Ever since BitCoin appeared, I've been waiting for two security experts to venture detailed opinions on it: Dan Kaminsky and Ben Laurie. Dan has now weighed in, with a long, thoughtful piece on the merits and demerits of BitCoin as a currency and as a phenomenon.

Bitcoin’s fundamental principle of fraud management is one of denial. If we drop our wallet on the street, the U.S. government is not going to compensate us for our lost cash. Bitcoin attempts to make the same deal, to the point where it calls its stores of keys, “wallets.” If we drop our wallet on the street — heck, if someone picks it out of our pockets — the money’s gone.

There have been bitcoin thefts. A few years ago, I tried to break Bitcoin, and failed quite gloriously. The system and framework itself is preternaturally sound. But it too is built on the foundation of buggy technologies we call the internet, and so Bitcoin must experience failures from the code around it. Hackers don’t care whose code they broke on their way to bitcoin, any more than pickpockets care that they’re exploiting the manufacturer of one’s jeans or leather wallet. So they break the server below the money, or the web interface above it. They still win.

At least, that’s the theory. Reality is more complicated. Of all the millions of dollars of purloined bitcoin that’s floating around out there, not one Satoshi of it has been spent. That’s because while most other stolen property becomes relatively indistinguishable from its legitimate brethren, everybody knows the identity of this particular stolen wealth, and can track it until the end of time.

Bitcoin Is Not as Secure, Unregulated, or Lucrative as You Might Think

Joey deVilla joined a Bitcoin mining pool (where people collectively contribute their spare computer CPUs and share the Bitcoins they mine).

Since Saturday he's made about 4 cents mining Bitcoins and about $40 dollars from ads running on his article about mining Bitcoins.

"To summarize: I made 1000 times more money by writing about mining Bitcoins as I did by mining Bitcoins."

Which makes more money: mining Bitcoins or writing about mining Bitcoins?

Gwern's "Using Silk Road" is a riveting, fantastically detailed account of the theory and practice of Silk Road, a Tor-anonymized drugs-and-other-stuff marketplace where transactions are generally conducted with BitCoins. Gwern explains in clear language how the service solves many of the collective action problems inherent to running illicit marketplaces without exposing the buyers and sellers to legal repercussions and simultaneously minimizing ripoffs from either side. It's a tale of remix-servers, escrows, economics, and rational risk calculus -- and dope.

But as any kidnapper knows, you can communicate your demands easily enough, but how do you drop off the victim and grab the suitcase of cash without being nabbed? This has been a severe security problem forever. And bitcoins go a long way towards resolving it. So the additional security from use of Bitcoin is nontrivial. As it happened, I already had some bitcoins. (Typically, one buys bitcoins on an exchange like Mt.Gox; the era of easy profitable "mining" passed long ago.) Tor was a little more tricky, but on my Debian system, it required simply following the official install guide: apt-get install the Tor and Polipo programs, stick in the proper config file, and then install the Torbutton. Alternately, one could use the Tor browser bundle which packages up the Tor daemon, proxy, and a web browser all configured to work together; I’ve never used it but I have heard it is convenient. (I also usually set my Tor installation to be a Tor server as well - this gives me both more anonymity, speeds up my connections since the first hop/connection is unnecessary, and helps the Tor network & community by donating bandwidth.)

Using Silk Road (via O'Reilly Radar)

Bitcoin-based casinos are reporting pretty serious, six-figure profits on a series of games wherein players' apopheniac tendencies cause them to hallucinate non-randomness in the performance of a pseudorandom-number generator. The casinos claim that their financial numbers can be trusted because of BitCoin's shared logfile, which can be parsed to show their earnings.

SatoshiDice, which has servers based in Ireland, is a pseudo-random number generator game where players choose a number and then bet on the likelihood that a “rolled number” is greater than the one they’ve selected. If the rolled number is greater, then they win. The house has a 1.9 percent edge—which is where the profit comes in.

The online dice game has returned profits to the tune of ฿33,310 ($596,231) during 2012—an average actual profit of ฿135.96 ($2,416) per day from May through December 2012. During that period, players put down a total of 2,349,882 bets. That’s still minuscule by Las Vegas standards, but respectable.

bitZino, by contrast, released its figures in early January and seems to be doing a decent pace of business too (bitZino's bookkeeping only measures June 9 to December 31, 2012). The online casino—hosted in the US, offering online poker, blackjack, craps, and roulette—did not publish a profit and loss statement. bitZino did say it had paid out ฿28,986 ($495,000)—and that 3.2 million wagers were made during H2 2012.

Bitcoin-based casino rakes in more than $500,000 profit in six months