Credit card (in)security issues

Credit card fraud is a wide-ranging term for theft and fraud committed using a credit card or any similar payment mechanism as a fraudulent source of funds in a transaction. The fraud begins with either the theft of the physical card or the compromise of data associated with the account (card account number and/or verification codes).

Skimming is the theft of credit card information used in an otherwise legitimate transaction. Instances of skimming have been reported where the perpetrator has put a device over the card slot of an ATM (automated teller machine), which reads the magnetic strip as the user unknowingly passes their card through it. Technology needed to read the contents of the magnetic strip is pretty simple. Usually a miniature camera or fake keypad over original is used to read the user’s PIN at the same time. Skimming is usually very difficult for the typical cardholder to detect. All About Skimmers article series is about ATM skimmers, gas pump skimmers and other related fraud devices.

Skimming has been on news in Finland lately. Police has revealed some details of the hard to detect skimming devices that have been found installed on tens of ATM devices around Finland. Articles Ovela huijaus Otto-automaateilla – huomaatko eron kuvissa?, Kummassa pankkiautomaatissa on huijauslaite? and Skimmaajat teettivät erikoislaitteita Suomen oloihin show you pictures of ATM with and without skimming device. These device custom made for Finnish ATMs are really hard to detect. According to articles thousands of ATM card have been compromised and used to steal several hundreds thousand euros. Look carefully next time you use ATM.

Muga_Golden_Credit_Card

Throughout Europe the traditional in-store credit card signing process is increasingly being replaced with a system in which the customer is asked to enter their PIN instead of signing. PINs were widely introduced at the same time as EMV chips on the cards. In Finland the PIN codes that comes with the card are predefined by card issuer. In some countries with some banks the customer can freely choose them. Security of Self-Selected PINs Is Lacking article tells that Cambridge University Computer Laboratory team collected statistics on how people choose banking PINs when they are permitted to select their own keys. There is every incentive for the bad guys to try guessing PINs on every card that they steal. “A thief can expect to get lucky every 18th wallet — except for those banks which negligently allow their customers to choose really dumb PINs like 1111 and 1234″. Their report traces an idiosyncratic history of the use of passwords by financial institutions. The researchers wrote that there were two lessons to be drawn from their study. First, customers should never use date of birth as a PIN or password. Second, banks should institute blacklists of common passwords, or prohibit user selection of passwords entirely.

Proximity payments are coming. Pay-by-wave: At least it’s better than being mugged article tell that the public thinks that paying with a tap of the phone is risky, with criminals able to intercept and steal credentials, so it seems a good time to take a closer look at proximity payments. Today’s proximity payment systems are based on the NFC standard, which uses a radio connection at 13.56MHz for short-range peer-to-peer communications. The same frequency is used by RFID tags, in a simplistic way, but NFC is a good deal more complicated, and expensive. Proximity payments are implemented in smartphones and contactless credit cards.

1325432106

Hacker’s Demo Shows How Easily Credit Cards Can Be Read Through Clothes And Wallets article tells that contactless cards are far more common than they might seem: According to the Smart Card Association, about 100 million of the RFID-enabled cards are in circulation. Visa calls its technology payWave, MasterCard dubs it PayPass, Discover brands it Zip, and American Express calls it ExpressPay.

Hacker’s Demo Shows How Easily Credit Cards Can Be Read Through Clothes And Wallets and Shmoocon Demo Shows Easy, Wireless Credit Card Fraud articles tell that some contacless cards have serious security holes. Paget, a well-known security researcher for the consultancy Recursion Ventures, used a simple method for her hack: impersonating a legitimate contactless point-of-sale terminal with her own RFID card reader. Commercially-available RFID reader can read the data from a contactless card as easily as a store’s point-of-sale device does. With a Vivotech RFID credit card reader she bought on eBay for $50, Paget wirelessly read a volunteer’s credit card onstage and obtained the card’s number and expiration date, along with the one-time CVV number used by contactless cards to authenticate payments. She flashed the volunteer’s credit card number on a screen in front of an audience of hundreds of hackers and security researchers. “You were planning on cancelling that card, weren’t you?”. A second later, she used a $300 card-magnetizing tool to encode that data onto a blank card. And then, with a Square attachment for the iPhone that allows anyone to swipe a card and receive payments, she paid herself $15 of the volunteer’s money with the counterfeit card she’d just created. Paget’s firm has been working on a credit-card-shaped protection device known as GuardBunny that sits in a wallet alongside payment cards and blocks any would-be RFID fraudster. So it sound like this hacking demonstration was just a marketing gimmick for their product.

Randy Vanderhoof, executive director of the industry group the Smart Card Alliance, points out that despite previous research on the contactless attack, no real-world instances of the fraud have ever been reported. To fight against fraud contactless cards do offer one security feature traditional cards don’t: Along with the card’s 16-digit number and expiration date, the cards are set to offer up a one-time CVV code with every scan. Those codes can only be used for one transaction, and have to used in the order they’re generated. If a payment processor detects multiple transactions with the same code or even codes being used to make transactions in the wrong order, it will disable the card. So a contactless card scammer can only use each stolen number once.

According to a smart card expert I know Square and card issuer bank is also to blame on that this worked (and would not work with European banks and other payment services). Also the sum was so low that the payment company might not do all the check it does for bigger sums of money. In card where things are built well, there is different card number for normal swipe card use and contactless operation. The contactless number would fail to work if you try to pay with their code on the terminal that swipes the card. So the security holes are not as big and bad as it seems based on those hacking news.

214 Comments

  1. Tomi Engdahl says:

    Hey banks: Use Win XP after deadline? You’ll PAY if card data’s snaffled
    DPA fines and Payment Card Industry fines, it all adds up – watchdog
    http://www.theregister.co.uk/2013/10/14/pci_dss_compliance_at_risk_if_banks_use_windows_xp_after_microsoft_withdraws_support_services_regulatory_agencies_warn/

    Banks that use the Windows XP operating system will face a risk to their compliance with payment card data security rules if they continue to operate the software after Microsoft withdraws its extended support services, a US regulatory body has warned.

    Microsoft confirmed in 2010 that it would end “extended support” for Windows XP and Office 2003 on 8 April 2014. The Federal Financial Institutions Examination Council (FFIEC) has now called on financial institutions and technology service providers (TSPs) to “address the risk from the continued use of XP” beyond that date.

    “Microsoft will discontinue extended support for XP effective April 8, 2014,” the FFIEC said in a statement. “After this date, Microsoft will no longer provide regular security patches, technical assistance, or support for XP. Financial institutions, TSPs, and other third parties that use XP in personal computers, servers, and purpose-built devices such as automated teller machines (ATM), or that are dependent on applications that require use of XP could be exposed to increased operational risk.

    “Potential problems include degradation in the delivery of various products and services, application incompatibilities, and increased potential for data theft and unauthorised additions, deletions, and changes of data. Additionally, financial institutions and TSPs that are subject to the requirements of the Payment Card Industry Data Security Standard (PCI DSS) and continue to use XP after April 8, 2014, may no longer be compliant,” it said.

    PCI DSS is the main standard related to storing payment card data and it sets out 12 requirements specifying steps which should be taken to ensure payment card data is kept safe both during and after transactions. The standard is currently in the process of being updated.

    “If businesses using XP have not already done so, they should now be holding internal discussions about the pros and cons of upgrading the operating system they use away from XP,” he said. “Upgrading is not the only option, however.

    “Businesses will be able to continue to use XP after Microsoft withdraws its extended support if the risks associated with that can be managed. They will no longer be able to rely on Microsoft flagging up security vulnerabilities and fixing those problems for them, though.”

    Reply
  2. Tomi Engdahl says:

    Million theft: fast-food cash machines had virus

    Criminals have stolen millions of euros in fast-food restaurants, cash machines to South Africa, says the local Central Tech news service. Involved the use of malware.

    Tech Central says it has received information on the case, which is one of South Africa’s history of the worst credit card offense. Criminals were forced its way malware fast food chains, cash registers. The release of the source, the situation has been particularly bad the KFC chain of restaurants.

    Criminals used in the operation Dexter-side program, which had been modified program, the detection more difficult. This is a cash machine intelligence developed an application that provides information to criminals.

    When a restaurant customer paid debit card purchases, malware read the card information. They will then be sent abroad, possibly in Europe.

    Criminals are, however, prepared a payment card copies. They have made shopping in the U.S., and some of the purchases have led to the arrests.

    South Africa’s pay brokerage of its director of the damage go up into millions of euros, says Central Tech. Customers are not liable for purchases that have been made

    Source: http://www.tietokone.fi/artikkeli/uutiset/kavala_miljoonavarkaus_pikaruokaloiden_kassakoneissa_virus

    Reply
  3. Roy Ehr says:

    Pretty! This was a really wonderful article. Thank you for supplying this info.

    Reply
  4. Tomi says:

    Credit Card Numbers Still Google-able
    http://search.slashdot.org/story/13/11/08/1454251/credit-card-numbers-still-google-able

    “In 2007, I wrote that you could find troves of credit card numbers on Google, most of them still active, using the simple trick of Googling the first 8 digits of your credit card number.”

    “in 2013, it appears to still be just as easy.”

    If you have a Visa, Mastercard, or Discover Card number handy, do a Google search for the first 8 digits in the form “1234 5678″ (don’t forget the double quotes around the numbers, and the space in the middle). The odds are that you will find at least some pages among the search results which include other credit card numbers that begin with the same 8 digits.

    Those Google hits will frequently be in the form of a spreadsheet or document that looks like it was made for someone’s internal use and wasn’t meant to be leaked on the Web

    Reply
  5. Tomi Engdahl says:

    Hackers steal ‘FULL credit card details’ of 376,000 people from Irish loyalty programme firm
    Data was unencrypted, claims Irish data protection commish
    http://www.theregister.co.uk/2013/11/14/irish_loyalty_card_breach/

    According to the results of a preliminary investigation by the Office of the Data Protection Commissioner (ODPC), credit card and – contrary to all payment storage rules – CVV details were held unencrypted on Loyaltybuild’s systems in the run-up to attacks in the middle of October.

    CVV – Card Verification Value – numbers are the three-digit security code found on the back of a credit or debit card, used to prove that a customer making an online purchase has physical possession of the card. They are an important anti-fraud measure.

    Data Protection Commissioner Billy Hawkes told the Irish Times that Loyaltybuild had stored financial information in unencrypted form, along with the three-digit security code printed on customers’ credit and debit cards. We put this specific accusation to Loyaltybuild but have yet to hear back from the firm.

    “It’s unclear why Loyaltybuild stored the compromised credit card information in the first place,” said Gene Meltser, technical director for Neohapsis Labs, the research arm of mobile and cloud security services firm Neohapsis. “In general, loyalty based programs function by rewarding users for specific purchasing activity, and to do that, loyalty rewards programmes only need to correlate a member’s account information, such asa name, to purchasing activity records related to the reward in question.”

    “In an overwhelming majority of cases, it is unnecessary to store detailed credit card data, and in absolutely all cases it is prohibited to store the 3- or 4-digit codes, or CVV values, off the credit card. To store this data unencrypted would not only be fundamentally prohibited under PCI-DSS requirements, but also demonstrating considerable negligence in protecting customer and payment data,”

    Reply
  6. Tomi Engdahl says:

    Tired of a fat wallet? Coin lets you hold all your cards in a single, connected card
    http://venturebeat.com/2013/11/14/tired-of-a-fat-wallet-coin-lets-you-hold-all-your-cards-in-a-single-connected-card/

    With all the hype surrounding mobile payments these days, the industry faces a monumental problem: Credit cards are already pretty easy to use.

    Now Coin, a Y Combinator-backed startup, is out to make all of the cards in your wallet even more convenient.

    The company is launching a crowdfunding campaign today for its Coin connected credit card, which can store any card — be it credit, debit, or loyalty — for easy access. Coin aims to raise $50,000 so that it can start producing its cards soon. It plans to sell the cards for $100, but those who preorder will get it for $50.

    In a brief demo of Coin’s technology, I can confirm that it actually works: Simply swipe your cards using a card dongle like Square’s, take a picture of their front and back, and Coin’s app securely stores all of the card information for you.

    The Coin card uses Bluetooth low-energy technology to stay connected to your smartphone for swapping cards. As a security precaution, the Coin card disables itself if it’s away from your phone for more than 10 minutes. (Yes, that means trouble if your phone runs out of battery.)

    All of the card information in the Coin app is protected with 128-bit encryption, and the company says it’s working on full PCI compliance (essential for many companies).

    Reply
  7. Tomi Engdahl says:

    Infosec bods scorn card-swiping Coin over security fears
    Deprecated money-moving tech is still secure, insists biz
    http://www.theregister.co.uk/2013/11/18/coin_scorned/

    All-in-one digital payments start-up Coin has issued a robust defence of its technology following criticism from an infosec firm.

    Coin offers a single combined credit/debit/loyalty/store card that’s paired with a user’s mobile phone. The Coin app requires that you take a picture of the front and back of the card, type in your card details, and then swipe the card (using a reader it provides) to ensure the card’s encoded magnetic stripe data matches the card details provided.

    It is not possible to complete these steps unless you are in physical possession of a card

    However security researchers at IOActive fear the technology inadvertently creates new avenues for abuse, in particular the possibility of potentially opening the door to more potent skimming attacks.

    “Coin seems like an interesting idea, presented as a technology that simplifies how we use cards with magnetic stripes today. In essence, however, it also offers itself as a personal skimming device. From the information currently available about Coin, most of the security features that the inventors have implemented appear to be opt-in. Beyond a Bluetooth connection with a mobile phone it is to be assumed there are no further authentication features in the technology.”

    “A Coin is less susceptible to some card skimming techniques that take a picture of the card as it is swiped since Coin does not display the full card details on the front or back of the device,” said the company.

    Remes contended that any technology based on magnetic stripes was no longer suitable for credit or debit cards and that technology based on the harder-to-clone Chip and PIN technology was preferable.

    Reply
  8. Tomi Engdahl says:

    Google Launches Google Wallet Debit Card
    http://www.dailytech.com/Google+Launches+Google+Wallet+Debit+Card/article33795.htm

    Google Wallet Card is available in the US

    Google has announced the new Google Wallet Card that allows you to be paid instantly using Google Wallet, which is similar in concept to the PayPal Business Debit Card. As soon as someone pays you using Google Wallet, you can turn around and spend the money immediately using the Google Wallet Card.

    The Google Wallet Card can be used to make purchases directly in stores and can be used as a debit to withdraw cash at ATM machines. Users can also link a bank account or credit or debit card to add funds to their Google Wallet card.

    The Wallet Card also sends instant notifications when you spend money and these notifications can come to your smartphone to help keep tabs on transactions.

    Reply
  9. Tomi Engdahl says:

    New Instagram craze allows scams – debit card abuse victim’s responsibility

    Instagram-up service, users have downloaded over the network photos of their credit and debit card to the extent that the Federation of Financial Services is concerned.

    “From my debit card in any case not to spread to network images, which can identify the card data. In some online shopping card for payment sufficient to simply credit card number, expiration date and name of the user, “says the Financial Sector Federation expert Kirsi Klepp

    Financial Sector Federation, so far the largest part of the card images are foreigners. Is found among the photos of Finnish cards.

    Photos of payment cards may be shared because of the acquaintances, for example, want to introduce a fresh, personalized photo card base.

    “A debit card is a valuable load. It should be used with care. The card will take care of such as cash on hand. If the card is used for online shopping wrong and it turns out that the card user is actually stretched card information to all the people, he shall pay the price of abuse, “Klepp says.

    Source: http://www.tietoviikko.fi/kaikki_uutiset/uusi+instagramvillitys+mahdollistaa+huijaukset++maksukortin+vaarinkaytos+uhrin+vastuulle/a950305

    Reply
  10. Dick Wingate says:

    Hi Leah, you’re welcome! Thanks for sharing your experience.

    Reply
  11. Tomi says:

    Bitcoin payments with a simple tap? Multi-purpose nio Card gets added functionality
    http://gigaom.com/2013/11/29/bitcoin-payments-with-a-simple-tap-multi-purpose-nio-card-gets-added-functionality/

    Summary:
    Bitcoin may be riding high, but spending it is still hardly an intuitive process. A new device called the nio Card, currently in Kickstarter mode, may provide an answer by allowing contactless Bitcoin payments — and because it has built-in NFC, it will work with the iPhone.

    Reply
  12. Tomi Engdahl says:

    James Howells searches for hard drive with £4m-worth of bitcoins stored
    http://www.bbc.co.uk/news/uk-wales-south-east-wales-25134289

    A Newport man has been searching a landfill site in south Wales hoping to find a computer hard drive he threw away which is now worth over £4m.

    James Howells’s hard drive contains 7,500 bitcoins – which is a virtual form of currency for use online.

    It had sat in a drawer for years and he had forgotten it contained the bitcoins, which he obtained in 2009 for almost nothing, when he threw it out.

    But this week, a single bitcoin’s value hit $1,000 (£613) for the first time.

    It means Mr Howells’s collection is now worth $7.5m (£4.6m).

    “The manager explained that things that were sent to landfill three or four months ago could be three to five feet deep.

    “He confirmed my worst fears when he said that

    “He did mention that when people were investigating for evidence, they turn up with 15 to 20 people in full protective gear with diggers and dogs as well.

    Reply
  13. Tomi Engdahl says:

    IT MELTDOWN ruins Cyber Monday for RBS, Natwest customers
    RBS Group’s online banking fails, cards are declined and ATMs refuse to give out cash
    http://www.theregister.co.uk/2013/12/03/rbs_it_outage/

    RBS, Natwest and Ulster Bank customers were hit by an “IT meltdown” on Cyber Monday that stopped card payments, borked ATMs and closed down online banking, leaving them with no way to pay for anything.

    “We would like to apologise to our customers. If anyone has been left out of pocket as a result of these systems problems, we will put this right,” it said in a statement.

    Reply
  14. Tomi Engdahl says:

    Ron Paul: Bitcoin could ‘destroy the dollar’
    http://money.cnn.com/2013/12/04/technology/bitcoin-libertarian/index.html?iid=s_mpm

    Imagine a world in which you can buy anything in secret. No banks. No fees. No worries inflation will make today’s money worth less tomorrow.

    The digital currency Bitcoin promises all these things. And while it’s far from achieving any of them — its value is unstable and it’s rarely used — some have high hopes.

    “There will be alternatives to the dollar, and this might be one of them,” said former U.S. congressman Ron Paul. If people start using bitcoins en masse, “it’ll go down in history as the destroyer of the dollar,” Paul added.

    It’s unlikely that Bitcoin would replace the dollar or other government-controlled currencies. But it could serve as a kind of universal alternative currency that is accepted everywhere around the globe

    Reply
  15. Tomi Engdahl says:

    China Bans Financial Companies From Bitcoin Transactions
    http://www.bloomberg.com/news/2013-12-05/china-s-pboc-bans-financial-companies-from-bitcoin-transactions.html

    China’s central bank barred financial institutions from handling Bitcoin transactions, moving to regulate the virtual currency after an 89-fold jump in its value sparked a surge of investor interest in the country.

    Bitcoin plunged more than 20 percent to below $1,000 on the BitStamp Internet exchange after the People’s Bank of China said it isn’t a currency with “real meaning” and doesn’t have the same legal status. The public is free to participate in Internet transactions provided they take on the risk themselves, it said.

    The ban reflects concern about the risk the digital currency may pose to China’s capital controls and financial stability after a surge in trading this year made the country the world’s biggest trader of Bitcoin, according to exchange operator BTC China. Bitcoin’s price jumped more than ninefold in the past two months alone, prompting former Federal Reserve Chairman Alan Greenspan to call it a “bubble.”

    “The concern is that it interferes with normal monetary policy operation,” said Hao Hong, head of China research at Bocom International Holdings Co. in Hong Kong. “It represents an unofficial leakage to the current monetary system and trades globally. It is difficult to regulate and could be used for money laundering. I think the central bank is right to make this move.”

    Bitcoin Rules

    The People’s Bank of China said financial institutions and payment companies can’t give pricing in Bitcoin, buy and sell the virtual currency or insure Bitcoin-linked products, according to a statement on the central bank’s website.

    New rules for Bitcoin may not clarify Bitcoin’s legal status as regulators are divided over the issue, the people said.

    “It’s a bubble,” said Greenspan. “It has to have intrinsic value. You have to really stretch your imagination to infer what the intrinsic value of Bitcoin is. I haven’t been able to do it. Maybe somebody else can.”

    Regulators Concern

    There are about 12 million Bitcoins in circulation, according to Bitcoincharts, a website that tracks activity across various exchanges. Bitcoin was introduced in 2008 by a programmer or group of programmers going under the name of Satoshi Nakamoto.

    “The scale of the Bitcoin market isn’t significant enough to disrupt China’s financial system, but its growth has been very strong,”

    Reply
  16. Tomi Engdahl says:

    Twitter’s Dorsey Vies With SoftBank’s Son for Japan Shops: Tech
    http://www.bloomberg.com/news/2013-12-06/twitter-s-dorsey-vies-with-softbank-s-son-for-japan-shops-tech.html

    Twitter Inc. co-founder Jack Dorsey sparked a price war over Japanese credit-card transactions with SoftBank Corp. (9984)’s Masayoshi Son. Entrepreneurs like Yukiko Kurano are the biggest winners so far.

    Kurano said she began using Son’s venture with PayPal Inc. to process credit-card payments at her Otogi Designs studio in Tokyo eight months ago, saving on the 200,000 yen ($2,000) it would cost to set up a conventional service. When Dorsey introduced Square Inc.’s lower-priced smartphone-based option, Kurano switched, only to change sides again when Son hit back with even cheaper levies on each transaction.

    Japan’s second-richest man cut charges by 35 percent to defend his turf in the world’s No. 3 economy, where fat fees and neglect by big financial firms deter small businesses from taking cards and mean a growth opportunity for low-cost, easy-to-use services. Japan’s consumers shelled out $1.5 trillion in cash for their purchases in the year through March 2012, using plastic at about half the rate of American shoppers.

    “Smaller merchants in aggregate will drive substantial payment volume once they see the benefit of accepting card payments,”

    Yajima pays about 3.25 percent to process transactions using Square’s free, coin-sized card reader, which plugs into her iPad and also works on smartphones. Yajima said she was able to start taking payments the same day she registered by e-mail and downloaded an app. Square’s fees are half what credit-card providers typically charge small companies.

    Without a sales force in Japan, Square relies on partners.

    SoftBank’s response: 3.24 percent fees, from 5 percent before.

    Reply
  17. Tomi Engdahl says:

    Baidu and China Telecom Stop Accepting Bitcoin, Price Slumps Again
    http://www.coindesk.com/baidu-stops-bitcoin-price-slumps-again/

    The bitcoin price has continued to drop overnight on major bitcoin exchanges.

    Reply
  18. Tomi Engdahl says:

    Bank of America: Bitcoin could become THE currency of e-commerce
    Guestimates that $1,300 is a reasonable price per coin
    http://www.theregister.co.uk/2013/12/06/bank_of_america_says_bitcoin_could_become_the_currency_of_ecommerce/

    Chinese banks may not be too keen on Bitcoin at the moment (which has done something to damp down the current price) but a new research report from Bank of America rates it as a major player in future internet transactions.

    “We believe Bitcoin can become a major means of payment for e-commerce and may emerge as a serious competitor to traditional money transfer providers,” the report states. “As a medium of exchange, Bitcoin has clear potential for growth, in our view.”

    Some suggest that the price of Bitcoin is going through a speculative bubble not based on reality, but the report’s authors suggest that the currency may not yet have reached its true value.

    The Bank of America analysts think that the market value of a Bitcoin should be around $1,300, based on the assumption that around 10 per cent of e-commerce transactions will use the payment system.

    Reply
  19. Tomi Engdahl says:

    Helsinki will get Bitcoin Machine

    Finland’s first Bitcoin Machine will be introduced in Helsinki on Monday, a week after. It will be placed in the Record Shop X store the station tunnel. Record Shop X will also start at the same time to accept Bitcoin payments in store.

    Source: http://www.tietoviikko.fi/kaikki_uutiset/helsinkiin+tulee+bitcoinautomaatti/a952718

    Reply
  20. Tomi Engdahl says:

    Square reveals thinner and more accurate mobile credit card reader
    http://www.engadget.com/2013/12/09/new-square-reader/

    As Square spreads its wings to Japan, starts a new cash-by-email service and retools its mobile apps, the humble credit card reader that started it all hasn’t received much attention of late. That changes today, however, with the unveiling of the brand new Square Reader. It’s 45 percent thinner than the previous iteration, which Square says makes it the “thinnest mobile card reader on the market.”

    Reply
  21. Tomi Engdahl says:

    How Apple’s Lightning-Plug Guru Reinvented Square’s Card Reader
    http://www.wired.com/design/2013/12/the-new-square-reader-a-look-at-how-gadget-guts-are-designed/

    The new Square Reader is 45 percent thinner than the previous version–a slimming that took careful consideration of the device’s components.

    When we talk about the design of a piece of hardware, we usually default to observations about its outward appearance–its form, its color, the materials it’s made of. Often, though, that’s only half the equation. For a product like the new Square Reader–a sleek update to the familiar credit card-swiping dongle that’s nearly twice as thin as its predecessor–most of the design work is out of sight.

    The Square Reader has one job: swiping credit cards. Any new version of the device, then, had to improve on that single, simple function.

    The new version is thinner than its predecessor, but it has a slightly larger footprint, giving customers and shop owners a slightly longer track for running cards. Both sides of the new device have tapered edges that make it easy to slot a card in, from either direction. (The former just had the open lip on one side.)

    The team was able to fine-tune the friction customers feel.

    The even greater undertaking with the new Reader, however, was the development of a custom chip, built from the ground up. “It’s not typical for a startup to do that,” Dorogusker says. “It’s a little bit of upfront cost to build this from scratch.” But the benefits were huge. After all, this tiny fleck is the brains of the operation. And by building their own chip, Square was able to improve several aspects of the product–its performance, its size, and its overall reliability–in one stroke.

    Reply
  22. Tomi Engdahl says:

    Evil Dexter lurks in card reader, ready to SLASH UP your credit score
    Modified malware grabs credit card details of 20,000
    http://www.theregister.co.uk/2013/12/10/dexter_pos_malware/

    Cybercrooks have created an improved version of the Dexter point-of-sale malware that’s being blamed for slurping the credit and debit card details of holiday shoppers.

    A new version of Dexter, first discovered by security researchers Seculert about a year ago, has been planted on 31 infected point-of-sale terminals, located in restaurants and famous shops in various major cities of the US, according to infosec start-up IntelCrawler.

    The criminals behind the attack are using StarDust, a modified version of the earlier Dexter malware that takes features from other malware strains including BlackPOS and VSkimmer. StarDust (aka Dexter v.2) has been offered for sale on underground hacking forums since August. The new variant is capable of extracting credit card data from the RAM of compromised devices or by key-logging, as well as by capturing and exfiltrating internal network traffic, according to IntelCrawler. Data is sent via FTP to hosts based in Russia.

    “Approximately 20,000 credit cards may have been compromised”

    It’s unclear how the Dexter malware gets itself onto infected systems.

    Reply
  23. Tomi Engdahl says:

    PAUL KRUGMAN: Bitcoin’s Value Is Driven By The Fact That It Sounds Impressive
    http://www.businessinsider.com/paul-krugman-on-bitcoin-2013-12

    Economist and Nobel Prize winner Paul Krugman says that “in principle, you can have assets, which are considered valuable, even though there is nothing backing them,” but he is skeptical about what drives the recent surge of the bitcoin.

    Reply
  24. Tomi Engdahl says:

    Square acquires Evenly to better enable its users to collect payments from friends
    http://thenextweb.com/insider/2013/12/11/square-acquires-evenly-better-enable-users-easily-collect-payments-friends/#!pIs0m

    Square has announced another addition to its growing list of acquisitions. In a blog post, the mobile payment processing company revealed that it has acquired Evenly, a service designed around helping users split transactions easily without ruining their current real-life experience. As a result of the deal, Evenly said it will be shutting down in early 2014, but will give its users advance notice in order to withdraw their outstanding balances from their account.

    A Square spokesperson tells us that the newly acquired company will be working on seller initiatives, bringing the same simplicity and design that Evenly had with its own app.

    Reply
  25. Tomi Engdahl says:

    Need Cash, But Don’t Want to Lose Your Bitcoins? Pawn Them
    http://www.wired.com/wiredenterprise/2013/12/pawncoin/

    John Light knows a special kind of regret that’s familiar to many others who got in early on bitcoin, the world’s most popular digital currency.

    Last year, Light moved to San Francisco to join the bitcoin revolution, and by this past March, the former online community manager didn’t have enough dollars to pay his rent, but he have a lot of bitcoins. He ended up covering his monthly rent by selling some of his digital stash, but he quickly wished he hadn’t. A month later, the bitcoins he sold for $30 each were worth more than $250. Today, a bitcoin goes for close to $900.

    But there’s a silver lining to his story. Light’s March cash-flow problem has sparked a new business idea. He wants to open a bitcoin pawn shop, so that others can get some cash for their bitcoins without actually selling them. It’s a business venture that plays into the idea — popular amongst bitcoin’s true believers — that bitcoin is still in its early days and that it’s still a bargain at over $900 for a virtual coin.

    Reply
  26. Tomi Engdahl says:

    Bitcoin ATM comes to Sweden

    This week introduced virtual money changer will be for general use in a few months, says Ny Teknik .

    Automatic exchange of cash virtual Bitcoin. The device works Safellossa, which is a new Swedish general public within the meaning of Bitcoin exchange place.

    Source: http://www.tietoviikko.fi/uutisia/tallainen+on+ruotsissa+pian+kayttoon+tuleva+bitcoinautomaatti/a953394

    Reply
  27. Tomi Engdahl says:

    Coinbase
    http://cdixon.org/2013/12/12/coinbase/

    One of the interesting things about Bitcoin is the contrast between how it is portrayed in the press and how it is understood by technologists. The press tends to portray Bitcoin as either a speculative bubble or a scheme for supporting criminal activity. In Silicon Valley, by contrast, Bitcoin is generally viewed as a profound technological breakthrough.

    Bitcoin is the first plausible proposal for an economic protocol for the Internet.

    This matters for two reasons:

    1) It fixes serious problems with existing payment systems that depend on centralized services to verify the validity of transactions. These services are both expensive (roughly a 2.5% tax on all transactions) and prone to failure (Internet payment fraud is rampant).

    2) More importantly, Bitcoin is a platform upon which new technologies can be developed. Developers have created some early applications, and speculated about future applications.

    But to proliferate widely, Bitcoin needs a killer app the same way HTTP had web browsers and SMTP had email clients. That’s why today I’m excited to announce that Andreessen Horowitz is leading a $25M financing of Coinbase, a service that provides an accessible interface to the Bitcoin protocol. Consumers can use Coinbase to convert to and from other currencies and to pay for goods and services.

    Reply
  28. Tomi Engdahl says:

    Google Fixes Credit Card Security Hole, But Snubs Discoverer
    http://it.slashdot.org/story/13/12/12/2122210/google-fixes-credit-card-security-hole-but-snubs-discoverer

    “Google has fixed a vulnerability, first discovered by researcher Gergely Kalman, which let users search for credit card numbers by using hex number ranges. However, Google should have acknowledged or at least responded to the original bug finder (and possibly even paid him a bounty for it), and should have been more transparent about the process in general.”

    Reply
  29. Tomi says:

    U.S. Government Nastygram Shuts Down One-Man Bitcoin Mint
    http://www.wired.com/wiredenterprise/2013/12/casascius/

    Mike Caldwell spent years turning digital currency into physical coins. That may sound like a paradox. But it’s true. He takes bitcoins — the world’s most popular digital currency — and then he mints them here in the physical world. If you added up all the bitcoins Caldwell has minted on behalf of his customers, they would be worth about $82 million.

    Basically, these physical bitcoins are novelty items. But by moving the digital currency into the physical realm, he also prevents hackers from stealing the stuff via an online attack. Or at least he did. His run as the premiere bitcoin minter may be at an end. Caldwell has been put on notice by the feds.

    Caldwell has stopped taking orders for his popular Casascius bitcoins, which have become one of the most recognizable images of the thoroughly intangible digital currency

    Caldwell doesn’t accept U.S. dollars or any type of fiat currency. You send him bitcoins via the internet, and he sends you back metal coins via the U.S. Postal Service. To spend bitcoins, you need a secret digital key — a string of numbers and letters — and when Caldwell makes the coins, he hides this key behind a tamper-resistant strip.

    So long as you can keep your Casascius bitcoins safe, nobody can learn the key. To date, Caldwell has minted nearly 90,000 bitcoins in various denominations. That’s worth about $82 million at today’s exchange rate.

    Caldwell takes a fee of about $50 on each coin he mints, but he argues that sending the coins through the mail is not a way of transmitting money. He thinks the coins should be viewed as collectibles.

    Reply
  30. Tomi Engdahl says:

    EBA warns consumers on virtual currencies
    http://www.eba.europa.eu/-/eba-warns-consumers-on-virtual-currencies

    The European Banking Authority (EBA) issued today a warning on a series of risks deriving from buying, holding or trading virtual currencies such as Bitcoins. The EBA said that consumers are not protected through regulation when using virtual currencies as a means of payment and may be at risk of losing their money. It also added that there is no guarantee that currency values remain stable The warning was issued while the Authority assesses further all relevant aspects associated with virtual currencies, in order to identify whether virtual currencies can and should be regulated and supervised.

    Reply
  31. Tomi Engdahl says:

    Norway rejects Bitcoins as a legitimate currency
    http://bitcoinsalot.com/?p=8

    Hans Christian Holte (Norway’s director general of Taxation) has stated that “[Bitcoin] doesn’t fall under the usual definition of money.” Bitcoin is considered an asset on which capital gains tax can be charged.

    Holte is said to be working with other nations to make the currency legitimate.

    European banking authority also warned it’s citizens last week about the dangers of using cryptocurrencies. EBA states users of cryptocurrencies should “fully understand their specific characteristics and not use ‘real’ money that they cannot afford to lose.

    Reply
  32. Tomi Engdahl says:

    JPMorgan’s “Bitcoin-Alternative” Patent Rejected
    http://bitcoinsalot.com/?p=33

    Earlier in the week, we detailed JPMorgan’s attempt to create their own “web cash” alternative to Bitcoin (and Sberbank’s talk of doing the same).

    On August 5, 2013 JPMorgan Chase & Co (JPMorgan) filed an application for an electronic mobile payment system which has eerie similarities to the popular online currency Bitcoin. Unfortunately for JPMorgan, all of the claims, totaling 175 claims, as of October 18, 2013, for published US patent application 20130317984 (the ‘984 application) have been either cancelled or rejected.

    However, Mr. Patel might well have rejected the claims because of the ‘On Sale Bar’ rule under 35 U.S.C. Section 102(b), meaning that if the invention has been on sale for over a year then the invention is no longer patentable. Under the ‘On Sale Bar’ rule, the application could be invalid because it closely mirrors Bitcoin with features such as making free and anonymous electronic payments and Bitcoin has been in circulation since 2009.

    Reply
  33. Tomi Engdahl says:

    The first permanent European Bitcoin Machine was opened in Helsinki Finland

    Record Shop X Bitcoin vending machine : “We took a bit of money for the test ”

    Bit Money Bitcoin spread of the use of Finnish acquisitions has not happened very fast . Become more common , however, is hard wisher today opened the first Bitcoin ATM – time.

    We Bitcoin payments for testing purposes , because we want to be involved in new things. Co- Bittiraha.fi with is very recent , and the whole concept of Bitcoin is a fairly new for us . As a vending machine with a bit of money can be bought , it is in our corridor , we hope it will generate record sales . We are located closest to the machine shop, which Bitcoin can buy the products

    Source: http://www.digitoday.fi/bisnes/2013/12/16/levykauppa-x-bitcoin-automaatista-otimme-bittirahan-testikayttoon/201317407/66?rss=6

    Reply
  34. Tomi says:

    Bitcoin Inventor Satoshi Nakamoto is Anonymous-style Cell from Europe
    Expert says a group, with strong footing in financial sector, could be behind Bitcoin phenomenon
    http://www.ibtimes.co.uk/articles/530480/20131216/bitcoin-creator-satoshi-nakamoto-value-digital-currency.htm

    As the mystery surrounding the identity of Satoshi Nakamoto, the creator of the digital currency Bitcoin, continues to grow, it is believed that the ‘inventor’ could infact be the creation of a computer collective, IBTimes UK understands.

    Josh Zerlan, the Chief Operating Officer of Butterfly Labs and a person familiar with the Bitcoin network, has said it is highly likely that Nakamoto could be a group of people working the financial sector.

    Speaking to IBTimes UK on the sidelines of a Global Bitcoin Conference in Bangalore, India, Zerlan said: “One of the prevailing theories, I think has credibility, is that it was some group of people from financial sector that created this. They released it and stepped back and let it go. So, Satoshi Nakamoto is a group of people, I think, is a reasonable possibility.”

    Reply
  35. Tomi Engdahl says:

    HALF of all Bitcoin-investing Winklevoss twins predict $400bn market for the currency
    Tyler: Yeah, what he said
    http://www.theregister.co.uk/2013/12/17/winklevoss_predicts_400bn_bull_market_for_bitcoin/

    Facebook backer-turned-antagonist Cameron Winklevoss has issued a bright forecast for the future of the Bitcoin cryptocurrency.

    Speaking in a Reddit Ask Me Anything session, Winklevoss said that he projects the value of Bitcoins could reach upwards of $40,000 at some point in the not-too-distant future.

    “Small bull case scenario for Bitcoin is a $400bn market cap, so $40,000 a coin, but I believe it could be much larger,” Winklevoss wrote.

    “When this will happen, if it happens, I don’t know, but if it happens, it will probably happen much faster than anyone imagines.”

    One half of the Winklevoss twin brothers-turned-investors-turned-Olympians-turned-investors-again duo, Cameron has emerged as both a major financial backer of Bitcoin and an evangelist for the digital currency.

    Readers noted that Winklevoss was hardly an unbiased source of speculation on the matter of Bitcoin, concerns which he moved not-so-successfully to dismiss.

    “I have put my money where my mouth is,” he offered. “I stand to gain as well as lose depending on how the future unfolds.”

    Reply
  36. Tomi Engdahl says:

    Bitcoin takes a beating: down nearly 50% as China cracks down
    http://gigaom.com/2013/12/17/bitcoin-takes-a-beating-down-nearly-50-as-china-cracks-down/

    After a record run, Bitcoin prices have tumbled back to earth after the Chinese government announced a series of bans on the currency. Here is a chart and some background.

    The Chinese government appears to be the culprit for the currency’s latest misfortunes. Bloomberg reports that central bank officials have banned banks from clearing Bitcoin transactions, and said that all transactions in the currency must cease by Chinese New Years in late January.

    Reply
  37. Tomi Engdahl says:

    Bitcoin plummets as China’s largest exchange blocks new deposits
    http://www.theguardian.com/technology/2013/dec/18/bitcoin-plummets-china-payment-processors-digital-cryptocurrency

    The digital cryptocurrency has lost almost 50% of its value overnight after BTC China said it could no longer accept deposits in the Chinese currency following a crackdown on third-party payment firms

    Reply
  38. Tomi Engdahl says:

    Additional Sources Confirm China’s Payment Processor Ban, Bitcoin Price Falls $200
    http://www.coindesk.com/sources-confirm-chinas-payment-processor-ban-bitcoin-price-falls/

    Bitcoin dipped to its lowest price in a week, following yesterday’s reports that the People’s Bank of China had banned third-party payment firms from dealing with bitcoin exchanges.

    Following that announcement, the currency lost $300 in a single morning on Mt. Gox. In turn, the Coindesk Price Index fell from $1,139 to $584 by that weekend.

    History tells us that China’s role in bitcoin is large enough to spook investors into selling. The Chinese Yuan has outpaced the USD volume-wise as a fiat pair with bitcoin. 46% of bitcoin-fiat trades are conducted in the Chinese Yuan, while 44% are conducted in US dollars.

    “Bitcoin’s long term value will ultimately be derived through global usage as a payment network in less restrictive countries,”

    Another source, who operates a bitcoin-related business in China, confirmed the funding and withdrawal options had been curtailed since the People’s Bank meeting, and likened the situation to poker-playing websites in the US.

    Reply
  39. Tomi Engdahl says:

    Bitcoin Price Falls Further as BTC China Exchange Shuts Off Fiat Deposits
    http://www.coindesk.com/bitcoin-price-falls-btc-china-exchange-shuts-fiat-deposits/

    The price of bitcoin plummeted still further this morning, after news emerged that at least one exchange in China had blocked deposits made in RMB (Chinese yuan), the national fiat currency.

    China’s and indeed the world’s largest bitcoin exchange, BTC China, announced that it would disallow those deposits in a post on its verified Weibo account.

    Bobby Lee, CEO of BTC China, said: “This morning, we got notice from our third-party payment provider YeePay that it would cut off deposits for us at 12 noon and sure enough, we got cut off today.”

    “Without exchanges, the market will have to find different business models that use bitcoin, which the government has acknowledged to be legal and property.”

    Reply
  40. Tomi Engdahl says:

    Bitcoin: The Hot Topic at Plug and Play Winter Expo
    http://www.coindesk.com/bitcoin-hot-topic-plug-play-winter-expo/

    The virtual currency panel, dubbed the “Future of Fintech”, was primarily focused on bitcoin. This was particularly relevant, as the audience had just witnessed 11 bitcoin startups pitching their business plans to investors.

    Vinny Lingham of Gyft started the session by talking investors through the primary reasons why his gift card business started utilizing bitcoin.

    “It’s a low-risk method of payment,” said Lingham.

    He compared bitcoin to credit card transactions, which can be problematic for a number of reasons. This is especially true with so many different countries operating with different credit card companies.

    “How do you trust a credit card from a foreign bank?” he asked.

    David Chen is an Associate Partner at Lightspeed Venture Partners, which recently led an investment of $5m in the exchange BTC China. He believes that it is still early days for virtual currencies like BTC.

    “We’re still in the infrastructure-building stage,” he said.

    Chris Larsen is CEO of payment platform Ripple, which he called a “universal joint” for virtual currencies. He echoed the sentiment that BTC is just the beginning of something completely new.

    “Virtual currencies are really the tip of the iceberg,” he said.

    It’s the concepts that these currencies bring to the table that are so exciting for financial technologies in the future.

    2014 would consist of funding in “infrastructure level investments: Mastercoin, distributed exchange and distributed commerce”.

    Reply
  41. Tomi Engdahl says:

    Klarna Acquires Germany’s Sofort For $150M To Build A Formidable European Payment Network
    http://techcrunch.com/2013/12/18/klarna-sofort/

    Klarna, the Stockholm-based payments company that has raised a whopping $250 million from top-tier investors like Sequoia Capital, is making an acquisition of its own.

    The company, which makes it easy for European consumers to buy goods online before paying, is acquiring Germany’s market leader Sofort. Together, they’ll have 10 percent market share in greater Europe’s $100 billion e-commerce market. Their network will cover 14 countries in the region and 43,000 merchants. Between them, they’ll have 25 million users and partnerships with more than half of Germany’s online merchants.

    Klarna may not be well-known in the U.S. but it was started with the mission of allowing consumers to buy goods the way they do in physical stores — by touching and feeling them before they pay for them.

    They have a one-click purchase option that they say allows merchants to see on average a 10-30 percent uptick in sales. They’ve grown this business to $200 million in revenues per year.

    Reply
  42. Tomi Engdahl says:

    Go on, buy Bitcoin. But DON’T say we didn’t WARN YOU
    European banking regulator: Don’t come crying to us when someone steals it
    http://www.theregister.co.uk/2013/12/18/buying_virtual_currencies_risky_warns_european_banking_authority/

    Buying virtual currencies, such as Bitcoin, presents a number of risks that consumers should be aware of before purchasing such assets, the European Banking Authority (EBA) has warned.

    The regulator said that because virtual currency is not regulated, consumers risk losing their money by “buying, holding or trading” them.

    “Currently, no specific regulatory protections exist in the EU that would protect consumers from financial losses if a platform that exchanges or holds virtual currencies fails or goes out of business,” the EBA said in a statement.

    Consumers do not have refund rights when they use virtual currencies in transactions, and they may also have to pay tax on the assets, the EBA said.

    “Transactions in virtual currency provide a high degree of anonymity, they may be misused for criminal activities, including money laundering,”

    A recent report by Bank of America Merrill Lynch (BAML) in the US said that Bitcoin has the potential to “become a major means of payment for e-commerce” but said that the “high volatility” of its value “is hindering its general acceptance as a means of payments for online commerce”.

    BAML’s report said that the openness of transactions made using Bitcoin could, despite the fact they can be made anonymously, “ultimately limit its use in the black market/underworld”.

    “Not only is each transaction recorded on each Bitcoin, but all transactions are recorded in an online public ledger, offering a level of transparency that is not available with cash,” the report said. “Such transparency offers regulators means to track potentially illicit activity.”

    Reply
  43. Tomi Engdahl says:

    Bitcoin, Magical Thinking, and Political Ideology
    https://al3x.net/2013/12/18/bitcoin.html

    Last week, investor Chris Dixon posed a provocative dichotomy when introducing his employer’s USD $25M investment in Bitcoin service Coinbase:

    “The press tends to portray Bitcoin as either a speculative bubble or a scheme for supporting criminal activity. In Silicon Valley, by contrast, Bitcoin is generally viewed as a profound technological breakthrough.”

    Now working at vogue venture capital firm Andreessen Horowitz, Dixon is in a fine position to speak for Silicon Valley. But to the extent that the Valley is a placeholder for the technology industry at large, I beg to differ. Bitcoin is “generally viewed” quite differently.

    Most charitably, Bitcoin is regarded as a flawed but nonetheless worthwhile experiment, one that has unfortunately attracted outsized attention and investment before correcting any number of glaring security issues.

    Regulation and Other Minor Details

    Bitcoin owes its present flexibility to a lack of regulation (or, more accurately, a lack of understanding around existing regulations and/or unwillingness to comply with them). If the broader Bitcoin experiment doesn’t implode, the currency will be regulated just as any other. In this best-case scenario for Bitcoin, what of the benefits Dixon claims?

    We’re told that Bitcoin “fixes serious problems with existing payment systems that depend on centralized services to verify the validity of transactions.” If by “fixes” you mean “ignores”, then yes: a Bitcoin transaction, like cash, comes with the certainty that a definite quantity of a store of value has changed hands, and little else. How this verifies any “validity” or cuts down on fraud I’m not sure; stolen Bitcoins are spent as easily as stolen cash, which is why theft of Bitcoins has been rampant.

    With those risks in mind, are the fees that existing card networks and payment processors charge – Dixon’s “roughly a 2.5% tax on all transactions” – outrageous, or are we perhaps collectively subsidizing the cost of fraud prevention and regulatory compliance?

    In what plausible universe will legitimate Bitcoin transactions be allowed to take place without such protections, and thereby without the associated costs?

    Reply
  44. Tomi Engdahl says:

    Target confirms breach: 40 million accounts affected
    http://www.zdnet.com/target-confirms-breach-40-million-accounts-affected-7000024499/

    Target on Thursday confirmed that its payment card data was compromised in its stores with 40 million accounts affected.

    The retailer was confirming a report Wednesday that the breach had occurred. The breach was first reported by Krebs on Security. Customer name, credit or debit card number, and the card’s expiration date and CVV (the three-digit security code) were breached, according to a letter to customers.

    Reply
  45. Tomi Engdahl says:

    Why I want Bitcoin to die in a fire
    http://www.antipope.org/charlie/blog-static/2013/12/why-i-want-bitcoin-to-die-in-a.html

    Bitcoin just crashed 50% today, on news that the Chinese government has banned local exchanges from accepting deposits in Yuan. BtC was trading over $1000 yesterday; now it’s down to $500 and still falling.

    Good.

    I want Bitcoin to die in a fire: this is a start, but it’s not sufficient. Let me give you a round-up below the cut.

    Like all currency systems, Bitcoin comes with an implicit political agenda attached. Decisions we take about how to manage money, taxation, and the economy have consequences: by its consequences you may judge a finance system. Our current global system is pretty crap, but I submit that Bitcoin is worst.

    For starters, BtC is inherently deflationary. There is an upper limit on the number of bitcoins that can ever be created

    This means the the cost of generating new Bitcoins rises over time, so that the value of Bitcoins rise relative to the available goods and services in the market.

    Bitcoin is designed to be verifiable (forgery-resistant) but pretty much untraceable, and very easy to hide. Easier than a bunch of gold coins, anyway. And easier to ship to the opposite side of the planet at the push of a button.

    Libertarians love it because it pushes the same buttons as their gold fetish and it doesn’t look like a “Fiat currency”.

    But there are a number of huge down-sides. Here’s a link-farm to the high points:

    Mining BtC has a carbon footprint from hell

    Bitcoin mining software is now being distributed as malware

    Bitcoin violates Gresham’s law: Stolen electricity will drive out honest mining. (So the greatest benefits accrue to the most ruthless criminals.)

    Bitcoin’s utter lack of regulation permits really hideous markets to emerge

    It’s also inherently damaging to the fabric of civil society. You think our wonderful investment bankers aren’t paying their fair share of taxes? Bitcoin is pretty much designed for tax evasion.

    To editorialize briefly, BitCoin looks like it was designed as a weapon intended to damage central banking and money issuing banks, with a Libertarian political agenda in mind—to damage states ability to collect tax and monitor their citizens financial transactions.

    Reply
  46. Tomi Engdahl says:

    Bitcoin has a dark side: its carbon footprint
    http://pando.com/2013/12/16/bitcoin-has-a-dark-side-its-carbon-footprint/

    Bitcoin may be making a few people wealthy, but it’s killing us all. The crypto-currency that’s caught the world by storm has a dark side: its carbon footprint.

    At today’s value of roughly $1,000 per bitcoin, the electricity consumed by the bitcoin mining ecosystem has an estimated carbon footprint – or total greenhouse gas emissions – of 8.25 megatonnes (8,250,000 tonnes) of CO2 per year, according to research by Bitcarbon.org. That’s 0.03 percent of the world’s total greenhouse gas output, or equivalent to that of the nation of Cyprus. If bitcoin’s value reaches $100,000, that impact will reach 3 percent of the world’s total, or that of Germany. At $1 million – which seems farcical but which may not be out of the realm of possibility given the artificially limited bitcoin supply – this impact rises to 8.25 gigatonnes, or 30 percent of today’s global output, and equivalent to that of China and Japan combined.

    Bitcoins aren’t mined from the earth’s crust like most physical commodities – although at least that leaves tangible evidence of its environmental impact. Rather, they are “mined” by computers solving a set of complicated computational problems. These problems are designed to get more difficult over time, until the year 2140 when the 21 millionth (and final) bitcoin is mined.

    The top of the line model, which is currently made by a Swedish company called KnCMiner, costs around $13,000 and can mine at a rate 550 gigahashes per second: They’ve sold $28 million worth, and soon these too will be obsolete. The total computational power of the global bitcoin mining network today is more than seven million gigahashes, and climbing. That’s 256 times greater than the world’s top 500 supercomputers, combined.

    The exact carbon footprint of the bitcoin system is unknown. The above Bitcarbon figures are mere estimates based on several simplistic assumptions. First, the calculation assumes that miners will be willing to spend 90 percent of the value of a single bitcoin to mine it.

    Reply
  47. Tomi Engdahl says:

    First China banned Bitcoin. Now its crooks are using malware to steal traders’ wallets
    New nasty specifically targets Bitcoin China exchange
    http://www.theregister.co.uk/2013/12/19/zeus_variant_specialises_in_bitcoin_china_account_hijacking/

    Cybercrooks have developed a strain of malware that actively targets BTC China and other Bitcoin exchanges.

    A Zeus P2P/Gameover variant discovered by Trusteer is designed to steal the passwords of traders in the virtual currency. A blog post by the IBM-owned transaction security firm explains that the malware is specially designed to trick potential victims into supplying one time passwords that might be needed for successful account takeovers.

    ZeuS variants are commonly used for conventional electronic banking account takeovers and looting.

    The arrival of the Bitcoin-targeting malware variant came shortly before BTC China, China’s largest exchange, began blocking new deposits. This and a related regulatory clampdown by the Chinese government are blamed for taking a huge toll on the crypto-currency’s value over recent days.

    Reply
  48. Tomi Engdahl says:

    DOGECOIN: How A Thing That Started As A Joke Became The Hottest Digital Currency In The World
    http://www.businessinsider.com/what-is-dogecoin-2013-12

    This is the most 2013 thing of the year.

    An Australian brand and marketing specialist and a programmer in Portland, Ore. who have never actually met have successfully combined the year’s two greatest phenomena: Bitcoin, and doge. The result: Dogecoin. And people are actually using it.

    About three weeks ago, Jackson Palmer, who by day works in Adobe’s Sydney marketing department, and who’d been following developments in the cryptocurrency world, absentmindedly Tweeted, “Investing in Dogecoin, pretty sure it’s the next big thing.”

    He got some replies encouraging him to pursue the idea, and a week later bought the domain Dogecoin.com. Inevitably, it got picked up on reddit, a hotbed of doge activity.

    “The first thing I said was, This is so funny. Then I said, I should just make this coin.”

    He Tweeted at Palmer saying he wanted to go in on it, and before Palmer even responded, started reconfiguring Bitcoin’s sourcecode, which is publicly available, to turn its user-facing elements into the doge meme.

    Eventually Palmer wrote back, and the partnership was formed. A little more than a week after Palmer’s jokey Tweet, Dogecoin was launched.

    Again it got picked up on reddit, and instantly exploded. It is already the 13th 7th-largest cryptocurrency, according to Coinmarketcap, with a market value (i.e. number of extant Dogecoins X price of $0.00086) of $8 million. It now enjoys its own full blown ecosystem: in addition to the website, it has a dedicated blog and forum, and of course a subreddit.

    How has it done this?

    Largely through something called “tipping.”

    If you’re a geek who “performs” a “good deed” on the Internet, it’s become common practice for peopleto “tip” you in your digital currency of choice.

    Still, what’s so great about Dogecoin?

    Technically speaking, it’s more of a variation on Litecoin, which runs on a cryptographic program called Scrypt. Like Litecoin, the time it takes to process a Dogecoin transaction takes is much shorter than for Bitcoin. There are also many more Dogecoins that will come into existence — 100 billion versus 21 million.

    Reply

Leave a Reply to Roy Ehr Cancel reply

Your email address will not be published. Required fields are marked *

*

*