"Bitcoin is open source. You can inspect the source code if you want."
While being Open Source is definitely on the "must have" list of items I'd want to see in a virtual currency system...I know that I'm not capable of determining the security of such a system. My understanding of cryptography is much too weak for me to have any understanding of the finer points of what's happening in this system. And, it only takes one flaw to bring the whole system crashing down.
If people I knew to be competent security and cryptography professionals (such as our friends tptacek and cpercival here at HN) were involved and willing to put their name and reputation on the code and the project, I might be more inclined to trust it. But, I couldn't find even a single real name in my search of the wiki and bitcoin.org. The bitcoin draft "specification" has no names on it, which makes it among the oddest specifications I've ever met.
The web of trust that would make a virtual currency work requires trusted parties, at least providing some assurance of the security of the system itself, if not providing any evidence of value in the currency. I don't trust completely anonymous people on the Internet with my labor, my computation, or my dollars. Maybe I'm a crazy paranoid old-timer, but I'm not putting money into a system that is surrounded by credulous morons, get-rich quick schemers, and driven by seemingly wholly anonymous developers. Maybe bitcoin has great and well-known people involved and the tech is well-tested by competent people, but I couldn't find evidence of that.
In short, being Open Source is no assurance of it being correct, strong, or secure.
Which means that when (I can't bring myself to say "if" in this situation) holes are found, everyone with bitcoins will be SOL.
That said, after more digging, I note that a name I know and trust and have worked with in the past (Jeff Garzik), seems to actually be heavily involved in bitcoin, which lends it quite a bit more credibility in my mind. I don't know him as a security or cryptography guy, but I do know him as a really smart and competent developer. The project really shouldn't make it so hard to figure out who is writing the code and the standards (I still don't actually know what Jeff has to do with bitcoin, I just see his name a lot in the forums).
While being Open Source is definitely on the "must have" list of items I'd want to see in a virtual currency system...I know that I'm not capable of determining the security of such a system. My understanding of cryptography is much too weak for me to have any understanding of the finer points of what's happening in this system. And, it only takes one flaw to bring the whole system crashing down.
If people I knew to be competent security and cryptography professionals (such as our friends tptacek and cpercival here at HN) were involved and willing to put their name and reputation on the code and the project, I might be more inclined to trust it. But, I couldn't find even a single real name in my search of the wiki and bitcoin.org. The bitcoin draft "specification" has no names on it, which makes it among the oddest specifications I've ever met.
The web of trust that would make a virtual currency work requires trusted parties, at least providing some assurance of the security of the system itself, if not providing any evidence of value in the currency. I don't trust completely anonymous people on the Internet with my labor, my computation, or my dollars. Maybe I'm a crazy paranoid old-timer, but I'm not putting money into a system that is surrounded by credulous morons, get-rich quick schemers, and driven by seemingly wholly anonymous developers. Maybe bitcoin has great and well-known people involved and the tech is well-tested by competent people, but I couldn't find evidence of that.
In short, being Open Source is no assurance of it being correct, strong, or secure.