While you're 95% right, you could also argue that irreversible hundred million dollar transactions are a feature unique to bitcoin. That could appeal to kidnappers.
If you were very paranoid would you rely exclusively on security through obscurity?
It might also occur to you to diversify out of the thing that puts you at risk. Maybe there's even some sort of establishment that can hold funds more securely. He should look into that.
"Security through obscurity" being bad only applies to cryptography, and have no bearing whatsoever to the concept of security in real life.
To answer your question, actually, yes, it's almost proven to be the most effective measurement for one's safety: don't want to get hurt? Don't let people find you: get in a forest/ mountain range and hide.
> "Security through obscurity" being bad only applies to cryptography, and have no bearing whatsoever to the concept of security in real life.
Why do you believe this? The concept predates widespread use of encryption and originally applied to things like physical locks. Their "security through obscurity" approach was custom mechanisms which were easily defeated shortly after development by determined thieves. This race between security experts (in their various incarnations) and security breakers (again, in their various incarnations) has been going on since the first person tried to secure some property with something more complex than a crossbar on a door. And this race continues, even in the information age, to occur in both the physical and information realms.
That statement, read alone, sounds a bit more stronger than I intended for it to be. I agree with what you said. Although I should note that we aren't allowed to run around in top secret building to draw out the floor plan ;).
Thinking about it, I guess "security through obscurity" wasn't the correct term to use in the case. What I meant was simply that: there are completely valid reasons to keep your name and/ or location unknown, both for your safety, and otherwise convenience of life.
Now First Blood is an underrated movie but I'm not sure it, or anything else, supports your claims. Hiding in the mountains has been a proven way of lowering life expectancy for millennia.
On HN I've seen that pattern and sometimes it was a well-respected poster, hammering on something pedantic and off-topic, derailing the thread. Point being, sometimes someone can be right, really knowledgeable and a (thread-localised) k00k.
added: then again, there's also something about HN's discussion structure (mainly lack of collapsing comments like Reddit has) that makes these derails get in the way much more than necessary. Reddit even has place for strings of puns without them significantly derailing the discussion.
15 minutes frittered reading up on that one. Seems the guys set up in the same warehouse so they could have trucks coming and going for a year or so and set up a Maple Syrup dealers in a neighbouring state to ship it to.
Kill occupants of building, move 1.3 cubic meters of gold in 30 trips with transport van. Now you have a few other problems, such as making sure that you're not going to end up in the same way. Besides surveillance cam footage recording your whereabout during part of your trip and the distance being fairly easily estimated if you do two trips in quick succession leading to a possible ID and or location of the stash.
But getting it out of there is fairly easy if you lack a conscience and have a van. If you had access to a slightly larger truck it would be easier still.
>But if you have a billion dollars of gold in your basement, you should be very, very paranoid.
If i had so many bitcoins as Satoshi Nakamoto i would certainly not store them in my basement. I'd split my private key using n:m scheme and store them in secure deposit boxes in banks.
Not at all, you can freely walk into most exchange offices. Theoretically an armed robbery of exchanges and payment processors would be the perfect crime. Commit private address to memory or tattoo it on yourself in code, after the robbery forcing them to transfer to your public address and waiting out confirmations turn yourself in to the police and do the 5 yrs. Walk out with millions worth of bitcoins on your arm. (Penalty here is 5yrs, unsure anywhere else). Blockchain.info would prob nickname that address "Hans Grueber"
"In Chadwick v. Janecka (3d Cir. 2002), a U.S. court of appeals held that H. Beatty Chadwick could be held indefinitely under federal law, for his failure to produce US$ 2.5 million as state court ordered in a civil trial. Chadwick had been imprisoned for nine years at that time and continued to be held in prison until 2009, when a state court set him free after 14 years, making his imprisonment the longest on a contempt charge to date."
IANAL, but in the US, the 5th amendment still protects combination locks, and as far as I can tell, passwords.
Prosecutors can be as intimidating as they wish, the government is free to use their magical NSA powers to recover the bitcoin. They can't compel someone to incriminate themselves. giving the wallet address to the prosecutor is effectively admitting to a crime, perhaps just conspiracy, but nonetheless that's self incrimination.
They can compel you to enter the passphrase to decrypt your computer so long as there is sufficient evidence that you are capable of doing so.
What they can't do is say "only the person who committed this crime knows the password" and then force you to enter the password (since doing so would be self incrimination). It's when it's already known that you could enter the password that you can be compelled to.
I'm not familiar with the American legal system. Ignoring bitcoin entirely, if you rob a bank and hide the money do you get to keep the money after your release from jail?
They claim they do but there's never been any 3rd party auditing or verification of this that I know of. In the gold business every reliable business has auditing and insurance while so far Bitcoin businesses are run like a regular startup with open offices. Who's cleaning the offices after hours with access to the workstations or servers, who are the hired developers and are they smuggling wallet stealing software inside to transfer to themselves while on a flight to Brazil, who is writing their custom wallet and is it robust, how do we know they didn't copy every address to themselves. Lot's of security questions I've never seen addressed by any of the big exchanges. There was a payment processor startup that posted their office to bitcointalk.org which was floor to ceiling open glass windows with laptops facing the outside. How many binoculars are trained on those laptops across the street to get logins.
Some friends of mine trade large amounts of Bitcoin on a regular basis and there's never been much of a delay withdrawing. I doubt they are going to a bank to physically take out printed keys everyday for every transaction over $10,000 or phoning 5 people to combine keys. I bet the backups are kept in a safe deposit box, the cold wallet is likely an offline system anybody can walk up to with some kind of feeble authentication judging by past Bitcoin exchange incompetence.
Many of the smaller exchanges are using Blockchain.info wallets as their hot wallet too but won't admit it.
>There's never been any 3rd party auditing or verification of this that I know of.
I think that's intended to be a feature and not a bug. With Bitcoin 'third party verification' means other people no longer use a service after you've generously sacrificed your money to demonstrate their incompetence or malice.
If I'd have a billion dollars of worth gold in my Basement I'd be impressed if somebody managed to steal it. Since 1bn USD in gold would weigh 22603KG...
