Pages:
Author

Topic: [ANN] Critical vulnerability (denial-of-service attack) (Read 25839 times)

full member
Activity: 222
Merit: 100
www.btcbuy.info
With too-widespread software flaw, you can lose bitcoin EVEN if nobody picks your private key, or hacks into your PC. The bitcoin network is only as good as the software. If there is a critical bug introduced, and too many people use the client that has this bug, you could push through any transaction you want. Those would technically be invalid transactions, and clients not affected by bug would reject them, but if too many clients will accept, it will become de-facto a new block. And once a bunch of blocks are stacked over invalid block, it will be practically impossible to rollback. So, your paper money would lose the balance and you wouldn't even know.
Bitcoin has had to rolled back up to 53 blocks before (CVE-2010-5139), so I wouldn't say it's impossible. Integrity of the currency comes before miners' income.

Interesting!!!! I didn't realize that actually have already happened once. So, I guess, that illustrates my point very nicely, how much the whole community depends on a small number of developers. It is very good to know that they already handled such situation appropriately, kudos to devs.

Yet, it also confirms that there ARE reasons to be concerned. We are all humans, and there are organizations out there, which wield significant power, and can put enormous pressure on a person. There would be significantly more certainty if there was a client, code of which never gets touched.

legendary
Activity: 2576
Merit: 1186
With too-widespread software flaw, you can lose bitcoin EVEN if nobody picks your private key, or hacks into your PC. The bitcoin network is only as good as the software. If there is a critical bug introduced, and too many people use the client that has this bug, you could push through any transaction you want. Those would technically be invalid transactions, and clients not affected by bug would reject them, but if too many clients will accept, it will become de-facto a new block. And once a bunch of blocks are stacked over invalid block, it will be practically impossible to rollback. So, your paper money would lose the balance and you wouldn't even know.
Bitcoin has had to rolled back up to 53 blocks before (CVE-2010-5139), so I wouldn't say it's impossible. Integrity of the currency comes before miners' income.
full member
Activity: 222
Merit: 100
www.btcbuy.info
I wanted to add here that it is worrying, how much power here is vested in developers. And as much of a great job they do, they do make mistakes. Every time I have to upgrade, there is always a thought on the back of my mind - what if there is a vulnerability or exploit? Even worse is that even those of us who don't upgrade for that reason still depend on the 50% of other nodes to be not vulnerable

This doesn't bother me one bit as I keep most of my coin on paper wallets.  My exposure to a client bug is always limited to the amount of coin I have online at any given time.

I wish the idea of putting bitcoins on paper had more favor with the developers and was considered an important feature for the client.  "Click File, Print, Print Money.  Be your own bank."  Specifically, having the private key sweep/import feature exposed in the UI and for it to not need a full blockchain scan to execute would go a long way toward users ability to protect themselves from risks, including future client bugs.  The more this feature is offered by lightweight clients, the fewer full bitcoind nodes there are going to be on the network as people choose those other clients.

And this is what you don't realize, and many people don't either. With too-widespread software flaw, you can lose bitcoin EVEN if nobody picks your private key, or hacks into your PC. The bitcoin network is only as good as the software. If there is a critical bug introduced, and too many people use the client that has this bug, you could push through any transaction you want. Those would technically be invalid transactions, and clients not affected by bug would reject them, but if too many clients will accept, it will become de-facto a new block. And once a bunch of blocks are stacked over invalid block, it will be practically impossible to rollback. So, your paper money would lose the balance and you wouldn't even know.

This is why, to my mind, it is so important to have the most basic, the most minimal client possible.

Command line daemon could have been it, but unfortunately there are known, 100% reproducible bugs in it, such as this one, that have been there for years, and nobody would put a permanent fix. I realize, I'm jumping from a critical bug scenario to the one of real low priority, but bugs like that are the reason not too many UIs exist for a daemon
newbie
Activity: 42
Merit: 0
"WARNING: Displayed transactions may not be correct!  You may need to
upgrade, or other nodes may need to upgrade."

 Shocked I had that message! I then tried to upgrade and nearly lost my wallet!
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
I wanted to add here that it is worrying, how much power here is vested in developers. And as much of a great job they do, they do make mistakes. Every time I have to upgrade, there is always a thought on the back of my mind - what if there is a vulnerability or exploit? Even worse is that even those of us who don't upgrade for that reason still depend on the 50% of other nodes to be not vulnerable

This doesn't bother me one bit as I keep most of my coin on paper wallets.  My exposure to a client bug is always limited to the amount of coin I have online at any given time.

I wish the idea of putting bitcoins on paper had more favor with the developers and was considered an important feature for the client.  "Click File, Print, Print Money.  Be your own bank."  Specifically, having the private key sweep/import feature exposed in the UI and for it to not need a full blockchain scan to execute would go a long way toward users ability to protect themselves from risks, including future client bugs.  The more this feature is offered by lightweight clients, the fewer full bitcoind nodes there are going to be on the network as people choose those other clients.
rjk
sr. member
Activity: 448
Merit: 250
1ngldh
I'm pretty sure Armory doesn't really use bitcoind, just the files bitcoind makes/maintains... Spesmilo does try to use bitcoind.
From the bitcoinarmory.com website:

Quote
Also, Armory does not use independent-networking.  It can be thought of as an “add-on” to the regular Satoshi client (www.bitcoin.org), which needs to be running in order for Armory to work.  In the future, Armory may integrate networking components of the Satoshi client directly, so that all features are integrated into a single program.

Although I believe etotheipi is planning on changing that.
legendary
Activity: 2576
Merit: 1186
At this time most nodes upgraded to the new version, and it is behemoth. Satoshi's client was no fun, but compared to amount of code in the current version, it is nothing!
Huh? Bitcoin-Qt is much lighter and abstracted in comparison to the old wxBitcoin...

It is simply impossible to tell that there is no hack/vulnerability/backdoor in all this code. Even if there is not any in the bitcoin code per se, there is no way to tell about all dependent libraries.
We (especially Gavin) have been working on unit tests to ensure changes don't affect behaviour of the client. This is a big step forward in being able to audit changes. Additionally, many developers (including myself) read every single commit (or at least most) - so anything fishy should get picked up.

So, at this time,  everybody runs this oversized, unreliable client, and why? Because there is bug, and nobody maintains original daemon, so the latest one is the one fixed.
Why do you say nobody maintains the original bitcoind? I've been maintaining it since 0.4 - the current version of which is 0.4.6 and has this vulnerability (as well as the others) fixed. The stable branches only get bugfixes and mandatory protocol updates.

Bring the daemon to the state, where it is usable by external GUIs, and let them have at it.
That's a goal, but it's unfortunately a far way off Sad

The daemon is already useable by external GUIs, and is also much more stable when performing that task. Take for instance the Armory client which uses bitcoind in the backend. There are others as well.
I'm pretty sure Armory doesn't really use bitcoind, just the files bitcoind makes/maintains... Spesmilo does try to use bitcoind.
rjk
sr. member
Activity: 448
Merit: 250
1ngldh
The daemon is already useable by external GUIs, and is also much more stable when performing that task. Take for instance the Armory client which uses bitcoind in the backend. There are others as well.

You don't have to have the GUI to run the daemon; indeed you shouldn't even need to look at a single line of QT code at all.
full member
Activity: 222
Merit: 100
www.btcbuy.info
I wanted to add here that it is worrying, how much power here is vested in developers. And as much of a great job they do, they do make mistakes. Every time I have to upgrade, there is always a thought on the back of my mind - what if there is a vulnerability or exploit? Even worse is that even those of us who don't upgrade for that reason still depend on the 50% of other nodes to be not vulnerable

At this time most nodes upgraded to the new version, and it is behemoth. Satoshi's client was no fun, but compared to amount of code in the current version, it is nothing! It is simply impossible to tell that there is no hack/vulnerability/backdoor in all this code. Even if there is not any in the bitcoin code per se, there is no way to tell about all dependent libraries. So, at this time,  everybody runs this oversized, unreliable client, and why? Because there is bug, and nobody maintains original daemon, so the latest one is the one fixed.

I'd say, if bitcoin community ever gets to the times when network could run safe, robust, and reliable, it will be when a stable, simple client goes out, which does only what is needed, and nothing more, and the code gets frozen, except for security updates. GUI shouldn't be part of the client, especially when client already supports xml-rpc to perform the tasks. When there is an issue with the code, but GUI has the ways to go around it, that leads to the bugs, that never get fixed, that go unnoticed.

I beg developers: please focus on the core. Make it stable. Bring the daemon to the state, where it is usable by external GUIs, and let them have at it. There shouldn't be a way for dev to destroy bitcoin by mistake of developer.

legendary
Activity: 2576
Merit: 1186
I've put together a chart with the status of listening nodes.


      2 32300 ".ljr2" vulnerable

Is that you? Tongue
No, that's an ancient version I made in early 2011. Wink
hero member
Activity: 784
Merit: 1000
bitcoin hundred-aire
I've put together a chart with the status of listening nodes.


      2 32300 ".ljr2" vulnerable

Is that you? Tongue
legendary
Activity: 2576
Merit: 1186
I've put together a chart with the status of listening nodes.
legendary
Activity: 1361
Merit: 1003
Don`t panic! Organize!
Since update I see some lags caused by bicoind/bicoin-qt. From time to time (even every 10 sec) bitoin is eating full cpu for 0.5-1 second freezing my machine. Any1 noticed this?
legendary
Activity: 2576
Merit: 1186
The QT version won't run on my minimal linux machine.  I've been running 0.4.0 forever.  Where can I find this 0.4.6 backport you speak of?
https://bitcointalk.org/?topic=79651
sr. member
Activity: 294
Merit: 250
The QT version won't run on my minimal linux machine.  I've been running 0.4.0 forever.  Where can I find this 0.4.6 backport you speak of?
Nevermind, I got it to run.  Smiley
sr. member
Activity: 294
Merit: 250
The QT version won't run on my minimal linux machine.  I've been running 0.4.0 forever.  Where can I find this 0.4.6 backport you speak of?
sr. member
Activity: 462
Merit: 250
I heart thebaron
Should be in the getinfo "errors" key. It uses a hardcoded private key to relay across the p2p network.
Thanks.

Can I use getinfo()'errors' to display future message broadcasts in a web app ?
Should be fine, though I'd advise against posting it publicly, just in case some attacker is googling for vulnerable services.
Of course. It will just be on my local mining monitor app for CGMiner.
Thanks again.
legendary
Activity: 2576
Merit: 1186
Should be in the getinfo "errors" key. It uses a hardcoded private key to relay across the p2p network.
Thanks.

Can I use getinfo()'errors' to display future message broadcasts in a web app ?
Should be fine, though I'd advise against posting it publicly, just in case some attacker is googling for vulnerable services.
sr. member
Activity: 462
Merit: 250
I heart thebaron
Should be in the getinfo "errors" key. It uses a hardcoded private key to relay across the p2p network.
Thanks.

Can I use getinfo()'errors' to display future message broadcasts in a web app ?
legendary
Activity: 2576
Merit: 1186
Should be in the getinfo "errors" key. It uses a hardcoded private key to relay across the p2p network.
Pages:
Jump to: