The Talk Show

74: Heart of a Gambler


00:00:00   You gotta let go of this Jeopardy thing, Glenn.

00:00:02   Hey, I got my ticket for the rest of my life.

00:00:05   It's the gravy train.

00:00:06   Super nice guy.

00:00:07   I was hating the fact that people were giving him

00:00:09   all this crap for actually playing the game well.

00:00:11   Have you seen the backlash?

00:00:12   Oh, I have actually seen this, where he is sort of--

00:00:17   this is actually interesting.

00:00:18   Yeah, he's sort of like a money ball.

00:00:21   He's playing Jeopardy like money ball is to baseball.

00:00:25   Yeah.

00:00:25   Right.

00:00:26   And I asked him, I was like, how much did you spend on strategy

00:00:29   how much of memorizing ahead of time, he's like, totally strategy. Like, he memorized

00:00:32   some stuff, but he basically figured out how to play the Daily Doubles during the games,

00:00:38   which is the, the, people miss that. You can win during the game, you don't have to win

00:00:42   at Final Jeopardy, and so he basically wins during the game, and the most, the highest

00:00:47   grossing winners have all essentially played the game that way. I mean, Ken Jennings was

00:00:52   a little different, but he was early after they changed some of the rules and so forth.

00:00:55   But I actually who's the new guy's name? What's his name Arthur Chu Arthur Chu? I actually became aware of him because I saw a piece that

00:01:02   Jennings wrote about him defending. It was great. It was really nice

00:01:06   All right

00:01:06   so like there's sort of a like the traditional way to play jeopardy the gentleman style if you would is

00:01:13   you you pick a category if you have control of the board you pick a category that appeals to you and you pick the

00:01:20   The lowest did not you know go from the top down?

00:01:23   so in the first round you'll pick $200 than the $400 if you keep getting it right and work your way down to the

00:01:30   Higher money and you know that I guess there's some correlation between the higher money and harder questions

00:01:36   Yeah, well a little bit. I think that it's actually weird. They do make that they do

00:01:40   Make the questions a little harder as it goes down as it goes down the board not always but typically and the producers ask you

00:01:48   To go from top to bottom and they don't tell you to do it and it's not a rule, right?

00:01:51   But they say, "Look, most people do best this way. It's less confusing. The audience

00:01:56   prefers it. It's probably a better way to play. We're not going to make you do it."

00:02:00   And it's just, in the heat of the moment, it's really hard to make the right judgment.

00:02:04   But Daily Doubles occur predominantly in predictable locations.

00:02:07   Right. They're not randomly located. If you study the game and look at where they've

00:02:13   been, you can, you know, there's some spots that are higher percentage, significantly

00:02:18   higher percentage chance of being a daily double than others. And if you have control

00:02:23   of the board, it is to your advantage to hunt for them.

00:02:27   Yeah, and he's just killing it. He's got the right combination of buzzer timing, domain

00:02:31   knowledge that's fairly broad and deep in trivia categories, and this strategy, I think

00:02:37   he's winning against sometimes stronger overall players who can't master this strategy because

00:02:41   he's throwing them out. So yeah, it's very Moneyball, and it's great. And I think the

00:02:44   The thing is, he comes across as a little affectless on screen because, you know, I

00:02:49   do this when I'm thinking really hard, I go slack, and he is playing the game.

00:02:53   So there is this, like, this geeky and often, you know, Asian guy, so there's been some

00:02:57   racism is winning the game.

00:03:00   And it's like, no, he's really, he's very funny.

00:03:02   So his Twitter handle is @Arthur_affect.

00:03:07   And I think it's hilarious because he's clearly making fun of, like, the affectless, you know,

00:03:11   thing about it.

00:03:12   funny on Twitter. He's very personable in the interview and, and you know, for all we

00:03:16   know he's just won like 20 more games because it's, you know, he taped months ago so he

00:03:21   can't talk about it. But he's, it's very, it's enjoyable. I just like watching people,

00:03:25   "He's playing the game wrong!" It's like, the point of the game is to win, it's not

00:03:28   to, you at home may not like what he's doing. But I thought it's great.

00:03:32   Pete: Right. The other thing that Ken Jennings pointed out in his piece on him is, in addition

00:03:37   to the fact that it's to your advantage to get the, huge advantage to get the Daily

00:03:40   doubles. It also, by skipping around the board from category to category, it gives you an

00:03:48   advantage over your opponents because you know if you get it right where you're going

00:03:52   next and you're ready for that category, whereas your opponents don't even know which category

00:03:56   to be thinking about. Whereas if you play that traditional way and somebody picks potent

00:04:03   potables for 200, even if you don't buzz in and get it, you're ready for the next one

00:04:07   to be potent potables for 400.

00:04:10   - Yeah, it's totally true.

00:04:11   But it's interesting, it plays into the game theory thing

00:04:14   and people have their own preset notions

00:04:17   about what they want, but I'm enjoying watching them.

00:04:22   My boys and I are watching them play, it's very fun.

00:04:24   - Yeah, it reminds me, it's like anything with game theory,

00:04:28   but one of my favorites is the history of Blackjack.

00:04:32   - Yeah.

00:04:34   where blackjack

00:04:36   it's kind of funny because it's like the rules state at least back to the

00:04:41   eighteen hundreds

00:04:43   and were apparently you know the

00:04:46   came about without the help of any sort of computer modeling whatsoever and

00:04:49   without computer modeling there's really no way to tell

00:04:53   what the the

00:04:54   perfect strategy is and whether the house actually has an advantage or not

00:04:59   and so for decades decades and decades you know through the until the nineteen

00:05:04   1960s, typical players in a casino, like what was considered "here's the right way to play,"

00:05:11   actually were playing at a tremendous disadvantage to the house.

00:05:16   The basic gist of the way most people played in a casino, and if you sat down and were

00:05:21   unfamiliar with the game and were sitting next to somebody who was clearly a seasoned

00:05:26   blackjack player and asked for help from him, this is the way you would learn to play, is

00:05:30   that you should never bust.

00:05:32   you get to 12 or 13, you just stop because you could bust, and busting is an automatic

00:05:40   loss.

00:05:41   And it's, you know, the dealer just takes your chips, and it doesn't matter what the

00:05:44   dealer does.

00:05:45   You know, that's part of what makes the game a little complicated is if you bust, the dealer

00:05:50   takes your bet, and it's gone.

00:05:52   And even if the dealer subsequently goes on to bust, you don't, you know, there's no tie

00:05:56   in that situation.

00:05:59   Even though in theory it's a tie because you both busted.

00:06:02   And so that's so devastating that players develop this, it was just a traditional strategy.

00:06:09   Never take a card if you can bust.

00:06:11   With the pot, and then some people would play, well maybe if they had a 12, maybe they would

00:06:14   hit on 12 because it would take a 10 to bust.

00:06:18   But it ends up that's a horrendous, horrendous strategy for the player.

00:06:22   And this guy, Edward Thorpe, who worked at IBM, he was like the first guy to beat the

00:06:27   And he did it with not by like working it out

00:06:30   Through formulas, but just through brute force computation that he just programmed

00:06:36   You know a simple game of blackjack and just ran it millions and millions of times, you know given this hand

00:06:43   You know if you play this way what if you know what happens and came up with you know

00:06:48   The basic strategy and it's you know, it's very different from that

00:06:51   But what happened then is players who had read Thorpe's book and Thorpe also, you know invented card counting

00:06:57   Which gave the play actually gave the player, you know an advantage of two three percent, which yeah, which is huge

00:07:03   But even without the counting part even just the basic strategy

00:07:06   where you could just learn these simple rules if you have a

00:07:09   14 and the dealer has a 16 you stay if you have a

00:07:12   15 and the dealer has a 10 card showing you have to hit

00:07:15   The players who had that strategy would do very well and before the casinos sort of adjusted the game

00:07:22   you could maybe even have a slight advantage in the '60s. You could actually play the game

00:07:27   without counting cards to have a slight advantage. But it was like a social thing, though, where

00:07:33   if these other guys at the table were playing the traditional way, and then there's a guy who's

00:07:38   actually playing the mathematically right way, they would—some of them would get angry. You know,

00:07:42   they'd be like, "What the hell are you doing hitting a 15?" You know?

00:07:45   Right, because it would seem to be random, it would seem to be—since it's counterintuitive,

00:07:49   it seems like you're playing the game wrong, even though, I mean, this is the Indiana Jones

00:07:54   moment when he shoots the guy, when he's got the whip. Like, you're like, "Wait a minute,

00:07:59   that's not fair!" It's like, "Oh, wait a minute, the point is to come out ahead, the point

00:08:02   is not to, you're there to play the game!" This is reality TV, you know, I watched some

00:08:06   seasons of Survivor, and that was the thing that was fascinating, I think it all developed

00:08:11   into a pattern eventually, but it was fascinating to watch somebody like Boston Rob, who was

00:08:14   much reviled. He figured out a new way to play the game a few seasons in, and it transformed

00:08:20   the game dynamics, and everyone watching him had to play the game differently after that.

00:08:24   But it pisses you off if you're in the middle of the situation.

00:08:26   Dave: Right.

00:08:27   Because it's an evolving game dynamic in which everything in your head that you've built

00:08:31   your strategy around is suddenly wrong, and you hate that other person because they've

00:08:34   changed—you're not playing the same game anymore.

00:08:36   Dave Yeah, because I've watched—I haven't watched

00:08:39   Survivor in a couple years, but I did watch the first couple years, and I do remember

00:08:43   Boston Rob.

00:08:44   Uh, he was great.

00:08:45   He was the best villain.

00:08:46   He was exactly who he was.

00:08:48   I mean, I think of all the people, and I think I watched four or five seasons.

00:08:52   Who is the guy that, it was like the guy on the very first season.

00:08:55   Oh, Richard Hatch?

00:08:56   Richard Hatch.

00:08:57   The guy who thought he didn't have to pay taxes.

00:08:59   Yeah, exactly.

00:09:00   He really thought it cause he didn't take the plea deal.

00:09:02   He went to jail cause he thought he was right.

00:09:04   I know.

00:09:05   It's hilarious.

00:09:06   I'm like, it's really straightforward tax situation.

00:09:08   Right.

00:09:09   But he, as the winner of the first series, and seemingly played it pretty smart, became

00:09:15   like the, "Well, that's how you play the game."

00:09:17   Yeah.

00:09:18   You know, Richard Hatches.

00:09:19   Yeah, then he came back, and in whatever the tournament was, the All-Stars thing, a few

00:09:25   seasons into it, he comes back, he tries to play the game the same way, and he is knocked

00:09:29   out like a few days in.

00:09:31   And his favorite statement was, "I was bamboozled!"

00:09:34   And it was like, "No, the game changed.

00:09:36   The game changed, and you're out, buddy.

00:09:38   You can't just walk around with your Wing Wang flicking at people and win again.

00:09:42   Right.

00:09:43   Well, any other thing, yeah, he seemed unprepared for the fact that the first season, nobody

00:09:47   knew, A, nobody knew the game, and B, nobody knew what he was doing.

00:09:52   Yeah.

00:09:53   Whereas, when he came back for the, you know, what was it, like, it's like the Jeopardy

00:09:57   Champions thing, like Survivor Champions thing.

00:09:59   It was, clearly everybody there, you know, as a Survivor player had watched the first

00:10:04   season of Survivor and was well aware of his, you know, he really needed like a new strategy

00:10:09   and did not have it.

00:10:10   Pete: Well, you know, there's this thing called the Markov Chain and I found out about

00:10:14   it because of the game Shoots and Ladders of all things, because someone wrote this

00:10:18   hilarious, I think Shoots and Ladders or Snake, sort of it's called, Snake's Ladders,

00:10:22   someone years ago wrote this hilarious review/analysis of that kid's game, looking at it from this

00:10:27   mathematical standpoint.

00:10:29   A Markov chain is, it's, listen to me,

00:10:32   the Wikipedia thing, a mathematical system

00:10:34   that undergoes transitions from one state to another

00:10:36   in the state, on a state space, it's random things.

00:10:39   So the next action is not followed upon

00:10:43   because of the previous action.

00:10:45   And there are games that are,

00:10:48   the games that are most interesting

00:10:49   are the ones in which it is,

00:10:51   there's not a predictable outcome

00:10:53   based on the sequence of things in which you do.

00:10:55   So in Chutes and Ladders, the dice are everything.

00:10:58   It's really a game that teaches kids how to play games.

00:11:01   But in poker, the number of possibilities are too huge,

00:11:04   even with card counting, they still become too huge

00:11:08   to be predictable as an outcome from starting states.

00:11:11   And so there's this issue about the tension

00:11:14   between games that have Markovian properties

00:11:17   and non-Markovian properties about which ones are fun or not

00:11:20   because as a parent, you know,

00:11:22   Chutes and Ladders sucks and Candyland sucks

00:11:24   because they're, what is it called,

00:11:28   chain non-Markovian. Right. Candyland is the worst. Candyland isn't even really a game

00:11:33   because it's entirely deterministic. You know, there's a deck of cards. Once the cards have

00:11:38   been shuffled and you've decided what order the players are going to play in, the outcome

00:11:42   is already determined. That's right. There's a dice component to it which is ostensibly

00:11:46   Markovian but the chained Markovian action is the each card is played in sequence. So,

00:11:52   right. It's just it's horrible, but it teaches kids how to it's simple enough that it teaches

00:11:57   kids how to play rules and follow the game and that there's winners.

00:12:01   It's a horrible thing.

00:12:02   I don't think it is.

00:12:03   Yeah.

00:12:04   Horrible.

00:12:05   Yeah.

00:12:06   I think you can get a lot of those lessons out of a better game.

00:12:07   We never-- we lucked out.

00:12:08   Jonas never fell for Candyland.

00:12:10   We played for Candyland for too long.

00:12:11   But now we're the settlers of Catan, which is much better.

00:12:15   If anything, Candyland, you have no choices and there are devastating bad cards.

00:12:25   know, like the, you know, get the candy cane and send you all the way back to the beginning.

00:12:29   Like--

00:12:29   Oh my god, we hate that so much.

00:12:31   You know, I don't know. It doesn't seem like you get any good lessons out of it.

00:12:34   You don't learn any strategy. And you learn that, you know, something terrible can happen

00:12:40   to you at any moment. It doesn't--

00:12:42   It teaches you the essential hopelessness of life and what the working world is like as well. That's

00:12:46   what it does.

00:12:49   Yeah, it's sort of a-- full of-- philosophically, it's a depressing game because it's sort of like--

00:12:54   Oh my god.

00:12:55   You know, it's like going back to college philosophy 101

00:12:59   and you know, is there such a thing as free choice?

00:13:02   You know, and in candy land there isn't.

00:13:03   There is no free choice.

00:13:05   - It reinforces that.

00:13:06   It's like this is, yeah, here's your elementary school

00:13:08   and college and the job and here's the housemate

00:13:11   of Tiki Taki you bought up on the hill

00:13:12   and this is your life, kid.

00:13:15   This is the future.

00:13:16   - Right, it's you know, like with sufficient knowledge

00:13:18   you could already, you know, you could predict exactly

00:13:20   when and where you're gonna die.

00:13:22   - And you're never gonna get the gumdrop.

00:13:24   it's only a piece of paper.

00:13:25   (laughing)

00:13:27   - Do you ever play Blackjack?

00:13:29   Do you ever gamble?

00:13:31   - A little bit.

00:13:32   I like the instinct to wanna win.

00:13:34   (laughing)

00:13:35   - No, it's a deficiency.

00:13:36   - So I enjoy it intellectually, but I kinda,

00:13:38   I just lose interest.

00:13:38   I'm like, "Ah, this is fun, but I don't have any,"

00:13:40   I don't have any, and weirdly, I mean, playing Jeopardy,

00:13:43   Jeopardy is a different kind of battle,

00:13:44   but I just never have, I don't have the,

00:13:47   I can't stick to it.

00:13:48   I'm kinda, "Oh, this is fun.

00:13:49   Now I'm gonna wander off and look at that other thing."

00:13:51   So it doesn't hit me for some reason.

00:13:52   - When you were on Jeopardy,

00:13:54   Did you get daily doubles?

00:13:57   - Yeah, I think I'd never, I didn't get a lockout.

00:14:01   So IBM researchers did this, they built Watson.

00:14:06   One of the things they did is they did this,

00:14:07   one group did all this game theory and analysis

00:14:10   and they found that people who win Jeopardy

00:14:12   fit into three categories.

00:14:13   There's sort of regular champions,

00:14:15   masters and grandmasters.

00:14:17   And I was clearly in the regular champion category.

00:14:20   Like I eked out a couple wins, I'm happy that I won,

00:14:23   but I wasn't like a natural player like some people are.

00:14:26   So I did okay, I did okay.

00:14:28   - Well, that's the daily double, you know,

00:14:30   it ties in with Blackjack 'cause it is,

00:14:33   it's the one part of Jeopardy that's,

00:14:35   well, the final Jeopardy is a bit of a gamble,

00:14:38   but you know, it's a gamble

00:14:39   where you don't know the question, you know,

00:14:42   whereas the regular questions, it's a combination of skill,

00:14:46   like your actual ability to recall the answer,

00:14:49   know the answer and physically to hit the buzzer first. But you do, you know, you get the question.

00:14:56   So it's not, you're not gambling. I mean, you do, and you can maybe say you are if you're only half

00:15:02   certain of the answer and you're going to buzz in anyway and take a chance you got it right because

00:15:05   you lose the money if you get it wrong. But the daily...

00:15:09   The better strategy is to never buzz in when you don't know the answer for sure because you then

00:15:13   both lose the money you have and someone else is most more likely to get it and they gain it back.

00:15:17   you almost double the difference. Because they've had the time to think about it.

00:15:21   Oh, I saw a heartbreaking one where someone misspoke and then the other person just buzzed

00:15:25   in and got it. And they said almost exactly the right thing. Oh, I remember as a kid when it was

00:15:28   newer, when it wasn't so ingrained in the culture. I mean, I don't watch regularly anymore, but it's

00:15:35   been years since I've seen one where somebody forgot to put the answer in the form of a question.

00:15:39   Whereas when I was a kid, that happened fairly regularly and inevitably somebody else would buzz

00:15:45   in with the same answer in the form of a question

00:15:48   to take the dollars.

00:15:49   - I know, it's sad.

00:15:50   There's actually a tiny rule which is in regular Jeopardy

00:15:53   in the first half of the game.

00:15:55   They will alert you and you can restate it.

00:15:57   In double Jeopardy, you cannot.

00:16:00   If you say it without it being a question,

00:16:02   it's just automatic wrong.

00:16:04   - Is that a new rule?

00:16:04   I don't remember that.

00:16:05   - It's been kicking, well, it's at least for a couple years.

00:16:07   I played a couple years ago.

00:16:08   I know, it's funny, they just, because then they're like,

00:16:09   by the second half, you're like, if you can't get it,

00:16:12   like that's your problem.

00:16:12   You're just gonna buzz in and lose.

00:16:15   - But you have to have the heart of a gambler though

00:16:17   to really play aggressively on the daily doubles

00:16:20   like this, is it Richard Chu?

00:16:22   What's his, Arthur Chu?

00:16:23   - Yeah, he's, because if you can,

00:16:25   it's more likely you already know the category,

00:16:27   you may have answered questions in the category,

00:16:30   so you know the kind of direction they're taking,

00:16:32   and then you could go all out.

00:16:34   And so Roger Craig, who is now the number four winner,

00:16:37   'cause Arthur has displaced him so far,

00:16:39   number four all-time regular season winner, Roger Craig,

00:16:42   he won $77,000 in one day

00:16:44   because he did one Daily Double and then got another and did it. And it made sense because

00:16:49   he knew the category and he could have lost, because he did two Daily Doubles twice in

00:16:55   a row. But it didn't, it's funny, it didn't, I don't think it was a bad game decision because

00:17:01   he was confident enough and he could have, he'd already won a bunch of money at that

00:17:04   point. So there's a point where you've already won enough money, you've won enough days that

00:17:08   like you know you're going to be in the Tournament of Champions, for instance, you're going to

00:17:11   come back.

00:17:12   psychologically want to win more than you're afraid to lose.

00:17:17   - Yeah, that's exactly it.

00:17:19   - Right?

00:17:19   - And there's something about that, like, well, you're sitting

00:17:20   in that position and you're like, I could get the highest

00:17:23   score ever, I'm gonna do it. - Right, like let's say you've

00:17:25   got 13,000 and I've got 8,000 and you get the daily double.

00:17:30   A normal conservative person is gonna think, well, I'm up

00:17:34   by 5,000 already, I don't wanna risk it, I wanna stay up

00:17:36   even if I get it wrong.

00:17:38   Whereas it's probably a better game theory strategy

00:17:41   to just go for it, you know, put-

00:17:44   - Yeah, you already know, you know

00:17:46   what the other players play, you know how you're doing,

00:17:47   you look at the board, if there's time left-

00:17:49   - Because you can win the game right there on that play.

00:17:51   - Yeah, I mean, I lost, I did a true daily double,

00:17:53   the game that I lost, I had five grand

00:17:56   and I was getting close to the end,

00:17:57   it was a terrible game, we were all playing it,

00:17:58   we were all off, and I bet all five grand

00:18:00   and I said George Sands instead of George Sand,

00:18:04   I will never forget, and I lost it all,

00:18:06   but I still came back and if I'd been,

00:18:07   I got another daily double,

00:18:08   I got two daily doubles in a row.

00:18:10   And if I had said sand, I would have won the game.

00:18:14   So it was the right choice.

00:18:15   It was a category I knew I'd answered,

00:18:17   I think the other three or four questions correctly.

00:18:20   So it was absolutely the right choice

00:18:21   and I lost in exactly the right way.

00:18:23   - It's never the right way to lose.

00:18:28   - I know, somebody has to lose, two people have to lose.

00:18:31   - The thing that, just to finish the thought

00:18:36   from five minutes ago on Blackjack.

00:18:39   The thing that drives the blackjack players nuts,

00:18:42   if they think that they know the right way to play

00:18:44   and somebody else is playing differently,

00:18:46   is that then after the guy plays wrong, according to them,

00:18:51   whether it's the modern era,

00:18:53   if you don't play the mathematical basic strategy

00:18:56   or back in the '60s when people started to,

00:18:58   and then the next card comes out

00:19:00   and if it had been the other way around

00:19:02   would have busted the dealer

00:19:05   and everybody would have won or whatever,

00:19:07   they blame the player.

00:19:08   as opposed to, as opposed to, you know, like, so,

00:19:13   you know, let's say I've got a 15,

00:19:17   and I'm the last player to go,

00:19:19   I've got a 15 and the dealer has a 20,

00:19:22   and it's 1968, and everybody thinks I should just stay

00:19:25   because I could bust, but I know that I should,

00:19:27   what I should do is hit, because 15 against a dealer's 10,

00:19:31   I'm probably gonna lose anyway, it's a terrible hand,

00:19:34   but I'm gonna lose less if I hit.

00:19:36   I'll lose less if I play the same hand a thousand times.

00:19:39   I'll lose fewer times.

00:19:41   So I hit and I take, let's say, a seven

00:19:44   and I bust 'cause I have 22.

00:19:46   Now I'm out.

00:19:47   Then the dealer turns over their cards

00:19:49   and ends up, the dealer has a 16.

00:19:52   And so the dealer has to hit and pulls a four

00:19:56   to have 20 and the dealer wins.

00:19:58   Whereas if I had just done what everybody thought

00:20:00   I should do and stay, on this particular hand,

00:20:03   the dealer would have busted and everybody else

00:20:05   who is still in the game would have won.

00:20:06   - Oh, I see.

00:20:07   So statistically, you're gonna annoy people

00:20:08   because that's gonna happen frequently enough,

00:20:10   even though you come out ahead.

00:20:12   - Right.

00:20:12   - In specific games, you're gonna be peeving people

00:20:15   as a result.

00:20:15   - And most people don't, you know,

00:20:17   they don't have any concept of, you know,

00:20:20   statistical, what's the phrase?

00:20:24   A large enough sample set to be statistically valid, right?

00:20:28   You know, one hand, anything could happen, right?

00:20:31   Some asshole could have a 20 and hit

00:20:33   and get an ace to make 21.

00:20:34   I mean, it's like the stupidest thing you could do,

00:20:36   but you know, sometimes it's gonna work, right?

00:20:39   One out of 13 cards in the deck is an ace.

00:20:41   It doesn't make it the right play,

00:20:44   but then somebody will say, "Well, see, if you won,

00:20:46   "it's proof that you did the right thing,

00:20:48   "and if you lost, it's not."

00:20:50   - Well, this is where you get into insanity

00:20:51   is people develop their theories,

00:20:53   and the theory is if they're not statistically valid.

00:20:56   I mean, it gets back to the Moneyball thing, right?

00:20:57   Moneyball is a battle between people going by their gut,

00:21:00   which is often wrong, and by the statistics,

00:21:03   which are statistically correct, right?

00:21:06   I mean, we ran this piece in the magazine,

00:21:08   and Philip Michaels wrote a great article,

00:21:11   we called "Three Strikes You Shout,"

00:21:13   about 10 years after Moneyball

00:21:14   and what had changed in baseball.

00:21:16   And there's tons of people who still reject

00:21:19   10 years later watching the results of it.

00:21:21   They still think everything is a fluke

00:21:22   'cause their gut's right.

00:21:23   They were in the big game, you know, the big show.

00:21:25   They know what's going on.

00:21:25   And so, and you obviously don't know

00:21:28   'cause you didn't play baseball and whatever.

00:21:30   It's like, well, I'm sorry if the statistics are right.

00:21:32   - They are, and it kinda sucks,

00:21:34   but they are actually correct.

00:21:36   - Yeah, absolutely.

00:21:38   - Less romance in statistics.

00:21:40   - Yeah, you still hear about that,

00:21:41   that there's still like old-time baseball scouts

00:21:43   who just don't really look at the numbers

00:21:46   and just look at how the guy looks,

00:21:48   judging that way. - Eventually they will be out.

00:21:51   - And there's little things too,

00:21:52   like there's a surprising,

00:21:54   it's one of those things that's kinda hard to measure

00:21:56   because it's effectively subjective,

00:22:00   but that better looking players,

00:22:03   handsome or young men, tend to be scouted higher

00:22:06   than homelier players.

00:22:09   - Sure. - Right?

00:22:10   And it's just one of those ways

00:22:13   that good looking people just have better fortune

00:22:18   in all aspects of life.

00:22:19   But even in sports, they end up getting better

00:22:22   scouting reports than homely players.

00:22:25   - It's a cross I haven't been forced to bear.

00:22:27   (laughing)

00:22:29   - There's a site called Jeopardy Hotties, which cracks me up.

00:22:32   But I wanna tell you what's funny about it is,

00:22:34   it is, I went to this site and I was like,

00:22:38   all right, I'm not on it, so screw you.

00:22:39   Actually, there's a link to my Boing Boing article,

00:22:41   which is funny, there's no picture of me,

00:22:43   there's a link to my Boing Boing article.

00:22:44   But I looked through it and I gotta say,

00:22:46   one of the nice things about it,

00:22:46   it was non-heteronormative and it was non-gender-normative.

00:22:51   So the people that, the person who had posted these pictures

00:22:53   for years now, it goes back for years,

00:22:56   It is not only a certain aspect of society,

00:23:01   the attractive blonde women.

00:23:04   It's all kinds of people.

00:23:06   And I agree, the men, the women,

00:23:07   the people that are clearly of different orientations

00:23:10   and so forth, it's awesome actually as a celebration

00:23:13   of beauty across a lot of different norms.

00:23:17   But I'm not in it, god damn it.

00:23:19   So it's obviously a terrible sight.

00:23:21   - I'll put you on a list of the talk show hotties.

00:23:24   So, you know, talking about Markov

00:23:28   and all these statistics and whatever,

00:23:30   I know you had some Bitcoin questions.

00:23:32   When I was on last, we were talking about,

00:23:34   we hinted around it.

00:23:35   - Yeah, let me do the first sponsor read

00:23:36   and then we'll dig into it,

00:23:38   because that's really why I have you here.

00:23:39   I feel like it's, the whole Bitcoin thing

00:23:41   has reached the breaking point, and I need--

00:23:43   - This is all buildup.

00:23:44   We have to establish credibility in talking about numbers.

00:23:46   - Yeah.

00:23:47   Yeah, it is kind of related.

00:23:49   It's an awful lot of math.

00:23:50   - There's a lot of, there's gambling.

00:23:53   Our first sponsor is our good friends at Igloo.

00:23:56   Igloo is an intranet you'll actually like.

00:24:00   I love that slogan.

00:24:02   It's built with easy to use apps

00:24:03   that help you work with your teams.

00:24:05   Shared calendars, private Twitter-like micro blogs,

00:24:10   file sharing, and more.

00:24:13   It's all on our website.

00:24:14   You can go check it out.

00:24:15   But what they want me to talk to you about is SharePoint.

00:24:19   So Igloo partnered with Osterman Research

00:24:23   to study the challenges businesses face when implementing SharePoint. SharePoint is the

00:24:27   Microsoft internet product that dates to like 1983 or something. They built a whole page

00:24:35   about it and you can go see it. Go to this site igloosoftware.com/thetalkshow and they'll

00:24:42   know you came from the show and then they have the white paper linked to there and the

00:24:45   research. But there's five main points that they got from their research. Number one,

00:24:50   doesn't work well on mobile. Igloo has responsive web pages for all the aspects

00:24:56   of Igloo. So everything looks great on any kind of mobile device. Any kind of

00:25:00   cell phone with a WebKit browser is going to work great with Igloo.

00:25:06   Second thing, SharePoint is too expensive. Third, it requires too many people.

00:25:14   You've got to license it for a lot of people just to get started using it. And

00:25:18   And then the last point is that it ends up no one actually uses it.

00:25:23   It gets put into place from top down orders from IT department.

00:25:29   And then it's such a pain in the ass to use.

00:25:31   What happens is the teams end up using other products anyway or going around the system to share just to get stuff done because nobody actually uses it.

00:25:40   Igloo is a thing that your team will actually use.

00:25:45   They show you, just go to their website, they'll show you exactly how they do these things

00:25:49   better with actual case studies from actual igloo customers and reports from analysts

00:25:55   that prove it.

00:25:57   They just won a product leadership award from Frost and Sullivan and IDC picked igloo to

00:26:03   power their own customer community.

00:26:05   So go check them out.

00:26:06   And here's the last thing you need to know.

00:26:08   It's free to use with up to 10 people and very affordable after that.

00:26:14   So you can get started.

00:26:15   Try it out with up to 10 people.

00:26:17   If you only have fewer than 10 people, you can just keep using it for free.

00:26:21   It's amazing.

00:26:22   So go to igloosoftware.com/thetalkshow and check them out.

00:26:28   OK.

00:26:29   Bitcoin.

00:26:30   Bitcoin.

00:26:31   So I've been putting it off.

00:26:33   I'm vaguely familiar with it.

00:26:34   But what I need you to do, I really do, I need you to explain this to me like I'm a

00:26:39   dummy because I kind of am.

00:26:42   And I was good at math.

00:26:43   I really, you know, I mean I think I'm more mathematically, I kind of, kind of get the

00:26:48   basics of the math, but I don't know.

00:26:52   I feel like, and it's clearly, I mean it's, maybe even with the criminal stuff going on

00:27:00   at the Mt. Gox and the other place now, it would still be in the news more and more.

00:27:07   You know, it seems like it's a rising tide, regardless of those things.

00:27:15   But then, you know, let's talk about that too.

00:27:16   So let's start from the top.

00:27:18   Okay, I think there's three things.

00:27:20   I think I can break it down to three things that you have to understand, all of which

00:27:24   are relatively easy to understand, I think.

00:27:27   Okay, so Bitcoin has like, I guess it's, there's, let's see, three different aspects.

00:27:33   One is that the Bitcoins themselves are just a bundle of cryptographic information of which

00:27:38   the person who possesses it ostensibly has a secret that only they know about whatever

00:27:44   quantity of Bitcoins are in a particular wallet, particular address as it's called.

00:27:49   The second is that you only transfer Bitcoins to other people.

00:27:52   You don't receive them, you only send them.

00:27:56   And that is again a cryptographically signed transaction and that becomes permanent in

00:28:01   a way that I can talk about.

00:28:02   Wait, but so you have a bitcoin and you want to give it to me, so I never receive it?

00:28:07   You, not technically. What's interesting is transactions are all one way. A transaction

00:28:13   sends money from one address to another, and the bitcoin addresses and wallets are sort of

00:28:17   an interchangeable term. It's like the address is just like the destination and it contains some

00:28:22   of bitcoins from, you know, one Satoshi, which is the tiniest current unit up to whatever

00:28:27   quantity you have. So I've got an address and you send me money and I send you money, but I don't

00:28:35   receive money per se, but I can explain that. So there's the Bitcoin address, there's a transaction,

00:28:41   and then there's this issue of how transactions become permanent, which is Bitcoin mining.

00:28:47   Those are sort of the three pieces. And I think each of them, like when you lump it all together,

00:28:52   It's like, what the hell? So, fundamentally, what Bitcoin is about is decentralized trust.

00:28:59   So, no two parties in a Bitcoin transaction or in any aspect of the Bitcoin ecosystem

00:29:04   need to have any implicit trust in each other. Like, the system itself handles trust by using

00:29:10   public key cryptography, which essentially assures that once you create a—so, you create a public

00:29:17   key pair. And a public key pair uses one of multiple different formulas, but let's say it

00:29:21   It uses, you know, Whitfield Diffie is one of the people, is the Diffie-Hellman key system that works.

00:29:28   And what you do when you create a public private key pair is you're using very, very large prime numbers and you wind up with two pieces at the end.

00:29:35   So I don't have to, I mean, you can look up the details in Wikipedia, but you wind up with two pieces and one piece is a private key that you possess and you need to keep it absolutely secret and no one else may ever have access to it.

00:29:46   You don't want to store it anywhere anyone has access because this private key proves your identity the possession sort of the possession

00:29:53   Part of it like you being able to deploy the key gives you all the power over any

00:29:58   Transactions that involve that particular public key public private key pair

00:30:02   If public in other words if you if you got your hands on my private

00:30:07   key

00:30:09   You could send my bitcoins to somebody else

00:30:13   - Exactly, and this is true,

00:30:14   like public key cryptography is used all over the place.

00:30:17   It's the basis of SSL TLS used for web encryption.

00:30:21   It's used in SSH transactions.

00:30:23   - In the same way, so for example too,

00:30:25   if you had my private keys for SSH,

00:30:28   you could log into Daring Fireball over SSH.

00:30:33   - Exactly.

00:30:34   - And get on the command line on daringfireball.net

00:30:37   if you had my private keys.

00:30:39   - Yeah, and the notion with public key cryptography

00:30:41   is that the public part of this,

00:30:43   You can freely distribute it,

00:30:45   and there's not enough computation power in the world

00:30:49   over, I forget how many years,

00:30:51   if it's the heat death of the universe still or not,

00:30:54   that would allow you to use any known technique

00:30:58   to reverse engineer and brute force attack

00:31:00   and recover the private key.

00:31:01   So that's why it's so resistant.

00:31:03   It's an asymmetrical key system.

00:31:05   And so the public key gets used broadly,

00:31:08   like in any system, this is how you can sign something

00:31:13   So you take your data and you sign it with the public key

00:31:16   and the result is a cryptographic hash

00:31:19   that only the recipient with the private key,

00:31:22   only the owner of the private key can decrypt that.

00:31:25   So it's a one-way method for someone

00:31:27   to send you something securely that only you

00:31:30   or the possessor of that private key can read.

00:31:33   So that's how it gets used.

00:31:34   A lot of the time, that's true with web pages,

00:31:36   when you do a web transaction, the first thing that happens

00:31:39   is this whole digital certificate thing

00:31:40   of which we've now found there have been some things

00:31:42   been some flaws recently, last few days, not just go to fail, but there's a new one that

00:31:47   dates back many years and is also suspicious and how it hasn't been discovered.

00:31:51   Let's save that. Let's just remember, keep that in mind. Let's come back to that after.

00:31:55   We'll come back to that. But the idea is that you have information you want to pass. So

00:32:00   in general, the way cryptography is used is to secure a secret. And in Bitcoin, it's not

00:32:05   securing a secret, it's proving ownership and identity. So in the Bitcoin system, there

00:32:12   is no inherent value. What's the value is that a set of numbers representing some quantity

00:32:18   of bitcoins can only provably belong to a person who owns the private key that corresponds

00:32:25   to that address that contains that number of bitcoins. So nobody else, so no one else

00:32:30   can do anything with those coins. They cannot prove ownership because they cannot, because

00:32:35   Because the private key can be used to sign transactions that, by using the publicly available

00:32:42   key, can be proven to only have been signed by someone who possesses the private key.

00:32:46   So there's an absolute way to prove that you own a thing because you have the private

00:32:50   key.

00:32:51   And there's, I don't think any other, I mean there's some other cryptographic systems,

00:32:54   I should say, that have things that are parallel, but there's no method in the real world that

00:32:58   corresponds to that.

00:32:59   There's no physical method, you know, biometric identification is one of the things, but there

00:33:04   And you can do the Kurt Vonnegut method and cutting off and pickling people's thumbs and so forth.

00:33:09   You know, it was joked about with the iPhone 5S.

00:33:12   So Bitcoin, the idea is that there is no way to, because of the process by which they're made,

00:33:18   there's no way to forge a Bitcoin.

00:33:21   You can't counterfeit it and you can't fraudulently transfer it from one party to another without the access to that first party's private key.

00:33:32   So that fixes a bunch of problems with--

00:33:34   - So if I had a copy of a Bitcoin that belonged to you,

00:33:38   now I can copy the Bitcoin and I can have it on my computer.

00:33:43   I can't do anything with it 'cause I don't have

00:33:45   your private key.

00:33:47   - That's right. - All right.

00:33:48   - I mean, what's weird is Bitcoins are not stored anywhere

00:33:51   at some level, like the weird thing is,

00:33:52   so let's get to the transaction part,

00:33:54   'cause this explains the next thing.

00:33:55   So Bitcoin at some level is, it's a series of transactions.

00:34:00   It's not actually, like, let's look at it this way.

00:34:04   The current banking system is ridiculous, of course.

00:34:06   But so, you know, I do things as weird as like,

00:34:08   when I was sharing office space with Jeff Carlson,

00:34:10   he would send me a rent check,

00:34:12   'cause I paid the rent for the whole office,

00:34:14   and he would go to our credit union,

00:34:16   he would fill out a thing, it would make a check

00:34:18   and ship it from like the Midwest in an envelope.

00:34:21   It would wind up at the office, I would take it,

00:34:23   I would scan that check in a scanner,

00:34:25   electronically deposit and destroy the check.

00:34:27   And that's our banking system, right?

00:34:29   system, right? So like—

00:34:30   That's the US, though. The US—I mean, the US is—I mean, people are—our listeners

00:34:35   in Europe are like—

00:34:36   Like, what?

00:34:37   Yeah, they can't believe it. I don't think most people in Europe—most people our age

00:34:41   in Europe have never even, like, sent a check.

00:34:43   Yes, right. And so, yeah, exactly. Like, checks—and this is true in America, checks have now—the

00:34:48   volume of checks has gone way, way down because—for a whole bunch of reasons, including electronic—a

00:34:54   deposit being encouraged for employers.

00:34:57   But so let's do wire transfers easier case.

00:35:00   So because my credit union has added free wire

00:35:03   transfers a couple of years ago from person to person stuff.

00:35:06   So when I do a wire transfer, it's just a ledger transaction

00:35:09   is my bank has a record that it owns a certain amount of money.

00:35:14   And it transfers that to another bank.

00:35:16   And that bank agrees that yes, and that value is transferred.

00:35:19   I know I forget.

00:35:20   I think the federal reserve is involved.

00:35:23   I forget.

00:35:23   There's like some weird thing.

00:35:24   but like they're just transferring money,

00:35:26   numbers around, right?

00:35:27   But there's no security in that process

00:35:28   and it's abused all the time.

00:35:30   You hear all these stories about money being transferred out,

00:35:32   people's bank accounts, especially companies being hacked

00:35:35   and money being transferred and Western Union things

00:35:37   and checks being cut.

00:35:38   The system isn't secure, but in essence,

00:35:40   it is just that is a decrement occurs in one bank's ledger

00:35:44   and an increment occurs in another

00:35:46   and that's the transaction.

00:35:47   Bitcoin doesn't work that way.

00:35:49   Bitcoin has this thing called the public blockchain

00:35:52   And this is distributed worldwide,

00:35:54   and it's gigabytes in size now.

00:35:56   And it is a record of every single transaction

00:35:58   that has occurred since Bitcoin went live

00:36:01   like over five years ago now.

00:36:04   And the transaction ledger,

00:36:05   if you wanna figure out who owns a Bitcoin,

00:36:07   you can trace back the address to its origin.

00:36:10   And the current owner is the person

00:36:12   who has most recently signed it with their private key.

00:36:15   That they have, or I should say the person

00:36:16   who has most recently received it

00:36:18   by virtue of the coin being signed over

00:36:22   with the previous owner's private key.

00:36:25   So, and so I have an address.

00:36:28   My address is, you know, 1234-ABCDEF, right?

00:36:32   And you can transfer money to me at that address

00:36:36   by signing a set of Bitcoins with your private key

00:36:40   that corresponds to those Bitcoins.

00:36:42   That transaction occurs, it's locked into the blockchain,

00:36:45   and now I own those.

00:36:46   there's no transfer from two points.

00:36:49   It's recognized globally by analyzing the chain

00:36:52   that I now possess those and have the authority

00:36:54   to spend them in some way.

00:36:55   And that's wild, that's very, very different

00:36:57   than any monetary system or transaction-based system

00:37:00   has worked before.

00:37:00   - Right, it's definitely novel.

00:37:02   - Yeah, it's almost like a central ledger,

00:37:04   except that it's not recording deficits and additions,

00:37:06   it's only recording transfers,

00:37:08   and that's what's baffling.

00:37:09   So you have to have the entire sequence of transfers,

00:37:11   and the most recent transfer wins, essentially.

00:37:14   That's what proves ownership.

00:37:15   So this is where you get into the third part,

00:37:17   which is like, how are transfers made permanent?

00:37:20   How do they become a permanent record?

00:37:22   And that's where you get into Bitcoin mining,

00:37:23   which defeats some people because it seems,

00:37:25   so it's so weird at some level.

00:37:29   And mining is the process of finding a,

00:37:32   so miners run now extremely specialized hardware

00:37:36   that all they do is they generate tons

00:37:37   of SHA-1 cryptographic hashes based on specific numbers.

00:37:42   So the system works like this.

00:37:45   Let's see if I can do this part.

00:37:48   People are constantly engaged in Bitcoin transactions

00:37:51   and they generate these transactions.

00:37:53   They say, John, I'm gonna send you one Bitcoin.

00:37:55   So I use my software.

00:37:57   It signs over one Bitcoin to your public address,

00:38:00   sign it with my private key.

00:38:02   That transaction is then broadcast

00:38:04   on the global set of peer-to-peer nodes

00:38:06   that are used by Bitcoin miners

00:38:08   and other people involved in the Bitcoin ecosystem.

00:38:10   miners are constantly grabbing a set of transactions

00:38:14   and they get a small fee, small to large fee,

00:38:16   sometimes no fee, for each transaction that they grab.

00:38:19   So they'll take, let's say, I forgot the number,

00:38:20   I think it's like 1,000 transactions.

00:38:22   They'll take those and they combine that

00:38:25   with some other information that's unique

00:38:28   and something that's randomly generated

00:38:29   and they start churning away on creating SHA-1 hashes.

00:38:33   So a SHA-1 hash is a cryptographic hash

00:38:36   is where you take an input, it runs through this algorithm

00:38:40   that performs a number of transformations on it,

00:38:42   and the number that comes out the end is predictable.

00:38:45   It's always the same based on the same input,

00:38:47   but any change to the input, no matter how slight,

00:38:50   results in a non-deterministically highly variant output.

00:38:55   So if I put in John Gruber into SHA-1, I get one thing.

00:39:00   If I put in John Graber, the result is

00:39:02   you cannot predict what it will be.

00:39:04   It'll be so vastly different,

00:39:06   and there is no known way to easily predict

00:39:08   how to reproduce the same hash from different inputs.

00:39:12   So I can't just create a slightly different record,

00:39:14   create the same hash.

00:39:16   So the act of hashing proves that I did it

00:39:19   because you can take the same inputs,

00:39:21   run it through the same algorithm

00:39:22   and produce the same result.

00:39:24   So, here's what mining is.

00:39:27   Mining is you're trying to find a certain hash,

00:39:31   but you don't know how to create a hash

00:39:32   that matches that pattern.

00:39:33   You just have to create billions upon billions of them.

00:39:36   In Bitcoin, you're looking for a hash

00:39:38   that has a certain number of starting zeros.

00:39:41   And the more computation power that enters

00:39:44   into the Bitcoin ecosystem,

00:39:46   'cause it's now a ridiculous amount,

00:39:48   the harder the level of finding that number is,

00:39:51   they keep increasing the difficulty.

00:39:52   It's a dynamic thing that's reset every two weeks

00:39:54   by the system.

00:39:55   And you have to find like a hash that's less than,

00:39:59   the number's incredibly long, it's however many bits long,

00:40:02   and you have to find a hash that has a certain number

00:40:05   of leading zeros.

00:40:06   and you could churn for, you know,

00:40:08   you could churn through a trillion transactions

00:40:10   and you might not find one that meets those parameters.

00:40:13   - Right.

00:40:14   - Does that make sense?

00:40:15   - I think so.

00:40:15   I've heard it described, not mathematically similar,

00:40:20   but in layman's terms, similar to looking for prime numbers.

00:40:24   - It's a needle in a haystack search.

00:40:26   - But in the same way though,

00:40:27   that like if you're looking for prime numbers,

00:40:29   each one gets harder and harder to find because it's--

00:40:33   - Yeah, except, well, this is random is the problem.

00:40:35   Like prime numbers, you know what you're looking for,

00:40:38   like, and you don't, there's no, I think at this point,

00:40:40   they don't know where the next prime number is, right?

00:40:42   There's no prime number space.

00:40:44   In this case, there's a space of all possible hashes,

00:40:47   and because you don't know which inputs will,

00:40:50   there's two parameters.

00:40:51   One is you don't know which inputs produce which hash.

00:40:53   So you don't know how to predict getting one

00:40:55   with a bunch of zeros.

00:40:56   And the other is that you're taking a whole bunch

00:40:59   of material as a miner and sticking it together,

00:41:02   and it has to be, that material isn't set by you.

00:41:05   you can't define the starting point of the transactions

00:41:07   that you're mining.

00:41:08   So, but it involves a ridiculous amount

00:41:11   of computational power.

00:41:13   The last time I checked it was, I think it was 200 times

00:41:17   the computation power of the top 500 supercomputers

00:41:20   in the world combined.

00:41:21   - To find-- - Are used for Bitcoin.

00:41:22   To find, to mine Bitcoins worldwide.

00:41:24   - And at this point, I've read that it's more expensive

00:41:34   to power the computer that's doing it.

00:41:38   Like you said, most of the people doing it now

00:41:40   have specialized hardware.

00:41:41   But like if I just put software on my,

00:41:43   like a brand new Mac,

00:41:46   and just had it start mining for Bitcoins,

00:41:48   my expectation is that I would spend more on electricity

00:41:52   running the computer than the value of the Bitcoin

00:41:54   it might eventually find.

00:41:55   - That's right.

00:41:57   I don't know what it is exactly at this moment,

00:41:58   'cause the price of Bitcoins has fallen.

00:42:00   But this thing about difficulty,

00:42:02   So Bitcoin started on PCs, right?

00:42:04   And then people got more powerful PCs

00:42:06   and stuck more, the mining, I'm sorry,

00:42:08   and stuck more processors in.

00:42:09   Then they started using graphical processing units,

00:42:13   of course, 'cause GPUs are very efficient

00:42:14   at certain kinds of calculations.

00:42:16   Then they started using what these things call

00:42:18   programmable gate arrays, I think,

00:42:20   I've forgotten the name for them.

00:42:21   There's a specialized term that are like

00:42:23   a programmable silicon chip that you could program

00:42:26   and get even more speed.

00:42:27   Then they went to ASICs, you know,

00:42:29   which are custom circuitry designed specifically

00:42:33   to do SHA-1 calculations.

00:42:35   Then the ASICs went from 110 nanometer process

00:42:38   to I think they're down to 29 or something,

00:42:40   25 nanometer process now,

00:42:42   whatever the smallest thing is at that level.

00:42:44   It speeds up and speeds up the efficiency ratio

00:42:47   of power to calculations.

00:42:49   Not only can you calculate faster,

00:42:50   but the power per calculation gets lower.

00:42:53   You cannot compete on a PC

00:42:55   or even a field programmable gate array,

00:42:57   I think it's called.

00:42:58   can't, against custom, like 29 nanometer ASICs.

00:43:02   Right. In other words, though, that in just four years, we've gone through several generations

00:43:09   of computer engineering, hardware computer engineering, devoted specifically to Bitcoin

00:43:17   mining.

00:43:18   Yeah, and it's non-generalizable too.

00:43:21   Optimizing the hardware for this one specific purpose.

00:43:24   Oh, yeah. So, here, I just found the number. Here's the number. So, at this exact second,

00:43:28   There are 355,000 petaflops, this trillion,

00:43:33   no I'm sorry, that's quadrillion operations per second.

00:43:38   355 quintillion floating point operations per second

00:43:42   are being used globally to mine bitcoins.

00:43:46   And the top supercomputer in the world has,

00:43:50   God, what is it?

00:43:51   It has like under 100 teraflops.

00:43:53   So this is, if you add them all together,

00:43:56   I think you get 500 or, no I'm sorry,

00:43:58   you get like a thousand teraflops.

00:44:00   So this is hundreds of times more than the top 500

00:44:03   supercomputers in the world combined being used

00:44:06   for this specialized purpose consuming God knows

00:44:09   how many gigawatts of energy just to find this needle

00:44:13   in the haystack that lets them emit a kind.

00:44:15   So when a miner mints a coin, when they find this number,

00:44:18   they broadcast their solution, their proof of work

00:44:21   worldwide across the peer-to-peer network.

00:44:23   It happens on average in less than 10 minutes,

00:44:25   every 10 minutes.

00:44:26   Every 10 minutes a new Bitcoin is found.

00:44:28   Yeah, because on average somebody finds it.

00:44:30   In fact, there are these consortia,

00:44:32   because it was too hard for any individual to bear this.

00:44:35   So there are groups of miners worldwide that band together,

00:44:38   no one of which has more than, I think,

00:44:40   still 20 or 30% as a consortium of all worldwide capacity,

00:44:44   which is a whole other, there's another issue there.

00:44:46   And so some miner in this consortium goes,

00:44:49   "Yeah, I found it, woo!"

00:44:50   And they broadcast it and get it out there.

00:44:52   They need to get it out there as fast as possible,

00:44:54   'cause someone else in the next microsecond

00:44:56   might find a different needle in the haystack.

00:44:58   The moment that's broadcast, they broadcast a block,

00:45:02   and the block is a brick that's placed on top of the wall,

00:45:05   and you're mortaring it in.

00:45:06   And the brick includes a reward to you as a miner,

00:45:09   which is 25 Bitcoins, and that's still,

00:45:11   at current exchange rates, is not horrible.

00:45:14   Right now, what's the exchange?

00:45:15   It's like 600 bucks, now where is that?

00:45:18   - So you get 25 of them when you find one of these blocks?

00:45:20   - 25, yeah, and every four years, on average,

00:45:24   that reward halved.

00:45:26   So it was 50 Bitcoins for the first four years or so,

00:45:28   now it's 25, it'll be 12 and a half in a few years.

00:45:31   And this is part of the decreasing money supply.

00:45:34   There's a finite number of Bitcoins that will ever be mined

00:45:36   in the current protocol system, about 21 million.

00:45:39   So you're a miner, you go, "Woo, I found one!"

00:45:43   But that's still, you don't win.

00:45:44   You don't win when you find a Bitcoin, it's great.

00:45:46   But then you have to broadcast this out,

00:45:48   your block that has all the transactions

00:45:51   that are in your block,

00:45:53   and some other numbers and information,

00:45:55   and it has to be accepted by nodes all over the world

00:45:59   who then immediately begin calculating the next block,

00:46:02   and each block is cryptographically tied

00:46:05   to the one before it.

00:46:06   This is the wonderful secret sauce of Bitcoin.

00:46:09   This is actually almost more important

00:46:11   than the public key cryptography

00:46:13   that lets you protect each Bitcoin quantity's identity

00:46:16   and ownership.

00:46:18   The blockchain is, it builds upon each transaction,

00:46:22   each block. So, if you, so what can happen, and this happens frequently, is a miner in,

00:46:30   you know, Africa finds a Bitcoin, they transmit their block out, and it's sent out worldwide

00:46:35   simultaneously within some short period of time. Another miner has also found, based

00:46:39   on the same previous block, they have found a new magic number, right? And they broadcast

00:46:46   theirs. So now you have two different chains, which have, each have different ending blocks,

00:46:51   the rest of the same, going back to 2009 and Mr. Satoshi's initial deployment.

00:46:56   But this, they have variants.

00:46:58   And what can happen though is different nodes on the Bitcoin network, because they're decentralized,

00:47:02   can accept different chains.

00:47:05   So you can have two different chains that are growing parallel, but one of them, but

00:47:09   they don't have the same information for the last block.

00:47:11   And this can go on sometimes for one or two blocks.

00:47:14   And at a certain point, one of them has provably shown to do more work.

00:47:18   it's clear that it happened faster and more work was consumed. And then there'll be this

00:47:23   reconciliation, which I believe is automatic, in which all the nodes in the world accept the

00:47:29   longer chain, that is the chain that has more blocks on it faster. When that happens, all the

00:47:34   variant chains, which may have one or two blocks that are not the same as the one that's been

00:47:40   accepted, those are discarded. All the transactions that were exclusively in those blocks and did not

00:47:46   get minted into these new blocks have to be committed again into new blocks. And you see

00:47:52   why this gets complicated.

00:47:53   Jared: So, somebody who found one of those blocks ends up with nothing.

00:47:57   Pete: Exactly, right. It resets.

00:47:58   Jared; Because theirs was rejected because it was a smaller chain.

00:48:01   Pete; Precisely. And this is a process that's, actually, and this is part of the elegance of it,

00:48:06   is, you know, it's a little crazy at one level, but it is also a really beautiful idea that

00:48:12   no one has to agree on anything. You don't have to go into a reconciliation, be which block,

00:48:17   whatever. It's like, no, the longer block wins. And I think, yeah, I think whatever anybody would

00:48:21   think about Bitcoin, whether you think it's really super, it's going to revolutionize all of digital

00:48:26   commerce, and maybe real world commerce, and, and that it's, you know, maybe you think it's a great,

00:48:31   even with the recent stuff, it's a great place to invest your money or any, or, or you think the

00:48:36   the whole thing is a goddamn ridiculous scam. I think everybody would agree that mathematically

00:48:43   it's beautiful. It's a beautiful system.

00:48:45   Pete: It's gorgeously designed. If you disregard any of the currency or speculation part of it,

00:48:51   you can just admire it. And the paper that, you know, so-called Satoshi is maybe a composite

00:48:55   of multiple people but is still preserved his or her or their anonymity, that paper is actually

00:49:03   incredibly legible. I've read it and I am not a cryptographer and my math background

00:49:09   is not deep enough to really, I don't know, maybe if I really studied it I could get it,

00:49:13   but it's actually a model of clarity about what's going, about what the intent is and

00:49:17   how it works and all of the attributes in that paper have persisted. And the idea is,

00:49:23   so now you understand Bitcoin now. This is Bitcoin, you have a quantity of currency that's

00:49:29   protected in a public key, which we all understand now, but public-private keys work, and so

00:49:33   only the owner of the private key can do it.

00:49:35   A transaction transfers value from one party to another.

00:49:40   Miners make their money by doing these fiendishly large number of calculations, but they have

00:49:46   to be on the winning side if multiple blocks are being minted at once of the longest chain

00:49:51   for it to be perfect.

00:49:52   So here's the other part that's beautiful, and again, doesn't really relate to whether

00:49:55   it's valid as a currency or anything else.

00:49:58   But Bitcoin is a fantastic transaction system if you don't care about the value at all,

00:50:04   there's no contradicting it.

00:50:05   It is a beautiful transaction system.

00:50:07   So here's the deal, the amount of computation I've described is ridiculous, right?

00:50:12   After a few blocks go by, you would need more computational power than exists in the Bitcoin

00:50:18   network to go back a few blocks and create a new chain.

00:50:21   So if the longer chain always wins, if any entity like a consortium controlled more than

00:50:27   50 percent, and some people say the threshold is lower, but let's say just at the, not

00:50:32   the practical level, but the theory is if you own under control more than 50 percent

00:50:38   of the Bitcoin mining capacity worldwide, you will always win.

00:50:42   You will always have the longest chain because you can always calculate faster.

00:50:46   You can outpace everyone else put together.

00:50:49   So this would let you do things like distort the system and double spend and mess up transactions.

00:50:53   You could do all kinds of bad things.

00:50:55   The consortia don't like this.

00:50:56   And so when any one consortium has reached a point where they're worried about having

00:51:03   too much capacity, they voluntarily split off and break down or halt things or do all

00:51:06   sorts of stuff because it's not in the benefit of the system's integrity, even for them

00:51:12   to wield that much control.

00:51:13   They think it would destabilize the validity of the system.

00:51:17   it also means that, let's say a government entity, let's say Iraq says, "We hate Bitcoin,"

00:51:21   or Russia, Russia's probably a better example. Let's say Russia says, "Bitcoin is terrible,

00:51:25   let's destroy Bitcoin," and you know, Putin, maybe he's got, whatever. They would have to spend

00:51:29   an enormous amount of money, a ridiculous amount of money, to build up the capacity just to match

00:51:34   the current system. Then they would have to be out there minting like crazy and, you know,

00:51:40   and be able to overtake everyone else in the world and continue that for a period of time. And also,

00:51:46   Also, people would notice this isn't an anonymous process.

00:51:49   They know where the traffic's coming from.

00:51:50   They know what the addresses are.

00:51:52   So there's really, it's not that there's no way for someone to subvert the system by

00:51:56   gaining control of more than 50% or even a lower threshold of mining capacity.

00:52:00   More that the bar is so high and it's so expensive now, it's just very, very unlikely.

00:52:06   Um, one, I want to keep going, but here's one last question I have about this before

00:52:14   we do the next sponsor break which is that my understanding I mean I think

00:52:18   this is I think it's common knowledge is that the one of the other things about

00:52:23   the Bitcoin system from the gecko is that there's an upper bound on the

00:52:27   eventual total global bitcoins that will exist that at a certain point that's it

00:52:32   the last Bitcoin block will be mined is that right yeah this is um this is the

00:52:39   the I think it's 21 it's approximately 21 million it's just below 21 million

00:52:44   And this is, you know, Bitcoin is clearly influenced by Ludwig von Mises, right?

00:52:49   He was the Austrian economist that affects a lot of people with specific Austrian school of economic views.

00:52:55   And Bitcoin at one level is a test of economic theory by not allowing, there's no inflation in Bitcoin per se, and you can't print new money.

00:53:06   The money gets released at regular intervals by the miners.

00:53:10   And, oh, I should also point out,

00:53:13   there's this thing I was mentioning that as,

00:53:15   as more computational capacity enters the system,

00:53:19   the difficulty factor is adjusted

00:53:21   because it's the system rebalances

00:53:23   to try to take about 10 minutes

00:53:24   between each block being minted.

00:53:27   And if, because computational capacity

00:53:30   has been increasing so fast,

00:53:31   it's more like seven or eight minutes.

00:53:33   But if, for instance, like everybody involved

00:53:37   in Bitcoin mining said, ah, this is stupid.

00:53:39   99% of the people shut their equipment off, the difficulty factor then reduces. So everyone

00:53:45   could be using CPUs again or whatever. So you're not dependent on ever increasing computation.

00:53:49   Pete: We could just use papers and pencils.

00:53:51   [Laughter]

00:53:52   Pete: Exactly. You could sit there and be calculating a SHA-1 thing by hand. So, I mentioned

00:53:56   that in part because the coin creation isn't a factor of computation. The computation is

00:54:02   intended to keep production at a steady pace instead of having an inflationary thing where

00:54:08   someone could suddenly be creating coins every five seconds and exhaust the system.

00:54:12   Jared Is there a layman's explanation for how there

00:54:16   can be an upper limit? Like how there can be a last Bitcoin mined?

00:54:19   Ben Yeah, the algorithm actually, or I should

00:54:23   say, see there's the original paper that Satoshi wrote. There's an implementation that he or

00:54:29   they created in the first couple of years. I, my understanding is very deeply involved before he

00:54:34   And then there's the Bitcoin Foundation,

00:54:36   other parties that engage in protocol improvements

00:54:40   and software updates.

00:54:42   So I forget what it is.

00:54:44   If it's 80% of the nodes in the Bitcoin network,

00:54:46   or is it 50, not 50, I think it's 80,

00:54:48   have to agree to a software upgrade

00:54:50   and then they roll it out and deprecate the previous version.

00:54:53   So there have been changes and improvements over time.

00:54:55   So right now, the way the protocol works

00:54:58   is that mining delivers 25 Bitcoins every,

00:55:02   every, you know, say 10 minutes on average or less.

00:55:06   And the protocol states that on a certain point

00:55:08   after a certain number of coins are generated,

00:55:11   and you can see a table,

00:55:12   you can go to like a Wikipedia as a table of it,

00:55:14   and we'll show you what the point is

00:55:15   and actually estimate the date for when this happens.

00:55:18   Suddenly, instead of 25, 12 and a half,

00:55:20   and then in the equivalent of roughly four years

00:55:23   or a certain number of blocks, it's measured in blocks,

00:55:25   go by, it'll be 6.25, and then it will be 3.125,

00:55:31   And dividing down, yeah, exactly, it's an infinite thing.

00:55:34   And so you'll get closer and closer to 21 million

00:55:36   and never quite achieve it.

00:55:37   But most coins will be mined within, I think,

00:55:40   was it 12 or 16 years, almost all the coins will be mined.

00:55:43   And the question then is-- - Got it.

00:55:44   So in other words, it's sort of like a calculus thing

00:55:46   where, you know, there may never exactly be a last Bitcoin,

00:55:49   but eventually it'll approach this limit of 21 million

00:55:54   or something, and it'll get ever and ever closer

00:55:56   and there'll be ever so fractionally less value

00:56:00   in getting a new Bitcoin.

00:56:03   - And here's the last thing before you this much, Biggs.

00:56:05   So here's the thing, what the system,

00:56:07   people involved in the system suspect will happen

00:56:09   is every transaction can have a mining fee attached.

00:56:13   And I think some must have a mining fee attached

00:56:15   and others can be done for free.

00:56:17   However, miners preferentially take transactions

00:56:20   that have fees attached.

00:56:21   They're not required to take empty transactions

00:56:24   and typically those get queued and they wait longer

00:56:26   before they're permanently committed.

00:56:28   So this is an interesting bit of microeconomics,

00:56:31   I don't know if it's microeconomics,

00:56:31   but it's just a bit of like a microscale thing

00:56:33   that goes on is, I'm sending you money, John,

00:56:35   but I don't wanna pay a mining fee,

00:56:37   so I mark zero on that.

00:56:39   It might take like a couple hours for it to get baked in,

00:56:42   or maybe even longer sometimes,

00:56:43   and until it's baked in,

00:56:45   and then more blocks are added after it,

00:56:46   it's not really permanent.

00:56:48   So that idea of instantaneous transfer is true,

00:56:51   except that until the transaction is permanently

00:56:55   baked into a block,

00:56:56   and at least a few blocks have been added after it

00:56:59   to ensure that the chain is the correct chain,

00:57:01   we can't really count that it's true.

00:57:03   There are some ways around it

00:57:04   and some predictability for it,

00:57:06   but what the idea is that over time

00:57:07   those mining fees will increase

00:57:09   so that as the reward decreases

00:57:11   people will have to pay more per transaction fee,

00:57:15   which right now is kind of the argument

00:57:16   that Bitcoin has no transaction fees.

00:57:18   It does not have required ones in most cases,

00:57:21   but transaction fees will be likely much smaller

00:57:25   compared to say credit card transaction fees

00:57:26   or wire transfers or other,

00:57:28   especially international money transfer.

00:57:30   But there will be an increasing number of transaction fees

00:57:32   that are given to miners to keep them

00:57:34   actually engaged in the system and making new blocks.

00:57:37   Even when the reward is 0.00001 Bitcoin,

00:57:40   you need miners to make blocks.

00:57:42   - It's like a working example of free market economics.

00:57:47   - Yeah, yeah, because if you can't get your transaction

00:57:51   put into a block, you have to raise the fee.

00:57:53   mandatory fees. You can just put it out there and if somebody wants to, they can verify it and put

00:57:58   it in the chain for free or, you know, with no fee. But if you want to motivate people to

00:58:03   prioritize your transaction, you can offer them a fee. And if it's high enough, they'll choose

00:58:12   to do it and then you'll get priority. So, it really will be some, there will be some mandatory

00:58:16   fees very likely, but there'll be exceedingly tiny, the mandatory ones when those kick in.

00:58:20   And this sort of pure free market economics at work, you could see how this draws

00:58:28   libertarian minded people to the whole Bitcoin world.

00:58:33   Yes.

00:58:34   Right. Let me take a break. We'll come back. There's more I want to talk about Bitcoin.

00:58:38   But I want to thank our second sponsor, and it's our good friends at Hover, H-O-V-E-R.

00:58:47   Hover, quite simply, is the best way

00:58:49   to buy and manage domain names.

00:58:51   You have a great idea.

00:58:54   You want to get a domain name for it.

00:58:56   You want a catchy, memorable domain name.

00:58:59   Hover gives you everything you need to get the job done.

00:59:01   They'll let you search.

00:59:03   They have a whole bunch of top level domains to choose from.

00:59:07   It'll help you find the domain you're looking for,

00:59:09   maybe give you suggestions on something close to it.

00:59:12   Everybody knows when you search for domains,

00:59:14   it's hard to find a good one.

00:59:16   Hover makes it easy.

00:59:19   All sorts of domain registrars, of course,

00:59:21   have search like that.

00:59:23   The difference between Hover and typical domain registrars,

00:59:26   you just have to see it to believe it.

00:59:28   Because everybody else, they're trying

00:59:30   to make money every other way other than just by selling you

00:59:33   the domain names.

00:59:34   There's upsells on all sorts of scammy stuff, checkboxes

00:59:39   you have to uncheck to get out of these add-ons and follow-ups,

00:59:44   all sorts of nonsense.

00:59:45   The worst sort of business, just,

00:59:48   it's, a lot of them are just scams, honestly,

00:59:50   and anybody who's ever used them will know it.

00:59:52   Hover is just straightforward.

00:59:54   Just go, I mean, just go check out their website

00:59:56   and you will see right away that they just,

00:59:59   it just doesn't even look like other domain registrars.

01:00:01   No nonsense.

01:00:02   They make money by charging you for domain names

01:00:06   and that's it.

01:00:07   They have great, great, great customer support,

01:00:11   including something called Valet Transfer Service.

01:00:14   So if you've already got a domain at another registrar

01:00:17   and you're unsatisfied with that registrar,

01:00:20   and there's a very good chance that you are,

01:00:22   because most registrars stink,

01:00:24   you can go to Hover, sign up,

01:00:27   and their valet transfer service will help you,

01:00:31   or just do the work for you.

01:00:32   You just give them access to your other registrar

01:00:34   and they'll take care of all the DNS stuff,

01:00:37   all the stuff you need to do to move or transfer a domain

01:00:42   from one registrar to another.

01:00:44   It's a great service, and for most of us,

01:00:47   it's because we're not experts.

01:00:50   Even, I don't know, I have a bunch of domain names,

01:00:51   but I almost never move them

01:00:53   or change anything to do with them.

01:00:54   So I'm not a DNS expert.

01:00:56   The people at Hover are.

01:00:58   This is what they do all day, every day.

01:01:01   So you're in great hands.

01:01:03   Everybody I know, and I know,

01:01:04   I have a bunch of friends who've used this valet service.

01:01:06   They swear by it.

01:01:07   It sounds too good to be true,

01:01:09   that you just sign up and let them do all the work for you.

01:01:12   But that's actually how it works.

01:01:16   Where do you go to find out more?

01:01:18   Easy.

01:01:19   Go to hover.com, H-O-V-E-R dot com slash talk show.

01:01:25   And they'll know you came from the show.

01:01:27   So happy to have them as a sponsor.

01:01:31   Really, just go check them out and you'll be happy to.

01:01:37   All right, back to Bitcoin.

01:01:38   A couple of things I want to ask you about still.

01:01:44   We should talk about why Matt Cox went dead too.

01:01:48   Yeah, that's part of it.

01:01:50   Tell me about, so you mentioned that there may not even be one individual name set.

01:02:01   The credit for creating Bitcoin goes to, ostensibly, a Japanese mathematician named Satoshi Nakamoto.

01:02:13   Mm-hmm.

01:02:14   Nobody knows—and at the very least, it's a pseudonym, if it is one person.

01:02:21   If it is the work of one person, Satoshi Nakamoto is apparently a pseudonym.

01:02:26   Yeah, it's, I mean, that's the, well, it's weird because they're not anonymous, I guess it has to be a pseudonym, or they're not anonymous.

01:02:33   No one has, no one has proved, proven who this person is, or if a single person did it. There's a suspicion, and you know, when you read stuff, you know often when it's the work of one person the way it's written.

01:02:46   And, you know, I've read the paper, the paper reads like one person wrote it. So if it's a group, one person drafted it. It does not have the feel, it's got a very specific style.

01:02:55   have a feeling of a committee.

01:02:56   Pete: Yeah, I mean, there's not, and the statements aren't vague, they're very specific,

01:02:59   there's a style to it, and this person posted, I mean, and someone has, I mean,

01:03:04   this is why it's suspected to be just an individual, because this person was actively

01:03:07   participating in the early Bitcoin discussions for years. And, you know, there's this typical thing,

01:03:12   this is what happened with the guy who was arrested for Silk, what the heck is it called?

01:03:18   Ted, off screen.

01:03:18   Ted, off screen.

01:03:18   The Silk Road.

01:03:19   Pete.

01:03:19   Silk Road, yeah. The guy was arrested in the Bay Area. He had posted something.

01:03:24   Man, what a nut job that guy is.

01:03:25   I know! But you know, and this is funny, this is like, this is apparently a very common forensics technique, and I heard about it.

01:03:32   I was like, "Oh, this is so brilliant. Why, you know, I should have guessed, and I feel like an idiot."

01:03:36   What they do is they look at the first time someone posts under an identity on some online thing, and then they trace back and see who, you know, it's like who followed them on Twitter, who referenced them, who linked to a website, who favored, like...

01:03:48   So, they went back and they found the Silk Road guy because there were fingerprints all

01:03:51   over him pointing to the entity that, you know, he eventually became. And so, that's

01:03:57   how, really, a big part of how they found him was that. And you have to be very careful

01:04:01   about that. So, anyway, no one's found that kind of thing with Nakamoto. Even though the

01:04:08   guy posted, you know, we assume it's a guy, probably.

01:04:10   So, in other words, you're saying like if somebody wanted to uncover the Macalope, go

01:04:14   and actually the Macalope I think predates Twitter, but let's say or if somebody else

01:04:19   created a Macalope like, you know, pseudonymous column, you know.

01:04:24   Yeah, who's the first person who retweeted it? Who's the first person who linked to it?

01:04:28   Did you go to Tumblr and give it love at Tumblr? Which is very clever. So no one has found

01:04:33   those fingerprints and a lot of people have looked and some very clever journalists have

01:04:37   looked. I forget, is it Wired? Someone did a piece where they looked through a lot of

01:04:40   They talk to a ton of people and they're pretty sure it might be this one person, but it's just, there's not enough evidence to show that it's them.

01:04:49   The reason people care who Satoshi Nakamoto is, is because Satoshi Nakamoto has like 5 million Bitcoins, I think. Something like that. Is that the amount?

01:04:57   It's some huge, or no, I'm sorry, is it 5% of outstanding Bitcoins? It's a huge number because they were the only person mining initially.

01:05:04   And so whoever that is has a ton of money.

01:05:09   Like even with the current, you know, the drop to $500 a Bitcoin, this person conceivably has like, I don't know what it is, like a billion dollar, $800 million, some huge amount of money if they wanted to convert it slowly into cash.

01:05:20   Now because Bitcoin, all the addresses are public, people can watch those early Bitcoins and see if they get transferred, you know, to exchanges or cashed out or used for things.

01:05:31   things and apparently they're all very static. So that's another aspect of

01:05:35   Bitcoin is that all the transactions are done in public. The identities are not

01:05:39   tied to the bitcoins, a person's identity isn't, but the bitcoins you can see them

01:05:44   move through time and that's an aspect people both like and hate about it.

01:05:49   So you can tell though, somebody who owned, like you said, maybe it's not five million,

01:05:54   maybe it's five million is probably too big a number if there's only 21 million total.

01:05:57   - I forget what it is, it's a big percentage though.

01:06:00   - Right.

01:06:01   Let's just call it a million.

01:06:04   - Yeah, it's a lot of money.

01:06:05   - Somebody could watch those million,

01:06:07   look at the early Bitcoins

01:06:08   and if a bunch of them start moving,

01:06:10   you could safely assume that it's the ones

01:06:14   that were owned by Nakamoto,

01:06:16   whether Nakamoto is a group or some sort of entity

01:06:20   or something like that.

01:06:21   - Exactly.

01:06:21   - But this is the part that to me makes it seem most like

01:06:25   a science fiction novel or film, probably a novel,

01:06:29   because I think that the math is not as cinematic

01:06:33   as like a novel could make it.

01:06:35   But either way, it's like a science fiction story,

01:06:39   is that there's a sort of heroic mystery figure

01:06:44   at the top of it, an individual who wrote this paper

01:06:49   and made this system and then disappeared.

01:06:53   - I know, it's very cinematic in that sense.

01:06:54   Right. And it's almost now like a mythic figure.

01:07:00   Yeah.

01:07:01   Not to exaggerate in the least, right? That there's this mythic figure who created this beautiful

01:07:06   system, stands to be enriched personally, tremendously by it if they so chose. And then,

01:07:15   like you said, very, very active at the outset. It wasn't just like the white paper dropped and

01:07:22   the system went into place, there's, you know, I guess, what was it, mailing lists? I don't know,

01:07:26   but there's a lot of, you know, online communication from Satoshi Nakamoto,

01:07:32   but then just disappeared. Yeah, and they handed it off.

01:07:36   Did he write like a, "Okay, I'd say that I'm out of here," or did he just, you know, is there like

01:07:43   a goodbye letter or a, "Now I'm done"? I am trying to remember. I think they just stopped

01:07:49   - Posting, isn't that funny?

01:07:50   I think I would know that it's,

01:07:52   I think that they just, hmm.

01:07:56   What is the, oh man, it's so funny.

01:07:58   I don't think they actually said goodbye.

01:08:00   I think they basically stopped posting and then,

01:08:03   but it anointed, there was somebody,

01:08:05   the person who's the, what's his name,

01:08:07   Gavin Edwards, may Gavin something,

01:08:10   who's the head of the Bitcoin Foundation.

01:08:13   Gavin Andresen, he's chief scientist

01:08:15   at the Bitcoin Foundation.

01:08:16   So Gavin Andresen, as I understand,

01:08:18   I believe he was sort of anointed as the person

01:08:20   to carry on the software work.

01:08:21   But my recollection is that,

01:08:23   is that it wasn't like a,

01:08:27   "Okay, and now I've done my work and I'm leaving."

01:08:29   It was more like, like just stop posting.

01:08:32   And I found the numbers, 1.5 million Bitcoins.

01:08:36   And so that's, it's like $800 million

01:08:38   in today's exchange rate.

01:08:39   And it was over a billion dollars.

01:08:40   - And it's not 5% of the ones outstanding,

01:08:42   it's about 5% of the ones that will ever exist.

01:08:44   - Yeah, it's a little, right, a little more,

01:08:46   it's like seven or eight percent, right?

01:08:48   So it's a big chunk.

01:08:50   And there's, you know, one of the rumors is that,

01:08:52   so here's the thing with Bitcoins,

01:08:54   you have to keep that private key secure,

01:08:57   but if you lose the private key,

01:08:59   your Bitcoins are gone forever.

01:09:00   You can't spend them, you can't transfer them.

01:09:02   I met a Bitcoin miner and he, we were chatting,

01:09:05   and two interesting things.

01:09:07   One is I did not know initially,

01:09:10   but he was, a few months before he and I met,

01:09:12   he was generating a significant single digit percentage

01:09:15   of all Bitcoins worldwide.

01:09:16   did not realize how highly placed he was,

01:09:18   which was interesting.

01:09:19   And the other was, he said, oh, I've got a drive over there.

01:09:22   It's completely dead, it has 400 Bitcoins on it.

01:09:24   I'll never recover those.

01:09:25   And that was at a time when I think it was,

01:09:26   I don't know, a couple hundred dollars a Bitcoin.

01:09:28   So he had like a drive that has like $2 million

01:09:30   with their dead coins on it by today's,

01:09:32   and he'll never get them back.

01:09:33   There's no, I mean, he's tried everything.

01:09:34   He could spend, you know, $3,000 on drive savers

01:09:37   or whatever, and so when you lose the key--

01:09:39   - I wish you were dead.

01:09:41   They're not a sponsor this week, but--

01:09:43   (laughing)

01:09:44   - Do we keep talking about them?

01:09:46   - Too bad Backblaze isn't a sponsor this week.

01:09:49   Back up your hard drives, people.

01:09:51   - You know, there are issues about storing private keys

01:09:54   for Bitcoin, so this doesn't get us entirely to Mt. Gox,

01:09:57   but there's something called cold storage.

01:09:59   And you transfer your private key,

01:10:01   either you've never had it on an internet connected machine,

01:10:03   you sign all your transactions on a not ever connected,

01:10:07   you know, a glue in the USB port,

01:10:10   wifi radio removed, whatever.

01:10:14   you generate all your stuff on a non-connected machine

01:10:16   and then you sign transactions and you copy them out

01:10:19   or you type them in, you do have a USB key,

01:10:21   but you're extremely careful

01:10:22   and you move those to the public internet.

01:10:24   And this is critical because if your private key is stolen,

01:10:27   as has happened on a mass scale over and over again

01:10:30   the last few years at multiple online wallet services

01:10:33   and exchanges, if someone steals your private key,

01:10:36   they can transfer your money to anywhere they want to.

01:10:39   And the same thing happens.

01:10:40   So the cold storage is in some cases,

01:10:42   I understand some are actually printed out

01:10:45   the key information.

01:10:46   There's like a pile of paper as an additional backup

01:10:48   in case the spinning media or SSDs fail.

01:10:51   - It makes sense.

01:10:54   - It's hilarious.

01:10:54   Well, one of the coin services went down,

01:10:57   I'm forgetting which one, another one shut down

01:10:59   and they did lose some number of coins,

01:11:02   but they said almost all of their coins

01:11:03   were in cold storage and they will be transferring them back

01:11:06   to their owners.

01:11:07   The ones they lost that were in live storage was modest

01:11:09   and those are gone forever for whatever reason.

01:11:11   I don't think they've said yet.

01:11:12   But the ones that are in cold storage

01:11:14   are totally preserved and okay.

01:11:16   - So tell me about these exchanges.

01:11:20   What's the point of them?

01:11:25   - Well, this gets in the basic nature of like,

01:11:26   so John, what is money? (laughs)

01:11:29   Have you tried to explain this to Jonah?

01:11:30   I mean, like, Jonas, have you said,

01:11:32   has he said to you, I mean, he's old enough.

01:11:33   Has he, yeah, like, what is actually money?

01:11:35   I try to explain to my kids sometimes.

01:11:38   And they know that money buys things

01:11:40   that could be exchanged for-- there's a great line from--

01:11:43   there was a Beatles parody group called The Rutles that

01:11:45   had Eric Idle and some other people involved.

01:11:48   And someone said, you're just in it for the money.

01:11:50   And their joke response was, no, no, we're

01:11:52   not in it for the money so much as the goods and services

01:11:55   that money purchases, right?

01:11:56   You know, Jonas is still at the point

01:11:59   where money is like gravity.

01:12:03   And it's something he accepts and understands the gist of,

01:12:08   but that it's sort of, it's at the bottom of,

01:12:13   those why, kids are so,

01:12:18   the greatest thing about childhood

01:12:20   is the natural inclination of almost all children

01:12:24   to just keep asking why, why, why.

01:12:26   And it gets, parents of course, you get sick of it,

01:12:29   but it's actually, it shows how,

01:12:33   what a fantastic state their brains are in,

01:12:36   that they're seeking answers,

01:12:38   they're coming up with, you know, why, why, why. Gravity is one of those things that he's never

01:12:42   asked me about. Like, how exactly is it that we stick to the earth? And money, I think, is exactly

01:12:50   the same sort of thing. It's just there and he accepts it and never has gotten to the point where

01:12:54   you wonder why. Well, I don't think, I'm not sure if the kids ask or we volunteer, we like to,

01:12:59   as part of the series of parental lectures. No, but we've, at some point, I can't remember what

01:13:03   came up and I tried to explain it and money sounds ridiculous when you explain it. Why

01:13:09   does this piece of paper have value? I'm giving you a piece of paper with George Washington's

01:13:13   face on it and you can go anywhere and exchange it for something and people will always accept

01:13:17   it as legitimate and that's ridiculous. It's completely ridiculous, right? So when

01:13:22   you start to explain Bitcoin to people about why there's value in it, you're like, "All

01:13:26   right, this is just crazy." Bitcoin is crazy but then money is crazy too.

01:13:30   It was a little bit less crazy when you—and I, you know, again, not to get into the political

01:13:35   aspects of it, and I guarantee you with, you know, a technical-minded show, somebody out there is

01:13:40   gonna be offended by what I'm about to say. But it was a lot easier to explain when the

01:13:46   U.S. was on the gold standard. Yeah, yeah, 'cause you could say it corresponded to a

01:13:51   specific amount of gold that had an— The U.S. government owned a tremendous,

01:13:54   or still does own it, but owned this tremendous amount of gold. Gold has, you know, a true

01:14:01   real value on, you know, because it's a rare mineral that people consider to be beautiful and

01:14:06   etc. And Dollar Bill was the US government promising that this Dollar Bill represents

01:14:13   a dollar's worth of gold. You could always exchange it if you wanted to for that amount of money.

01:14:17   And then I, you know, my understanding, you know, and there's a whole bunch of, there's a,

01:14:21   you know, always been a political fringe that thinks the US made a mistake getting off the

01:14:27   gold standard and that we should get back onto it. And not that I think that that's actually a

01:14:31   good economic theory, I think the explanation is that it appeals to many people because it's

01:14:35   understandable. And--

01:14:37   Pete: Well, it supposedly prevents inflation. There's a lot of reasons why people like it.

01:14:41   It's inflation, it's a real thing, it prevents printing money, it controls governments,

01:14:45   governments can't go to war as easily, necessarily, because they can't print money.

01:14:49   Ted, so all these things that a lot of people

01:14:51   hate and they think that the gold standard could be an answer to them returning to it or having never.

01:14:56   - I just think a big part of the appeal is that it's, there's no yada, yada, yada, dot,

01:15:03   dot, dot step in the middle, which is what you have with our current system.

01:15:07   - Right. Well, so here's the thing, fundamentally what fiat currency or like,

01:15:12   what's the word for it? It's like cash money. What money printed by governments, backed by

01:15:17   governments has is that you can pay your taxes in it and the government pays its bills in

01:15:22   it. And I've talked to a bunch of people when I was doing The Economist articles about Bitcoin

01:15:26   and fundamentally that's what a lot of them said was it's the government's use of legal

01:15:31   tender as a means of exchange, not just that it establishes value, you know, and there's

01:15:37   the extra angle that some people want to talk about coercion. The reason we accept money

01:15:41   is because the, you know, governments have militaries and they force us to. If you didn't

01:15:44   accept money, you know, you're backed by the police and above the police, the military,

01:15:48   and you can go to jail, there's a penalty, you know, for how you use it. So, you know,

01:15:53   you can get to a political argument about that, but fundamentally it's when you pay

01:15:59   the American government, or most governments, you have to pay in the currency that they accept,

01:16:04   and they issue that currency to pay all of their bills. And so…

01:16:08   Jared: That starts a virtuous cycle that gives it value.

01:16:11   Right, it's a barter system in which the government is the, you know, I mean, dollar bills are,

01:16:15   it is a form of barter. We just accept the value that the government puts on it and the

01:16:19   US government at least, with some intervention, allows the dollar to float to represent what

01:16:24   the market actually thinks it's worth as a means of exchange. So Bitcoin is weird because,

01:16:29   and so that's where you get into the Mt. Gox and these other exchanges as one aspect of

01:16:33   the ecosystem of Bitcoin is that moving money in and out of Bitcoin. So it's one thing if

01:16:38   you were a miner. In the early days, you could run like, you could have been running like

01:16:41   a Mac Pro and making coins and actually having coins to spend. And they might not have been

01:16:46   worth that much each, but you know, there was some people accepting them. You could

01:16:50   use it to exchange debts with some people. But you need to move money in and out of the

01:16:53   system. So there's no inherent value as more and more merchants accept Bitcoin, which is

01:16:58   still going on. Like Overstock will accept Bitcoin through an intermediary that establishes

01:17:05   for it, but the more you can buy within the system, the less you have to transact in and

01:17:09   out. But the exchanges exist as a way to take dollars and turn them into Bitcoins or any

01:17:13   currency and vice versa. And I set up with—so Mark Andresen and I had this wonder—so Mark

01:17:18   Andresen, founder of Netscape, really interesting guy, a guy I think was seen as not very bright

01:17:25   for a while about how he invested and what he did, and then it all started to pay off.

01:17:29   And then everyone thinks he's brilliant, and I actually kind of think he's brilliant.

01:17:31   I think he was so far ahead of his time as an investor that it took a lot, like with

01:17:36   Paul Allen, where everyone thought Paul Allen was an idiot for about a decade, and then

01:17:40   everything he thought would happen happened.

01:17:43   You know, satellite television and everything.

01:17:45   Paul Allen, just about.

01:17:46   And so—

01:17:47   And so, hell, the Seahawks even won a Super Bowl.

01:17:49   I know!

01:17:50   I mean, he spent—

01:17:51   [laughter]

01:17:52   Exactly!

01:17:53   So, so I love—

01:17:54   I mean, you can make a lot of money going back to like 1985 and betting people that

01:17:57   the Seahawks are gonna win a Super Bowl eventually.

01:18:00   So you could, so you could say this.

01:18:01   you could say like in 2000, people thought Mark Andreessen

01:18:03   and Paul Allen were not very smart.

01:18:05   And in 2014, it's like pretty damn smart

01:18:08   in terms of where technology went and how they made money.

01:18:10   So Mark Andreessen wrote this piece

01:18:12   'cause he's involved with, before I say it,

01:18:14   I think it's Coinbase.

01:18:16   And Andreessen Horowitz, they invest in Bitcoin companies

01:18:20   and it's part of their, you know, what they're into.

01:18:24   And let me make sure, I think it's,

01:18:26   I'm pretty sure it's he's invested in that one.

01:18:28   I hate to say the wrong company

01:18:28   'cause there's so many BitCoin, yeah Coinbase,

01:18:32   yeah Andreessen Horowitz put in $25 million

01:18:34   as a part of the, or sorry,

01:18:36   that was part of the lead investment was them,

01:18:39   but it was $25 million a few months ago.

01:18:40   So I go to Coinbase and I say,

01:18:42   "All right, I wanna buy $50 worth of Bitcoin."

01:18:45   And they're like, "Great, okay, verify some information,

01:18:47   "do this, we're gonna text you this thing, you should."

01:18:50   And all right, so I'm like, "This is okay,

01:18:51   "it's like setting up a banking thing, whatever."

01:18:53   And they're like, "All right, your Bitcoins

01:18:55   "will be available in like three to five business days."

01:18:57   I'm like, "Wait a minute, this is an instantaneous system, what's going on?"

01:19:01   And the problem is Bitcoin, despite a lot of claims, and I hear this from people who

01:19:05   say it's incredibly liquid.

01:19:07   Bitcoin is not very liquid when you want to go in and out of legal tender.

01:19:12   And so exchanges exist to make that happen, but between banking regulation, where a lot

01:19:17   of these exchanges, the amount of gawks fell afoul of this, they actually have to deal

01:19:21   with certain banking laws, in some cases, not all, depends how they construct themselves.

01:19:25   there's like reporting requirements and whatever between that and just some aspects of like how many

01:19:31   people participate in the system, how you move the coins around to be able to exchange that value

01:19:36   without being too heavily, you know, an exchange can't take so many Bitcoins and pay out so much

01:19:41   cash that they don't have actual legal tender on hand, right? That would be bad because then there

01:19:45   could be a change in the volatile price of Bitcoin and they could be caught short and there'd be a

01:19:50   run on the exchange, which has happened essentially in multiple cases.

01:19:53   Right, the same way Nevada state law says that a casino must have the equivalent cash

01:20:01   in the building as they have casino chips in circulation.

01:20:07   Which makes sense, right?

01:20:08   Right.

01:20:09   It makes perfect sense because—

01:20:10   If everybody in the casino all at once wanted to cash in the chips that they have in front

01:20:14   of them, the casino is legally obligated to have enough cash to cover it.

01:20:18   And this is why the wonderful, the FDIC is one of the best agencies we have in America.

01:20:25   I'm confident the former head of the FDIC, I am confident, even though she did not get

01:20:29   her role extolled as much, she was not one of the boys in the room.

01:20:33   Sheila, what was her name?

01:20:34   I'll find this, but she is the reason that the entire American economy, Sheila Bair,

01:20:39   which she's left the FDIC now, she cut deals that prevented the US economy from falling

01:20:44   apart by keeping banks open.

01:20:47   And she made that happen.

01:20:48   and the FDIC said-

01:20:49   - You're talking about like at the end of 2008.

01:20:51   - Sorry, end of 2008, right.

01:20:52   She, despite everyone talking about Geithner

01:20:56   and all these other people,

01:20:57   she is actually the reason our banking economy

01:20:59   did not collapse and we did not actually

01:21:01   go into a depression.

01:21:02   I'm confident history will prove that

01:21:03   because the top of the name,

01:21:06   the people in the top name are all these guys

01:21:08   who did all kinds of crap and she actually just did the work.

01:21:10   So anyway, the FDIC exists as an entity

01:21:13   because we had bank runs and the right,

01:21:15   the depression happened, banks did not have enough money.

01:21:17   Your money's in, you know, Mr. Thompson's house,

01:21:20   and it's the Bailey Savings and Loan scene.

01:21:24   No, what's my money doing over there?

01:21:26   So when you have a run of the bank,

01:21:27   banks are not obliged to keep 100% of their deposits on hand.

01:21:30   They lend them out, and that's how they make money.

01:21:32   The FDIC is the backstop.

01:21:34   I know this is basic for most listeners.

01:21:35   The FDIC, the Federal Deposit Insurance Commission,

01:21:38   they take premiums from banks,

01:21:40   and they use that to have a fund

01:21:41   that backstops a certain amount of loss if banks go under.

01:21:46   and the FDIC is out there closing banks down.

01:21:48   It's kind of cool.

01:21:49   Have you ever heard of the FDIC?

01:21:50   They close banks down?

01:21:52   - No.

01:21:53   - It's cool.

01:21:53   I think Planet Money did a piece on it.

01:21:55   They basically, they show up on a Friday,

01:21:58   they're all dressed in plain clothes

01:21:59   and they show all their credentials

01:22:01   and they shut the bank down and they take it over

01:22:03   and no one at the bank is allowed to talk about it.

01:22:05   They spend the weekend on the books, whatever,

01:22:07   and it opens on Monday.

01:22:09   And it's like, it is like a spy operation

01:22:12   because they do not want to, you know,

01:22:14   they'll come into town.

01:22:15   I understand that like rent rooms and motels not at the same motel.

01:22:18   They do not want to panic people.

01:22:19   They do not want to run in the bank.

01:22:20   - It's the accounting version of like what a gangster movie

01:22:24   would call the cleaner, right?

01:22:26   - Exactly, the FDIC and that's what they do.

01:22:28   And they do it.

01:22:29   - Harvey Keitel in Pulp Fiction, right?

01:22:31   - Yeah, you know, you got your sulfuric acid here.

01:22:34   - We don't want any attention, you know?

01:22:36   No, no, not Reservoir Dogs, Pulp Fiction.

01:22:38   When they got shot in a car and you know, it's like, look,

01:22:40   we just want to clean this mess up.

01:22:41   Nobody's gonna know none the better, right?

01:22:45   - But it's, yeah.

01:22:45   - It's with numbers, numbers and ledgers.

01:22:48   - We're cutting the bank apart into small pieces

01:22:50   and we're melting them in the tub

01:22:51   and no one's gonna know about this bank.

01:22:53   So I don't mean to make a huge digression,

01:22:55   but the FDIC backstops banks.

01:22:57   So if banks don't have enough money on hand,

01:22:59   the FDIC is there to pay depositors up to a certain amount,

01:23:02   which is huge, I know.

01:23:04   So small depositors never get, and so people don't panic.

01:23:09   There's no, we don't have runs on the bank

01:23:11   because people believe that the US government

01:23:13   in the form of the FDIC will backstop banks.

01:23:16   And we saw that in the 2008 crisis.

01:23:18   There is no FDIC for Bitcoin,

01:23:20   and maybe one will be created.

01:23:22   But when there's a run on an operation,

01:23:25   an exchange has some amount of Bitcoins

01:23:26   and some amount of cash,

01:23:27   and they cannot cash everything out at once,

01:23:30   and they're not obliged to the way they're run.

01:23:32   So this gets us around.

01:23:33   So now--

01:23:34   - It's like you said that it's the government,

01:23:37   and it really does annoy me,

01:23:38   and Marco had a good piece last week about it.

01:23:40   It doesn't make any sense to talk about the government

01:23:42   as a single entity and complain that the government is always

01:23:45   in the way and whatever, that the government is comprised

01:23:48   of thousands of individual organizations

01:23:55   from the federal to the state to your municipal level.

01:23:57   FDIC is a great example of the government at work.

01:24:00   Because the main point of it is if you see a bank

01:24:03   and you see that the bank is in FDIC--

01:24:07   and I believe it's probably not even legal to open a bank

01:24:10   that's not part of the FDIC.

01:24:11   you can't just, like you and I can't just open a

01:24:13   thing and call it a bank.

01:24:14   Yeah, there's all the, you have to, there has to

01:24:16   be like a governing regulator, there's

01:24:17   different choices, the FDIC, you have to pay

01:24:19   them insurance.

01:24:20   But it means that all of us, every single citizen

01:24:23   can just, you don't have to worry about doing

01:24:25   the research and figuring out is this bank legit

01:24:28   is, you know, if I go in there and put my paycheck

01:24:31   in deposit, you know, create a checking account

01:24:33   and put my whole paycheck in there, is that money

01:24:36   safe?

01:24:36   You don't have to worry about it.

01:24:37   It just is.

01:24:38   You really, I mean, all you have to do is have

01:24:40   in the US government.

01:24:42   - And at one point, you remember for a long time,

01:24:44   the FDIC said, you know, deposits,

01:24:46   you hear a commercial on TV for a bank,

01:24:48   deposits are insured up to the maximum $100,000

01:24:50   by the FDIC, and then during the crisis,

01:24:52   they lifted that amount, I forget to what,

01:24:54   and I don't remember what it's at now,

01:24:56   because there are enough people who like,

01:24:58   you know, this just happened, my parents sold their house,

01:25:01   and they had hundreds of thousands of dollars

01:25:02   from the house, which they plan to live on

01:25:04   for the rest of their lives, in the bank.

01:25:05   And you know, so they had more than 100 grand

01:25:07   in one account, and if a bank fails,

01:25:10   you were only insured.

01:25:11   In some other countries,

01:25:12   they immediately lifted it to unlimited

01:25:14   because they did not want any depositors

01:25:16   to not be made whole.

01:25:17   They felt it was a better risk to prevent a run of the bank,

01:25:19   especially by high net worth individuals

01:25:21   who might have a million bucks in an account,

01:25:23   than to worry about the problem

01:25:27   of reclaiming that money later.

01:25:28   And it worked out correctly.

01:25:29   It was the right move.

01:25:30   - And the limit, I think that that limit was pretty old.

01:25:33   It, you know-- - It was.

01:25:34   It was inflation adjusted.

01:25:35   - Right, it was like $100,000 in,

01:25:37   you know, I'm gonna pull the number out of my hat,

01:25:39   but 1950 dollars, I don't know, which is a far cry

01:25:44   from 100,000 dollars and 2,008 dollars.

01:25:46   - It's very easy for people who are in the age range

01:25:49   from 50 to 80 to wind up with more than 100 grand

01:25:52   in the bank because of house sales, basically.

01:25:53   They downsize.

01:25:54   You live in the Bay, I mean, 90 people whose parents

01:25:56   lived in the Bay Area, and they got a million dollars

01:25:59   for their house, they didn't ever expect a windfall,

01:26:01   and they might have a tiny pension or whatever.

01:26:04   They don't even know how to handle that.

01:26:06   So there is nothing, there's no backstop.

01:26:08   And so with Mt. Gox, so Mt. Gox has all kinds of weird things.

01:26:12   You may know it started as a site called

01:26:16   Magic the Gathering Online Exchange, M-T-G-O-X.

01:26:20   Did you know this?

01:26:21   - I did know that. - This is a funny story.

01:26:22   Yeah, so it's funny.

01:26:23   So they thought they were going to be,

01:26:25   and what I read the other day pointed out

01:26:27   that if they'd actually invested in

01:26:29   Magic the Gathering coins back when they started,

01:26:31   they would, or cards rather,

01:26:33   they would probably have had a better return

01:26:34   than what's happened.

01:26:36   'Cause some cards are worth like $2,000 now.

01:26:38   But so, anyhow, so Mt. Gox, people have been documenting for years the deficiencies in

01:26:45   their programming, their security, their response.

01:26:48   They had, they didn't file the right paperwork or act in the correct way in the United States.

01:26:52   And the U.S. seized, I think it was $5 million from them because they didn't have, they were

01:26:58   operating as essentially a kind of entity that they weren't, and they just didn't do

01:27:02   the right work.

01:27:03   Like, I think they could have been operating as an entity.

01:27:05   There are Bitcoin exchanges that operate in the United States that have filed the paperwork

01:27:09   correctly and Mt. Gox did not.

01:27:10   So the, it's still totally unclear what happened because they haven't released enough information.

01:27:19   They claim they've lost, what was the number, it's a crazy number, it's like 7% of all outstanding

01:27:25   It is 750,000, yeah, over 750,000 coins owned by its users and 100,000 of its own.

01:27:35   And the issue is we don't know what lost means yet because they haven't done a forensics

01:27:39   thing in Japan.

01:27:40   They're based in Japan.

01:27:41   That's where their offices were.

01:27:44   It could be they lost all the private keys.

01:27:46   Maybe they didn't do a good job and they're just unrecoverable.

01:27:48   And gone from the system.

01:27:49   Right.

01:27:50   Yeah.

01:27:51   suspicion that there are potentially hundreds of thousands or maybe even as many as millions

01:27:56   of Bitcoins that will never be recovered because the private keys are lost. There's

01:27:59   no recovery process where they can be reclaimed. So that's one concern. The other is it might

01:28:04   have been theft, someone got access. You know, one party was saying, there was an article

01:28:08   recently a couple days ago about how Mt. Gox encoded all of its SSH keys, like its private

01:28:14   keys, in its server code.

01:28:17   [Laughter]

01:28:18   things like that. So, yeah, so it's crazy. So like, there's, they just are not, you know, they're clearly without, you know, alleging anything, it's clear, they were not a rigorously running institution.

01:28:32   The other thing I saw was that, and again, I can't verify it, but I saw the other day that they

01:28:36   apparently, you know, the whole system, the computer system, they

01:28:40   were not using any sort of source control software.

01:28:44   So, I saw that and I was like,

01:28:48   so, right, so they have all kinds of technical deficiencies. But, so one suspicion

01:28:52   is, there's this problem called transaction malleability that is suspected

01:28:56   might be the cause, although I read a really good analysis a couple days ago, and I

01:29:00   Although I read a really good analysis a couple days ago that suggested that at the scale

01:29:05   of what happened it couldn't be.

01:29:06   So there is a flaw in Bitcoin, in the Bitcoin software clients and some of the implementations

01:29:13   as I understand it.

01:29:14   It's not a protocol flaw, but well I shouldn't say that.

01:29:18   So this transaction thing I was talking about, what should happen is I'm sending you one

01:29:22   Bitcoin, John, and the transaction that my software generates, which probably uses a

01:29:26   a standard Bitcoin library that the Bitcoin Foundation

01:29:29   essentially maintains, even though it's open source.

01:29:32   That transaction has a transaction ID

01:29:34   and some unique information, and I've signed it, and boom.

01:29:37   So what should be impossible is for someone else

01:29:40   to generate a transaction that looks like mine

01:29:43   and is validated and even has the same destination.

01:29:48   So it doesn't hijack who the money is going to, right?

01:29:50   It just looks valid and has the same recipient and sender.

01:29:54   That should not be possible,

01:29:55   and it is in fact possible to create fake transactions

01:29:59   after a legitimate one is created.

01:30:01   So other parties can illegitimately create bad transactions

01:30:06   and there have even been denial of service attempts

01:30:08   where many bad transactions are created for each good one.

01:30:11   If the bad transactions are taken up first,

01:30:14   they get baked into the record.

01:30:16   And the problem is some software didn't validate

01:30:20   whether the transaction ID had changed.

01:30:23   And if they'd note or think it was just the ID.

01:30:25   And if they'd noticed it had changed, it would have invalidated that transaction or some

01:30:31   other aspect there.

01:30:32   So the coins are actually transferred, but the exchange, for instance, in this case,

01:30:37   would not recognize it because the transaction ID didn't match.

01:30:41   So I've done everything right.

01:30:42   I've sent you a coin and you say, "Hey, I never got it.

01:30:44   My exchange says it didn't go through."

01:30:46   And I look and I'm like, "My software says it does.

01:30:49   I'm looking in the block.

01:30:50   The block says it was minted."

01:30:52   And you say, "No, my exchange says it never went through."

01:30:54   And you go, "Oh, okay."

01:30:55   And Mt. Gox apparently had an automated system that when a transaction appeared to not go through, they would send it again.

01:31:01   And it's unclear how often it would send it again.

01:31:03   So, if you were a malicious party, you could concoct a way in transactions with Mt. Gox to create false ones and get the same money multiple times.

01:31:12   But because you can't change all the parameters, you can't just steal the coins, it's more a way to leak money out from transactions that are, um,

01:31:20   that had some legitimate basis to start with and then you can sort of suck money out or people unintentionally

01:31:25   Send more money than they meant to and the recipient doesn't even know that more money was sent

01:31:30   So that was one suspicion. It does not appear like that the scale of it would make sense

01:31:34   It's more likely their bad security led to someone stealing all the private keys

01:31:38   well, what's the solution to this, you know how if somebody wanted to get involved and and

01:31:45   Buy some bitcoins and have these

01:31:48   I mean, I guess the solution is to find a reputable and technically competent exchange.

01:31:55   But how is a normal person supposed to figure out to determine what is a reputable and technically

01:32:02   competent exchange?

01:32:03   Well, I think this is what the market's trying to do now.

01:32:07   Even though the valuation of Bitcoin is arbitrary, there's enough people involved in the system

01:32:11   using it that even with Mt. Gox failure and all this stuff happening, the value has not

01:32:17   I don't know what we're talking right now. I should say those six. It hasn't crashed. I'm talking in the values of zero, but

01:32:23   Be bad

01:32:27   but the the the market didn't go from you know a thousand dollars a Bitcoin to

01:32:31   To zero, you know, it went from yeah

01:32:34   Like I'm looking right now the current exchange rate as we talk is somewhere in the $600 range. I actually think and again I am a

01:32:41   Bitcoin dummy, but as an a you know, and I've never

01:32:46   put a nickel into it and

01:32:48   It's still I'm not tempted to but just as a curious observer

01:32:51   I would actually say that that what's happened to the value of Bitcoin in the last few weeks actually

01:32:57   Shows a significant amount of stability, you know like going from a thousand to six hundred is a pretty significant crash

01:33:03   But not what I would have expected when I first heard about the Mt. Gox thing. I thought well there it goes

01:33:08   That's the toilet flush

01:33:10   You know bitcoins gonna drop down to you know

01:33:14   dollars a bitcoin. It should have happened if it had actually been a fatal event or a

01:33:18   near fatal event is the value shouldn't have just gone off by like 50 percent. What should

01:33:22   have happened is people would be trying to get liquidity out of it. They would have been

01:33:25   unable to and they would have accepted lower and lower amounts until it was like ten dollars

01:33:29   a bitcoin and the market collapsed. Instead it went down to like I don't know 500 and

01:33:34   it's rebounded a bit which means that there are people who believe they have enough value

01:33:39   in the system in retaining their bitcoin in the system that they weren't panicked and

01:33:42   try to exchange it out. Right, and I know, you know, and I've sort of avoided linking

01:33:46   to a lot of the Bitcoin stuff because I just don't understand it, but I know that there's

01:33:49   a lot of, you know, a sort of, "Hey, this is actually a good thing for Bitcoin," and

01:33:54   then there's, you know, the skeptics, which I kind of agree with, which is, "No, this

01:33:58   is not, Mt. Cox is not a good thing for Bitcoin." You can't argue that. I think it's sort of

01:34:04   halfway in the middle, which is, no, it's not good that it happened, I mean, and no

01:34:08   No matter whether it was crime or just incompetence, it's bad either way.

01:34:11   But the fact that after this bad thing happened, which was bad, that it was relatively stable

01:34:18   value-wise, I think is a good thing.

01:34:20   It shows that, you know, there's a certain stability to it.

01:34:24   Pete: Yeah, after all the volatility, I think this was actually pretty remarkable.

01:34:28   And some of that comes now because you have people like the Winklevoss twins who have

01:34:33   put a pile of money in and they own, I forget what it is, they own a single digit percentage

01:34:37   of bitcoins and there are other parties.

01:34:41   I mean, so this is one of the things,

01:34:43   Stat came out the other day, I think it was,

01:34:45   was it, a few hundred people own 50% of all bitcoins.

01:34:49   And which isn't strange, but bitcoin

01:34:52   as a democratizing thing, you're like, oh, okay.

01:34:54   You know, and then like, I think it was like

01:34:56   a few thousand people own 75%.

01:34:59   So there's this issue about, oh, I was mentioning earlier,

01:35:03   so Mark Andreessen, so one of the companies

01:35:05   you could look at, and I have no connection to it,

01:35:06   In fact, might even be seen as a skeptic,

01:35:08   because I had all this back and forth with Marc Andreessen,

01:35:11   who is incredibly funny on Twitter,

01:35:13   and a really great sparring partner, by the way.

01:35:15   He is really a good sport,

01:35:17   and will talk about all this stuff,

01:35:19   which is impressive,

01:35:20   'cause most people who have piles of money,

01:35:21   and think they know everything,

01:35:23   and they don't wanna talk to anybody,

01:35:24   and they don't listen.

01:35:25   He listens, he talks, and he's very funny.

01:35:26   And so, he wrote this op-ed-ish piece

01:35:29   for the New York Times at the Dealbook section

01:35:31   about why Bitcoin was so wonderful,

01:35:33   because it reduced transaction fees

01:35:35   to practically nothing or nothing,

01:35:36   and it would be a great thing for all these parties.

01:35:38   And I disagree with a bunch of his statements.

01:35:41   I wrote a long thing, and he and I went back and forth,

01:35:43   and it was very, it was elusive to me,

01:35:45   his thinking about how you make Bitcoin

01:35:48   into a stable thing that just becomes part

01:35:50   of the international banking system.

01:35:52   Like, he is not a political rabble-rouser.

01:35:54   What he wants, and the Winklevossy,

01:35:56   Voxie, whatever you call them,

01:35:58   and the rest of the folks who are trying to make this work,

01:36:00   is they want a system that's outside the inefficiencies,

01:36:04   It has the security of Bitcoin is outside of the inefficiency to the banking system,

01:36:08   but doesn't need to be above the law and not subject to regulation and scrutiny.

01:36:12   They basically want something that makes money move as fast as email.

01:36:16   And I get that.

01:36:17   There's a good thing.

01:36:18   So Mark's invested in his group in Coinbase.

01:36:21   That's where I put 50 bucks in.

01:36:22   And you know why Bitcoin dropped in value half?

01:36:25   Because I put 50 bucks in.

01:36:26   It's now worth $25.

01:36:27   My fault.

01:36:28   It's like washing your car.

01:36:30   So Coinbase is clearly a place to start because they're trying to do everything right, and

01:36:35   they're, you know, they're not trying to be chartered in a boat off the coast of Iceland

01:36:39   and under Somali law.

01:36:41   They're trying to do it.

01:36:42   So it's an interesting place to start from a group that's trying to see how they can

01:36:46   comply and work within the system.

01:36:48   What's the related thing?

01:36:50   Oh, so Quentin Hardy wrote this piece based partly on Mark and my exchange.

01:36:53   He wrote this thing for the New York Times I recommend reading, in which he talked about

01:36:57   the rise of a kind of super rich transnational class.

01:37:01   He said, "I threw down," he said,

01:37:02   he was sitting with some very, very wealthy people.

01:37:04   He said, "If I threw down passports from,"

01:37:06   was it three or five countries,

01:37:08   all of them stable, like Singapore, United States,

01:37:09   whatever, "which one would you pick up?"

01:37:11   And the guy started to debate which one.

01:37:13   They didn't say the country that I'm from.

01:37:14   They didn't have a nationalist influence.

01:37:16   He worries, in part, that Bitcoin lets people become,

01:37:20   it takes money outside of the sphere of national influence

01:37:23   and it lets people who are extremely wealthy

01:37:25   sort of live in a cloud above the world.

01:37:28   And so there is some of that thinking,

01:37:30   especially when you see that Bitcoin is controlled

01:37:33   by a relatively small number of people.

01:37:34   That control by a relatively small number of people

01:37:37   is one reason why the currency remains stable,

01:37:39   because they have the economic wherewithal

01:37:40   to not need to pull the money out of the system

01:37:43   at a low valuation.

01:37:45   - I would say this though, I mean,

01:37:46   and who knows where the eventual value of it is going to go.

01:37:48   Right now though, at $600 a Bitcoin,

01:37:53   If there's a limit of 21 million, that's somewhere around $12 billion for every Bitcoin that

01:38:00   could ever be.

01:38:01   And even if you double that or triple it, you're talking $25, $50 billion.

01:38:08   Now who knows, maybe it'll go up tenfold, twentyfold, thirtyfold, and then become worth

01:38:13   more.

01:38:14   it stands a system where the entire the entirety of Bitcoin is only worth 10 20

01:38:21   30 billion dollars I don't see that as a global lead this you know it I can see

01:38:30   why governments aren't that ready to jump in and try to regulate well it's

01:38:35   right because you need it in inflation within the Bitcoin system to make the

01:38:39   coins valuable enough individually they can divide them into tiny pieces that's

01:38:43   - So that's my next question.

01:38:43   Explain to me fractional Bitcoins.

01:38:46   How is that?

01:38:46   How can you put $50 into Coinbase and have anything?

01:38:49   If a Bitcoin is worth 600 bucks?

01:38:53   - This is the ridiculous part.

01:38:54   So it's almost like,

01:38:55   it's like owning a fraction of a share of stock

01:38:57   at some level because Bitcoins are only essentially,

01:38:59   I don't know if I'm using the right term,

01:39:01   but they're forward transactions.

01:39:02   I can only send you money.

01:39:03   So if I have 50 Bitcoins in my wallet

01:39:07   and I want to send you 49,

01:39:11   I have to do a change transaction.

01:39:13   So I actually send you 49 and I send myself one.

01:39:16   And this is the way, the fact that I have to send change

01:39:18   to myself, there's a flaw in most current clients

01:39:21   that makes those transactions essentially trackable

01:39:24   and researchers have shown they can do this thing

01:39:26   that even after hundreds of transactions,

01:39:29   they can actually track back Bitcoins to the origin

01:39:31   by unpeeling all these change transactions

01:39:34   and seeing where the money went.

01:39:36   So I can send you a tiny, tiny amount.

01:39:38   I can, so the current smallest unit is

01:39:41   one times 10 to the negative eighth,

01:39:43   and I forget how, seven zeros and a one,

01:39:45   and that's called a Satoshi,

01:39:47   it's the basic unit of Bitcoin.

01:39:49   And the protocol could easily be adapted

01:39:51   to have smaller fractions, or even reverse it,

01:39:55   so like, you know, one Bitcoin is a Satoshi or something.

01:39:58   There's nothing that prevents that from happening.

01:40:01   But that lets me send tiny amounts of money,

01:40:04   but I send essentially,

01:40:05   the thing is people can wind up with all these wallets,

01:40:08   like you can have piles of Bitcoin addresses,

01:40:10   And then eventually you might consolidate them.

01:40:13   So you take one address that's got 43 bitcoins,

01:40:15   another has one, another has 0.05,

01:40:17   and you essentially pay yourself all of the small ones,

01:40:21   you wind up with one address that has, you know,

01:40:23   750,000 bitcoins in it.

01:40:25   So there's a lot of monkeying around,

01:40:27   and people typically use client software

01:40:29   that handles the details,

01:40:31   but the client software masks a lot of transaction

01:40:33   that can leak some of the anonymity involved in it.

01:40:36   There's also, we didn't even talk about Dogecoin.

01:40:40   about Dogecoin? I've heard of it. I don't get it. So an Ars Technica just launched ArsCoin.

01:40:47   Dogecoin is D-O-G-E coin. Yeah, it's a real thing. It's a real thing. It actually

01:40:52   has value in it. Dogecoin was a parody. It was launched two months ago in December,

01:40:58   or three months ago in December. And people are investing in it. It's got different properties.

01:41:06   then it's a code fork from Bitcoin, which is open source.

01:41:10   It has different properties, including a mining technique

01:41:12   that does not consume eventually the power of our sun

01:41:15   to make new calculations.

01:41:18   It's got a non-scaling, I think it's using S-Crypt

01:41:22   or B-Crypt, or it's got, anyway, whatever it's using,

01:41:24   it's using something that does not require

01:41:26   the scaling capability that you need to do

01:41:28   more SHA-1 transactions.

01:41:30   And there's Litecoin, which is a different crypto standard,

01:41:34   a crypto coin standard.

01:41:35   There's something called Zerocoin where one,

01:41:37   a guy who's a researcher who wanted to create pure anonymity

01:41:41   that you could put into Bitcoin,

01:41:43   after being sort of rebuffed

01:41:45   about embedding it inside Bitcoin,

01:41:47   he and other folks are gonna launch a Bitcoin-like currency

01:41:50   that will allow Bitcoin-like coins

01:41:52   and totally anonymous coins that no two transactions

01:41:57   can be connected to one another to be exchanged in.

01:41:59   So there's an explosion of cryptocurrency as well.

01:42:02   Dogecoin is the funniest one, but--

01:42:05   - It's real, people are using it.

01:42:06   - It started as a parody.

01:42:08   - Yeah, and it turns out that like,

01:42:10   it's actually got some properties people like,

01:42:12   including the initial,

01:42:15   it's, they set the number very funny too.

01:42:17   So it's like the initially 100 billion coins

01:42:20   can be mined by the end of this year,

01:42:21   but then it's a fixed rate of 5 billion coins after that.

01:42:24   So there's a built-in inflation in it,

01:42:26   does not shrink over time.

01:42:27   - You're losing me.

01:42:31   - Well, there's no top limit

01:42:34   how many Dogecoins can be minted.

01:42:35   I see, I see.

01:42:38   I know. It's crazy, but it's crazy. Some of it, it's sort of funny and it's sort

01:42:41   of weird, but so this gets back to, I think, some of the points that you had earlier and

01:42:45   it's, is that, and some, and it's a point I like to make, and I'm sure everyone listening

01:42:51   to this, no matter whether you're in Europe or Asia or America, banking is ridiculous.

01:42:56   Banking is ridiculous. Banks exist to, the banks exist to extract fees from us and they

01:43:01   run the most insecure system in the world. The most secure system, I think, is like,

01:43:05   chip and pin is actually—and why use Neerap? Like, that's great for doing that kind of

01:43:08   transaction. But, like, wire transfers are totally unsecured. Stuff's passed in the

01:43:13   clear. ATM has—ATMs have certain kinds of encryption and security that are really good,

01:43:18   others that are ridiculous. So—and you can't—you know, when you get a dollar bill, you don't

01:43:22   know if it's real. What percentage—there's some number about the percentage of hundred

01:43:25   dollar bills in circulation in the world that are—

01:43:27   that are-- - Counterfeit.

01:43:29   - Fraudulent, yeah.

01:43:30   So the fact is, Bitcoin and systems like Bitcoin,

01:43:34   something like it will get incorporated

01:43:38   into the banking and transaction system,

01:43:40   if not into our currency system,

01:43:42   because of this property,

01:43:44   that because the cryptographic nature of it

01:43:48   prevents a whole bunch of bad behavior.

01:43:50   It prevents double spending, it prevents counterfeiting,

01:43:52   it prevents, it allows a certain kind of legitimacy

01:43:56   and ownership, it's very hard.

01:43:57   I mean, so people have hacked into these exchanges

01:44:00   and wallet services and stolen private keys.

01:44:02   But if you do security correctly, which people can do,

01:44:06   then it doesn't matter if you get hacked into,

01:44:08   the keys are still protected by another layer of passphrase

01:44:11   and they're unrecoverable by the thief.

01:44:12   So there's ways to do it correctly.

01:44:14   And so this could be a way where instead of

01:44:16   doing a credit card transaction the way we do now,

01:44:18   which is, you know, ridiculously unsecured

01:44:20   and you just need the number sometimes to end your zip code.

01:44:24   - Right, yeah, you can do it over the phone.

01:44:26   be able to, yeah. So what if, you know, what if Visa released a web-based, you know, signing thing

01:44:32   that used, that let you use something that was very much like Bitcoin, but it was entirely in

01:44:37   their system. You'd love it because you'd say like, "Oh, thank God." Like, verified by Visa,

01:44:41   which I think is still in use, you'd go to a merchant, it would pop up a Visa window,

01:44:45   and you could check that it was a secure connection to Visa, and you'd punch your password

01:44:49   into Visa's site, and it would then confirm that you were legitimate, but your password never went

01:44:54   to was like an extra step and that was cool.

01:44:56   It's reasonable to me that you that we could change the credit card system so that you couldn't

01:45:00   do a transaction over the phone in the same way that we accept that you can't

01:45:08   send cash over the phone, right? Like if I owe you 25 bucks, I there's no way that I can do it

01:45:12   right now talking to you over Skype. There's no number I can read to you that could do it.

01:45:16   I think it's reasonable that we would lose the ability to call somebody over the phone and give

01:45:22   give them a credit card number and have it count.

01:45:24   Because our phones, more and more,

01:45:27   are computers with an IP connection

01:45:30   that you can run an app or connect to a website

01:45:33   and do cryptographic communication.

01:45:37   - Well, but it could even be as simple as,

01:45:39   you know, like two factor kind of thing

01:45:41   is I could be registered with different coin systems

01:45:44   or credit card systems in my phone

01:45:46   and I call to make a transaction.

01:45:47   They're like, "Great, okay, we'd like to process that.

01:45:49   "Can you read us the six digit number

01:45:51   that's just been texted to your phone or run the, you know, Visa Authenticator app, and

01:45:56   you pull that up and you go, it's sick, blah, blah, blah, blah, blah.

01:45:58   And that verifies my identity, or at least, you know, if I've stolen information, I've

01:46:02   stolen a lot of information from somebody, it's not just a routine drive by credit card

01:46:06   theft.

01:46:07   And, but, so there's lots of aspects of Bitcoin that I believe, this is why, you know, they

01:46:12   had a, um, Congress had hearings, I think it was late last year, about Bitcoin and a

01:46:15   friend of mine attended them and he was stunned, and the coverage indicated this as well, at

01:46:20   and interested senators and staff, or, I don't know,

01:46:22   staffers were and congressmen and women were

01:46:25   about the positive aspects of it.

01:46:28   And the banks are very, very interested in it.

01:46:30   And the regulators are interested in it.

01:46:31   They don't just want to prevent activity or capture tax.

01:46:36   Well, that's certainly part of it.

01:46:37   It's also that they do actually see the positive parts

01:46:41   of having a cryptographically robust identity secured system

01:46:46   that we don't have now.

01:46:47   And so that's kind of cool.

01:46:48   And so that's kind of cool. I did not expect to see that much openness.

01:46:51   And the people who are core Bitcoin users hate the notion, typically, that government would get involved.

01:46:56   The new people coming in, like Andreessen and the Winklevoss and so forth,

01:46:59   they're much more interested in having government involvement at a certain level to provide both, like, trust and to remove more of the criminal element as well.

01:47:08   I mean, I think, like, any—I think, like, government regulation is, like, almost everything in life.

01:47:13   Everything. Where, you know, moderation is the key.

01:47:17   You know, there's too little and there's too much.

01:47:19   And so, and then on the polar ends of politics, there's always going to be people pushing for the extreme.

01:47:26   You know, true, you know, almost anarchist libertarians who want almost no government regulation over every, any aspect of life period.

01:47:35   And on the other end, people, you know, who push for, you know, too much.

01:47:41   And I think, you know, I think Bitcoin and government regulation over these sort of,

01:47:47   you know, Bitcoin and other things like it is, you know, in the same regard,

01:47:51   where the right amount of government regulation is not zero.

01:47:54   Pete: If you've ever tried to pay somebody in another country anything, except through PayPal,

01:48:00   which has its own issues and fees and problems, I mean, it's weird actually that PayPal works as

01:48:05   well as it does. Because every other method is horrible to pay. You either have to pay huge

01:48:10   or it's impossible, or it takes a long time,

01:48:12   never gets there, and there's some,

01:48:14   there's this huge thing about remittances.

01:48:16   This is one thing that Andreessen mentioned,

01:48:17   I think it's worth bringing up,

01:48:18   is that there is a potential benefit for poor people,

01:48:22   for the poorest people in the world,

01:48:23   especially immigrants who live in far-flung countries

01:48:25   from where other parts of their family live,

01:48:27   is there's a huge amount of money extracted when,

01:48:30   if you live in America and you're sending money

01:48:32   back to Guyana or something,

01:48:34   like there's a huge fee that comes out this end,

01:48:37   it's not 10%, I think,

01:48:38   but it's typically multiple percentage points,

01:48:40   And then there's often banks have remittance and other fees.

01:48:43   Plus the government may take a chunk as well

01:48:45   for incoming money.

01:48:46   So just like voiceover IP,

01:48:48   at the crackliest like 1200 BPS dial up,

01:48:52   you could still get a voiceover it or whatever.

01:48:54   Like the minute voiceover IP became a real thing,

01:48:58   that changed the relationship

01:48:59   between all these far flung people

01:49:02   and people were able to talk to their family again.

01:49:03   And then Skype video, even at low bandwidth,

01:49:06   let them see their families again.

01:49:07   And so there's hundreds of billions of dollars in the system that are sucked out each year.

01:49:13   Hundreds of billions of dollars are transferred among countries by poor people, essentially,

01:49:17   sending money back home. And there is an advantage there. And for anybody in the middle class

01:49:22   and above, there's even things like the unbanked and the non-banked, the people who can't—or

01:49:26   the—what's the word? Unbanked and less-banked or something. It's people who have a hard

01:49:30   time having a bank account because they can't maintain a balance or whatever.

01:49:33   because they did live in a neighborhood that doesn't have a bank. Right? That's the push.

01:49:38   Yeah, like there's food deserts or bank deserts.

01:49:39   There's a push in the US, oh, what's her name, from the great new senator from Massachusetts.

01:49:47   Oh, Elizabeth Warren.

01:49:48   Yeah, Elizabeth Warren has brought this up, to push, to turn post offices into banks.

01:49:56   Let people do simple banking at US post offices, because there is a post office

01:50:02   accessible to everybody in, you know, like low-income urban areas.

01:50:07   Pete: Yeah, because they're, yeah, and so it's expensive to be poor.

01:50:09   Trevor Burrus And the only people opposed to it are existing banks, commercial banks.

01:50:14   Pete It's expensive to be poor. This is the horrible thing. If you're the working poor,

01:50:18   it's one of the most expensive things, it's one of the most expensive ways of life because you have

01:50:22   to go to check cashing outfits to get your money. You charge excessive fees because you don't

01:50:26   qualify for the level of things that don't have fees. You pay subprime mortgages, you pay, like,

01:50:31   Every part of the system is designed to keep you down.

01:50:34   You can say it's unintentional.

01:50:36   It may just be systemic.

01:50:37   But there's all this predatory action.

01:50:40   And--

01:50:40   It's actually a fascinating thing.

01:50:42   We don't have time to go into it.

01:50:43   We've gone long.

01:50:44   But the US post office is-- anybody who's curious,

01:50:48   Google it and read about it.

01:50:50   It's actually pretty clever because it works two ways.

01:50:52   One, it would help a lot of people who don't have acts,

01:50:55   like you said, underbanked, non-banked people.

01:50:58   Two, it would actually help the post office

01:51:00   because the post office is self-sufficient financially.

01:51:05   They operate on the postage that they sell.

01:51:09   Like there's a lot of people who are sort of opposed to the post office,

01:51:12   think that they should just go private or whatever,

01:51:15   because they think it's sucking up tax money, but it's not.

01:51:19   But the problem they're running into is that as the world goes digital,

01:51:22   the people are sending less and less mail.

01:51:24   And so it's getting harder for them to keep postage rates low

01:51:29   and stay in the black. If they got into banking, it would infuse them with funds to be solvent.

01:51:36   It's true. You know, the post office, not to get too deep into this, the post office

01:51:42   scam is that Congress, even though it's essentially a private agency, run on its own

01:51:47   funds, Congress forces them to fund their pension at a level that is so far ahead. The

01:51:53   post office required to contribute at a level that's so far ahead of solvency and necessity.

01:51:57   No corporation, no other part of government, no steady state or federal is required to

01:52:01   fund their pensions the way.

01:52:03   And so the post office is actually in better shape than it seems, except it's obligated

01:52:07   to put money away that it does not need to.

01:52:09   It's the weirdest thing.

01:52:10   It's part of the, you know, it's a long-standing political problem.

01:52:14   But yeah, it'd be great for the post office.

01:52:15   So I don't mean to take us too far afield there, but there are great benefits to something

01:52:19   like Bitcoin that relies on, that doesn't rely on using physical pieces of paper or

01:52:24   that are designed to extract money at every step.

01:52:27   The bars are put in the way not for sensible reasons

01:52:31   like reducing fraud or reducing, oh, I don't know,

01:52:34   making sure that countries know where money's moving

01:52:37   to pay tax, like there's things in place for that.

01:52:39   But a lot of the banking system,

01:52:41   the private banking system is set up for the purpose

01:52:43   of extracting the most fees from the most people.

01:52:45   We know this is true 'cause banks make massive profits

01:52:47   off typical banking operations.

01:52:50   So Bitcoin's potential or things like Bitcoin

01:52:53   things like Bitcoin would be to break some of the monopoly of banks holding money. So you know about

01:52:59   this thing called Hawala, right? This long-standing transfer system? Okay, so Hawala, and again,

01:53:05   we'll go very long enough. Hawala is a system--

01:53:09   - How do you spell it?

01:53:10   - H-A-W-A-L-A. And I'm sure you've heard about the system. It's not just an Islamic system,

01:53:19   but it originated in a lot of Islamic countries. And the idea is that you have people now all

01:53:24   around the world, but used to be traders all around these regions, they have account books.

01:53:28   And so now, you know, here's what you do. You go to a place, you live in Pakistan, and you say,

01:53:32   "I need to get $100 to my brother in Indiana." And the guy goes, "Great." And he writes a thing in

01:53:37   his ledger and he has some codes and he calls up the guy who knows Indiana and he says, "Give that

01:53:41   guy $100." And that's how it works. And they trust him.

01:53:43   And the guy says, "Okay." And he says, "I gave him $100."

01:53:47   Yeah, and then they transfer some other—some point there's some reconciliation. Like then

01:53:50   that guy in Indiana calls and says, you know, there's somebody in Burundi, oh yeah, and they

01:53:54   work it out. It's kind of—

01:53:55   Trust in, like a trusted network.

01:53:56   Yeah, and it's a lot of people are involved. And I'm sure there's abuse and so forth at times,

01:54:01   but it's a system, it's instantaneous money transfer based on, you know, on trust.

01:54:06   And presumably there's some sort of fee. Like that it might cost you a hundred and one dollars

01:54:13   to send a hundred dollars to the guy in Indiana.

01:54:15   Yeah, exactly. But it's, there's no, yeah, the Wikipedia entry is actually very informative,

01:54:21   of course, as you'd expect, but the idea is that it's, you know, in communities like that,

01:54:27   even when they're spread out across the world, there is a lot of trust because there are huge

01:54:32   consequences because they're based on familial relationships or cultural ones. And some countries,

01:54:37   there might be, you know, like you might get killed if you violate the system. Other countries,

01:54:40   it's not clear if you go to jail or not, but you'd be breaking this, you would never be an

01:54:44   outcast for the rest of your life from your entire community, you would never be able

01:54:47   to do anything again. So there's a social component to it. But Bitcoin is HAWALA. It's

01:54:51   just done cryptographically, so there's no trust in it. You can work with untrusted parties.

01:54:56   So there is a model for this. This actually has existed just without the cryptographic

01:55:00   component and a lot of people point to HAWALA as something that's a way you bypass banks.

01:55:04   You bypass—there are fees, but you bypass all the infrastructure put in place to prevent

01:55:08   money from moving around.

01:55:09   And as sort of existence proof that the system could work sustainably.

01:55:11   Yeah, and if you take trust out of it if the if the flaw and Hawala is that you need enough people who trust each

01:55:17   Other absolutely, then you take trust out by using cryptography

01:55:20   All right. Let me take one last break. I think our third and final sponsor and it's our good friends at audible

01:55:27   Everybody knows audible audible comm

01:55:30   Has the largest selection of audiobooks anywhere in the world

01:55:35   150,000 titles more

01:55:39   every day. They have two ways you could just go there and purchase individual

01:55:49   books but for real savings you can sign up for an audible listener program and

01:55:54   you get book credits each month for a low monthly fee. If you're the sort of

01:55:59   person who loves when the talk show goes long because you've got a long commute

01:56:03   or some other area where you just love listening to audio content you have

01:56:07   hours to fill Audible with more ebooks than you could, or audio books I should say, than

01:56:16   you could ever listen to in your lifetime, you should go there and check them out. They

01:56:20   always want, every time they sponsor, they always want the host of the show to make a

01:56:25   pick, to pick an interesting book. I have one that I've been reading about halfway through

01:56:33   on the advice of my good friend Scott Simpson

01:56:36   It's by author named Rich Cohen

01:56:39   Cohen and the book is called monsters the 1985 Chicago Bears and the wild heart of football

01:56:48   Ostensibly, it's a look back. It was just written. It was just released. I think about a month ago

01:56:53   Maybe six weeks ago

01:56:55   So it's a new book looking back at the 1985 Bears anybody who grew up in the 80s you remember the 1985 Bears

01:57:01   They won the Super Bowl, but that whatever it was more than just a football team

01:57:05   That was the team that had the Super Bowl shuffle remember that Glenn. Oh

01:57:08   Yeah, that was that great out

01:57:11   They had a video that was like it was like the number one video on MTV they were

01:57:15   The they made it during this season

01:57:18   Had would they had William the refrigerator Perry? He was like a

01:57:23   375 pound defensive guy who they would bring it

01:57:26   Bring in and give him handoffs when they needed one yard because he was just so big he could never fail not to get one yard

01:57:33   huge number of colorful characters just I mean it was it was almost like that the

01:57:39   1985 Bears were almost like the the World Wrestling Federation

01:57:43   brought to

01:57:45   legitimate sports

01:57:47   And it's not a special thing about this book. It's not a sports sports book. It's sort of a a

01:57:54   sports as pop culture book

01:57:56   And again, if you guys anybody who knows Scott Simpson follow his Twitter or whatever, you know, he's not a sports head

01:58:03   My wife's reading it too not a football fan and really enjoying the book

01:58:09   Really really interesting book and and it's it's just one of those things where I was 12 when 85 bears were around and it's I

01:58:16   Just took him for granted but in hindsight and reading the book. It's like it's just you just

01:58:22   Recall what an oddball crazy-ass team that they were and they were also

01:58:27   Tremendously successful. So that's my recommendation. They've got the unabridged version of it on audible. Check it out

01:58:34   monsters by Rich Cohen and

01:58:37   Just in general, where do you go to find out more about?

01:58:42   Audible if you want to listen to audiobooks, here's where you go. The URL is audible

01:58:49   podcast.com

01:58:52   the talk show audible podcast comm slash the talk show and then they'll know you got there from

01:58:59   From this podcast so my thanks to audible check them out if you like books

01:59:03   Here one last thing I thought we could talk about before we sign off is the whole go-to fail

01:59:10   situation which is

01:59:13   Interesting in and of itself because it's a really I mean that you know all security updates and security problems in the popular

01:59:20   OS are important, but this is a pretty bad one. And it's also so just, it would be bad

01:59:27   no matter what the actual nature of the bug was. But the fact that the nature of the bug

01:59:33   was a superfluous line of code that said "go to fail" is almost unimaginably, it's just

01:59:43   too neat, right? Like if you put that in a movie, you'd be like, "Oh, come on. Go to

01:59:47   fail."

01:59:48   Well, yeah, I, it's funny, my initial reaction was this is absolutely a plant, right?

01:59:55   And Marco Arman asked the good question, which was if an Apple employee, I don't know if

02:00:01   he asked it exactly this way, but this is my version of it is, if an Apple employee

02:00:04   were suborned, let's say they were not a plant, they weren't hired by the NSA to become

02:00:08   an Apple employee and whatever, but you're the NSA, you go to, you knock on the door

02:00:12   one night, you open your door like, "Hi, I'm with the government, here's my whatever,

02:00:14   you can check on my credentials, we need to talk."

02:00:17   you can't tell anyone about this because that would be a national security violation, you would go to jail for a huge amount of time. It's a huge felony. In fact, you might actually be remanded or, you know, God knows what. Like, I don't even, not like American citizens are disappeared, but more like, there are rules now that we don't totally understand about under which people are charged in which the information does not become public. Right. So, someone comes and says, whatever, you need to put a line of code and we've analyzed this, and you can't tell anybody at work. And if it comes up, you know, maybe you'd be fired. That's your problem. Whatever. Right?

02:00:46   Like, that is not an implausible scenario for how that happened, right?

02:00:51   I've heard, I mean, I shouldn't say heard, but I've read, and again, you know, a lot of this is

02:00:57   speculation, I mean, how are we going to prove it? But what I've read is that the way that the NSA

02:01:01   goes about this, and that it's sort of an open secret, is that it's not so much threatening,

02:01:07   and it's not so much like, you're going to do this or you want to, but that it's an appeal to

02:01:13   patriotism and that they identify people within companies who, you know, and now how do they

02:01:20   identify them? I don't know, but that they do. And who knows? Maybe, you know, in the

02:01:25   modern era, you know, a lot of that could come out of Facebook and Twitter, you know,

02:01:33   social networking where they, or, you know, somehow see what their interests are and try

02:01:37   to identify people who are going to have a sort of pro law enforcement or pro NSA mindset.

02:01:46   Pete: Oh, that's interesting.

02:01:47   And that they appeal to them on a patriotic basis and that it's, that there's really no coercion.

02:01:53   I mean, I think maybe the only part that's coercive is probably the,

02:01:56   you, you, you know, we'd like to talk to you and you can't tell anybody about this conversation.

02:02:00   And so that part is, you know, you can't, but -

02:02:05   - A lot of people would obey that because they'd be like,

02:02:07   "All right, just for them talking to me,

02:02:09   "I'm not gonna make a stand."

02:02:10   I mean, they'd find people who are not libertarian

02:02:12   or extreme liberal. - It seems like it would be

02:02:13   very tricky though for the NSA's point,

02:02:15   but it makes sense to me that this is how it works,

02:02:16   that they appeal to their patriotism and say,

02:02:18   "Here's what we would like you to do,

02:02:19   "and here's why it would help your country.

02:02:22   "Here's what would be able to, you know, you do this,

02:02:27   "it will help us because we'll be able to use it

02:02:29   "to identify bad guys who are planning bad things

02:02:34   to do in the US.

02:02:36   Although, I thought that was-- initially, I thought

02:02:39   that seemed more likely.

02:02:40   But as it's come out, I feel like--

02:02:43   and actually, Marco and his gang talked about it

02:02:46   on Accidental Tech podcast quite a bit, too,

02:02:48   is that it doesn't pass the smell test

02:02:51   in that this particular flaw was probably a mistake,

02:02:56   because for two reasons.

02:02:58   One is it's extremely broad.

02:02:59   Once you know about it, you can exploit it, and anyone can,

02:03:02   any government in the world.

02:03:03   So the NSA doesn't get it exclusively

02:03:06   and that seems like a big deal.

02:03:08   And Steven Belevin, if you go to his blog,

02:03:11   it's a long name, but Steven Belevin, B-E-L-L-O-V-I-N.

02:03:14   He was the, he was a longtime computer science professor,

02:03:18   teacher, he's responsible for, I'm blanking on the tool,

02:03:21   he created one of the early tools that we used to use

02:03:24   on Unix systems in the early internet days

02:03:26   to scan for stuff.

02:03:27   He's a really smart encryption guy, very well respected.

02:03:30   He was the head of the FTCs,

02:03:31   as chief technology officer, chief technologist

02:03:34   for a year recently.

02:03:35   And he said, "You know, the problem with assuming

02:03:38   the NSA did this is it's just too clumsy,

02:03:40   it's too easy to spot, you know?

02:03:41   Once you find it, it's gone and anyone else could get to it."

02:03:43   He said, "What's much more likely,"

02:03:45   and this is why I kind of err on the idea

02:03:47   that it was just an error, maybe merging trees or something,

02:03:52   is that it's such a weird thing and it's so untested,

02:03:56   which is why it wasn't spotted.

02:03:58   So remember, this has been misrepresented.

02:04:01   It's not that it validates a certificate incorrectly.

02:04:04   Bad certificates fail.

02:04:06   The problem is that once you validate a certificate,

02:04:08   it doesn't validate that the key for the session

02:04:12   was signed by that certificate.

02:04:13   So the key can be from any party.

02:04:17   So you're an interloper and you pass along

02:04:20   all the certificate stuff and everyone's happy with that.

02:04:22   Then you just send a key signed by something else

02:04:24   and the key goes through.

02:04:25   That's a very weird exploit.

02:04:29   It's very effective if you wanna use it

02:04:30   'cause you could see how quickly people came up with proofs

02:04:33   to show you the problem.

02:04:35   But his thing was, so Belivin's thing,

02:04:36   which makes a lot of sense,

02:04:37   is if the NSA does something like this,

02:04:39   they put in some weird random number thing,

02:04:41   they tinkered with something so that they only,

02:04:42   they're the only ones who know the number that triggers it,

02:04:45   and you can't figure it out unless you do some deep analysis

02:04:48   where you figure out there's actually a flaw

02:04:49   in the degree of entropy or whatever.

02:04:51   So one key will work and they know the key

02:04:54   or one set of numbers will work.

02:04:54   - Right, it's more like they put in a backdoor

02:04:56   that they have the key to,

02:04:57   not that they would put in a backdoor

02:04:59   that doesn't have a working lock.

02:05:01   - 'Cause it seems they don't want everyone,

02:05:03   I mean, you know, I do actually believe that their mission,

02:05:06   I think from their standpoint,

02:05:07   their mission is not just to,

02:05:09   it's both offensive and defensive,

02:05:11   it's like they may want back doors,

02:05:12   but they don't want every other government

02:05:14   to have access to the back doors.

02:05:15   So something like this would seem to fail.

02:05:17   - So I, yeah, I don't think that the go-to fail bug

02:05:20   in Apple's SSL code was planted by the NSA

02:05:25   or by an NSA mall.

02:05:27   I do think that it's very likely that they do have moles.

02:05:31   I don't think this is one.

02:05:32   Because it's like you said--

02:05:33   - I think that you think they exploited it.

02:05:35   - I do think that they--

02:05:36   - Yeah, that seems very likely.

02:05:37   - And so you said, and like the other, you know,

02:05:39   it's the sort of bug when you look at the source code

02:05:41   where if you're not looking for bugs,

02:05:43   it's really, I can see how you overlook it.

02:05:45   And it's again, like I blogged about when I wrote about it

02:05:48   that not to get in an argument about C coding style,

02:05:51   but it's why I think that the no braces if statement,

02:05:55   The basic gist of if statements in C is if you say if this, then, if there's only one

02:06:02   statement, you don't need to wrap it in curly braces.

02:06:05   And if there's more than one, then you have to put curly braces to begin and end the block

02:06:08   of what's going to happen if that conditional is true.

02:06:12   And I've always felt, having been bitten by that laziness and, "Oh, I'm only going to

02:06:17   do one thing," but you indent it and then you come back to the code a week, two weeks

02:06:22   later and you've you just quick hit return your text editor auto indents and

02:06:29   you write the next line mm-hmm it's easy to make that bug and once the bug is in

02:06:34   there it's easy to overlook it but if you're looking for bugs that really

02:06:40   jumps out the go-to go-to everybody like when it when this came out everybody who

02:06:44   can program even a little bit is like whoa how would that ever get in there

02:06:48   Like if you're actually looking for a bug, it's glaring.

02:06:51   There's nothing clever about it.

02:06:52   - Yeah, no one reviewed,

02:06:53   if an auto-merge tool created this problem,

02:06:56   no one looked at the result.

02:06:57   - Yeah, and that's the thing.

02:06:59   It's like an Occam's razor argument

02:07:01   where that's the sort of thing that happens

02:07:04   from a diff gone bad, you know,

02:07:06   that when a merge, you know,

02:07:09   the diff tool gets confused by the two versions

02:07:14   it's trying to merge together.

02:07:15   A lot of times you'll get a duplicate line like that.

02:07:19   And it just so happens.

02:07:20   But I do think, I do think, and it's just based on the way

02:07:23   Apple wrote the bug up and the way that they fixed it

02:07:28   days before, or shortly, not days before,

02:07:32   but a week or two, iOS 7.1 was gonna come out anyway.

02:07:37   I really do think, I think that Apple found it in an audit

02:07:42   and figured out that it explains

02:07:45   how the NSA was claiming to do what they were doing.

02:07:50   - Well, the timing is, that timing is suspicious.

02:07:52   They're like, "You see the PowerPoint thing?

02:07:55   "Apple says we are gonna go through every line of the code."

02:07:58   This is what, you remember that Microsoft did this.

02:07:59   One of the reasons that Vista

02:08:00   actually had a superior security model to Windows XP

02:08:05   was not time, it was because Bill Gates,

02:08:09   he halted everything the company was doing for months

02:08:12   to go through an audit and it worked

02:08:13   because Windows Vista was much more secure.

02:08:15   A lot of the XP stuff--

02:08:17   - Yeah, has been ever since.

02:08:18   - Yeah, and it's actually outpaces Apple typically

02:08:21   and it's why that one of the reasons that exploits

02:08:24   have moved to applications and weak points like Flash

02:08:27   and things like that because Windows is more secure.

02:08:29   So, and so here's another bit of timing

02:08:32   which is interesting as well as researchers just found,

02:08:35   I think it's like while we're recording this

02:08:37   that like there's another cryptographic flaw

02:08:40   that can be exploited that involves client certificates

02:08:43   and SSL/TLS transactions.

02:08:45   So if you connect to a web server

02:08:47   and you have a client certificate,

02:08:49   which most people do not,

02:08:51   you get issued a client certificate

02:08:53   when you log in in a specific way.

02:08:55   So like a normal transaction,

02:08:57   you just go and you get the server's certificate

02:08:59   and your browser validates that it's accurate

02:09:01   and you make a secure connection.

02:09:03   But if you get issued one that's stored in your browser,

02:09:06   that certificate can apparently be reused by other people.

02:09:10   And it lets that user be impersonated.

02:09:13   Things like any other website

02:09:14   in which the same certificate's used,

02:09:16   they can use that certificate to impersonate you.

02:09:21   - What system has this bug?

02:09:24   - It's everything, it's actually a flaw.

02:09:26   I know, it's horrible.

02:09:27   It's a protocol layer flaw

02:09:29   that apparently will not be difficult to fix,

02:09:31   but then it's gotta be rolled out.

02:09:33   But the deal is that there are only specific cases

02:09:36   in which a client certificate's used.

02:09:38   So some kinds of WiFi login things

02:09:40   where you type in a username and password

02:09:43   to log in over WiFi through,

02:09:45   it's called 802.1X,

02:09:48   all those systems that are used in corporations.

02:09:49   So they've got a flaw.

02:09:50   So it's not like a general problem, I'm using my bank,

02:09:53   but it's in the cases, especially in the enterprise

02:09:56   where you might be out in the wild,

02:09:57   you're making a secure connection,

02:09:58   you're using a client certificate,

02:10:00   there actually is the opportunity

02:10:01   for malicious interception in a way that would let

02:10:05   that man in the middle use your credentials elsewhere.

02:10:09   And so a lot of enterprise software will need to get fixed

02:10:12   as well as web servers just to be on the safe side.

02:10:15   But the enterprise people will probably be on it

02:10:17   pretty fast, but it's weird.

02:10:18   It's again, you're like, did somebody in all the NSA stuff

02:10:21   that got released, did someone notice,

02:10:23   hey, it seems like they have a way to do something

02:10:25   that seems to be implying client certificates.

02:10:27   Maybe we should go back through the protocol

02:10:28   and then boom, something that dates back to,

02:10:31   I think they're saying 2005,

02:10:32   it affects the entire protocol.

02:10:34   - Right, I know there's a lot of people out there

02:10:36   who really do think that these big companies

02:10:38   are all in cahoots that when the NSA came knocking

02:10:40   and said, "Can we come in your data center?"

02:10:42   They said, "Sure, come on in, do it however you want."

02:10:45   And there's no way to disprove it, right?

02:10:48   And it's good, in some sense, it's good

02:10:50   that there's some people who are skeptical like that, right?

02:10:52   But I don't think it's true.

02:10:54   I actually take these companies at their words

02:10:57   when they say things like,

02:10:58   no, we did not allow the NSA physically into our data center.

02:11:05   And the main reason why-- and it's not just Apple,

02:11:07   I believe all of these companies--

02:11:09   is that it's not in their interest to lie about it.

02:11:12   If they had done it, they could just say nothing.

02:11:16   And they could even say, we're not even allowed to say--

02:11:19   we can't answer yes or no.

02:11:20   They could just say that and then leave it at that.

02:11:24   But by saying, by denying it, if they're lying about that, it opens them up to a profound

02:11:32   and tremendous loss of trust, if it ever turns out otherwise. And as we've seen with the Snowden

02:11:38   thing, anything can leak. Just because the NSA says you can lie about it, well, you can trust us.

02:11:44   You can't trust them to have a mistaken leak. So I just don't see why anybody would lie about it.

02:11:51   I really don't. And I think it makes sense with what we're seeing uncovered is what they've done

02:11:55   is said, "Okay, we didn't let them do this. They say they can do it." How is that even possible?

02:12:01   What do we need to audit to see that it would be possible for them to do it behind our backs,

02:12:07   without our help, to do this?

02:12:09   Pete: I think that's most likely because, you know, if you've got the NSA, what they did,

02:12:14   clearly, and what, you know, and it's funny, it's like, as much as I may dislike aspects of what

02:12:18   did, this is kind of, this is what they've been tasked with doing is they went through to find

02:12:22   all the flaws. And like, in an ideal world, what would have happened is the NSA would have found

02:12:26   flaws and then they would have gone through and worked privately with every American company

02:12:31   to replace them and eventually stuff would have trickled out. Like, something like that. That

02:12:34   actually would have been a really great cyber strategy was to not implement flaws, but to be

02:12:39   working assiduously to find them, maybe exploit them at times, but also be working to repair them

02:12:44   because that would actually be good for the country

02:12:47   and for national security.

02:12:49   - What do you make of the one

02:12:50   that just came out the other day?

02:12:51   I forget if it was yesterday or the day before

02:12:53   where it was a very similar bug to Apple's,

02:12:56   but in GNU code.

02:12:58   - Oh, that's the way, and this is another TLS thing, right?

02:13:02   I don't even, see, I missed that.

02:13:04   I saw the client certificate one.

02:13:05   God, what is this one?

02:13:07   You know that people are looking at--

02:13:11   - It's oddly similar. - So much more carefully.

02:13:14   This is the thing that makes me wonder, though, about a mole,

02:13:16   because it's oddly similar to Apple's book.

02:13:19   It even involves go-to statements.

02:13:21   - That's funny.

02:13:24   - But it's a lot, it's, looking at the code,

02:13:28   it's a lot more subtle, though.

02:13:29   It's not as glaring as one go-to.

02:13:31   - Oh yeah, this is, you could create, yeah,

02:13:32   this is, you could create a certificate

02:13:34   that would be accepted, even though it shouldn't be.

02:13:37   Gosh, it's funny.

02:13:39   Yeah, I mean, I think what it comes down to

02:13:41   is that there may be--

02:13:43   The GNU one seems really bad to me because the Apple one,

02:13:47   I forget how many people have already upgraded to 7.0,

02:13:50   iOS devices are already on 7.0.6,

02:13:53   but it was one of those web ad networks

02:13:56   showed that something like 40% of iOS devices

02:14:00   were already on 7.0.6.

02:14:02   It's just a tremendous uptake.

02:14:04   Whereas so much stuff is like embedded systems and routers

02:14:11   and all these things that don't get software updates

02:14:14   are running this GNU code.

02:14:16   - Well, the GNU thing, the fortunate thing is

02:14:18   that I don't think--

02:14:20   - They're gonna run that code until the,

02:14:22   until the Howard, you know, the AC adapter burns out.

02:14:26   - It's true, but the GNU one, like the fundamental one

02:14:31   that was just found too, is it has to do with,

02:14:33   if I'm reading it right, is client certificate.

02:14:35   So it's only in specific cases where like a server,

02:14:39   In this case, like the GNU, when a server would accept

02:14:42   a certificate, it should not.

02:14:45   So you could attack a site if it was running GNU

02:14:47   and you knew it.

02:14:48   So it's asymmetrical in that there's fewer servers

02:14:51   to update than embedded Linux devices.

02:14:53   And the same thing like client,

02:14:55   the client certificate flaw,

02:14:56   like that can be fixed in a few different ways.

02:14:58   The Apple one is particularly horrible

02:15:00   because you could have any point of interception though.

02:15:03   Like you could create a fake session key

02:15:06   by being a man in the middle.

02:15:07   You could have put software in a router,

02:15:08   you know, there's routers are corrupted like mad, there's hundreds of thousands of

02:15:12   or, you know, or if you presume that the NSA while they don't have access to Apple's data

02:15:17   center, or Google's, let's say, but let's say Apple, because Apple has written this

02:15:21   the TLS bug, so they're not in Apple's building at all. But if they're anywhere on the internet

02:15:28   backbone between the remote device, like that, it's exactly your iPhone and Apple's data

02:15:37   center. Anywhere in that backbone in between this bug opens it up for them to, you know, be a, it's

02:15:44   like a classic man in the middle attack.

02:15:46   Right. And you could do it on a countrywide basis. If you're Iraq, someone with an Apple device, I

02:15:50   don't know if they're allowed to be used in Iraq or Iran or whatever, you could, you know, there

02:15:53   have been countrywide attacks.

02:15:56   Well, or think about how centralized the internet is in China.

02:15:58   Yeah, exactly. Right. So this is this is one of these things. It's like, it's not a back,

02:16:02   you know, again, I don't, I think assuming it was an error,

02:16:06   it's just weird.

02:16:09   I think what this highlights,

02:16:10   and I think what's gonna happen is you're gonna see

02:16:11   a lot more bizarre testing.

02:16:14   I'm surprised that TLS implementations

02:16:17   aren't more thoroughly tested against certain things.

02:16:19   Like the idea that a hacker could create

02:16:21   a malformed client certificate of a certain type,

02:16:25   like that's one weird thing.

02:16:26   Like you can't test every kind of client certificate,

02:16:28   but Apple's one in particular, it's like,

02:16:30   I would have thought the test suite

02:16:32   would have checked to make sure that when you sent it

02:16:35   a session key that wasn't signed by the same certificate,

02:16:38   that it failed because they test for like self-signed

02:16:40   certificates, they test for lots of kinds of failures.

02:16:43   And someone asked on Twitter even, Chris Pepper,

02:16:45   you know the great Chris Pepper proofreader

02:16:47   and an extraordinary programmer, Chris was like,

02:16:50   "Well, shouldn't this have made all self-signed

02:16:52   "certificates pass the test?"

02:16:55   I was like, "No, it's later in the process."

02:16:56   But that was a good point is if this had been a flaw

02:16:59   in the certificate validation, tons of programmers

02:17:01   have said, "Why did my self-signed certificate not generate an error there and require signing

02:17:05   or approval?" So this one was at just the point at which most people who test this kind

02:17:12   of thing or work with security didn't see it. And that's, like I say, it doesn't

02:17:16   make me dubious, but it is why I think it went on unfound for so long. And clearly,

02:17:20   they're going to be, I assume, Apple and everyone else in the world will be beefing

02:17:23   up the kinds of automated testing they do whenever they make code change libraries and

02:17:27   this sort of thing again.

02:17:28   Yeah, I definitely think so. I think everybody, like you said, this is what the NSA is tasked

02:17:34   with. In some sense, nothing has been surprising with all of the NSA-related leaks. But on

02:17:41   the other hand, knowing in the back of your mind that the NSA is doing something like

02:17:48   this is different than seeing these slides that say, "Here's exactly what they're doing."

02:17:55   I don't know. It somehow is like a jolt to everybody's system and I don't think there's any doubt that

02:18:00   You know for better or for worse and I'll even you know

02:18:04   I'll play both sides of the coin here and say, you know, there's obviously there could be some downsides to this, you know

02:18:09   In general, I I think that it's good news that we've woken up to this but you know, who knows maybe you know in terms of

02:18:16   Actually doing what the NSA is tasked with doing and actually finding

02:18:20   Genuine bad guys planning

02:18:22   genuinely bad

02:18:25   things that this has made their job a lot more difficult because it's close it's gonna end up in a closing an awful lot of

02:18:30   These back doors. Well, yeah. Yeah, there's there's that standpoint. There's also they're like I wish the NSA there's it's widely stated by many parties that

02:18:38   countries like, you know Israel France

02:18:40   China and so forth like even allies that they're that there's back doors and equipment made by tons of Israeli companies that make stuff that

02:18:48   Make networking equipment. There's this

02:18:51   long held and often voiced suspicion that every country builds back doors into stuff that ships out of their countries. Now in America

02:18:58   we're seen as being more independent. Israel, even the national security apparatus is more,

02:19:02   they have fewer constitutional protections and there's more of a state of siege mentality there.

02:19:08   France has a different relationship between business and commerce, you know, corporate espionage is a thing that, or government assisted corporate

02:19:15   espionage is a big thing in China. So

02:19:17   what I wish the NSA were doing was

02:19:20   constantly working to find, report, and release information about these kinds of flaws that affect American companies or companies around the world

02:19:28   that are in products that are shipping that we're using. Like that would be a better use of resources at some level to

02:19:33   secure America, you know, on top of their mission of, you know, finding the flaws and exploiting them.

02:19:38   I don't know. It's... that would have more impact on business to not have, you know,

02:19:42   Boeing's plans ripped off or Google's servers broken into. I think they do some of that.

02:19:48   There's some parts of government do some of that, but...

02:19:50   Well, that's a good point to wrap up. Glenn, that was a great show. I appreciate your time.

02:19:56   What do you want to promote? What do you want to tell people to check out to find you? Because

02:20:00   if you need more Glenn Fleischman, don't follow him on Twitter. Whatever you do,

02:20:04   don't follow this guy on Twitter.

02:20:06   Oh my god, it's like a curse. I think people, if you're bad in life, you're required to follow

02:20:11   me and then read all my tweets. Well, the magazine's book is actually, it's at The Printers Now,

02:20:16   and it's gonna be shipping soon.

02:20:17   And the ebook version is more or less done.

02:20:20   And we've released the PDF form of that to backers

02:20:22   and we're finishing our other ebook flavors.

02:20:24   - What's the print run?

02:20:25   - The print run is about 1500.

02:20:27   Making a small print run, we have about 1150, 1200

02:20:30   committed to backers and other people.

02:20:32   And you can go to the-magazine.com/book

02:20:36   and pre-order a copy of either the ebook

02:20:39   or the print book or a bundle.

02:20:42   And we're gonna be shipping out books probably,

02:20:45   gosh, I hope within a week or ten days the books will actually be in some people's hands,

02:20:49   because it's the future and books get printed fast. Not only is digital fast,

02:20:53   but books get printed fast. And it's very exciting. It's got white foil embossing on

02:21:00   the spine and things like that.

02:21:01   Exciting. So, it looks good?

02:21:03   Yeah, I've seen all the proofs. I've got color proofs and jacket proofs and it's gonna be,

02:21:07   it's gonna be a really nice book and good stories and it'll be something to cherish for generations.

02:21:15   No, it'll be nice. It'll be great. It's what I was hoping is we're going to have a really nice

02:21:18   We did we try to do everything right so the print version would really be something that was a keepsake and

02:21:23   It'll be something you would actually enjoy having a copy of as a thing as well as all the stories inside

02:21:28   And I feel like we're gonna we've hit that mark a year or two. I tweeted something to the effect of

02:21:33   Oh my god, you guys there's a store here

02:21:36   There's a huge store here filled with nothing but shelves of printed out ebooks

02:21:42   It's amazing and I so many people got it and laugh, but it was probably one of those, you know

02:21:48   I probably got more

02:21:51   People who totally missed that it was a joke than any tweet I've ever had in my life. Well, here's what's crazy

02:21:57   They were like, what's the name of it?

02:21:59   Here's the crazy thing about the modern times, right?

02:22:01   We're doing it was actually much easier to get the book printed than to do the e-book part Wow

02:22:05   Book part is a mess

02:22:07   It's like the book prints, like we send in a PDF and they kill a bunch of trees and squeeze ink cows or something and they make a book.

02:22:15   But the electronic part is hard. But what I'm going to wind up doing is we're going to have the hardcover book offset print.

02:22:21   We'll have the ebook, which will be 300 pages. The hardcover book is 216. So we have a bigger ebook because we were able to fund that in the Kickstarter.

02:22:29   And then I'm also producing a print on demand version that will be a larger size because our hardcover book's format is smaller.

02:22:35   I've made a different document in InDesign, that's the ebook version, 302 pages, that

02:22:41   will be available print-on-demand because it is so goddamn expensive to ship overseas,

02:22:46   but ebooks or print-on-demand are printed locally.

02:22:49   So people in Europe and in Canada at least will be able to get, it'll be black and white

02:22:54   instead of full color, but they'll be able to get an affordable version of the ebook

02:22:58   as a print-on-demand title.

02:22:59   So ebooks are much more, like print is incredibly easy now

02:23:04   as a, because I don't have to deal with any

02:23:06   of the printer stuff, I just give them a PDF.

02:23:08   Ebooks, you're like in there like making sausage

02:23:11   and your hands are bloody.

02:23:12   - So it really isn't a joke anymore though

02:23:13   that you can commercially print ebooks.

02:23:16   - It's true, it's like--

02:23:17   - And then it's a different industry than printed books.

02:23:20   - There's different chains of command,

02:23:21   but it's like, it is, no, I'm printing, that's right,

02:23:22   I'm printing my ebook, it's all, yeah.

02:23:26   It's a weird world in which having giant chunks of paper wrapped and printed is easier than ebooks,

02:23:32   but that is the world we live in.

02:23:34   Well, I'm glad to hear it, and I look forward to seeing it.

02:23:36   Thank you.

02:23:36   All right. Thank you, Glenn.

02:23:38   Pleasure.