 First I'd just like to thank everyone for coming out and making this great DEF CON. This has been my first DEF CON and I've really enjoyed it. I had a lot of great speakers here and it's been fabulous attending and just hope speaking is half as fun. Anyway, my handle skunk works and today I'm going to be talking to you about hacking the global economy with GPUs or how I learned to stop worrying and love Bitcoin. Then first we'll start off with the usual housekeeping. I'm not a Bitcoin developer, I only play one on television. I'm an undergrad in electrical engineering, kind of a phone freak and a hardware guy. This is my, as I said, first DEF CON and I'm not affiliated with Lockheed Martin, just in case you're wondering from the handle. I'm going to try and cover as much as possible in this 20 minute turbo talk. Kind of trying to aim this at all levels of Bitcoin to best, there are all levels of knowledge about Bitcoin to best of my ability. Feel free to go ahead and contact me, anything about the talk or any further questions. And again, talks for informational purposes, don't do anything stupid. So first, kind of some real basics about Bitcoin, how it came about, kind of some of the reasons behind it. I'm sure a lot of you are familiar with this but a lot of other payment solutions online right now are plagued by extremely high fees, you know, you've got high fees by PayPal, you've got fees on debit cards, crazy, crazy interest rates on credit cards. Very little in the way of privacy online right now for payment solutions, aside from Bitcoin, you know, PayPal tends to play money police, they do charge backs all the time, credit card companies do charge backs all the time, they're kind of running your money, you're not running your money. And then of course you've got credit card companies amassing these huge, huge databases of purchase histories and user information really for who knows what. So there's really no way to pay cash online before Bitcoin and that's kind of, sorry, my mic's falling, that's kind of I think one of the main reasons it came about. Then on top of that you've also got the issue of regulation by governments, as we all know in the huge economic collapse after the subprime fiasco. Government regulation is not always a good thing and lack of oversight can really cause some problems and so that's another thing Bitcoin's trying to address is decentralizing money. So then what and who Bitcoin is a decentralized peer-to-peer currency, I'm sure you're all well aware, the slide actually hasn't been updated, it was worth about $100 million when I put the slide together, there's since been another crash, it's down to around $55 million, trading at $8 or so of Bitcoin as of this morning. It's based on shot 256, mined or minted, mostly with GPUs and as far as everyone knows it's legal, it's kind of a bit of a gray area. It doesn't really meet the standards of a currency under U.S. federal law. On the other hand the EFF to my knowledge stopped accepting donations in Bitcoin a while ago so I'm really not completely sure on the legality of it and I'm not sure that anyone is completely sure on the legality of it but it's certainly grown to quite massive proportions and there haven't been any widespread Treasury Department raids on Bitcoin mining operations yet. So Bitcoin was initially put together by this highly enigmatic developer Satoshi Nakamoto. This is likely a pseudonym he left supposedly in 2010 after contributing this huge base of code and kind of the basic rules that the Bitcoin protocol operates on and he may or may not have profited enormously from developing Bitcoin. He may have profited that as if he was running a lot of Bitcoin mining equipment after he first developed the software before he let it go public. No one again is completely sure because of the semi-anonymous nature of Bitcoin. I'm going to touch on this a lot more later. Bitcoin is not at least outright a Ponzi scheme. There's no central company that's running it. It's also really not controlled in much of any manner except these core developers who just basically maintain the code and kind of keep things in running order. It's also not backed by anything. The idea is just kind of, well, you use Bitcoins and I'll use Bitcoins and we'll all say it has value. And the idea being there's scarcity behind them. You can't just kind of pull them out of thin air in great quantities. So that's kind of the idea of the intrinsic value of them even though they're not backed by anything. So basically you've got Bitcoin miners minting Bitcoins with generally graphics processing units. Also application-specific integrated circuits. I'll get to that a little later. When people mine these Bitcoins, they're stored in a wallet.dat file. Then every transaction is hashed into this big chain that kind of goes around the entire network. That's really an oversimplification. Most mining is pulled now but that's kind of the basics of it. Then as we move into the economics, mining is designed to become exponentially harder and harder leading to a finite supply of roughly 21 million Bitcoins. They can be traded in quantities as little as one 10 millionth of a Bitcoin. As I said, they're minted now mostly by graphics processing units but then you can also use CPUs which are quite inefficient now and possibly application-specific integrated circuits as a special piece of hardware only designed for mining Bitcoins may be some of the Bitcoin mining power now. It's loosely tied to other currencies via energy and equipment costs. You'd think Bitcoin just being kind of a decentralized peer-to-peer currency. It would just be a completely free market but the reality is you can only buy computer hardware mostly in US dollars at least from the central distributors and your power costs are still going to be in US dollars assuming you're in US if you're in Europe, it's going to be in Euro, etc. We actually saw that a lot. There was a major deflation again in Bitcoin just last week with the entire debt ceiling fiasco and that kind of had a ripple effect in Bitcoin. We saw Bitcoin prices dropping also. There was another event that kind of happened at the same time but I think the debt ceiling was part of it. Anyway, if Bitcoin does ultimately become a stable currency profits for mining Bitcoins are going to have to go down to zero because mining does become exponentially harder and early adopters have definitely won big in Bitcoin if you started mining back when Bitcoin first started out then you made a lot of money on it. Late adopters at least were still covering costs until about a week ago when we had this second kind of market collapse and supply and demand curves kind of explain everything relatively well if you look at the blue bear that's your supply curve the two red ones are your demand curves and you know basically you just have the shifts those two curves affect your equilibrium that the price will tend towards Bitcoin had a 200,000% inflation over the last several months really really explosive growth to a high of over $30 a Bitcoin back in June then it devalued to about half of that to $15 and then was stable over most of July looked like it was finally tending toward an equilibrium we saw relatively steady trade volume steady prices in Bitcoin markets and then just last week with the whole debt ceiling fiasco combined with a either large break in or large expose of a scam with a site myBitcoin.com about a quarter million dollars of Bitcoins just kind of left when the site went down and no one's exactly sure what's up and that caused Bitcoin prices to drop to around $8 that combined with the whole debt ceiling thing so again this slide's a little outdated this is showing back when I put this together I thought we were kind of looking at an equilibrium price around $14 to $15 great quote kind of to illustrate this $30 spike is media is like the weather only it's man-made weather out of the old Oliver Stoneville natural born killers and that's really pretty applicable to what happened with Bitcoin at the $30 spike I don't think investors alone would have ever put it up to $30 that quickly if it hadn't been for all the media attention and media just kind of created a very very large demand poll inflation people were just buying Bitcoins left and right sitting on them and that's what drove the prices up so high really to unsustainable levels when you had this big currency exchange Mt. Gox getting hacked I'll get to that a little later in my talk and they you know that really just kind of caused Bitcoin to lose a lot of its value and then as I said there was the second break into an eWallet provider myBitcoin.com very recently bit caused yet another drop that we don't see on this graph so profit or slow decline there of you can see the exponential scale here of mining profits for your you know Bitcoin miners and this does kind of reinforce the fact that if Bitcoin does survive as a currency it's going to have to stabilize at some type of equilibrium if you try to put a straight line through all those data points you're going to notice you've basically got an exponential drop-off in Bitcoin mining profits down to people just covering costs as time progresses then what's happened in the last several months as the Bitcoin network has gotten so large is you've had people pooling their resources together in Bitcoin mining the reason being that 50 Bitcoins are generated die every 10 minutes roughly it's generally a little faster than that when the network was growing very quickly but you know only having these blocks of 50 Bitcoins being generated every 10 minutes if you're an average Bitcoin miner out there you might be mining one of these blocks every two months so that's where the idea came in of pooling resources together and getting smaller payouts much more quickly then some pool operators are taking a cut the administrator of deepbit.net which was the largest mining pool for quite a while I'm not sure if it still is I haven't really kept up with mining pool stats but he was clearing over $30,000 a month and that's a conservative estimate at one point and that went on for at least two, three months at that rate mining pools introduce a huge attack vector on Bitcoin we had already an incident where deepbit got the payout addresses, the Bitcoin addresses of users that the coins are paid out to changed and I'll cover that a little later in attack vectors but they definitely introduce a pretty large surface that criminals can get at then kind of a scary stuff with botnets and there's already been a botnet spotted in the wild mining Bitcoins is if you have a botnet that plays by the rules there's really no way to distinguish it from regular mining traffic unless you figure out that the botnet is a botnet by looking at command and control channels or finding infected systems etc but looking at the Bitcoin end it looks just like regular Bitcoin miners and the interesting thing with Bitcoin unlike just about everything else is if you're a botnet you're better off not actually trying to DDoS Bitcoin or take it down, you're better off just simply playing by the rules and a couple conservative calculations there are probably dozens of botnets out there right now that could net the botmaster $100,000 a day doing that and frankly we don't necessarily have any way of knowing that a very well coded botnet is not responsible for half of Bitcoin's hashing power at the moment attack vector wallet.dat all of Bitcoin users coins are stored in this single file it is in plain text the Bitcoins represent the public keys and your private keys to write to spend them stored in wallet.dat if you read the freaking manual you're going to encrypt wallet.dat most people don't including this one guy going by the handle all in vain who stored about half a million dollars worth of Bitcoins in a single file he was compromised by some type of targeted attack he lost everything so good quote here based on the findings of the report my conclusion was that this idea was not a practical deterrent for reasons which at the moment must be all too obvious Doctor Strangel from the movie basically what I'm saying here is having a plain text wallet.dat when you've got a lot of non-text savvy people dealing with Bitcoin is inherently a kind of poor idea and you're going to run into a lot of different ways to so-called pick pocket wallet.dat there are people who are leaving their systems wide open sharing their entire hard drive online wire there have been a couple different specialized trojan horses spotted in the wild that specifically grab wallet.dat and upload it and gullible users are gullible they're even open to traditional 419 scams which I'll touch on a bit more basically any third party that's part of Bitcoin you know currency exchanges wallet storage sites that is if you're too stupid to encrypt your own wallet why not outsource it to a kind of virtual bank for Bitcoins gift card exchanges mining pools, lotteries, stock markets all of these services are out there and all of them have varied levels of security Bitcoin protocol itself has a decent level of security I think Dan Kaminski's talk was very illustrative of that you know he did obviously drop that exploit but still the protocol in general is relatively sound but these third parties very wildly in security they're generally a lot less secure than the actual Bitcoin protocol and generally a lot less secure than established financial institutions had deepbit.net the big mining pool getting hacked into closed amount stolen through undisclosed attack vector changing payment addresses and then the administrator tight show reimbursed users for however much was lost one has to think when he was making 30 grand a month he didn't want his income to go away and might have just paid out of pocket who knows then also this big currency exchange for Bitcoin where you could exchange US dollars for Bitcoins, Mt. Gox they were using unsalted passwords for quite a while they switched over to salted passwords but for users who hadn't logged in in a while their accounts still had unsalted password hashes and basically what happened is someone through again an undisclosed attack vector got a hold of the username and you know password hash database ran it through your run-of-the-mill hash lookup table and got about access to 9 million dollars worth of accounts attempted to withdraw the money trading ended up freezing for about a week maybe Bitcoin market from about 200 million dollars to about 100 million dollars because of lack of confidence then attack vector dimwits fooling his Bitcoins are soon parted you can have traditional 419 style scams such as I'm a Nigerian Prince with 89 million Bitcoins and you know you can have fake gift card sites plenty of those have been spotted in the wild fake investment sites, fake mining pools possibly I'm not sure that we've seen any in the wild yet but it's certainly a real possibility exchanges are definitely out there no charge back really means easy pickings you can't call up American Express and say hey someone just stole 500 Bitcoins from me can you guys do a charge back there's definitely an inverse correlation with tech savvy and victimization among things like this there's really no patch for human stupidity so if you've got stupid people using Bitcoin you're going to run into a lot of theft then attack vector whales and HFT kind of borrowed a whale term from Vegas here but anyone with enough assets can really directly move the Bitcoin market this is kind of more an economic attack but the idea would being that you have enough assets to exert partial market power and then you can just sell and buy and that would artificially inflate and deflate the price you can pretty well camouflage that by simply splitting up all of your large accounts into a bunch of small accounts and it's pretty hard to distinguish from regular trading when markets fluctuating then high frequency trading probably read about this on Wall Street but that's where you have automated trading for small marginal gain repeated ad infinitum coupled with market movers you can really get an unfair advantage but the market does become harder to move more Bitcoin grows then vending machines and finny this is the finny attack basically if you accept a transaction without having any confirmations the attacker can create an unbroadcasted block and then send the same coins to themselves in that block then let's say walk up to a vending machine that takes bitcoins and by the time the vending machine has its transaction processed the attackers already sent their bitcoins to themselves instead of the vending machine so pretty simple solution around this is to just have some type of stored value card where you require instant transactions you know if you need to use bitcoins at 7-11 or a vending machine you just go ahead and load up your stored value card and then you use that yeah so yeah Dan Kaminsky already really touched on this a lot I'm going to skip over a lot of this but the basic thing is a lot of what's done in Bitcoin is public you know the addresses the transaction records in theory as far as anonymity goes this in and of itself wouldn't be a problem what ends up happening though is you've got a lot of users like he said on forums who are you know posting hey donate to my Bitcoin address or you know you've got people reusing the same Bitcoin addresses over and over again and what you can do and what Reid Harrigan showed in their paper I'd highly recommend everyone to go out and read that paper is that Bitcoin is really not that anonymous you know unless you're sitting around war driving 10 towns away you know it's just not that anonymous and sites like Silk Road have really started to give it quite a bad name but basically don't be surprised if the party van rolls up if you're doing illegal stuff on Bitcoin application specific integrated circuits already kind of talked about this but the idea behind it is you've got a specialized piece of computing hardware specialized chip that would be custom built just for mining Bitcoins or just for doing SHA-256 very high upfront development costs in this but they're much more efficient than using graphics processing units for mining Bitcoins I've already got an anecdotal report but they're deployed in at least one Bitcoin mining operation and again just like a botnet they could represent a very high percentage of network caching capacity and we really wouldn't have any way of telling then we've got the GPU shortages that have been caused by Bitcoin the Radeon HD 5800 and 5900 series have been the hardest hit right about the time Bitcoin went up to $30 there were just huge shortages like my local micro center had no X800 or X900 series Radeon GPUs left in stock the week Bitcoin hit 30 even I think had some X700 selling out people were that desperate to mine Bitcoins and get in on the action demand pull inflation has been driving up retail prices about 30% I think they're starting to come back down a bit now with the fever around Bitcoin dying down a little the 5000 series are more efficient than the 6000 series in mining Bitcoins and even the 6000 series beats Nvidia by a lot the GPU hash cracking talk yesterday had a pretty interesting some pretty interesting info about that each GPU was representing around $15 a day in profits of revenue or $15 a day in our revenue at peak prices and then couple oddities that are relatively funny we've run across a couple anecdotes of Bitcoin miners suspected of growing marijuana because they've had very high electric bills they've been rated and it turns out well they're farming currency you know they've got a server farm going and it's just using really a lot of power there's one Bitcoin miner also who suffered brain damage after heat stroke he slept in an on air conditioned room with bunch of mining rigs and you know don't do that butcoin.org has a lot of pretty good humorous stories like that and that's pretty much it any quick questions?