The Role of Trust in the IoT

Shutterstock Image

I’m actively seeking a new job, please see the above subtitle. If you want to learn more consider visiting my Linkedin Profile.

A distinctive characteristic of our species, perhaps the most unique, and the one that has separated us from all the others, is the compounding effect of our technology. Each generation has added to our collective knowledge, improved our processes, and accelerated our development. Today we regularly craft complex products, with billions of internal components, from devices that are one hundredth the diameter of a blood cell. Regardless of how small technology enables us to shrink our creations, another issue that remains constant is that we still need to place our trust in this technology for it to make a difference in our lives. Few people understand how Alexa takes our verbal request and turns it into an answer, the how is unimportant to most. What is important is that when she provides us with information, we can trust and act upon that information. Without trust, technology loses all its advantage; it will fall into disuse and eventually be pruned from our collective knowledge base. Trust is the cement that binds one innovation on top of the next, and it is vital to the advancement of technology. Trust is a fragile construct, though, which can easily be destroyed.

My childhood was enjoyed in a suburb an hour north of the Big Apple. From the mid-1960s through most of the 1970s we’d never locked our doors, even the garage was often left open overnight. Our home was a simple raised ranch tract structure built in a sleepy little town, only a decade more advanced than Mayberry. Most Saturday mornings, I’d ride my bike five miles into town to turn in my paper route money. Then I’d take my wages, buy a slushy near the firehouse, stop at the Radio Shack to see what’s new, and finish with a Big Mac lunch at McDonald’s and arrive home by early afternoon. If the weather were beautiful, I’d swing by the house, pick up my rod and head down to one of a half dozen or more fishing spots on the nearby reservoir. I only needed to be home for dinner. Life was simple, and trust wasn’t earned, it was our default setting. This was decades before my first pager or cell phone, but I always had a dime in my pocket to call home from a payphone in the event the weather turned, or my bike failed. One Sunday, when I was twelve, we came home early from church to find our next-door neighbor’s son sitting on the back steps with several of our prized belongings in his hands. My parents, especially my mom’s trust, was shattered. This single event changed everything and established a new paradigm. We started locking our doors, and my mom gave me a brass key for the first time in my life.

Trust is an interesting attribute; we give it away for free, then we’re shocked when it’s abused or entirely disregarded.
The above brass key represented a simple technological solution designed to bridge the trust my mom had lost in our neighbors. It’s interesting to see how a single small piece of metal, nothing more than a token with a single function, can replace trust lost. Many years later, as a security professional, I learned how easily that custom piece of brass could be supplanted by two generic pieces of spring steel, some skill, and a few seconds. Technology is the distillation of our expertise, processes, and techniques in the production of goods or services, so why is trust important?

As we glide into the age of the Internet of Things (IoT), everything will become interconnected, and trust will be the cement in the foundation on which all this technology depends. I’m in the process of building a new home. It will feature the latest IoT: locks, garage door opener, doorbell, thermostats, smoke detectors, light fixtures, outlets, appliances, speakers, cameras, and even an elevator. Everything will be interconnected, and Alexa will have dominion over it all. As I come home, my garage door will open, and it will trigger a series of events throughout the house if nobody else is already back. The HVAC system will make the necessary adjustments based on my preferences and the time of year. Depending on the time of day, lights may come on in a predetermined sequence, and music will be playing. If my programming works out properly, the TV will display anomalous events since my departure skimmed from the various logs of all these IoT devices. I’ll then know if doors were opened while I was absent, and if so, I can call up and review all motion video captured at each of these points of entry. All of this will require each piece trusting that the others are performing correctly.

This is not to say that we haven’t seen trust in IoT devices be bypassed in the recent past. Three common agents can violate the trust inherent in any system: insiders, outsiders, or the manufacturer. By insiders, I generally mean the average non-technical system user; in the example stated above, it will be my wife, daughter, or parents when they visit. Outsiders are folks with a malicious intent, whose objectives are not aligned with the users, and their goal is the exploitation of the system, often for some revenue-generating purpose. Finally, there is the manufacturer, until the past decade this was a non-issue, but we’ve seen a growth in state-sponsored exploitation of technology in both design and within the supply chain.

A story came out last year where a Nest camera was used by a malicious outsider to terrorize an eight-year-old girl in her bedroom. While the camera was “hacked,” it was later released that the homeowner had a trivial password for the camera and had NOT enabled two-factor authentication (2FA). The attacker used nothing more than a basic web crawling service to find the addresses of Nest Cameras; then, they likely proceeded to use a tool like Hydra to see if any of those cameras had a trivial password without 2FA enabled. Ultimately it was the homeowner who had left the “door open” for this attacker to walk through. While Nest shouldn’t make 2FA mandatory, they could have easily prevented the homeowner from assigning a trivial password to their account.

We’ve seen reports over the years that various SmartPhones have been susceptible to HotMic vulnerabilities by hackers. This malicious code is installed via a targeted spear-phishing attack or social engineering. Once the code is executed that SmartPhones Mic can be enabled or disabled at will be the attacker. This enables the attacker to not only listen in on phone calls, but all the sounds captured by that smartPhone regardless of what application is running or what state the phone is in (unless of course it’s off).

Finally, we have manufacturers who have been both knowingly and unknowingly duped into, including spyware into their products. Laptops have been a common platform for concern in this space, and several spyware apps have shipped with new laptops over the past decade. Servers are a bit harder to infect as they often have no pre-installed applications with the possible exception of the OS. Here we’ve heard stories of supply chains being compromised and covert spy hardware being physically inserted into these products, possibly without the manufacturers being aware of the transgression. Here it’s hard to know the true story.

So as IoT consumers, what can we do? Well, we have four possible courses of action:

1. Become a Luddite, ignore the trend in IoT, and remove all technology from your life. While this is a choice, if you’re reading this, it isn’t one any of us would find acceptable.

2. Be a sheep, blindly trust everyone, buy the latest gear, and auto-install every update. For the vast majority of folks, this is the only viable option. They likely aren’t technology literate much beyond creating a password, and their lives are focused on other more important pursuits.

3. Trust, but read industry news and form your own opinion, then upgrade when your confident it’s appropriate and an improvement. This is where the vast majority of IT folks will land. They’ll stay current with trends, follow Reddit, form their own opinions, and provide support for their families and friends.

4. Trust, but verify by actively doing your network captures. Here is the elite core of bleeding-edge folks who watch their home network on their smartphone for new devices. At least one or more times a year, they’ll do some network captures during quiet times to see what devices might be overly chatty and if there are any latent security threats. They may even have small autonomous systems like Raspberry Pis actively looking for threats, and perhaps even posing as honeypots.

Since IoT devices are always on, they are ideal for co-opting as a distributed denial-of-service (DDoS) attack platform. We’ve seen this happen a number of times over the past few years, one security hole and thousands or even millions of products become launch platforms. IoT manufacturers need to enforce strong passwords on their gear and promote 2FA. They should also annually hire security professionals to test their products and services, and consider sharing those results with their customers in public Reddit groups. Often times customers provide the best feedback to improve a products feature set and security stance.

Autopilot, the Next Killer Application

Tesla Autopilot on the Highway

Yesterday during one of my many calls each week with my seventy-something mom, she mentioned that she might pass on going to her close friend’s 80th birthday party. When I asked why she said that the four and a half-hour drive up the Florida Turnpike was becoming too scary, she said that people are continually cutting her off, and it makes her very fearful. Mom hasn’t had an accident in decades, and she doesn’t have any of the usual scratches and small dents that often deface the autos of our greatest generation. Her vision is excellent, memory is intact, and reflexes are still acceptable. My dad passed seven years ago of lung cancer, and in the final weeks of his life, we had to insist that he no longer drive. At that time, the O2 saturation in his blood would often drop when he sat for a few minutes, and he’d fall asleep due to no fault of his own. Insisting your parent no longer drive and removing access to their car is not a pleasant task.

On relaying this story yesterday to a friend, she mentioned that her mom, also well into her seventies, had significant macular degeneration and was still driving. It wasn’t until her daughter had noticed a dent that her mom volunteered her medical condition. Once that was exposed, they too had to face the task of removing her freedom to travel at will. Another friend has a mom with mild dementia, and while her driving skills are still sharp, she sometimes forgets where she is going or how to get home. They chose to put a tracker on her car and geofence around her house, church, and market so that if she stays within a half-mile of this triangle, she can roam at will. If she gets worried or “lost” family members can quickly look up on their smartphones where she is and calmly provide her with verbal directions to guide her to her destination. While I don’t agree with this approach, it’s not my place to tell them otherwise. Driving is a privilege, but over a certain age, we often perceive it as a right, and taking that away from someone can be mentally crippling. Autopilot should be a fantastic feature for this demographic, but unfortunately, they aren’t, and never will be, intellectually prepared to adopt this feature. We need to get there in steps.

Many were surprised by a Super Bowl commercial this year aptly named “Smaht Pahk” where a 2020 Hyundai Sonata parks itself into an otherwise tight spot. This feature is made possible because of a new breed of computer chips that fuse computing and sensor processing on the same chip. When we say sensor processing, in this case, we’re talking about receiving live data from 12 ultrasonic sensors around the car, four 180-degree fisheye cameras, two 120-degree front, and rear-facing cameras, GPS and an inertial measurement unit (IMU). This is then all consumed by some extremely smart Artificial Intelligence, which then finds and steers the car into a safe parking spot. This article, though, is about Autopilot, so why are we talking about self-parking?

As technology marketers, we’ve learned that cutting edge features, will quickly become a boat anchor if consumers aren’t intellectually prepared to accept it. My favorite example is the IBM Simon; arguably, the first smart phone brought to market 13 years before Steve Jobs debuted the “revolutionary” Apple iPhone. The Simon was on the market for only seven months and sold a mere 50K units. Even more surprising, the prototype was shown two years earlier at the November 1992 COMDEX. There will always be affluent bleeding-edge, early adopters, in the above case 50K, who will purchase revolutionary products, but the gulf between sales to these consumers and the mass market can often be enormous. IBM was correct in pulling the Simon so quickly after its introduction because mass-market consumers were at least a decade behind in adoption. We needed to experience MP3 players in 1998 to accept the Apple iPod three years later in 2001. We also needed to carry around a wide assortment of cell phones, personal organizers, and multifunction calculators. Every one of these devices prepared consumers for the iPhone in 2007. As technology marketers, we need to help consumers walk before we can expect them to run.

Self-driving cars have appeared in science fiction movies many times over the years, one of my favorite scenes being Sandra Bullock in “Demolition Man” (1993) set in 2032. Self-driving isn’t even mentioned; she’s busy face-timing with her boss as her car speeds down the highway. In the foreground, the steering wheel is retracted and moving on its own. We need to slow-roll the public into becoming comfortable yielding control of driving over to the car itself. Technologies like “Auto Emergency Braking” and accepting help from “Lane Keeping Assist” along with “Smart Park” are feature inroads that will make self-driving commonplace. Given how consumers adopt technology, it wouldn’t be surprising at all if its 2032 before self-driving becomes standard in most vehicles. Now Elon Musk, and his team at Tesla, are all brilliant people, as were the IBM Simon team. The difference, though, is that Tesla is selling a car first while delivering a mobile computational platform. The IBM Simon was viewed as a digital assistant first and a phone second. The primary functionality is critical to consumer perception. Consumers know how to buy a car, heck we have a century of experience in this market. Conversely, if Tesla had chosen to market their technology as a mobile computing platform, they’d have gone out of business years ago. I’m sure some readers are still scratching their heads at the notion of a mobile computing platform.

Consumers have become comfortable with their smartwatches and phones, tablets, and computers, all autonomously upgrading while we sleep, so why should their car be any different? Imagine a car whose features are updated remotely and autonomously at night while it is charging. Today Tesla’s Autopilot is restricted to highway driving, with smart features like lane centering, adaptive cruise control, self-parking, automatic lane changing, and summon. Later this year, via a nightly update, some models will pick up recognizing and responding to traffic lights and stop signs, then automatically driving on city streets. So how is this possible? It all goes back to the technology behind self-park.

For all these advanced driving features to take place, we need to put computing as close as possible to where the data originates. Also, these computations need to be instantiated in hardware, easily reprogrammable, ruggedized and run as fully autonomous systems. General-purpose CPUs or even GPUs won’t cut it; these applications are ideal for FPGAs coupled with complete systems on a chip. People aren’t going to wait while their car boots up, then loads software into all its systems. We are accustomed to pressing a button to start the car, shifting it into gear and going.

A truly intelligent autopilot that could go from the home garage to a parking space at the destination and back would address all the above issues for our greatest generation. My mom, who can still drive, should be content supervising a car while it maintains a reasonable highway speed and deftly avoids the automobiles around it. She could then roam from her home in the Florida Keys up both coasts to visit friends because she’d once again be confident behind the wheel. Autopilot is the solution our aging boomers require to maintain their freedom till the very end. Unfortunately, many are too old to accept it intellectually, my mom included. The tail end of the Boomers, perhaps those born in the early 1960s, are the older side of Tesla’s core demographic for this $7,000 Autopilot feature. It’s a shame that the underlying technology and its application came to late for my mom, and her generation.

Could I Mine Bitcoin and Turn a Profit?

Large Scale Mining

When people find out that I’m connected to digital currency mining the first question they often ask is the one above. Sadly, as an individual, the answer is no. It would cost you roughly $200 to get started, and $1.74/day, yes, it’s a money pit right now, to call yourself a Bitcoin miner. Oh, and you’d probably drive your family crazy with all the noise. Here are the economics behind Bitcoin (BTC) mining at this moment.

Today, and today is important because all the numbers below are very fluid, a new Bitcoin block is mined every 11 minutes and produces a block reward of 12.73 BTC. This includes additional fees that are earned in the process. Using the following formula, we can see that roughly 70 BTC are earned hourly:

(12.73 BTC / Block) * (1 Block / 11 Minutes) * (60 Minutes / Hour) = 69.44BTC / Hour

24 hours / day * 69.44BTC / hour = 1,666.56 BTC / Day

At this moment in time, the total computational power working to mine BTC is 82,030 Peta Hashes per second or to convert it to more standard units that are 82,030,000 Tera Hashes per second. One of the most affordable and efficient miners available now is the Bitmain Antminer S9K, which retails for $101, but after import taxes and shipping from China, expect it will run you $200. This box produces 14TH/sec, so if you put one of these online, you’d represent 0.0000001707 of the total capacity right now. Multiply that by the daily BTC reward, and you could earn 0.0002344 BTC a day. With BTC trading at $7,608USD, that would mean you could earn $1.78USD/day before mining pool fees and the cost of power. Pool fees often run at 5%, so this brings your earnings down to $1.69USD/day. The S9K miner draws 1.19KW, so at $0.12/KW, this means it requires $3.43/day in electricity, so you’d be out of pocket $1.74/day.

If we were to calculate things back a bit, we would find that if BTC were trading at something over $14,633/BTC, we would be breaking even.

If we ever want to earn back our $200 capital investment, we would then assume a six-month return, the industry rule of thumb in mining today for ASIC rigs. This would require earning at least a $1/day after costs, so that would require that the price of BTC remain at or above $18,900.

Now one could adopt the famous “mine and hold” strategy, meaning that you hold onto every BTC you earn, and then sometime six months or more in the future when BTC is trading above $18,900 if you were to sell you’d at least break even.

It should be noted that in May of 2020, Bitcoin will go through a halving event and rewards for each block after that will be cut in half, and at that point, the price of BTC is expected to climb significantly. So mine and hold could pay off in spades.   

One final thing to consider, these BTC mining rigs are essentially two 5.25″ fans blowing air over hundreds of chips, so they are noisy and hot. They are 1200W space heaters that happen to produce a little BTC. So if you do want to venture into this market as an individual, you should consider doing it in a sound-proof room and then venting the heat to someplace useful, perhaps grandma’s room, she’s always cold. 

*Note: This numbers were on November 21st when this piece was first written. Since then Bitcoin has gone from $7,608 to $6,632, so its now even less profitable.

Mining, and the Importance of Knowing What, How, When, and Where?

It doesn’t matter if you’re panning for gold, drilling for oil, or mining Bitcoin, your success is bounded by your best answers to what, how, when, and where? Often the “what” and “how” are tightly linked. If you own oil drilling equipment, you’re probably going to continue drilling for oil. If you buy an ASIC based Bitcoin mining rig, you can only mine Bitcoin. Traditionally “when” and “where” are the most fluid variables to address. A barrel of crude oil today is $57, but over the past year, it has fluctuated between $42 and $66. Similarly, Bitcoin, during the same year, has swung between $3,200 and $12,900, so answering the “when” can be very important. Fortunately, digital currencies can easily be mined and held, which allows us to artificially shift the “when” until the offer price of the commodity achieves the necessary profitability. In digital currency mining, the term is sometimes written HODL, originally a typo, but it has since morphed into “Hold On for Dear Life” until the currency is worth more than it cost you. Finally, we have the “where”, and I’m sure some are wondering why “where” matters in digital currency mining.

Moving backward through the above questions and drilling down specifically into digital currency mining as the application. “Where” is the easiest one, you want to install your mining equipment wherever you can get the cheapest power, manage the excess heat, and tolerate the noise. Recently two of the most extensive mining facilities, both around 300MW, have or are being stood up in former Aluminum plants. When making Aluminum, the single most costly component in the process is electricity, and it requires access to vast volumes of electricity. Often these facilities are located near hydro-electric plants where electricity is below $0.03 KW/h. Also, since every watt of power is converted into heat or sound, you need a method for cost-effectively dealing with these byproducts. One of the mining operations mentioned earlier is located in the far northern region of Russia, which makes cooling exceptionally easy. Also, with “where” you need a local government that is friendly to digital-currency mining. In the Russian example mentioned above, it took nearly two years to secure the proper legal support. Some countries like China, until recently, were not supportive of digital-currency mining. For enthusiasts like myself, we locate our mining gear in out of the way places like basements or closets, perhaps even insulating them for sound and channeling away the excess heat to somewhere useful. 

Concerning “when,” that should be now. The general strategy executed by most of us currently mining is known as “mine and hold.” With the Bitcoin halving coming in May, the expectation is that Bitcoin will see a run-up to that point. In the prior two Bitcoin halvings, the price remained roughly the same before and after the event. The last halving was in July 2016, and since then, Bitcoin has gone from a niche commodity to a mainstream offering. In the previous week, Fidelity was awarded a trust license to operate its digital assets business; further proof Bitcoin has gone mainstream. As Bitcoin is the dominant digital currency, it is believed that as it rises, so shall many of the other currencies that use it as a benchmark. So, holding some of the other mainstream digital currencies like Ethereum should also see a significant benefit from a substantial increase in the value of Bitcoin. 

Back to the “what” and “how.” With digital currency mining, you have two criteria to consider when answering the “how,” efficiency or flexibility. If you purchase a highly efficient solution, then it will be an ASIC based mining rig. You will then soon learn, if you haven’t already, that it has been designed to mine a single currency, and that’s ALL it can ever mine. Conversely, if you want flexibility, then an FPGA or GPU miner affords you various degrees of freedom, but again the choice between efficiency and flexibility comes into play. FPGA mining rigs are often 5X more efficient per watt than GPU based rigs, but the selection of FPGA bitstreams is finite, but growing monthly. Both FPGA and GPU rigs can easily switch from mining one coin to another with nominal effort; it’s the efficiency and what can be mined that separate the two.    

Finally, I’ve neglected to address the most obvious questions “why?” This is both the root of our motivation to mine and the fabric of our most social network. “Our only hope, our only peace is to understand it, to understand the why. ‘Why’ is what separates us from them, you from me. Why’ is the only real social power, without it you are powerless. And this is how you come to mewithout why,’ without power.” – Merovingian, “Matrix Reloaded” 2003

Crypto, is it a Currency, Commodity or Security?

With Bitcoin turning ten years old we’re still debating whether it is a currency, commodity or security? Actually, we’re talking about this whole family of digital tokens which are granted as a reward for doing some unit of digital work. The legal status of crypto was brought up again earlier this week as the popular communications platform Telegram was seeking to issue a new token called a Gram. The Securities and Exchange Commission (SEC) has alleged that Telegram’s token will be classified as a security, and as such, they secured a court order blocking the issuance of the Gram last month.

In response, Telegram is seeking the court’s assistance to legally define the status of the Gram token. In their filing Telegram stated that the Plaintiff, the SEC’s,  “claims are without merit as Telegram‘s private placement to highly sophisticated, accredited investors was conducted pursuant to valid exemptions to registration under the federal securities laws and Grams will not be securities when they are created at the time of launch on the TON Blockchain,” the filing reads. Furthermore the “[…] Plaintiff has engaged in improper ‘regulation by enforcement’ in this nascent area of the law, failed to provide clear guidance and fair notice of its views as to what conduct constitutes a violation of the federal securities laws, and has now adopted an ad hoc legal position that is contrary to judicial precedent and the publicly expressed views of its own high-ranking officials,” it adds.

The Telegram team had “voluntarily engaged” with the SEC prior to their filing in an effort to be on the proper side of the governing laws and regulations. Unfortunately, the SEC failed to assist Telegram and only engaged when they moved to enforce their newly established position. Telegram has since suspended the launch of the Gram. Perhaps when Securities is in the name of your agency you default to viewing new nebulous tokens as securities thereby expanding your domain of control and further establishing your relevance in the new rapidly expanding crypto market.  

We often seek to classify Bitcoin as a currency, but honestly, it fails even the most basic test. A currency is a “generally accepted medium of exchange for goods or services” and I’m sorry, but Bitcoin isn’t “generally accepted” even after a decade of use, perhaps one day, but not today. I’ve bought mining hardware with Bitcoin, and there have been some trendy businesses willing to accept it, but it is by no means generally accepted. Wikipedia does view Bitcoin and some of its popular cousins like Ethereum, Litecoin, and Monero as “Alternative Currencies”, but honestly, they are used as commodities. Wikipedia defines a commodity as a “marketable item produced to satisfy wants or needs.” That sounds more like crypto, furthermore, the “price of a commodity good is typically determined as a function of its market as a whole.” In crypto, there are three ways to turn a profit. You can mine blocks for the reward, receive transaction fees or trade. There are variations in the origin of mining revenue from how the effort is applied, proof of work, proof of stake, and perhaps others, but in general, it is a reward for maintaining the blockchain and the network.

A hobbyist can still squeeze out a few bucks a day mining alternative currency, while Bitcoin and Ethereum mining are for the really big boys, the institutional miners. Outside of these big institutional miners these days most of us make money in crypto by trading it. Dozens of applications have cropped up for our Smart Phones to enable us to trade crypto 24/365. How many of us have stagnate limit orders to sell off some overpriced crypto we picked up in the run last week? All of this will change again when China releases its digital currency in the coming months or when Facebook issues Libra next year. This week “Facebook Pay” was rolled out as the next step to condition Facebook users into paying for goods and services within the platform. As nearly two billion users become familiar with using the platform as a method of payment then it will be trivial for Facebook to slot in Libra and over time phase out PayPal and other more traditional methods of payment. As Libra becomes accepted as a “generally accepted” medium of payment crypto will have made the jump from commodity to currency.  

Bitcoin Isn’t Anonymous

There is this misconception that one of the key features of Bitcoin as a currency is that it is anonymous, nothing could be further from the truth. In fact, it is even less anonymous than using your credit card as the transaction is posted publicly on the Bitcoin blockchain. Last Wednesday, October 16th, 338 people across 38 countries worldwide learned this first hand. That day the US Department of Justice unsealed indictments against “Welcome to Video” (WTV) and its partners, distributors, and customers. With over one million users WTV was the largest child pornography site ever shut down by law enforcement. Think “Plato’s Boys” and Ron, of “Ron’s Coffee” in the June 2015 “Mr. Robot” pilot, only three times bigger! WTV was executing the complete dark web playbook for conducting illicit activity. They leveraged TOR, The Onion Router network, to distribute content, and Bitcoin to obfuscate funds distribution. What they didn’t know was that companies like Chainalysis exist which crawl through the Bitcoin blockchain and build transaction dependency graphs.   

Chainalysis Graph

Bitcoin was the first and is the most popular digital currency, which makes it easier to use, but it was never designed for anonymity. Think about it, you share the same public wallet ID repeatedly in the clear to accept or send a payment, how can this be anonymous? While a wallet ID isn’t as cut and dry as a credit card number or bank account number and routing ID it is easily traceable through the blockchain. In real life the proceeds from illicit transactions need to eventually be spent on goods and services, otherwise, what’s the point. To do this involves an Exchange that turns Bitcoin into a fiat currency, like US Dollars or UK Pounds Sterling. These exchanges hold the key to translating a public wallet ID into a name and financial institution.     

Law enforcement, working in concert with charities focused on eliminating human trafficking, obtained the public wallet ids used by WTV. Then through Chainalysis’s dependency graph, they could trace customer payments made to WTV as well as payments WTV made to their content suppliers and distributors.  WVT suggested six different Bitcoin exchanges to its customers and partners. From the unsealed indictment, samples were provided of at least three of those exchanges where they translated public wallet IDs into the end user’s name and their banking details. Just another case of following the money. Now I’m not saying that ALL digital currencies are not anonymous. There are at least five newer privacy-based coins like Monero, Dash, ZCash, Verge and Bitcoin Private that exist to provide anonymity, but they’re a story for another day.

Blockchain is the Next Internet

The Internet came into our homes through the phone line, then later cable and more recently fiber. Over 35 years, our digital home connection has grown from 300 bits/sec to one billion. Along the way, we’ve moved from time-share services, which were painful to watch as texted scroll down the screen, to 4K streaming video. Now we download tens of billions of bytes of data in a few minutes with no regard for bandwidth, unless it appears “slow.” The Internet has changed our lives, and guess what? Starting next year, digital currencies will do it again, think Bitcoin, but not Bitcoin itself rather other competing technologies.

Like the Internet, we’ve been eased into digital currencies one step at a time. First with credit cards, then debit cards, and later we added PayPal to handle our eBay sales and purchases. Have you ever left the proceeds from an eBay sale on account with PayPal before eventually spending or moving it into your bank? If you did, then you were using PayPal as a digital wallet, a store of value. Soon after, came Apple Pay, Google Pay and Venmo all more formalized digital wallets specifically designed to store value. The unit of measure within all these systems, at least in the US, is the dollar and they are all digital currency systems. If we look outside the US to China for some examples, we find WeChat and Alipay which are two wildly popular payment platforms.

Alipay is like Apple Pay, but in 2018 it processed nearly 200 billion transactions, by contrast Visa only processed 182 billion transactions worldwide. In June Apple Pay was averaging a measly one billion transactions a month. WeChat is a payment system built on top of a text messaging platform. It also includes a digital wallet element enabling near-frictionless payments between people or businesses, and it processed an amazing 460 billion transactions in 2018. The twist to all of this is that both WeChat and Alipay use the fiat currency of China the Yuan, and both applications are required by Chinese cyber laws to retain all data for six months and to provide backdoors that enable the government to collect whatever data it wants. China doesn’t officially allow access to Facebook and has taken a very hard line on digital currencies like Bitcoin. As you can see we’ve all been properly prepared and programmed to begin accepting other forms of payment. Is it too much of a jump to think you may soon pay an online vendor in something other than dollars?

The catalyst for this epic shift towards digital currencies comes in the form of Facebook which is poised to deliver Libra, their new “stable digital currency”, sometime in 2020. A stable digital currency is one that is pinned to one or more fiat currencies. In Libra’s case, they are accepting deposits in US Dollars, Euros, the British Pound, and the Japanese Yen. This is designed to ensure that the value of Libra doesn’t swing widely around like we’ve seen with Bitcoin over the past several years. Even with these fiat currency tie-downs governments around the globe are fighting Facebook and its release of Libra knowing the danger it represents.

The principal tool a country leverages to control its citizens is its currency. Countries can track currency through the banking and taxing infrastructure already in place. We’ve all watched police dramas where the investigator pulls up the financial records of the suspect, they literally follow the money. Decentralized anonymous digital currency systems provide NO capability to track or control the users of that currency. This is why Facebook will be standing toe to toe with the US Federal government in a series of hearings starting the 23rd of October. Libra has other companies and countries around the globe scrambling to secure a toe-hold in the digital currency market before Facebook dominates everything. In a prior post, we talked about Facebook and Libra, so you can visit that if you’d like to learn a bit more. JP Morgan Chase, Wells Fargo, Fidelity, Amex, and Amazon are all rolling out or supporting digital currency or payment systems. While countries such as China and the US along with the EU are also moving fast to issue alternative digital currencies and bring online payment systems out to secure their position before Libra has a chance to become the fiat (default) currency of the new economy.

Five large companies that are setting the pace for digital currencies are JPMorgan Chase (JPMC), Wells Fargo, Fidelity, American Express (Amex) and Amazon. In June JPMC announced it was beginning trials of its “JPM Coin”. This new coin is a private version of Ethereum running on the Quorum blockchain but developed by JPMC. JPM Coin is designed to be a “stable cash” coin with JPMC depositing cash to secure these tokens. Real-world trials will begin in a few months. Initially, it will be used internally to process transactions and to settle bond and commodity trades. “Wells Fargo Digital Cash” like JPM Coin, is their stable cash token and it will also be used internally to settle transactions throughout the Wells Fargo global network. Wells Fargo has announced that later this year it will be enabling JPMC to also gain access to this network. The real value for both Wells and JPMC is the underlying blockchain secure ledger technology. Amex is also running down the blockchain path as they are a significant player in the Hyperledger project. One of Amex’s largest expenses is its rewards program, so they’re moving to Hyperledger as a means for tracking rewards and for dynamically executing rewards promotions. While JPMC and Wells are pushing coins and blockchains, Fidelity has gotten even more creative. Fidelity is pushing out Kn0x which is insurance for digital currency a customer or institution has stored with Fidelity. This is insurance against theft or loss of the currency, not against any decline in the value of the currencies. One of the biggest concerns around digital currencies is the theft or loss of the tokens themselves. By contrast, Amazon has gone old school in September by teaming up with none other than Western Union to roll out “Amazon PayCode” in the US, it was available Internationally prior to September. This enables Amazon users, who only have hard cash, a way to pay for Amazon products. It should be noted that in 2017 Amazon has offered customers “Amazon Cash” which is an Amazon digital wallet that stores a cash balance. This wallet can then be used to pay for Amazon purchases. Amazon has also been buying up digital cash related domain names in an effort to hedge it’s bet if it were to roll out a coin of its own, along the lines of Overstock’s Ravencoin. Countries are also jumping on the digital currency bandwagon to head off Libra.

While the United States is NOT rolling out a digital dollar anytime soon it is delivering a “real-time payment service” called Fednow designed to settle bank to bank transactions in near real-time. This is in some ways like what Wells and JPMC are doing. It will eventually replace the overnight ACH system currently run by the Federal Reserve. The EU has the Bank of International Settlements or BIS. Which is somewhat shrouded in secrecy and is doing something, but exactly what is still TBD but something akin to a Eurocoin is rumored to be in the works.  Meanwhile, China is poised to release it’s Digital Currency Electronic Payment (DCEP) system that is really nothing more than a digital Yuan. It is expected that Alipay and WeChat will jump right on board and may already have completed their integration efforts. The real question is what is China waiting for?

Digital currencies and electronic payment systems are rapidly becoming pervasive. Today there are nine digital wallets on my phone; Apple, Venmo, and PayPal, exclusively use dollars, at least while I’m in the US. The other six wallets support currencies like Bitcoin, Ravencoin, Ethereum, and a few others. With a bit of effort, I can move value between dollars and these other currencies forever obfuscating the source of these funds. Several of these wallets are gaining value on their own through mining digital currencies so the source for these funds was secure from their inception, but that’s a blog for another day. The point is that digital currencies are here to stay, and they’ll become as pervasive as the Internet over the coming decade.

Today there are nine digital wallets on my phone; Apple, Venmo, and PayPal, exclusively use dollars, at least while I’m in the US. The other six wallets support currencies like Bitcoin, Ravencoin, Ethereum, and a few others. With a bit of effort, I can move value between dollars and these other currencies forever obfuscating the source of these funds. Several of these wallets are gaining value on their own through mining digital currencies so the source for these funds was secure from their inception, but that’s a blog for another day. The point is that digital currencies are here to stay, and they’ll become as pervasive as the Internet over the coming decade.

Digital Currency: The Intrinsic Value Argument

US Treasury Silver Certificate

“Money hasn’t been real since we went off the gold standard. Its become virtual, software, the operating system of our world.”

Mr. Robot, Season 1 eps1.0_hellofriend.mov, June 24, 2015

When friends say that Bitcoin “has no value because there is nothing behind it”, you’re being sucked into the “intrinsic value argument.” Intrinsic value means that the token you’re discussing has an obvious value which requires no faith or belief in ANYTHING. Coins were once a good example of a form of money that had intrinsic value because the metal in the coin was gold or silver and could easily be melted down to make something else of value. Today, most citizens have been seduced by the illusion that their countries currency, in our case the dollar, has intrinsic value. This is a lie; a dollar is worth nothing more than what we collectively believe. This has been true since 1971 when the US completed going off the gold standard. As a boy, I remember coming across US dollar bills with a “Silver Certificate” banner across the top (like the one pictured above). At one time you could take those specific currency notes to a Federal Reserve Bank and exchange them for an equal amount of silver coins, this was the final vestige of the dollar having some sort of intrinsic value. Today those notes are rarely if ever encountered in circulation as most of them have been destroyed or collected. If you were to hand a silver certificate to a twenty-something bank teller today and demand real silver they’d either look at you with a dumb stare or check to see if you’d arrived in a smoking DeLorean.

Now some might argue that you can take a dollar bill and exchange it for quarters or half dollar coins that have an intrinsic value. Years ago, this was true, Quarters minted before 1964 were silver, but from 1964 on the US moved to alloys by mixing in less valuable metals like Nickel, Copper, and Zinc. Today a US Quarter is 92% Copper and 8% Nickel so if you were to melt four of these down, separate out each metal and sell them off at current market prices you’d have lost 86% of the perceived value of your original dollar bill. Note that it doesn’t account for your time spent doing all this work, and the energy required to melt down the coins. This means that even our coins have marginal intrinsic value. Now if you’re reading this in another country guess what, all this applies as well, no country today is on any form of precious metal standard. The ONLY value ANY currency has is our collective belief, our confidence, that it does, in fact, have value.

Furthermore, we regularly buy and sell stocks, bonds, and other securities that also have no intrinsic value, does that make them any more or less “real” than Bitcoin? Today the market capitalization of Bitcoin is $150 billion dollars, making it as valuable as Citigroup. You need only check your wallet to see just how real Citigroup is as you’re likely carrying around a Citigroup card. Is Bitcoin any less real than that seemingly worthless piece of plastic? Companies are legal constructs, that can be created or destroyed overnight. We’d need only look at Enron and Thomas Cook for example. They were once legal constructs just like Citigroup. Our monetary system is based on confidence, nothing more.

“In the fallout of the Great Depression, FDR closed all the banks for a bank holiday and then he reopened them in stages when they were reported to be sound. Later, historians discovered what we in this room now know; that those reports, they were mostly lies. Nevertheless, it worked, it worked because the public believed the government had everything under control. You see? That is the business model for this great nation of ours. Every business day when our market bells ring, we con people to believing in something: The American Dream, family values…; could be freedom fries for all I care. It doesn’t matter! As long as the con works and people buy, sell whatever it is that we want them to.”

CEO Phillip Price, Mr. Robot, eps2.0_unm4sk-pt2.tc, July 13, 2016

While this quote is somewhat dark it crisply demonstrates a historic example of how trust, and by extension confidence, is the foundation of our monetary system. So next time someone says Bitcoin is worthless ask them if they own any stock.

P.S. Mr. Robot returns Sunday night October 6th for its fourth and final season.

Digital Currency: Money, Our Second Social Network

This is the first in a series designed to dispel the mystique of digital currency, think Bitcoin, but trust me we’ll go way beyond that. My goal is to explain in common language all you’ll need to know about digital currency, so you can confidently answer questions when you sit down with your first social network, your family.

As a species, our most significant evolutionary trait is our capability for building social networks. While social networks are found in many other high order mammals, we really do take it to the next level. Let’s face it for our first 36 months outside the womb we’re pretty much a defenseless bag of water rolling around wherever we’re placed. We can’t even effectively flee from even the most basic predator without assistance. From the moment we’re born we establish strong bonds with our parents and siblings, who become our first social network, our family. In our formative years, this network fills all our basic needs. It is this first network that introduces us to the second network we join, often very early in life, and that is the network of money.

Initially, we learn how to spend our first social network’s money as we roll down the aisle of the market and point out the foods we like. Soon members of our first network are sharing their money with us in return for our time when we do a task or achieve a milestone. Many of you up to this point possibly never viewed money as a social network, until recently it hadn’t occurred to me, but in fact, it is. On its face money is nothing more than a worthless token designed exclusively to be exchanged. It is these exchanges that form a network of commerce. If you closely examine your tightest social bonds, outside of your first network, they very likely were started or fueled by money. Outside of family one of my closest friends exists because over a decade ago I exchanged money in return for joining another social network. While I haven’t been associated with that network for years, this friend still shows up whenever I need him most, and it’s no longer about money.   

Terminology is critical to our understanding. Mentally we often have trouble grasping something until we can assign it a name. For years you’ve carried money around in your pocket, but have you ever considered it as your fiat currency? Here in the US, our fiat currency is the dollar. It’s very possible you’ve taken it for granted so long you never even viewed it this way. A fiat currency is the one officially sanctioned and managed by the government, another network, under which you live. If you only need one currency, in my case the dollar, then the concept of fiat becomes mute, but what happens when you begin to use more than one?

Sitting here in North Carolina a month ago for the first time in my life I need to spend some Bitcoin which I’d been gifted a few years earlier. Bitcoin is the most well-known digital currency, but it is NOT a fiat currency because it hasn’t been issued by a government. The vendor I wished to purchase a small digital currency mining rig from in China ONLY accepted Bitcoin, NOT my US dollars via credit card. At the time Bitcoin was trading around $10,000 USD so buying something for $250 USD meant I was spending a fraction of a Bitcoin. I’m only aware of a single fractional unit of a Bitcoin and that’s called a Satoshi which is equal to one ten-millionth of a Bitcoin. So, I shelled out roughly 2.5M Satoshi for my rig and anxiously awaited its arrival. We’ll dive more into Bitcoin and Satoshi in future posts, but I thought it a prudent example where the fiat currency wasn’t accepted. Next year we’ll have Libra, Facebook’s digital currency, and that’s already giving those who manage our fiat currencies serious concerns.

In computer science, there’s a concept called Metcalfe’s law which states that the value of a network is equal to the square of the number of nodes or members in that network. My extended family has roughly fifty members, so its potential value is fifty squared or 2,500. My friend has nearly 100 in his extended family, so his family’s value is 10,000. Metcalfe’s law came along with computer networking, long after Alexander Graham Bell had invented the telephone, but Bell was aware that the value of his invention would only be truly realized once it had been widely adopted. Within 10 years of its invention over 100,000 phones had been installed in the US. Bell died 46 years after his invention knowing that his new network had changed the world.  

Facebook is the largest social network our species has ever created. With over two billion active users this means that one person in four uses this network monthly. Right now, the clear majority of those two billion people live their lives with their fiat currency, and unless they travel they rarely if ever deal with another. Next year Facebook will issue its fiat currency, Libra, and it will change everything. Now it should be noted that Facebook isn’t a country so the concept of them issuing currency has raised some serious concerns from those who do issue currency. Countries around the globe are taking Facebook’s Libra head-on because they know it represents a Pandora’s box of problems for their own monetary systems, and here’s the main reason why.

Looking at Facebook as a network we could say its value is two squared or four, for now, let’s drop the all the billions as it just makes the numbers incomprehensibly large. The US has a population of 0.327 billion so the value of it as a network (again without the billions) is 0.1 and China has a population of 1.386 billion, so the value of its network is 1.9. If we now view these countries populations as networks, we see that Facebook’s value is twice that of the US and China combined. Extend that to currencies and you can why all the fuss, and why you might need to understand digital currency.

Next, we’ll dismiss the intrinsic value argument, that’s where grandpa says Bitcoin is worthless because there’s nothing behind it. You can then counter with the US went off the gold standard decades ago so why isn’t the dollar worthless? We’ll provide you with that side of the argument.    

Size Matters, Especially in Computing

Yes, this is a regular size coffee cup

The only time someone says size doesn’t matter is when they have an abundance of what it is that’s being discussed. Back in the 1980s some of us took logic design and used discrete 7400 series chips to build out our projects. A 7400 has four two-input NAND gates, with four corresponding outputs, as well as power and ground pins. It is a simple 14 pin package about 3/4 of an inch long and maybe a quarter-inch wide that contains a grand total of sixteen transistors. Many of the basic gates we needed for our designs used that same exact package form factor which made for great fun. Thankfully we had young eyes back then because often times we’d be up till all hours of the night breadboarding our projects. We knew it was too late when someone would invariably slip up, insert a chip backward, and we’d all enjoy the faint whiff of burnt silicon.

Earlier this month Xilinx set a new world record by producing a field-programmable gate array (FPGA) chip which is a distant cousin of the 7400 called the Virtex Ultrascale+ VU19P. Instead of 16 transistors, it has 35 billion, with a “B”. Also, instead of four simple two-input, one output logic gates, it has nine million programmable system logic cells. A system logic cell is a “box” with six inputs and one output that is fully configurable and highly networked. Each individual little “box” is programmed by providing a logic table that maps all the possible six input combinations to the single output. So why does size matter?

Imagine you gave one child a quart-sized Ziplock bag of Legos and another several huge tackle boxes of pre-sorted bricks including Lego’s own robotics kit. Assuming both children have similar abilities and creativity which do you think will create the most compelling model? The first child’s solution wouldn’t be much larger than an apple and entirely static. While it could be revolutionary, it is limited to the constraints of the set of blocks provided. By contrast, the second child could produce a two-foot-tall robot that senses distance and moves freely about the room without bumping into walls. Which solution would you find compelling? In this case size matters in both the number and type of bricks available to the builder.  

The system logic cells mentioned above are much like small Lego bricks in that they can easily replicate the capability of more complex bricks by combining several smaller ones. FPGAs are also like Legos in that you can quickly tear down a model and re-use the build blocks to assemble a new model. For the past 30 years, FPGAs have had limitations that have prevented them from going mainstream. First, it was their speed and size, then it was the complexity of programming them. FPGAs were hard to configure, but the companies behind this technology learned from the Graphical Processing Unit (GPU) market and realized they needed tools to make programming FPGAs easier. Today new tools exist to port C/C++ programs into FPGA bitstreams. Some might think that the decade of 2010 was the age of the GPU, while 2020 is shaping up to become the age of the FPGA.