In five years, might the Bitcoin market be little more than a smoking ruin?
That's the dystopian future facing crypto-currency traders, if the current pace of attacks against Bitcoin exchanges and holders continues. Both could see a never-ending onslaught of distributed denial-of-service (DDoS), hacking, and malware attacks designed to drain their virtual currency coffers.
But the possibility that Bitcoin might burn is good news for anyone who cares about crypto currencies, as well as the future of our monetary system. In other words, just because one cryptographic currency gets pummeled, the odds are that the next "Satoshi Nakamoto" will build an even better one.
Beyond Bitcoin, which has the world's largest virtual currency market capitalization (nearly $8 billion), there are at least 100 other crypto currencies, ranging from Ripple ($1.4 billion) and Litecoin ($453 million) -- also at the high end -- to Deutsche eMark ($106,000) and Grumpycoin ($88,000) at the low end. Even criminals have begun to diversify into homemade crypto currencies, because they see Bitcoins as being too volatile for storing their ill-gotten gains. Meanwhile, a Lakota Indian named Payu Harris is even promoting a new crypto currency called Mazacoin, which he hopes will provide the Lakota nation with greater independence.
[Can new regulations be a good thing? See Snowden, Bitcoin, Data Breaches Foretell New Regulations.]
When it comes to the prospect of nations minting virtual money, Harris might be on to something. According to former Central Intelligence Agency CTO Gus Hunt, in the future, the dollar could well become a crypto currency. "Government's going to learn from Bitcoin, and all the official government currencies are going to become crypto currencies themselves," he said during a recent panel discussion in San Francisco hosted by information security firm eSentire, for which he sits on the board of advisers.
Eventually, however, Bitcoin itself may be supplanted. "I believe that Bitcoin is going to go the way of Napster: it ended up being a commercially viable idea that infringed upon very, very well-financed [music industry] organizations," said G. Mark Hardy, president of National Security Corporation, speaking at the same panel discussion as Hunt. "[That industry] did rent-seeking, they went to Washington, they got the DMCA [Digital Millennium Copyright Act], and a couple of other pieces of legal action to go ahead and smack down Napster, but then [resurrected] it as a profit-oriented thing called iTunes, which generates billions in revenue for Apple," Hardy said.
From an evolutionary standpoint, what crypto currencies can offer us, as well as how they must be improved to become safer to use, is being highlighted via people's embrace of Bitcoin. "The concept is great, [but] the execution has a couple of things -- the deflationary currency, there's no central bank to be able to regulate the amount of coins that are in there... that would be good to have in there," Hardy said. "As a result... my recommendation -- and this was back when [a] bitcoin was [worth] about 900 bucks -- was to sell-sell-sell because you're going to get the chance to buy-buy-buy something else that's going to offer stability. Right now, you're playing a casino game."
Accordingly, anyone who focuses on Bitcoin as the bellwether for the crypto-currency concept's success is ignoring how business uses of technology typically evolve. "All you've cited is the myth of the first-mover advantage, right?" said Hunt, the former CTO of the CIA. "The real advantage goes to the second-mover: AltaVista, Google; Napster, iTunes."
To use a medical analogy, battlefields -- whether during the Civil War, Vietnam War, or the recent wars in Iraq and Afghanistan -- typically produce major advances in emergency medicine and trauma surgery, because the quantity of casualties leads to new innovations. Might not the same be true for Bitcoin and future crypto-currency systems?
"I didn't realize Bitcoin is a land war in Asia," said Dan Kaminsky, chief scientist of White Ops, in response to that question. The expert penetration tester spent four months trying and -- surprisingly, he said -- failing to find exploitable weaknesses in the Bitcoin protocol.
While Kaminsky is neutral on Bitcoin itself, on the innovation front, he said, it's "fascinating technology that can inform a lot of future development," for
example when it comes to advancing the use of trusted platform modules (TPMs) to ensure that a small amount of data can be stored securely and not get hacked. "We've been talking about TPMs for ages, and it doesn't work for normal users, and it barely works for security professionals," he said. "Bitcoin says your Mom needs a TPM that she can work with, and there are actual investments going on to make that happen, and I'm fascinated by that."
Such TPMs would allow crypto-currency holders to store their virtual currency not only offline, but in a system that can't be directly connected to the Internet. "That's how I store my bitcoins when I purchase or mine them... and I'm pretty confident that they won't get stolen," said Joe Stewart, director of malware research at Dell SecureWorks, in an interview at the recent RSA conference in San Francisco.
Stewart noted that two hardware-based Bitcoin wallets -- HW-1 and Trezor -- are being developed for this express purpose. More technically astute types can roll their own, using a Raspberry Pi computer. Any transactions then get carried from a PC over to the homemade wallet, where they're signed, before being brought back to the computer. "As long as you keep that Raspberry Pi from ever connecting to the Internet, it's safe," he said.
These types of hardware wallets could become the norm for all online banking, regardless of the currency being used. "This same transaction-technology verification works great for banks, because you could use it even with a fully compromised PC," Stewart said. In other words, today's must-have Bitcoin accessory could become tomorrow's de rigueur defense against sophisticated banking Trojans.
Why wait? "Commercial accounts should be demanding this type of technology," Stewart said. "Our hope is that perhaps the adoption of Bitcoin hardware and wallets showing how transaction integrity verification works will drive them to say: 'Why isn't this how my bank works?'"
Likewise, the better aspects of Bitcoin -- the block-chain system, partial anonymity, and overall system integrity -- are already leading more and more people to ask: Why isn't this how tomorrow's government-issued currency will work?
Is Amazon Web Services always the best choice for an infrastructure-as-a-service partner? Register for this InformationWeek editorial webinar and learn about the key differentiators that can mean success for your IaaS project -- or defeat. The How To Choose An IaaS Partner webinar happens March 14. Registration is free.Mathew Schwartz served as the InformationWeek information security reporter from 2010 until mid-2014. View Full Bio