Mike Hearn is participating in the same sort of thing that the Bush Administration did in 2001. He is proposing that Bitcoin businesses voluntarily help the US Government seize worldwide control of Bitcoin for the mere perception that something is being done about CryptoLocker. Meanwhile, there are obvious ulterior motives in play. To achieve a critical mass that would harm all users of Bitcoin, he only needs to get BitPay and Coinbase on board.
Take a deep breath, remove the tinfoil hat.
Please read my previous post. Mike started a discussion about what is effectively a reputation service for coins. He didn't even propose that the Bitcoin Foundation adopt promoting the idea of one as policy, or that he himself is convinced a redlist is a good idea.
They're going to spring up regardless of Mike's proposal, though. Some bitcoin services will use them, some won't. They'll be full of holes and cannot, by the nature of bitcoin, be 100% effective.
A reputation system is a way for individuals and entities (companies, whatever) to communicate information to each other. I thought we're about free speech here, and freedom of individuals and entities to transact (money, information, etc) with each other?
The point I'm trying to make is that you're right they will exist either way and will be used by everyone. Hackers could create target lists of people who have a high net worth in Bitcoin. So even if we didn't have corporations doing the redlist and blacklist nothing would stop underground hacker groups from doing it and the result would be just as bad.
Honestly I don't want these lists to destroy Bitcoin but I also do not want hackers to destroy Bitcoin. If you say no corporation can create a known list then you still have to deal with the possibility of unknown secret lists floating around among hacker networks. I don't think these coin taint lists will do anything to protect us from randomware and I think the best ideas so far are Keyhotee and the Bitcoin identity protocol. This could allow the user to selectively identify themselves to clear themselves if there is an investigation. It is also necessary to allow users to access services without them having to give their email address or identity. You cannot trust every service. Finally it is important to allow users to have a trusted list of businesses, that part of the idea I do support. I need to know I'm contacting a trusted business and that they really are who they claim to be. No more shit like Inputs.io or Labcoin.
It's not a fake problem at all. If in 6 months magically Bitcoins are $100,000 each then the incentive to target users is now much much higher. Malware will be written by the best of the best and you wont be able to detect it with any sort of virus scanner software or countermeasure. Nothing can be done to stop undetectable malware attacks, randomware attacks, or anything else. The best idea we have from the community is the Trezor wallet and they are taking too long to make it.
Now you're trying to play the bait and switch game.
Fixing the catastrophe that is PC security, or at least figuring out decent workarounds, is not the topic at hand.
It's related. If your PC is insecure then you only have the illusion of privacy. Instead of big corporations spying on you through the web and tying your email address and password to your real world identity to sell to whomever now you're at the mercy of foreign hackers who will have databases of their own, potentially with lists of their own, and they exchange information too.
When thinking about privacy and security you have to think about the whole picture and not just the Bitcoin client but the operating system it runs on and the PC that operating system runs on. A security vulnerability in any of that and all privacy is removed.