Pages:
Author

Topic: [ATTN!!] Bitcoin Security nearly Breached (Read 6751 times)

legendary
Activity: 1862
Merit: 1114
WalletScrutiny.com
July 09, 2011, 07:06:28 PM
#54
No, it seems to me the risk is in the pool doing something that will benefit itself AND its miners and being able to pull that off alone. The most obvious thing would be to increase (let's say double) the mining reward (or refuse to lower it to 25 BTC by the end of next year). Not only would that double the pool owner's income (in BTC terms), it would also double what the miners earn, and would more likely attract more miners.

Well if this is your scenario then why wouldn't they just decide to make the reward 10k per block as of today? Yes they could fork the chain but those blocks would not get accepted by the rest of the bitcoinDs. So you mine BTC' that will not comply to BTC. Guess that's a stupid plan. Exchanges and honest users would not accept those.

Better they start a new chain then ...
hero member
Activity: 702
Merit: 503
So there is/was a discussion if deepbit allows botnets ? Or was this the first time anyone mentioned this idea.

Very interesting, I need to look more into this. 


Worse than that: there was a discussion regarding the major pools forming a cartel to collude against the rest of the network...

If you think Tycho, Slush and the like are of such pristine moral fiber that they would never "muck around" with that to satisfy their unlimited personal greed, i have a forest of Bitcoin trees near Moscow to sell you...  Cheesy Cheesy
newbie
Activity: 59
Merit: 0
Quote
There are nearly 50% of pool miners there for one reason - they like DeepBit better than the others.

A number of issues I've encountered on other pools, just kept pushing me back to deepbit. For some reason Deepbit just works (except during a Ddos). Other pools need to get their act together and compete better.

Quote
Now tell me, when you're already making $52,000.00 a month, or $623k a year conservatively, why are you going to muck around?

I'd think so too, at least regarding all the mucking around that has been mentioned in this thread, double spending etc... no-one in their right mind is going to risk a $50,000 per month income that's still growing to rip people off once with some double spending or sh*t like that.

No, it seems to me the risk is in the pool doing something that will benefit itself AND its miners and being able to pull that off alone. The most obvious thing would be to increase (let's say double) the mining reward (or refuse to lower it to 25 BTC by the end of next year). Not only would that double the pool owner's income (in BTC terms), it would also double what the miners earn, and would more likely attract more miners.

If other pools didn't follow suit, they'd find all their blocks invalidated and end up earning nothing. Pressure to follow such a move would therefor be enormous.

This would all be at the expense of those holding BTC, in exactly the same fashion as a central bank that prints more money.

The only miners opposed to such a change would be those already holding lots of BTC.

Or have I overlooked something that makes this scenario impossible?
full member
Activity: 142
Merit: 100
So there is/was a discussion if deepbit allows botnets ? Or was this the first time anyone mentioned this idea.

Very interesting, I need to look more into this. 
hero member
Activity: 702
Merit: 503
There's another way to get big, and that is by providing a great service and making your customers very happy. Since you're new here, you should look at Deepbit's history; this is mostly what Deepbit has done.

If you do some research regarding my registration date, you'll see that you are the new one here...  Smiley

I was already here before there was such a thing as Deepbit or Tycho, even Slush wasn't open yet, and i could mine with a 5450...  Cheesy

So, there is little point in my reading the history that i watched happen real-time...  Wink

It was already clear then that the exceptionally greedy farmers, such as ArtForz, were about to force everyone else to pool, which would create vulnerable centers in the "totally decentralized Bitcoin" still being falsely advertised today...  Cheesy

Then, there would be greedy pool operators, such as Tycho. In a few years, they will consolidate, and become the central bankers of Bitcoin, if it survives that long.  Undecided

Then, we'll be back to the same thing we have today with fiat bankers - a few influential central bankers of Bitcoin dictating to the rest of us how much share of the market they will have, and how much in fees we'll have to pay them...

How great that revolutionary new system will be!  Then, i will also not care if "Bitcoin fails"... Cheesy
hero member
Activity: 588
Merit: 500
So you are not going to retract your accusation regarding Deepbit accepting botnets?

It's not an accusation; it's a simple hypothesis, given the way some of the biggest business is traditionally done in Russia. Wink

Since Deepbit's terms and technology can be duplicated by any other pool, its persistently incongruous size is suspicious. It will be useful when someone with credible skills and network position figures out the botnet share of that. Deepbit plantation helpers are not a credible source of such info to me...  Cheesy

What is pretty clear to me is that an entity or a group that doesn't have the ethics or greed limit to stop itself from grabbing 40-50% of the worldwide supply of something, would not be above tolerating a friendly botnet to help it continue to do so... Wink

There's another way to get big, and that is by providing a great service and making your customers very happy. Since you're new here, you should look at Deepbit's history; this is mostly what Deepbit has done.

I don't know what "Deepbit's plantation helpers" means.

As for me, I stopped mining at Deepbit after he gave an answer I didn't like about having 50% of the network. Maybe I'll start again after he has less percentage of the network. Maybe I won't.
hero member
Activity: 702
Merit: 503
It's purely a hypothesis, but he'll follow it with plenty of accusations. Love it.

Let's See:
Security Troll: Check
Paranoid/Conspiracy Troll: Double Check

You have a right to your delusions, just as i have a right to mine...   Smiley
sr. member
Activity: 392
Merit: 250
So you are not going to retract your accusation regarding Deepbit accepting botnets?

It's not an accusation; it's a simple hypothesis, given the way some of the biggest business is traditionally done in Russia. Wink

Since Deepbit's terms and technology can be duplicated by any other pool, its persistently incongruous size is suspicious. It will be useful when someone with credible skills and network position figures out the botnet share of that. Deepbit plantation helpers are not a credible source of such info to me...  Cheesy

What is pretty clear to me is that an entity or a group that doesn't have the ethics or greed limit to stop itself from grabbing 40-50% of the worldwide supply of something, would not be above tolerating a friendly botnet to help it continue to do so... Wink



It's purely a hypothesis, but he'll follow it with plenty of accusations. Love it.

Let's See:
Security Troll: Check
Paranoid/Conspiracy Troll: Double Check
hero member
Activity: 702
Merit: 503
So you are not going to retract your accusation regarding Deepbit accepting botnets?

It's not an accusation; it's a simple hypothesis, given the way some of the biggest business is traditionally done in Russia. Wink

Since Deepbit's terms and technology can be duplicated by any other pool, its persistently incongruous size is suspicious. It will be useful when someone with credible skills and network position figures out the botnet share of that. Deepbit plantation helpers are not a credible source of such info to me...  Cheesy

What is pretty clear to me is that an entity or a group that doesn't have the ethics or greed limit to stop itself from grabbing 40-50% of the worldwide supply of something, would not be above tolerating a friendly botnet to help it continue to do so... Wink

sr. member
Activity: 392
Merit: 250
How do we send people back to the newbie board? Posting this kind of repetitive alarmist BS should be automatic timeout to the newbie board for a month.

And when will SMF give filtering options so that you can hide all threads not started by 'x' level poster...

Come on man, that's not fair to the newbies! They need to be put in isolation. Maybe time to institue the mod that blocks trolls from posting in threads but still shows their posts in the threads. After 2 or 3 usernames they might get bored and go away or actually become contributory to the forums.

Not just threads started, filter any posts at all by a user configured post number.
full member
Activity: 168
Merit: 100
How do we send people back to the newbie board? Posting this kind of repetitive alarmist BS should be automatic timeout to the newbie board for a month.

And when will SMF give filtering options so that you can hide all threads not started by 'x' level poster...
sr. member
Activity: 322
Merit: 252

In the immortal words of one proud miner:
... I am here simply to mine bitcoin and make a profit.  I don't really care if bitcoin fails. ...

That makes all of the Bitcoin ground pretty damn shaky... Cheesy


And you're interested in Bitcoin to what, buy rainbows and gumdrops for all the third world children?
hero member
Activity: 588
Merit: 500
So you are not going to retract your accusation regarding Deepbit accepting botnets?
hero member
Activity: 702
Merit: 503

Try clicking on the image for your "proof." Until then, you are on very shaky ground.

My point was that, as we have seen before, one person's parasite botnet is another person's "business partner."  Wink

Even IF it turns out that Deepbit doesn't have such "business partners", it's unethical for Deepbit and its workers to take even close to 50%.

That makes a joke of the already obvious fairytale of "decentralized Bitcoin," in which the system can be disrupted by attacking or subverting just one mining pool...  Cheesy

What also then becomes obvious is that - just as it is for the Wall-Street bankers - for Deepbit and its workers it's not really about the health of the monetary system as a whole. "It's all about me and getting mine"...

In the immortal words of one proud miner:
... I am here simply to mine bitcoin and make a profit.  I don't really care if bitcoin fails. ...

That makes all of the Bitcoin ground pretty damn shaky... Cheesy
member
Activity: 84
Merit: 10
did they setup their own pool?
other seems rather large, it was almost 45% earlier now it's about 1/5 of the total.


Thats a 'shopped' image there, homey G nugs...

nah, this:
http://www.bitcoinwatch.com/

the cool little pie chart, g.i.t.s. looking thing.
earlier it was about 45%, then about 1/5th. unless the only reason they were in other making it so large was because they got kicked from the named pools, and they didn't have anywhere to go?
hero member
Activity: 588
Merit: 500

That's proof of the botnet that Deepbit "doesn't have the ethics to block" for people who like to make damning statements without doing any research.

Well, if something in the Deepbit interface is "proof" enough to you that Deepbit is blocking ALL the botnets, good for you!   Grin

As i said, i'll wait until a more credible third party has some proof, which would obviously not be Deepbit or its workers.  Cheesy

Some pretty shady "business" deals are made and unethical actions tolerated in the Bitcoin world. As in the rest of the criminal world, one botnet doesn't have the same friends, alliances and capabilities as every other...  Wink

Try clicking on the image for your "proof." Until then, you are on very shaky ground.
hero member
Activity: 702
Merit: 503

That's proof of the botnet that Deepbit "doesn't have the ethics to block" for people who like to make damning statements without doing any research.

Well, if something in the Deepbit interface is "proof" enough to you that Deepbit is blocking ALL the botnets, good for you!   Grin

As i said, i'll wait until a more credible third party has some proof, which would obviously not be Deepbit or its workers.  Cheesy

Some pretty shady "business" deals are made and unethical actions tolerated in the Bitcoin world. As in the rest of the criminal world, one botnet doesn't have the same friends, alliances and capabilities as every other...  Wink
hero member
Activity: 504
Merit: 500
did they setup their own pool?
other seems rather large, it was almost 45% earlier now it's about 1/5 of the total.


Thats a 'shopped' image there, homey G nugs...
member
Activity: 84
Merit: 10
did they setup their own pool?
other seems rather large, it was almost 45% earlier now it's about 1/5 of the total.
hero member
Activity: 504
Merit: 500

Quote
Botnets simply cannot contribute that much. ...

Not true, when the botnet first got noticed and moved to another pool we were able to see it and exactly how many comps were hitting and how much hash power. it was surprisginly high hash for the number of comps. I do not have the info recroded down to verify so one of the pool ops would have to report, but there is a grph I'm willing to bet someone still has that showed the number of zombies hashing and what their rate was. Believe it was something on the order of 60Ghash and only a few thousand comps.......

Word! Testify!!! Amen!  Grin

If the BtcGuild story is true, BIG UP to them, for having the ethics to do what Deepbit probably doesn't...  Smiley


Very nice to see they are doing something. Ouch that it apparently is capable of snagging legitimate users as well.  Maybe the ip limit is too low verse period of time multiples connect? How many IP's did you have connected, if I may ask?

That's proof of the botnet that Deepbit "doesn't have the ethics to block" for people who like to make damning statements without doing any research.


I wish you could comment the guy's statement who is accusing Deepbit outside of my comments. I just don't want to appear I was pointing a finger, which i was not.



And in response to the Russian post, I was under the impression this was a regular user who was blocked by the new security measures Deepbit imployed but he is a legitimate user. Maybe you can read Russian and saw differently?
Pages:
Jump to: