Pages:
Author

Topic: [0 GH/s 0% fee SMPPS] ArsBitcoin mining pool! - page 3. (Read 123773 times)

legendary
Activity: 4634
Merit: 1851
Linux since 1997 RedHat 4
...
Malicious user information:
IP: 79.172.242.141
Malicious address: http://blockexplorer.com/address/17JuYfk8bWUHvAfRv5eF7zUic1g3qrDobz
I believe this represents the majority of any bitcoins stolen from this attack.
I presume you've done it already, but the whois of that IP address says it is effectively one person.
So either they were hacked or they did it:

Not quite - google lists that as also being the registered address of this hosting company: http://www.1b.hu/
Perhaps VPN/Proxy/Tor exit node?
Even if it is a company - being so small: only 254 IP addresses, would mean they'd most likely know a lot about it.
sr. member
Activity: 336
Merit: 250
...
Malicious user information:
IP: 79.172.242.141
Malicious address: http://blockexplorer.com/address/17JuYfk8bWUHvAfRv5eF7zUic1g3qrDobz
I believe this represents the majority of any bitcoins stolen from this attack.
I presume you've done it already, but the whois of that IP address says it is effectively one person.
So either they were hacked or they did it:

Not quite - google lists that as also being the registered address of this hosting company: http://www.1b.hu/
Perhaps VPN/Proxy/Tor exit node?
legendary
Activity: 4634
Merit: 1851
Linux since 1997 RedHat 4
...
Malicious user information:
IP: 79.172.242.141
Malicious address: http://blockexplorer.com/address/17JuYfk8bWUHvAfRv5eF7zUic1g3qrDobz
I believe this represents the majority of any bitcoins stolen from this attack.
I presume you've done it already, but the whois of that IP address says it is effectively one person.
So either they were hacked or they did it:
Code:
inetnum:        79.172.242.0 - 79.172.242.255
netname:        WEBENLET-NET
descr:          Webenlet Kft.
descr:          1131 Budapest, Hajdu koz 7.
country:        HU
admin-c:        ZV41-RIPE
tech-c:         ZV41-RIPE
status:         ASSIGNED PA
mnt-by:         DENINET-MNT
source:         RIPE # Filtered

person:         Zoltan Virag
address:        H-1132 Budapest, Victor Hugo u. 18-22.
address:        HU
phone:          +3612960075
fax-no:         +3612960076
nic-hdl:        ZV41-RIPE
e-mail:         [email protected]
mnt-by:         DENINET-MNT
remarks:        ---------------------------------------------
remarks:        Please send all abuse and spam complaints to:
remarks:        [email protected]
remarks:        ---------------------------------------------
source:         RIPE # Filtered
legendary
Activity: 2058
Merit: 1452
Hello, it appears a malicious users has logged in to 22 different accounts.  Because of the limited nature (vs all 4000+ accounts) I believe the hacker either used some brute force method, or an existing leak of usernames/passwords to try and log into accounts.  For example, the MTGox leak a while back.

I've temporarily disabled all PIN, Address, and Payout changes, so you will not be able to change your password at the moment (but neither will any hacker.)  I sent an email out to the affected accounts that I know about at the moment.

Once the malicious user got into an account, he brute forced address change attempts by trying different PIN numbers.  If he was successful, he then sent a manual payment to the new address.

So far, this appears to have only happened once (but could have been a couple more, still looking), as he could only try one PIN per second due to server restrictions.

I'll be working on changes to make this attack not possible in the future, and account changes will be disabled until then.

Malicious user information:
IP: 79.172.242.141
Malicious address: http://blockexplorer.com/address/17JuYfk8bWUHvAfRv5eF7zUic1g3qrDobz
I believe this represents the majority of any bitcoins stolen from this attack.
is it possible to allow manual payouts for people who haven't changed their payout addresses?
sr. member
Activity: 448
Merit: 250
Shitty. Thanks for keeping us posted.
full member
Activity: 207
Merit: 100
Hello, it appears a malicious users has logged in to 22 different accounts.  Because of the limited nature (vs all 4000+ accounts) I believe the hacker either used some brute force method, or an existing leak of usernames/passwords to try and log into accounts.  For example, the MTGox leak a while back.

I've temporarily disabled all PIN, Address, and Payout changes, so you will not be able to change your password at the moment (but neither will any hacker.)  I sent an email out to the affected accounts that I know about at the moment.

Once the malicious user got into an account, he brute forced address change attempts by trying different PIN numbers.  If he was successful, he then sent a manual payment to the new address.

So far, this appears to have only happened once (but could have been a couple more, still looking), as he could only try one PIN per second due to server restrictions.

I'll be working on changes to make this attack not possible in the future, and account changes will be disabled until then.

Malicious user information:
IP: 79.172.242.141
Malicious address: http://blockexplorer.com/address/17JuYfk8bWUHvAfRv5eF7zUic1g3qrDobz
I believe this represents the majority of any bitcoins stolen from this attack.
legendary
Activity: 1147
Merit: 1007
SMPPS and straight PPS is not similar at all, and you know clearly why. What I would agree on is that there is no invalid/orphan blocks so if ars is paying out for orphan/invalid blocks then it would answer the huge backlog right now.
They're certainly not the same, but there are some relevant shared qualities between the two, like the ones I alluded to above. But then again, I guess every reward method has some shared qualities with every other Cheesy
legendary
Activity: 1449
Merit: 1001
At least the ARS thread is lively again  Smiley
hero member
Activity: 504
Merit: 502
Point is longterm its a zero sum game ie. overtime and over even blocks you should even out even at 0% PPS (they only pay the PPS rates once blocks are solved, there is no extra 1.5% earnings on top)
Theoretically yes. In practice there are leaks because of orphaned blocks and block withholding. Paying full PPS value is only zero sum if you can eliminate those two factors. Orphaned blocks can be eliminated by retracting payments or paying less than full PPS value; can you point out where it says Ars does any of those?

We haven't had any invalid blocks yet.  It wouldn't mean much really, it would just be like not finding a block.  Factors in to all the luck stuff.
..which also backs up my explanation: the statistical loss for the invalid block will come out of the buffer, and miners' Lifetime work is not affected. Therefore Ars pays for invalid blocks in essence by taking a loan against the last miners to quit mining there.

Quote
PS. Your whole post seems like an ABCpool advert, stay on discussion and keep the FUD.
The topic was the negative buffer, which i have given a sound explanation for. ABCPool (and your pool too) has some of the same issues that Ars does since PPS and SMPPS are similar, which is why I'm interested in this discussion in the first place.


SMPPS and straight PPS is not similar at all, and you know clearly why. What I would agree on is that there is no invalid/orphan blocks so if ars is paying out for orphan/invalid blocks then it would answer the huge backlog right now.
legendary
Activity: 1147
Merit: 1007
Point is longterm its a zero sum game ie. overtime and over even blocks you should even out even at 0% PPS (they only pay the PPS rates once blocks are solved, there is no extra 1.5% earnings on top)
Theoretically yes. In practice there are leaks because of orphaned blocks and block withholding. Paying full PPS value is only zero sum if you can eliminate those two factors. Orphaned blocks can be eliminated by retracting payments or paying less than full PPS value; can you point out where it says Ars does any of those?

We haven't had any invalid blocks yet.  It wouldn't mean much really, it would just be like not finding a block.  Factors in to all the luck stuff.
..which also backs up my explanation: the statistical loss for the invalid block will come out of the buffer, and miners' Lifetime work is not affected. Therefore Ars pays for invalid blocks in essence by taking a loan against the last miners to quit mining there.

Quote
PS. Your whole post seems like an ABCpool advert, stay on discussion and keep the FUD.
The topic was the negative buffer, which i have given a sound explanation for. ABCPool (and your pool too) has some of the same issues that Ars does since PPS and SMPPS are similar, which is why I'm interested in this discussion in the first place.
hero member
Activity: 504
Merit: 502
Erm your long explaination meant nothing.

Point is longterm its a zero sum game ie. overtime and over even blocks you should even out even at 0% PPS (they only pay the PPS rates once blocks are solved, there is no extra 1.5% earnings on top) and ARS doesnt pay for orphans/invalids since it pays after 120confirms and if its invalid/orphaned you get nothing from that block.

So again, after so many blocks Im pretty sure it should be closer to even than 20-25blocks behind.

PS. Your whole post seems like an ABCpool advert, stay on discussion and keep the FUD.
legendary
Activity: 1147
Merit: 1007
Im also wondering that something must be wrong with this pool, surely statisticly variance cant be this bad over such an extensive period.

Sure its hashrate dropped from ~900GH avg to ~300GH avg since dropping from surplus to -1000coins most of the time but still this variance isnt even seen solomining like I am doing with part of my farm o_0
Ars employs a nominal fee of 0%. The payout is based on 100% of found blocks being valid, but that's unlikely to happen in practice. In practice, some blocks turn out to be orphan blocks. The pool is taking a statistical hit of 50 BTC for every block that turns out to be an orphan, which is around 1.5% of all blocks for most pools.

The effective fee is therefore about -1.5%. Yes, it's an effective bonus for miners! Who pays that bonus? The pool buffer. Total work done at Ars is now about 79850 BTC, which comes down to 1597 blocks. Although I can't find any orphan blocks in the stats at Ars, it's unlikely there haven't been any. You'd expect about 1.5%*1597 = 24 orphan blocks, causing a cumulative buffer drain of about 1200 BTC. The buffer is currently at -1000, not that far from -1200.

Now you may think: Great, the bonus is paid by the pool buffer, so I don't have to care about it. But the pool buffer is just a concept, and eventually real people have got to take the hit and accept the losses of all those orphan blocks. Who will those people be? It will be the last miners to quit Arsbitcoin. Since hashrate will then drop to 0, there's no new BTC flowing in. No income means the payouts for the last -BUFFER_SIZE Bitcoins can never be made.

In a sense, negative-effective-fee-SMPPS is not unlike the game "Musical chairs".

Until the moment the hashrate hits 0, the pool buffer will continue to drain at a rate of 1.5% of the theoretical PPS value of the delivered work, masked by normal variance in the block finding process. It is perfectly possible that due to normal variance the pool gets lucky and the buffer goes into positive territory again. Good and bad luck cancel each other out though, while the 1.5% drain is a constant negative force, creating ever longer payout delays.


Anyway..
For all reward schemes an effective fee can be calculated, and for PPS-derived schemes it differs from the nominal fee. At ABCPool there was some discussion when we started mentioning an effective fee in favor of a nominal fee; some vocal forum members found it to be misleading. Ars is now starting to show just how real the effective fee and its consequences are.
NB: ABCPool is *pure* PPS, there is no concept of a buffer for miners and therefore no payment delays.
hero member
Activity: 742
Merit: 500
Im also wondering that something must be wrong with this pool, surely statisticly variance cant be this bad over such an extensive period.

Sure its hashrate dropped from ~900GH avg to ~300GH avg since dropping from surplus to -1000coins most of the time but still this variance isnt even seen solomining like I am doing with part of my farm o_0

don't forget this pool was in a big positive buffer for a long time....
Yeah... back when it had an operator...
legendary
Activity: 1449
Merit: 1001
Im also wondering that something must be wrong with this pool, surely statisticly variance cant be this bad over such an extensive period.

Sure its hashrate dropped from ~900GH avg to ~300GH avg since dropping from surplus to -1000coins most of the time but still this variance isnt even seen solomining like I am doing with part of my farm o_0

don't forget this pool was in a big positive buffer for a long time....
hero member
Activity: 504
Merit: 502
Im also wondering that something must be wrong with this pool, surely statisticly variance cant be this bad over such an extensive period.

Sure its hashrate dropped from ~900GH avg to ~300GH avg since dropping from surplus to -1000coins most of the time but still this variance isnt even seen solomining like I am doing with part of my farm o_0
legendary
Activity: 4634
Merit: 1851
Linux since 1997 RedHat 4
I was going to suggest to simply use blockchain.info to work out the ARS blocks ... using the IP address info blockchain.info has ...
Then I checked 169082 on blockchain.info and it says Eligius

Looking at 169082 it is clearly NOT an Eligius block so unfortunately that idea fails also.
... and the ARS blocks don't have anything in the coinbase transaction that identifies them either

Oh well - I can't believe I'd say this - but coinbase spam does have a use sometimes Sad
vip
Activity: 1358
Merit: 1000
AKA: gigavps
FYI, back when I mined at this pool there was a bug with the website that when two blocks we found in quick succession, the second one would not show up in the stats but would be in the pool wallet. I do not know if this bug was ever fixed, but it could be a contributing factor as to why the pool has been having back luck.

If you go back in this thread, you can see instances where burningtoad would let us know a block was found and add it to the stats.
sr. member
Activity: 322
Merit: 250
We are bees, and we hate you.
from -840 down to -1135, ouch that hurts, thanks god i mine @ EMC. i hope arsbtc will get a long lucky round Smiley
I was just going to say something... I have a bunch of failover shares there, and I wish the pool would find a block or two soon!
That luck is brutal...  Sad
legendary
Activity: 1792
Merit: 1008
/dev/null
from -840 down to -1135, ouch that hurts, thanks god i mine @ EMC. i hope arsbtc will get a long lucky round Smiley
sr. member
Activity: 322
Merit: 250
Ah, Thank you, that will probably be it. I just left it how it was, In thought failover was default settings in CGMiner. Thanks for that Wink
Pages:
Jump to: