Well since I was accused of something I hadn't done, I went ahead and spent a minute doing it.  I found the exact quote I was referring to.

Quote

What is "testz" (an organization?), who are the members of testz, how do we contact those people, and where can we get additional information on the organization and people?

"Where can I get additional information on the organization AND PEOPLE"  rofl.  Ok.  Yea, I'm just making stuff up.  Yea you got me again.  And eveeeerrryone can see through it!

I was trying to put together an upgrade proposal to move Bitshares PTS to a DPOS blockchain. Dan said he wasn't responsible and that testz was in charge. I thought testz was an organization, not a forum user. I needed a person to contact, not their realworld ID, just contact information. It's like if I told you to "contact Bitshares", what would you do? I'm sure you would ask "who are the people in charge of Bitshares?" So I'll let you explain how this is an inappropriate request since you brought it up. But you wont, since it isn't.

You made the accusation, looked through my post history, and took my words out of context to prove that I am somehow prying for personal information. Juvenile.

I think I was a bit clearer, but my point is that claiming people are going to be beaten up/house burned/dog shot/what have you is silly.  That may happen, but by and large these types of threats are  laughable.  Yes, it is a factual statement.  It is also a factual statement that if you were to open your front door right now, you might be mauled by a lion.  Is that a deterrent to keep you from opening your front door ?   

Let's think about this for a second. You steal a large sum of money from a large number of people (let's say 10,000 shareholders of BTSX) AND your identity is publicly known. You're telling me that the probability of somebody coming after you (legally or otherwise) is the same as "opening your front door and being mauled by a lion." Let me tell you something about this hypothetical scenario, Internet friend. It has already happened with multiple people. Why do you think the Roger Ver hacker returned access upon threat of being doxed??? According to you it was because "it doesn't matter if people know your identity" since this is just "nerd money" anyway, amirite??? Also there would be nothing anyone could do to him anyway!

To summarize your points:

* Delegates cannot steal money, they can only break BTSX (I disagree, but both are bad so who cares)
* If a delegate tried to break BTSX, knowing their identity is of no use

Do you ever just sit down and read what you've written before you post, or do you just puke it out, hope it makes sense, and then argue incessantly?

The thing I disagree about is pushing for everyone to give out their full identification.  I think overall that is a negative thing and hurts the decentralized aspect of it.  Even if I gave you my ID, figured out a way to rob the blockchain, do you think I'd ever be prosecuted?  Probably not.  If I was smart enough to figure out an exploit, I am smart enough to hide it or play dumb.

This bullshit here is why I continue to respond to your nonsense arguments. Nobody here is "pushing" anyone else to give out their "full identification." Show me one post that I or anyone else made "pushing" another user to give out their full ID. VOLUNTARY. Do you understand the meaning of voluntary???

Alright, perhaps I was incorrect in using the term 'requiring', but some comments from users here are along the lines of not voting for anyone who does not disclose their real life identities, and voting out users who don't disclose identities is excluding users who believe privacy is important.

Here is what it boils down to: people can vote however they like. Some people want to vote for people whose identity they know. Some people don't care about identity. We can argue about the advantages and disadvantages of each, but for you (and others) to come here and start bullying people because they have different voting preferences than you is wrong. Who are you to tell me that I cannot vote out delegates whose identity I don't know and trust??? That is the entire point of DPOS - you vote how you want and I vote how I want, each according to his values and criteria. I don't care if you disagree with me but when you start acting machismo (like the dude who had to let us know that he carries a gun lol) and threatening other people because of their voluntary voting preferences you are just making yourself look stupid.

What do you forsee malicious users being able to pull off with one delegate node? Surely this system is more secure than being able to fall victim to one delegate? If you're worried about one user having 50 different identities and 50 delegates, then don't vote in users who offer nothing back to the community.

I described one such attack above. And FYI there is really no way to know for sure the number of delegates that a particular user is running.

On another note - if someone was to break the btsx system, there would be no legal consequences.. this isn't a regulated system, nor is running a delegate providing you a legally binding contract. The real life consequences you refer to sounds like promoting psychopathic vigilantism.

Wrong again. Cryptocurrencies are treated as a commodity asset (ie, property) in most legal jurisdictions, and as a currency in others. Stealing property/money is illegal in most places and can land you in jail. Apparently punishing people for theft is "psychopathic vigilantism." I don't even... how could.... sometimes I don't even know why I try...

I also massively oppose requiring delegates to provide their real life identities.[...]

Either you are trolling or you have horrible reading comprehension. Please show me where anyone proposed making this a requirement??? As mentioned in nearly every single post in this thread: we are talking about VOLUNTARY information. Your concerns about providing realworld identity are valid and as I stated previously, I SHARE THOSE CONCERNS. This is why I am not a delegate. Please stop distorting the positions of other people and spreading misinformation. People like YOU are on my radar...

All of that being said, I place a heavy emphasis on identity verification in who I vote for. Identity matters. As an example, imagine the guys who run BTC-E (anonymously) decide to shut down their site and walk away with millions of dollars in deposits. As a depositor, what recourse do you have without knowing their identity??? Now, imagine we already knew their real-world identities. How likely are they to try anything malicious? Are they more likely or less likely? Common sense.

Thanks for responding.  I'm at work right now and don't have time for a thorough response.  In short though, I don't think your attack would work since there is no way to forge votes.  If you went into the attack with five delegates you would come out with five delegates.  It would be destructive, but no more destructive than a ddos attack by an outside actor. 

What we should really be worried about is that with 1.15 billion btsx claimed from genesis less than a third of that is currently voting.  And over half of that is controlled by bm.

It's not about "forging" votes. It's about excluding votes in favor of other delegates when you are in control of block production. If you are the only one voting then you have 100% of the votes. Votes don't count if they don't make it into a block.

Whats the worst thing a malicious delegate could do?  Double sign blocks?  not include transactions?  Change their clock settings to cause others to miss blocks?  Stop producing blocks all together?  Are there worse things that I just don't know about?

All of these things are readily apparent on the blockchain, and can be dealt with if / when they come up.  Isn't the point of DPOS to set the level of centralization at an acceptable point so that no single delegate can do any real harm?

For these reasons I think your criteria #1 and #2 are way overvalued.  In fact I think their only worth is to help us determine if #4 and #5 are met.

My criteria is as follows

#1  Performance. 
Do they double sign blocks?  Do they miss blocks?  Are they including transactions known to be broadcast?  Are they including market transactions that weren't broadcast? 

#2 Are they running more than one delegate
Even in the short term I am opposed to individuals or groups running multiple delegates.  Look what happens when a node running one of these multi delegates goes down.  Long term I think it is even more important that we ensure geographical and political distribution of our delegates.  To prevent both collusion and coercion.

#3 What is their pay rate and have they proven that they deserve it
At this point running a seed node and a delegate server should take up around 50% of fees.  What are you spending your fees on, and how does that benefit me more than them being destroyed?  Can you prove it?

4# Reputation.
Both online and in RL.  Most important, do they have a history of theft, graft, violence, or collusion with violent organizations?  This is not in regards to running a delegate node, I just think its a good idea overall.  There is nothing you could do as a single delegate that would lead me to either call the cops, or come to your house.  Other than in reference to #2 and #3 above.  I don't care who you are.

#5 engagement level.
Are they reading the forum, upgrading on time, and keeping a close eye on their delegate node?  This will all show up in results.  I only mention it because you didn't

#6 Technical ability
This will also be directly measurable in the results.  Incompetent delegates will not last long.

Perhaps I'm in the minority but I think we are over politicizing what should be and in reality is a very simple job.  I think politics is a much greater threat to our ability to stay safe and decentralized than a couple of malicious delegates getting in from time to time.

Let's say theoretically a single attacker or a group of attackers with multiple active delegates collude to take control of the network by performing a coordinated DDOS of other active delegates. Correct me if I'm wrong but if you own ALL active delegates for even a very short consecutive time period (~17 minutes max) you can take over block generation completely and exclude all other active delegates from producing blocks indefinitely by manipulating random number generation. During this short period of time, you could selectively exclude transactions (though TaPOS would presumably prevent you from wholesale shutdown of the network). I'm not even sure it would be possible to vote you out in such a scenario. In fact, the attacker could in theory exclude all transactions that vote their delegates out and continue to include all other transactions to maintain control (and to vote their own delegates up). Not sure about the feasibility of doing this, but if my assumption is correct - mainly the assumption that producing an uninterrupted sequence of 101 blocks can allow you to take complete control of the network - then the results would be pretty disastrous. Even if it were possible to "vote out" these delegates once they are in control, there would be significant damage. If we implement a dependency on median price feeds the situation could be even worse. the attacker could walk away with a MASSIVE amount of money if they were able to control the median feed (there would be little recourse in this situation). These are only the probably flawed and initial thoughts of an amateur. I'm sure there are other attack vectors that we can't foresee right now. The point is, I think this argument about delegates not being able to do anything malicious is the worst worst worst message to convey. If Bitshares became a dominant currency, extremely well-funded and sophisticated attacks would be incentivized and executed by entities with both financial and other motivations. Choose your delegates carefully.

How do you verify identity?

There are many different forms and degrees of verification. Each person should provide whatever info they are comfortable with and voters can decide if that is sufficient. I've added verification links for each delegate who has provided ID information.