you realize that they dont have your private key right? and that you can verify the javascript wasnt poisoned by having a hash of the legit javascript and comparing it? with a handy toolbar?
what makes you think it's a problem? the fewer bitcoins in circulation, the more they will be worth. And being (theoretically) infinitely divisible means that the tiniest fraction of a single bitcoin would still be enough to go around if all other bitcoin was somehow lost.
So instead of spending Bitcoins, I should just save them and spend dollars, because if I have a whole Bitcoin token when people are trading in millionths of a token, I am a millionaire. Sounds like a currency that has a pretty dim future...
No because you'll eventually have something come up that makes you want to spend those bitcoins, even though you know they'll be worth more in the future. and when you do so, you'll be getting a significant effective discount on your purchase. For example, if you bought bitcoins now at $12, sat on them like a good little hoarder, knowing they'll be worth $1000 in 5 years and all of the sudden you need a new car and the bitcoins are only worth $24, you're getting a 50% discount on your car purchase by spending those bitcoins.
keep your wallet file encrypted and back it up to multiple locations on a regular basis (to update the backups with new private keys that are created by your client software).
there are also ways of generating bitcoin keys completely offline as well as producing signed valid bitcoin transactions completely offline. This way you can forward funds to keys that are not on a machine connected to the internet, or keys that are backed up only on paper (in multiple safety deposit boxes if you like). And also you can then put signed transactions from the offline machine onto a usb stick or whatever and then use a networked machine to forward those valid transactions to the bitcoin network.
Coinbase is doing something like this for their storage of customer funds. Coinbase seeks to be a bitcoin bank that wont get hacked or that if it somehow does get hacked (cough inside job, cough) that only very small losses could occur.
could they not just run their services off Tor and thumb their nose at the financial authorities like certain other sites and services do, seemingly with impunity?
only if you're ok with never buying any physical goods with bitcoin. the weak point is the exchange between bitcoins and classical currencies or physical goods.
Running through TOR doesn't actually affect this. After the first node, the only data on who is giving money to who is the bitcoin public keys. The only way to attach those keys to a person is to have access to a node that is 1 degree removed, in which case you have the IP adress from TCP, or look through the. block chain to see who else the bitcoin ID you are looking into traded with. The first aproach is not common, and TOR will not help on the second.
When you are a business fearing regulation, this is all irrelevent, because you need to make public what customers get in return for sending you bitcoins, as well as your public key, so customers know who to pay.
It would be interesting to see a truly anonamaus bitcoin system. You would need invalidate a coin for which you do know a secret, and create a new coin for which someone else knows a secret, in such a way that when the other person proves they know the secret no one can figure out that the coin they know about is the one you gave them. Giving all of the things already possible, this seems like it is easy in theory. Doing it in a computationally efficient way is a different story.
