Topic: How to dismantled the awesome security of Bitcoin network in 4 simple steps. - page 2. (Read 2919 times)

Someone is building a pretty lengthy case on you somewhere. Keep admitting more and more criminal behavior. 

So they hacked simplecoin, a pool that doesnt host solidcoin in order to get solidcoin accounts?

Do you not see how retarded this looks?

i think he means release of the SC usernames and passwords?

Nice idea Death, can't see how it would fail. Same 51% attack except you have to have 1m coins first. easy. Looking forward to seeing drawl from CH about how it's wrong.

No release?

So is Simplecoin coming back?  Are they just down for the moment?

Well, but no one on earth would be stupid enough to design an alt-currency with that many obvious flaws! ... Right?

To achieve a 51% attack on the Bitcoin network via brute force would require millions of dollars worth of hardware.  The necessity of specialized hardware (GPU) excludes any "reduced cost" attack by putting an attack outside the capabilities of even the largest botnets or cloud instances.

Say you didn't want that kind of security.  Here is how to introduce flaws that significantly reduce the cost of attacking your alt chain:

1) Convince yourself that wealth = trust despite lots of historical evidence to the contrary.

2) Devise a system to use a network of trusted nodes to sign every second block of your block chain.   Make the requirement for this trusted node status 1 million coins giving the attacker a method to gain "trust".  

3) Make your blockchain GPU-unfriendly so attackers can harness the ultra low cost of commodity cloud CPU power.

4) Keep source code a secret, use no peer review in development, and make yourself completely in charge to ensure nobody voices any concerns until too late.  Everyone knows one set of eyes is better than a thousands.

Here is how the attack works.

Step 1:
Attacker amasses 1 million coins.  Say if your coins were worth 1.4 cents currently that would only be $14,000.   Now someone will point out if you buy them all the price will skyrocket.  While that may be true for a retard lets assume the attacker is smart.  Attacker could buy small amounts on the market.  Attacker could simultaneously approach users w/ large amounts of hashing power and sign short term contracts for say 20% over market value.  Attacker could also use EC2 cloud or botnets to generate coins.  If the attacker is smart and uses a balanced approach they could amass 1 mil coins cheaply.

Once attacker has 1 mil coins he is a trusted node.  Magic how getting 1 mil coins (maybe even through stolen hashing power - aka botnet) makes you trusted.  

Step 1a:
An alternative approach would be for attacker to scam/defraud/steal coins.  For example if the mybitcoin.com operators had existed on this alt-chain through their outright theft they would now be considered "trusted".  Don't you see the logic?

Step 2:
Attacker now checks the average block signing time for the even blocks to estimate hashing power of even trusted nodes.   Using EC2 cloud or botnet attacker ramps up his trusted node's hashing power to 100x the trusted nodes hashing power.  While this may seem like a lot in reality it isn't.  See we have made this very easy for the attacker.  In essence we have ensured the much larger hashing power of the "untrusted network" can't help us to protect the vulnerable trusted nodes.  If there are only a few (or say one) trusted node you could produce a super powerful trusted attack node with only ~100 CPU.  Now building 100 CPU may be a challenge but you can always rent them from Amazon for ... $40 per hour.  If we massively overpower the other trusted nodes then we are defacto the only effective trusted node as we have a reasonable chance of always signing a node faster than any other trusted node. If there is only one well that makes it even easier.

Step 3:
Launch a normal 51% attack against the network.  Normally this would be prohibitively expensive however the use of low cost cloud CPU resources , botnets, and rogue system admins mean that low cost commodity CPU can be used to win via numerical superiority.  Say your alt chain has 0.05234GH/s of hashing power and average CPU gets 10KH/s.  That is only ~5000 CPUs necessary to achieve 51% control over the network.  A well timed DDOS attack against major pools could degrade that network hashing power significantly.  When 5000 CPU are available via Amazon for $160 per hour or less with unlawful computing power you start to realize how a trivial sum can be used to attack the network.

Step 4:
Attacker now has control over the block chain. The combination of trusted nodes and CPU-friendly algorithm allowed this to happen for a trivially small amount of resources.