dlevi's comments

A

I can understand the disbelief over the "maximalist" approach that suggests that regulations, government intervention, taxes, etc. will be circumvented by decentralized companies running on blockchains. Yet I believe that this efforts should be encouraged as they are exploring the kind of wild, uncharted territory in which the most exciting innovations can unexpectedly arise.

I also believe that some of the tools these guys are building can be very useful for conventional companies too. There's a whole lot of bureaucracy and inefficiency in running a company.

See eShares and his elegant and simple solution for cap management. I believe there are many other areas in which similar improvements can be made, and software needed to run a blockchain company could also be used to improve procedures at conventional companies.

That sounds great!

a) You should use log scale[1] b) The same "hype cycle" has been repeated in 2011 (bottom $0,001, top $32, crash to $2) 2013 (bottom $10ish, top $266, crash to $55) and 2014 (bottom $70ish, peak $1200ish, crash to $350ish) - always reaching higher highs and bottoming out to higher lows.

Therefore, zoom out and you will see that Bitcoins has "interim bubbles", but the long time trend has nothing to do with Gartner's hype cycle.

[1] https://bitcoincharts.com/charts/bitstampUSD#tgSzm1g10zm2g25...

[2] https://bitcoincharts.com/charts/mtgoxUSD#tgSzm1g10zm2g25zvz...

Thank you for your answer, I'll definitely look further into SubgraphOS and grsecurity. I nevertheless believe that the kind of attacks you describe, specially the one against hypervisor in NetVM to break isolation, are quite unlikely in Qubes.

Could you also answer my question about SubgraphOS main use case and threat model?

Is it mainly for anonymous and pseudonymous usage?

If it is designed mainly for everyday use (including non-anonymous use cases like banking, social media, personal/work email, etc.) as it seems to me I don't quite understand the design choice to enforce all traffic via Tor by default. That seems unnecessary as anonymity is not needed and even dangerous.

Thanks for that - it pretty much answers my question. In this case it seems that Qubes exposes less attack surface.

Does Subgraph isolate USB and network? The isolated serviceVMs for USB and network are in my opinion a very strong value proposition of Qubes.

Furthermore, is Subgraph supposed to be an OS for everyday use, like Qubes, or just for anonymous usage like Tails or Whonix? If its the former I don't understand why all traffic should be routed via Tor by default - it wouldn't make sense to route non-anonymous traffic (banking, personal mail, etc.) via Tor. It wouldn't be anonymous anyway and also because of the unnecessary risk of exposure to malicious exit nodes. In this sense I believe the Qubes approach with its optional WhonixVM is superior.

If Subgraph is supposed to be for anonymous usage I'd like to read more about what kind of threat model it is trying to address. I don't think there are any amnesic features like in Tails nor strong isolation between gateway and workstation to prevent IP leaks like in Whonix.

Spot on, Roman.

Most people selling "private blockchains" are just trying to sell a (hopefully) better database system to a customer that doesn't really understand what a blockchain is. Sometimes they are adding a messaging system to the equation, and sometimes they are just trying to sell another CRM system. But it's definitely not a blockchain.

Furthermore all this constant search about "uses cases for blockchains" is ridiculous. You simply do not go looking for use cases for technology - that's a recipe for unsuccess unless your business is to make money on consulting hours - what you do is to simply build technology to solve specific problems. As you said the blockchain was invented to solve a very specific problem: sending value from A to B without the intervention of a financial institution or any other third party.

Thank you! We focused on building a product that is very easy to extend. Smart policies bringing the functionalities you describe can and will be built.