Cover photo
Mike Hearn
Works at Vinumeris
Attended Durham University
Lives in Zurich, Switzerland


Mike Hearn

Shared publicly  - 
An interesting look behind the scenes at what it takes to defend credit card->bitcoin gateways. 
Angelika Moscicki's profile photoThomas Brandtstaetter's profile photo
I don't know whether thats more awesome or disturbing. Very cool!
Add a comment...

Mike Hearn

Shared publicly  - 
I gave a talk in Zürich about the development of Lighthouse, what worked and what didn't. If you're interested in building decentralised apps then it might be of interest.

The talk is about an hour (with Q&A) and you can view it below.
Tamas Blummer's profile photoPeter Peters's profile photoThomas Brandtstaetter's profile photoManfred Karrer's profile photo
A valuable talk, thank you. Let's hope the practical protocol freeze leads to a healthy competition of forks.
Add a comment...

Mike Hearn

Shared publicly  - 
Just used to book some flight tickets. Normally I just go to when doing direct flights, but today their site was totally broken and kept giving me error and redirect loops. Plus they charge 11 CHF just for the privilege of using a credit card to pay them!

BTCTrip is a pretty nice site - no fuss. Paid with Bitcoin, and it was immediate and seamless. Price was the same as I'd have got from the airline direct.

Some days I think .... maybe this thing can work after all! Now let's see if I am actually on the flight when I turn up :)
Chris Niekel's profile photoThomas Brandtstaetter's profile photoLucas Betschart's profile photoMike Hearn's profile photo
Huh, I didn't know about destinia. I don't think the price was very different this time. I'll try destinia next time.
Add a comment...
It took a bit longer than expected, but Lighthouse is finally launched.

Check out the website:

and the explainer video below, if you aren't sure what Lighthouse is all about.
Patrick Seemann's profile photoDaniel Haggard's profile photoThomas Brandtstaetter's profile photoJameson Lopp's profile photo
Is it like equity crowdfunding ? 
Add a comment...

Mike Hearn

Shared publicly  - 
Email etiquette, how not to do it - courtesy of an oblivious +Manchester Airport.

Bulk mailers, if you find yourself asking users to whitelist you, that's a usually a sign people are clicking "report spam" and don't actually want to receive your mailings.
Stephen Rasku's profile photoGreg S's profile photoMike Hearn's profile photo
Yeah, I've noticed Gmail's FP rate going up with time too.
Add a comment...

Mike Hearn

Shared publicly  - 
More docs from Snowden discussing SSL, still zero evidence of fake certificates or breached CAs. I'm sure it'll start happening at some point, but so far everyone who claimed SSL was totally broken and the CAs were all compromised, have been proven wrong.
US and British intelligence agencies undertake every effort imaginable to crack all types of encrypted Internet communication. The cloud, it seems, is full of holes. The good news: New Snowden documents show that some forms of encryption still cause problems for the NSA.
Kristian Hermansen's profile photoRudd-O DragonFear's profile photoPiotr Jaśniewicz's profile photoRachel Fang Fang's profile photo
What's the evidence that demonstrates NSA certificate forgery would be traced back to NSA?

There are two reasons to misappropriate a certificate: (a) impersonating someone else (b) decrypting already-tcpdumped traffic. The people demanding the secret keys to that certificate surely must have known (a) would cause Ladar to issue a revocation for the compromised certificate that renders such a plan null and void, so that leaves us with option (b). Furthermore, option (b) cannot be accomplished by compromising a CA after the fact. So, if what they wanted was to decrypt recorded traffic -- remember they were chasing someone who had used the service in the past, so this is the likely option -- they would have had to (as they did) extort the keys out of Ladar, irrespective of whether a CA had been compromised or not. That's why the Lavabit case disproves nothing w.r.t. CA compromise.

We are discussing people who do textbook malicious stuff in secret, so much of it that it is mind-boggling, and most of it we'll never find out. In fact, the only reason we know about these things is because someone blew the whistle. We have flabbergasting evidence that they're doing things way beyond CA compromise ("find, fix, finish" e.g.) And CA compromise is not at all beyond their capabilities in the slightest, nor is it against their stated interests.

So to insinuate that people who suspect CA compromise might be happening are "conspiracy theorists", defies reason. It is to say "Oh, these people who steal keys for a living would never steal THAT extra-powerful set of keys". ? That's epic special pleading.

I used to have this teacher in college, fiftysomething lady educated in computer science in Soviet Russia, who liked to harp extensively about all these secret U.S. programs (like Echelon, the standard conspiratorial stuff at the time). I of course laughed behind her back because, clearly, she was a conspiracy theorist punch card operator... or so I believed. Turns out the joke was on me -- what she described was but a drop in the bucket compared to what actually happens. I am no longer in the habit of reflexively stigmatizing people with "conspiracy theory!!!" whenever (i) somebody says something critical (ii) about powerful people (iii) who operate in full secrecy (iv) that is entirely within the realm of possibility and (v) aligns with their interests.

The logically consistent position in this case is not to discard the possibility of CA compromise -- it is rather to at least suspect some CAs may be compromised, or in other words, to be reasonably skeptical about claims that CAs haven't been compromised. There is nothing out of the ordinary, conspiratorial, or absurd about holding that position. This does not mean that every CA is untrustworthy, but it does mean caution is warranted.
Add a comment...

Mike Hearn

Shared publicly  - 
The autonomous agents idea is really starting to have an impact. The talk I gave at the Turing Festival is closing in on 20,000 views. Here's an interview in the BBC where we talk about Bitcoin-using self owning cars.

I realised a few months ago that when I gave the talk, I didn't give any credit to Gregory Maxwell or julz from the forum which first got me thinking about these ideas. I'd like to rectify that now. They're both intellectual giants and although they didn't talk about cars specifically, Gregory in particular laid out a lot of the foundational ideas like agents that do A/B testing on upgrades of themselves.
Mike Hearn's profile photoJohn Miller's profile photoThomas Brandtstaetter's profile photoMatthew Hudson's profile photo
Takes the pleasure out of driving
Add a comment...
Dark Leaks

Amir Taaki, the project's systems developer, told CoinDesk he hopes to "[devalue] business models based around proprietary secrecy"

Amir is a famously strong supporter of black markets. Typical quote:

bitcoin is what it is: world changing technology. it is a tool of the black market. it will transform humanity for the better.

First use of Dark Leaks: Former Silk Road 2 sysadmin willing to sell database dumps to the highest bidder.

I think my irony meter just exploded.
Paul Hosking's profile photoMichael Gebetsroither's profile photoThomas Brandtstaetter's profile photoSven Daw's profile photo
Also the people are just ignoring that it is not really working the way darkleaks is implement right now..
But hey, lots of reddit karma and Bitcoin buzz, who cares about the details
Add a comment...
And the award for most mind-boggling compiler optimisation ever goes to ..... Matthias Grimmer and Chris Seaton!

One problem people have when trying to speed up fundamentally slow scripting languages like Python and Ruby is that because the original implementations are so lethargic, people often rewrite parts in C to try and speed core things up. But these C extensions usually just plug straight into the original interpreter, making it difficult for anyone to ever do a better engine than the original because nobody can afford to rewrite all the extensions. It's like a tarpit of slow.

From the blog post:

"Our new solution in JRuby+Truffle is pretty radical - we're going to interpret the C source code of your extension. As we'll explain, JRuby+Truffle with an interpreter for C extensions is actually faster than running compiled C extensions using MRI!"

And they aren't kidding. Rewriting from Ruby to a C extension for some image processing tasks gets a 10x speedup. Going from Ruby to JRuby+Graal+interpreted C extension gets a 35x speedup! Of course it's not really interpreting C. It's actually doing a Java-style just in time cross language profile guided compile of the C/Ruby mix, on top of the actual HotSpot JVM, meaning that amongst other tricks ... it can actually inline both languages into each other at the machine code level! And it's benefiting from the 20+ years of performance research that has gone into the JVM.

Doing whole program optimisation across a dynamic scripting language and C on top of the JVM has to be the wildest mashup of programming technologies I've seen for years. Congrats to both of these mad scientists!
Very High Performance C Extensions For JRuby+Truffle. Matthias Grimmer and Chris Seaton, 27 October 2014. Ruby and C. C extensions are a big part of the Ruby ecosystem. They allow people to write Ruby programs to include C code for a variety of purposes. They may hope to make their Ruby program ...
Kevin Reid's profile photoThomas Brandtstaetter's profile photo
Add a comment...

Mike Hearn

Shared publicly  - 
Someone forked Slashdot!

And they seem to be doing it right - it's got the old style Slashcode UI but modernised to load comments when you expand them, it's got the right mix of news, it's got comments, it's got SSL, it's ad free but you can subscribe (with Bitcoin too), it's basically everything good about Slashdot with all the brokenness that was introduced in the past few years thrown out.

The guy who runs it even goes by the name NCommander.

Go check out SoylentNews. If you're a /. old timer then you'll feel right at home. I'll be posting there under the nick TheRealMike.
"In 1962, President John F. Kennedy laid down a marker for space exploration that inspired a generation of Americans to reach for the stars, recognizing that the race to the heavens was nothing less than a crucial front in the battle between freedom and tyranny," Cruz said.
Mike Hearn's profile photoEdward Morbius's profile photoThomas Brandtstaetter's profile photoJ Baker's profile photo
+Mike Hearn HN's most effective filters are its userbase and the active moderation of its admins (dang removes / flags a fair amount of stuff).

It's also hit-or-miss, but overall better than even /. of yore (I pre-date userIDs at /.).
Add a comment...

Mike Hearn

Shared publicly  - 
That is a truly mind blowing graph: visits to Tor hidden services by content category. The "abuse" category here means child abuse exclusively. Note that drug sites are the most common kind of site, but by far not the most commonly requested.

The Tor project claims that virtually all these visits are from police crawlers. Make of that what you will.

From the following talk:
Massimiliano Mandolini's profile photoamir herzberg's profile photoThomas Brandtstaetter's profile photoA. Luca B's profile photo
The article doesn't make any useful contribution to the debate, IMO. From the DoJ's perspective Tor is hidden services. Governments don't really care about anonymous proxying to the open internet. Saying it's only a few percent of Tor traffic isn't going to make them say, "oh ok then", it will at best make them say "so why do you care so much about it" and at worst "it's irrelevant, HS traffic is all we care about".
Add a comment...
I wrote an article for other programmers who work on Bitcoin wallets (or any crypto related software). It looks at the causes of some recent wallet failures that led to theft, and how they can be avoided.
This article is for people writing Bitcoin wallets. It examines a few recent crypto failures and looks at how we can imp…
istyo rini's profile photoPaolo Donadeo's profile photoAndreas Schildbach's profile photoThomas Brandtstaetter's profile photo
yup..I got lazy to do this every time I check my was where is the balance gone?
Add a comment...
Software Engineer
  • Vinumeris
    Boss, 2014 - present
  • Google
    Engineer, 2006 - 2014
  • CodeWeavers
  • QinetiQ
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Zurich, Switzerland
Manchester, England
Contact Information
I fix things when they break, and break things when they're fixed.
  • Durham University
    Computer Science
Basic Information
April 17
A fantastic location right opposite a beautiful park. The guide books are free and the receptionist was very helpful.
Quality: ExcellentFacilities: ExcellentService: Excellent
Public - 2 years ago
reviewed 2 years ago
Public - 3 years ago
reviewed 3 years ago
We had to wait a long time for our food, and the waitress forgot to bring various things we ordered and had to be reminded several times. However, when the food came, it was pretty good - the portions were exactly the right size, and it tasted great. The tables have wooden benches that make it easy to squeeze more people on, so it's a good place to go if you aren't sure how big your group will be.
Public - 6 years ago
reviewed 6 years ago
5 reviews
Simple and straightforward, Sams is one of the few places that serves deep dish pizza. If you like American style pizza, give it a try. Most pizzas are around 25 chf, though they serve other food too.
Public - 4 years ago
reviewed 4 years ago
Food-wise, the pizzas and subs they sell aren't the greatest ever - but the staff are cheerful, the decor is nice, and most importantly they are open practically all the time. No closing at 7pm for these guys! They provide newspapers for people to read, TV to watch, and also sell subs and fajitas. Be warned though, they only take cash - visit the cash machine just down the road (towards Bahnhof Weidikon) if you are short first.
Public - 7 years ago
reviewed 7 years ago