Feeds

Cleaning up the Bitcoin act

Camp BX live with high-sec trading platform

Top three mobile application threats

The story so far is that a little-known hacker hobby currency called Bitcoin suddenly came to the notice of the press, then to the notice of regulators, and finally to the notice of hackers.

Believers are reluctant to moderate their hype; regulators and lawmakers want to either shut the whole thing down, or at least tax it; and hackers still see it as an attractive target.

Camp BX, a new exchange launched last week, hopes to address at least some of the problems. Could a combination of security and legitimacy solve Bitcoin’s problems? The Register spoke to Keyur Mithawala of Camp BX – and naturally enough, the conversation started around security.

“Although it looks like a hobby project, Mt Gox was already processing around US$324 million worth of Bitcoin transactions per year when you’re dealing with millions of Bitcoins, security has to be the core concern,” Mithawala said.

“I have worked for telecoms and finance companies, so I came at this from a corporate standpoint. You might not get a chance to rebuild if your security is compromised.”

Physical security is addressed by hosting the exchange in a secure data centre with three carrier connections.

The most-promoted aspect of platform security is the Camp BX association with McAfee, which runs “12,000 to 13,000 scripted tests” against the site each night, Mithawala said.

As well, the Bitcoin Consultancy in the UK conducts penetration tests against the platform, and Mithawala says that internally, the organization uses a peer-review mechanism to try and avoid all code vulnerabilities.

Bitcoin volatility

However, as recent events have illustrated, technical security isn’t the only challenge facing exchanges. The volatility of the currency itself is also a problem.

Mithawala says this price volatility illustrates a gap in Bitcoin’s design. “A core thing that’s missing in all the exchanges is that there is no functionality for short selling.”

While short-selling got a bad reputation in the global financial crisis, it’s still an important market mechanism, he believes, one which would help reduce the range of prices – and therefore the volatility – of Bitcoin prices.

“If someone believes Bicoin prices should be lower at a particular point in time, they should have that option.”

Bitcoin’s “one-sided” price pressure makes the currency vulnerable to “flash crashes”, he believes, leading to variations that can be as much as “hundreds of percentage points in a month.”

This volatility drives Bitcoin towards purely speculative exchanges, he told The Register. “If prices can stabilize, that’s when the Bitcoin economy will really take off.”

Liquidity is also a problem in the world of Bitcoin exchanges. If you’re unfamiliar with the scale of the “real” economy, US300 million or so in trades each year sounds like a lot; but as Mithawala points out, the world of foreign exchange deals in trillions.

Bitcoin’s small size – and consequent low liquidity – creates two problems. The first is that large trades can exceed the liquidity of the exchange, which creates the second problem, that an individual with large holdings can use large trades to manipulate prices.

“We believe we can stabilize prices if Camp BX is processing around 20 percent of total volume,” Mithawala said.

Compliance

There is a lot of uncertainty over the legality of Bitcoins in America, he said: money laundering laws, trading laws, and currency laws all impact on whether or not Bitcoins can be regarded as completely legal.

“We decided to do this project legally,” Mithawala said. To that end, he said, Camp BX consulted with a host of regulators, including the Department of Treasury and the Department of Banking and Finance, as well as state regulators.

“Our assessment is that Bitcoin can’t be banned outright – it would be like outlawing mathematics. If it can comply, then it can be legal. We don’t want Bitcoins to be underground and illegal.”

Mithawala says Camp BX will stay in touch with regulators about its operations.

Transparency is also important, Mithawala believes, and in a way this looks paradoxical, given that one of the attractions of Bitcoin is supposed to be anonymity.

However, users aren’t the same as exchanges. Mithawala said an exchange has to be transparent, visible and credible: it has to be backed by people you can name and phone numbers you can call.

“For example, Tradehill is the number two exchange right now. If you want to transact, then you put your money into a personal bank account in New Jersey.”

Not only does this look risky from outside, he said it arguably violates foreign exchange laws.

“We are offering clear processes of how we do the money transfer, who to contact, and we provide all the information that users will need to have confidence in us,” he told The Register.

Author’s note: I can’t tell you whether Camp BX will work or not. I’m certain there are questions I neglected to ask – and I’m also certain that El Reg readers will think of them.

One problem is that Camp BX's attention is on US regulation, and Bitcoin is international. Will this disadvantage users in other countries?

Possibly the greatest challenge for Camp BX will be in asking Bitcoin users to swap some of their freewheeling anarchy for a secure and transparent exchange. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
Burnt out on patches this month? Oracle's got 104 MORE fixes for you
Mass patch for issues across its software catalog
Reddit users discover iOS malware threat
'Unflod Baby Panda' looks to snatch Apple IDs
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.