The Cryonic FrostBit™ ticks all of the boxes for people wanting to mine bitcoins in style and features include;-

• 1000 GH/s core (1 TB/s).
• 2800W max peak-power consumption.
• Liquid Nitrogen cooling.
• Arsenic-free polycarbonate outer shell.

All for the tidy sum of  $14,995 per unit.

I wish them luck in getting these devices into market and hope they will consider sending me a free ’development’ unit like Butterfly Labs did last week.

While I personally have no idea who the inventor of bitcoin is the famed IT Sociolosopher and creator of such terms as ”hypertext” and “hypermedia” Ted Nelson thinks he knows and has just created a rather interesting and amusing video explaining who he thinks Satoshi Nakamoto is;-

While I am still not convinced I must say that with his deep understanding of mathematics Shinichi Mochizuki is a good a candidate as any and a lot better than most.

I had begun to think that Josh and Butterfly labs were running some cruel geek version of the classic Pavlov’s dog experiment on me.

That was until yesterday when I received a call saying that there was a package for me that has been sitting in the courier depot since the 2nd of May…. 12 days ago!!!

I don’t know how or why, but despite the big sign outside the company I work for (pictured below, Integral Limited, second one down) at 99 Sala Street the FedEx guys did not seem to have been able to find me and this poor ASIC miner had been sitting there gathering dust.

I was not about to get into recrimination though, my heart had literally speed up just hearing the news so I jumped into my car and raced (at a safe 50 km/hour) the 5.7 kilometers to the depot where it has been sitting patiently for me all of this time.

The box was nondescript, not at all like the fancy boxes that I had seen photos of when Dave from codinginmysleep.com received the first demo unit last month on the 20th and apart from my address (correct address that is) there were a few hand scrolled notes on it saying “?Who” and “Where at 99?” (I later found out it was one of their standard boxes, assembled inside out).

I was not expecting anything else though, and the Butterfly Labs logo on the top was a dead giveaway.  Barely stopping for breath I handed over my ID, signed the docket and I was on my way back to plug it in.

In my mind there was only one host to plug it into, my Raspberry PI running the development version of MinePeon that had been sitting on my desk faithfully running a ZTEX single core FPGA (that now sits discarded in the corner) that a client had lent me for MinePeon development for over two months without interruption.  I quickly striped the peon down, put it on a small coffee table with the BFL ASIC, plugged it in and set it to work.

I have put a lot of work into MinePeon as a ASIC host so I was really hoping that it would work first time so I was pleasantly surprised that in the 10 to 15 seconds that it took me to sit back down at my desk it had booted, detected the BFL 5 GH/s miner and was mining!

Within a few minutes the hashrate had stabilised and my first Butterfly Lab ASIC (or my first bitcoin ASIC of any sort) was running at 5.4 GH/s, a full 12.5% faster than the advertised rate.  The graphs on the MinePeon user interface told the story better than anything else.

I need to fix the scale, it should be G instead of T.

At the current difficulty of 11,187,257 the hashing output that it is generating of 5.4 GH/s equates to 0.2428 BTC per day, or $25.92 US Dollars.

The account I used was an old account at Slush’s pool, these days I only run a few miners on it and they are old GPU’s in machines that sit about in my office doing very basic tasks like word processing and spreadsheets, my notebook is in there too though (for the little that it is worth).

Soon Slush was reporting similar numbers to what the miner was saying, it was averaging about 5.4 GH/s.

In the 24 hours since then it has not missed a beat.  It seems to be happy to use about 44 watts all up including the Raspberry PI and while it is warm to the touch the core is only running at 61C.  To my great surprise it was only using 1.2% CPU as well.

Stay tuned to find out more as I delve deeper into the workings of this device in the next few days.

As a final word, I would just like to say thank you to Josh and Butterfly labs, both from me and all of the MinePeon users that have been eagerly awaiting this device.

P.S. I will be releasing a new version of MinePeon in the next few days, the first fully ASIC tested release ever!

About the author: John Vandivier is a graduate student at George Mason with formal credentials in policy, economics and political science. He also dabbles in philosophy and apologetics. His blog discusses all of the above at www.thegenerallifeblog.blogspot.com.

In this article bitcoin is valued by predicting the approach of the market value of bitcoin to the intrinsic value of bitcoin as a fiat hedge over time according to the rate of information spread and including price dilution from substitution effects of alternative cryptocurrencies.

Chamath Palihapitiya is an intelligent and succesful venture capitalist who made a small error in thinking. While I trust his calculation of the world hedge value of gold to be about 9 T USD and agree that bitcoin can be used as such a hedge because of its decentralized nature, he failed to realize that many other cryptocurrencies such as Litecoin and Feathercoin have the ability to do the same thing. This substitution effect will dilute bitcoin’s value.

Another error in thinking is one I don’t think Chamath made, but one which many people who listened to his comments will have made. Bitcoin will not have a market price based on a value of 9 T anytime soon. This is because value as a fiat hedge is an intrinsic valuation not a market valuation.

As information spreads across a market bitcoin demand will increase and market value will approach intrinsic value. In the long run market value is equal to intrinsic value under free market theories which presume free and perfect information. Other than the long-run we must include information effects over time if we wish to accurately model the market value.

The specific details on the data used and methodology are available here. To summarize the results, it is predicted that bitcoin information will not be sufficiently spread through the global market before January 2019. In the mean time, other cryptocurrencies are diluting Bitcoin’s share of the entire cryptocurrency market at a rate of about .7% per month. A good mid-term forecast would be for December 2013. This is late enough to avoid the short-term distortions we will notice from ASIC arrivals and Mt Gox’s coming support of litecoin, yet early enough that we should minimize inaccuracy from extrapolation and divergence from current data.

According to projected spread of information and corresponding demand growth the cryptocurrency market should be worth 290 B in December 2013. After factoring in dilution from substitution the bitcoin market cap is projected to be worth 266 B. Finally, individual bitcoins will be further diluted by the additional bitcoins mined during that time, each of which comprises a share of the market value. Block 267000 will be mined in December and at that time each coin will be worth 2200 USD/Coin.

This forecast should not be considered reliable because it includes certain false assumptions. It is only exercise in theoretical valuation to be used alongside other valuation methods. This forecast can be improved in various ways including measurement the search to demand correlation and measuring the degree of substitutability of bitcoin for gold. This forecast assumes that anyone who knows about bitcoin will demand bitcoin and also that bitcoin is fully substitutable for gold, however both of these assumptions are demonstrably false in some cases. A person may want to hold both gold and bitcoin to diversify their risk. A person may search for bitcoin information and be lead to think it is undesirable.

Being statistically ignorant of these correction values we should expect them to each be 50%. Correcting for these values would give a more realistic expected December valuation of 550 USD/Coin.

It has been just over two months since the bitcoin block chain was rocked by a near disastrous fork causing the bitcoin price to crash.

The culprit of the crash was found to be a bug that prevented pre version 0.7.1 bitcoin clients accepting large blocks that could be generated by version 8 clients.  A temporary fix was put into place by Bitcoin Project lead developer Gavin Andresen that forced version 0.8 clients to generate blocks that version 0.7.1 could understand.

It is important to note though, the fix was a temporary one!  In just under two days on the 15th of May (I have made a countdown timer above for your convenience) the fix will expire and version 0.8 clients will once again be able to make large blocks that older clients will not be able to understand.

This will lead to a hard fork where the newer clients and the older clients will  disagree on the centralised blockchain.

It appears that most miners and pools have upgraded to version 0.8 clients already but it is yet unknown how many users are running older clients so this is the last opportunity for them to upgrade and avoid any issues.

Upgrading is only necessary of you run a pre version 0.8 copy of the official bitcoin client from bitcoin.org you can tell if you need to upgrade by opening your client and selecting the options Help => About Bitcoin.  You should then see a window similar to the screen below, if your version number is anything below version 0.8 (the image below is version 0.8.1-beta ) you should immediately go to bitcoin.org and download and install the new client.

Since most (if not all) miners and pools have already upgraded it is unlikely that we will have an extended fork like we did back in March but there is a very real risk that individual users may experience issues.

The terms of their sale is that you need to buy a minimum of 300 of the devices at 1.99 BTC each, that is an all up total of 597 BTC!  While I do have a few bitcoin set aside for hardware I unfortunately don’t have 597 and I certainly don’t have 300 spare USB Ports.  Fortunately BitcoinTalk came to the rescue for a lot of miners when a few users set up what is called “group buys”.  A group buy is a relatively simple idea where one miner collects funds (in the form of BTC) and buys from ASICMiner.

A few group buys where quickly set-up and started filling.

Forum user Arklan set one up for US/Canada users that quickly filled up and CanaryInTheMine also set one up,this time for US miners only (it is still open though).  There are even a few efforts to get a group buy going in Europe.

Unfortunately this still leaves a good 80% of the world (including myself) out of luck.

So I have decided to do something I thought I would never do, I am volunteering to set up and perform a group buy for all of us that cannot take advantage of Arklan’s or CanaryInTheMine’s offer.

I set up a new server, got a SSL Certificate and started my own group buy.  You can find my group buy at;-

https://satoshimine.com/

While the main propose for this is to get Block Erupter USB’s into the International market it is open to all, even those outside North America and Europe.  I have out of necessity had to price the devices at 2.6 BTC each to take into account all of the shipping, customs, insurance and various taxes but we are finally able to buy them.

The order system has been open for about 30 minutes now and there are already orders in the system waiting for confirmation.

Correction: Josh from Butterfly Labs has emailed me, there was no intrusion of any sort.  They were testing some of their systems and adding new features.

While it did appear to be nefarious it seems that I jumped the gun, for that I apologize   Josh assures me “everything is and has been secure.”

The original post read;-

While pointing my browser at http://forums.butterflylabs.com/ I started to notice some strange things going on, namely that there were PHP errors being output at the top of the forum.  While that in itself is not that unusual (I see it quite often when their database server gets overloaded due to the near constant DDOS that they receive) these were not your standard MySQL errors they are eval() errors.

Click to enlarge.

For those of you who are not PHP programmers eval is used in php to execute arbitrary code on the server and improperly handled it is one of the largest security holes in PHP.  Even the PHP manual warns about its use in no uncertain terms warning;-

Caution

The eval() language construct is very dangerous because it allows execution of arbitrary PHP code. Its use thus is discouraged. If you have carefully verified that there is no other option than to use this construct, pay special attention not to pass any user provided data into it without properly validating it beforehand. The PHP manual

My suspicions were mounting , but what I saw next confirmed it for me, a post from Butterfly Labs forum moderator BFL_Josh posted up a 20 MB password dictionary to the site, commonly used in brute force attacks.

#
# This is a list of 2,151,220 unique ASCII passwords in sorted order according
# to their native byte values using UNIX sort command.
# This list (also known as wordlist, password dictionary or password list)
# is useful for password recovery tools such as John the Ripper, Hashcat,
# Aircrack-ng and KisMAC. To use this file, be sure to first remove these
# comment lines, i.e. the lines starting with # character.
#
# If you are looking for a better password dictionary,
# see http://[removed].com/u[removed]/
#
# $Revision: #11 $
# $DateTime: 2013/03/20 09:03:41 $
#
# Comments/Questions? Send to [removed]@[removed].com
#
!
! love you
!!
!!!
!!!!!
!!!!!!
!!!!!!!
!!!!!!!!Snippet of the uploaded password dictionary

My conclusion?  Unless Josh has taken up a side career as a black hat hacker (and he always seemed like a pleasant guy to me) his account has been compromised and there is an attack on Butterfly Labs in progress.

I immediately sent an email to Butterfly Labs warning them of the penetration but my advice to you is to stay away for a while.

Hopeful miners have been reporting that they have been receiving email from Butterfly Labs asking them to telling them that their miners are about to ship and they need to give a final confirmation that they still wish to receive their ASIC bitcoin miners.  It also gives the opportunity to cancel their order and receive a refund.

Unfortunately it seems that the Butterfly Labs website has gone down in a self inflicted DDOS as thousands of miners attempt to agree or disagree with the new terms.  Please be patient with the website.

There already have been a few 5 GH/s ASIC bitcoin miners shipped to the developers of cgminer and bfgminer to ensure that the mining software will be ready as well as a few selected reviewers such as Dave from codinginmysleep.com and Butterfly Labs forum regular Grnbrg.

BFL_Josh even let slip to me that I might expect one in the post in order to get support ready for MinePeon.

I have included a copy of the email below if you did not get one.

This is not the first time Bitcoin Central has been attacked, earlier this month hackers also managed to gain access to their computers and compromise user accounts but according to Bitcoin Central at the time they managed to secure all of the funds.  This time the wringing on the site reads “A few hundred BTC have been stolen, but the amount is small enough for us to cover it fully.”.

https://www.bitcoin-central.net/

You may remember Bitcoin-Central from the news a few months back as the first bitcoin exchange to start down the road to banking legitimacy when they announced that they had partnered with Aqoba and Credit Mutuel to begin operations as Payments Service Provider (PSP).

Add these hacks to the near continuous DDOS attacks happening at MtGOX and Butterfly Labs it seems that bitcoin has gained enemies on the Internet.

Slush’s pool is the oldest mining pool and it started with a forum post on November 28, 2010 when the pool operator (Slush) literally invented pool mining when he suggested that “Join poor CPU miners to one cluster and increase their chance to find a block!”.    While the suggestion was quite controversial at the time Slush wrote the first mining pool software (Called a “Cooperative miner” at the time) and the rest is history.

According to Slush he first noticed something was up when someone reset the password to his OVH Manager account at his hosting provider OVH.CO.UK Web Hosting Solutions.

What ensued was a short battle between the perpetrator and Slush resetting passwords in attempts to gain control of the pool.  While Slush does not have any evidence yet he says “So far it looks like yet another inside job, like Linode two years ago. Or attackers found some shortcut how to gain access to Manager without confirming the request from the email.”.  Slush later goes on to say “For now I fully blame OVH for this issue.”

Slush says he has now successfully managed to isolate and move the Stratum servers ( stratum.bitcoin.cz, stratum2.bitcoin.cz and stratum3.bitcoin.cz) to Amazon EC2 instances so as not to waste any hash power but as there is no safe database server the shares are not currently being recorded and Slush says “Because database isn’t running and shares are not stored, I’ll spread blocks mined during database outage to miners who’ll continue mining on the pool since the database will be up again.”

Slush also says that the mining pool will be back to normal operation soon after he fully migrates from OVH to Amazon EC2.

The first post on BitcoinTalk is available here or quoted below.

The pool has been hacked. Fortunately I noticed it fast enough, so I made database snapshot seconds before attackers overtake the database machine. I lost some amount of bitcoins, but I’ll be able to recover it from my pocket. For now I’m evaluating what’s next to do, because all machines in OVH has been compromised and they cannot be trusted anymore.

Full story:
Today at 3pm UTC I noticed that somebody succesfully resetted the password to OVH manager, the place where servers can be managed, restarted to rescue mode etc. I promptly resetted the password at OVH to something different and I also changed password on my email account and checked that there’re no other active connections to my mailbox. I have to say that my mailbox is secured by OTP passwords and I take physical security very seriously, so nobody other had an access to my mailbox. I known that password-reset feature is quite popular attack vector, so I made everything possible to prevent it to happen.

By changing the password at OVH, all other sessions using the old credentials are automatically kicked from the Manager. I also cross-checked that nothing wrong happen to the servers at this time. Unfortunately I didn’t find a way how the attackers got access to Manager, so I asked OVH support to provide some additional information and restrict Manager access to my IP range.

That’s no surprise that OVH didn’t respond to this ticket for hours, but at 11pm UTC I realized that there’s another succesful password reset at OVH. This is complete mystery to me, because I’m aboslutely sure that nobody else had access to my mailbox and the email with reset link has been untouched (unread, not deleted). I’d say that attacker won’t bother by changing status of the email to “unread”, but he’d delete the email instead.

This time I realized that the attacker resetted the machine with the wallet to rescue mode, which means that I lost the control to this machine. I was still succesful by logging into the database and I took the snapshot of database and transferred it to safe location. Few seconds since the migration finished, attackers restarted all remaining machines to rescue mode.

So far it looks like yet another inside job, like Linode two years ago. Or attackers found some shortcut how to gain access to Manager without confirming the request from the email. I don’t know what’s worse option. I’ll investigate this issue in detail later and I hope OVH won’t close eyes to this.

I can recover the pool to the normal operation tomorrow.

Edit 01:38 UTC: Stratum servers are running on safe servers at Amazon. Mining works for now. I’ll setup new database and webserver on trusted machines in few hours, so the pool will be back in full operation.Slush – BitcoinTalk