. Customers with large balances simply aren’t going to use exchanges that don’t identify their legal jurisdiction, delineate funds, and adhere to some type of recourse for insolvency and stolen funds. So, certain jurisdictions and their financial regulators tend to get involved. This is also the case with Mt.Gox being based in Japan.
Here’s the real issue — regulation in this context is only a bad thing if it leads to crony capitalism or if it suggests that “still-in-beta cryptographic play money” bitcoin requires regulation similar to a national political currency.
While an individual’s bitcoin transactions may still be semi-private, the auditable address links on the block chain and identity requirements for entering or exiting the exchange will remove any doubt as to how much bitcoin was spent or earned. Also, the case can be made that, despite bitcoin’s basis in mathematics and being devoid of ideology, graph theory analysis of the block chain can be significantly improved by having more ‘regulated’ data points thus cumulatively degrading the privacy of all bitcoin transactions. Bitcoin address logs for a bitcoin exchange are like IP logs for a VPN.
Yes, debit cards with a bitcoin logo are cool and they can facilitate easy movement of funds associated with bitcoin balances. But legacy debit cards are institutionalized vehicles of identity and they promote half-way measures. Any role for current financial institutions in the societal wealth transfer to cryptocurrency will come from embracing bitcoin on its terms. If banks want to participate in a meaningful way, they will have to adapt to Tor exit nodes, coin mixing services, escrow provisioning without identity, and underwriting private insurance on balances.
Bitcoin’s great promise lies in its potential ability for both income and consumption anonymity. It is this feature alone that allows users to maintain the same financial privacy as physical cash today and it is this feature that will also lead to liberating advancements such as a thriving and interconnected System D, unhampered and undiluted freedom of speech, and superior asset management that can truly be said to be off-the-grid.
Those who support the antithetical overlay of bitcoin on the current financial system ensure us that it will only be temporary and that we must build bridges. That would be nice but it’s a fairy tale. It reminds me of the Marxist theory of historical materialism and the Marx-Engels ideology that if we only tolerate the bourgeois state during the transitional advancement to a higher phase, we will see the complete “withering away of the state.”
True revolutionary transformations just don’t evolve that way. Linux didn’t first co-exist within the Microsoft DOS and Windows environment and then decide to spin-off into a competing operating system. File sharing under the BitTorrent protocol didn’t conduct a Hollywood outreach program and explain what the technology would mean for the film and recording studios.
One doesn’t request freedom, one claims freedom. As Bitcoin Forum member btcbug stated about bitcoin’s acquiescence to legality, “It’s kind of like a bunch of slaves breaking out and then running straight back because they were so brainwashed they didn’t even recognize freedom.” However, the sad reality is that most of the slaves don’t really want to be free which is exemplified by voting for ever-increasing State services that have to be funded through confiscatory levels of taxation and inevitably that means diminishing financial privacy.
Get real people! This is about more than just “agreeing to disagree” when it comes to stricter regulation being a good thing. Bitcoin without user-defined anonymous transactions is a neutered bitcoin. Paper cash comes with more financial privacy. In circular logic fashion, the pro-regulation adherents must then answer to their success, “what have we really accomplished?”
Man Lists Bungalow for Bitcoins (ABC News)
Taylor More is selling his family's bungalow with an asking price of $405,000 (that's Canadian dollars) or 5,521 Bitcoins. He would rather have the Bitcoins.
Supported videos include:
Easily create a Forum Website with Website Toolbox.