2014 was a big year for me. My love of crypto-currencies, and their security and privacy possibilities in particular, blossomed. A few of the highlights included:
- Publishing my first book, Anonymous Bitcoin: How to Keep Your ฿ All To Yourself
- Delivering online and offline presentations at the Texas Bitcoin conference, Bitcoin in the Beltway conference, and the Bitcoin Online summit
- A number of media appearances, including various liberty-oriented podcasts, Let’s Talk Bitcoin, and The Glenn Beck TV Show
- Publishing security advisories and whitepapers, including CoinJoin Sudoku, privacy implementation issues in Darkcoin, and An Analysis of Darkcoin’s Blockchain Privacy via Darksend+
- Starting my own, one-man crypto-currency security consulting company
As 2014 started to come to a close, however, I realized a couple important things. First, a lot of the projects that I worked on during the past year were highly individual. Although Bitcoin and crypto-currencies are relatively young, there are already some incumbent actors who hold a pretty massive marketshare over the software ecosystem and user base. In such a landscape, there is a limit to how much one person alone can accomplish. The second realization was that I missed working collaboratively in teams. I like to peek into the activities of my economic collaborators who build software, manage personnel schedules, woo investors, and make the work that I enjoy so much possible.
With these thoughts in mind, I accepted in late December a new position as Security Engineer with Blockchain. It’s a great fit for me, with my background in web application security and passion for Bitcoin. I chose Blockchain not only because they have such a huge marketshare, but also because I believe their goals and personal values are in line with mine. Blockchain aims to put control over funds in the hands of users — Bitcoin newbies, in particular. They are working toward a decentralized future of finance. And when joining a Bitcoin company, it is extremely important to consider the level of integrity that the executives and employees have. Time and time again, we’ve seen companies go under or disappear with apparently stolen money, abusing the recency of the space. Already I knew two friends who worked for the company who I respect highly; and while getting to know the other people at Blockchain, I was impressed with their emphasis on seeking out workers who can be trusted. Not every Bitcoin company has integrity, but I think Blockchain has it in spades.
I am incredibly honored to accept this position. Even though the space is growing ever more vast, there are relatively few high-impact positions when it comes to security, and lots of interested and skilled applicants. Blockchain is a fantastic company. They were my first wallet, and have been tremendous leaders in the industry. I am fascinated by the many different forms that Bitcoin software may take, but it is safe to say that Blockchain’s millions of customers will persist for a long time to come, and will have some serious security and privacy needs to be met.
I am also very excited to accept this position. Blockchain has a number of different products, and many of them live on the incredibly hostile biome of the web. Just when I thought the web industry might be turning a corner in the security war with coordinated efforts such as Content Security Policy and more consistent developer security training, we went and put money on computers. Increasingly, the function of our personal devices will shift in the attention of our prey from feeble spam bots to tiny, personal banks. The stakes have been raised, and it’s going to be one heck of a challenge responding to this new generation of financial threats.
Given the importance of this position, I will be dropping a lot of my former side projects to focus on Blockchain’s customers full-time. This means an indefinite pause on things like Dark News. One side project I will be continuing to work on is the Open Bitcoin Privacy Project. Bitcoin security is starting to get some much-needed love, but I think Bitcoin privacy still needs a shot of adrenaline to get up to par with the legacy systems that Bitcoin will replace. That’s exactly what OBPP will be trying to provide.