Bitcoin may have been through some hard times lately, what with DDoS attacks, exchanges closing down and massive price fluctuations. But one renowned security expert is defending its basic resilience.
Dan Kaminsky thinks it’s OK.
Writing in Business Insider, Kaminsky says he tried to hack bitcoin two years ago, and failed. This is a big admission coming from Kaminsky, who has serious credentials: in 2008, he discovered a fundamental flaw in the internet domain naming system (DNS). (That’s the part of the internet that tells your web browser where to go to fetch a webpage, and it is vital to the functioning of the world wide web.)
The odds — before he tried his hack — were stacked against bitcoin, Kaminsky writes. The digital currency uses an enormous cloud of machines that are always on and listening to the internet. It uses a proprietary protocol, and is written in C++, which is a language that, when used badly, is easily subverted with security exploits. Moreover, the financial gain for those hacking the system is huge.
“The core technology actually works, and has continued to work, to a degree not everyone predicted,” he now concedes. “Time to enjoy being wrong.”
Kaminsky argues that bitcoin’s high financial stakes actually change the game, leading to better programming and eliminating the security bugs he would normally look for.
The size of the system, which includes a huge “accounts ledger” for every account in the form of the blockchain, makes it difficult to subvert, he adds. There are enough nodes in the bitcoin system to always keep a copy of that blockchain, making it hard to spend bitcoins that have been stolen without being spotted.
Although bitcoins have been stolen in several high profile incidents, all of the pilfered coins can be monitored in the future, Kaminsky argues.
“As far as I’ve seen none of the stolen bitcoin(s) have actually been spent in any way,” he writes.
Bitcoin’s next problem? Concentration of power, Kaminsky warns:
“The ‘official truth’ of what money has changed hands is really in the hands of (fewer) than five or 10 organizations, and that’s being generous,” he warns, adding that those with the most resource will be able to mine the most coins because of their ability to invest in specialist mining rigs, thus propagating the centralization of power.