Topic: $250 Bounty Offered (Was $2000-$2500) - page 2. (Read 6656 times)

SSL is (a) a good additional to the bitcoin P2P protocol, even if anonymous, and (b) easy to integrate into the existing protocol.

As others have pointed out, SSL will not give you authentication, because you're still connecting to an untrusted party.  However, it will give you obfuscation, which has value.

Modern protocols implement SSL by including a "start SSL" message in their plaintext, unencrypted protocol.  That eliminates the need for multiple TCP ports as in the HTTP/HTTPS design.  bitcoin can implement SSL obfuscation by adding a start-ssl message immediately after the version message.  The version message will tell us whether or not the node supports SSL, making it easy to integrate SSL in a backwards-compatible manner.

Thus, bitcoin P2P nodes that wish SSL may request it, just like SMTP nodes that wish to use SSL for transiting email between untrusted nodes.

It is a step forward for the Internet, when most protocols use SSL by default, even if obfuscation is the only added value.

I agree, and this is more along the Unix "philosophy" that I mentioned earlier. The less code within bitcoin itself, the better. You can't exploit code that doesn't exist.

I agree with your concern about people not knowing how to protect themselves, but then, I think that better than adding unnecessary features to the main software, we should just offer preconfigured bundles, as I said on my last post.

An "anonymous bitcoin" bundle to be downloaded from the main project page, that would include the bitcoin software + an embedded tor proxy, everything preconfigured... this is better, imho, than adding SSL support to the bitcoin client.

  I used to run FidoNet BBSes where I live.

So is the bounty for these features to be added to the official client, or would an alternate client that's 100% compatible with the official client while having these additional features count?

Yes. I understand what you are saying here. We should be at least obfuscating Bitcoin connections as FF+Apache connections. China, for example, can easily block Bitcoin at the moment - just filter one port: 8333. How sad.

China can't block every SSL connection. Commerce relies on SSL connections too heavily.


Check out the newer videos by Roger Dingledine. They explain the lessons they learned about keeping Tor from being blocked in China/Iran.


Totally. I think that UPnP should be on by default.

Less than 0.25% of the population uses *NIX. If we want mass adoption we need to focus more on the end user operating systems.

It should choose a random port upon install. If you have a port specified in the bitcoin.conf, it will use that explicitly. Us smarter folks would likely specify a port. (I'd use 443).

Think about the average Joe. They never toy with the defaults. If we want the network to be resistant to DPI filtering we need this.

+1

I'd like to run bitcoind on port 443. I want it to look like Apache/SSL.

Ahem.. Key exchange. Generate a cert upon install.


I want this bundled with the official client. I'm not looking for a fork.


99.99% of average people have no clue how to setup Bitcoin to use Tor.

Assuming that other people know as much as you/I/us know will kill this project. If we want mass adoption this software has to be robust, simple to use, and "just work". This includes when China/North Korea/"Insert bad government" blocks it.

We need to be proactive here. Not reactive. Telling people to install another program and educate them on how to chain them together is not a fix. It's a giant ugly "hack".

Edit: A key cache similar to how SSH handles keys could be added to Bitcoin to prevent MITM attacks.

How so? The current build links against openssl already. Preserving the existing port 8333 listener thread would maintain backward compatibility for some time.


It's random selection upon install. The user can, of course, change the port. Look at how I2P works upon first install.


Uh huh.

What's the incentive for ISPs to do that, despite government pressure?
Because if it's the government who's after you, they can do just like hadopi in France. Encryption alone won't help you, you need something like Tor.

Maybe a better thing would be to offer a bundle Bitcoin client + tor proxy with everything already configured, for those who aren't geek enough to configure it by themselves. Just like the firefox bundle that torproject offers.

I don't see a need to add encryption to the core bitcoin software.

As long as businesses need to run VPNs and SSL websites, I think crypto will remain legal. Mimicking traffic patters in another matter, though.

So ISP's can't target and block Bitcoin as easily?

May I ask why do you want public data to be exchanged through encrypted connections? I don't see the gain in that. If it's anonymity you want, encryption won't help you...

On my networks, one of the first things I do when setting up a router is disable UPnP due to security concerns (malware often likes to open ports on UPnP enabled routers to further expose the network and help keep their botnet alive).  However, I think UPnP support would be great for non-techie home users that don't know enough to disable UPnP on their router's in the first place...If they're going to have UPnP enabled, we might as well take advantage of it.

I think some sort of built-in encryption would be really good to have, but obviously a central authority is obviously out of the question...hmmm...unless that central authority happens to be Bitcoin (or a similar system).  IDEA: User/node generates a key pair for encryption between nodes, the node creates a special transaction to "register" the public key, user pays a transaction fee or 0 or more, and then if/when it gets added to a block, the entire network has your public key for encrypted communications.  Obviously there's a lot more details to work out on this, and barriers for non-technical users, etc, but it's something to start brainstorming around.  (This is very similar to what's been on my list of things to think about for a Bitcoin-based DNS to have SSL certs associated with domains as well so people don't need to buy them from a "trusted" third-party like Verisign, etc.)  (EDIT: For communication between nodes, just generating key pairs for encryption and sharing the public keys upon first contact with the network and then spreading them via the 'addr' message (assuming a sufficiently bootstrapped Bitcoin network) would probably be enough for encrypting the traffic, and a central public key registry is probably unnecessary for this purpose.)

I would like ports other than 8333 to be supported, as well.  Also IPv6.

UPnP is only a "security" issue if you're treating hacks like NAT as some kind of a firewall (which it's not intended to be). NAT is a hack to allow multiple computers/devices to access the WAN from a single WAN address. It isn't supposed to block anything. Blocking incoming connections has merely been a bug in the NAT implementations. UPnP fixes this bug by giving endpoints the ability to tell the router what ports it expects a connection on, so the router can correctly pass that traffic through.

If you want a firewall, go ahead and get one (or install it as software). But that is unrelated to the bug that UPnP fixes.

The point of UPnP is to help users who are running the software at home. It's got nothing to do with server deployments of bitcoind. I guess the command line UI would have it switched off by default the and Win/Mac GUIs would have it switched on.

It seems fair to discuss the merits of UPnP inclusion here. I tend to agree with you, just because of potential security issues.

Random ports might be a problem if they conflict with other services, but UPnP never hurt anyone. What do you mean Windows-specific? UPnP is implemented by all the major Linux router platforms, and is a very nice way to avoid manual setup of port forwarding.