Pages:
Author

Topic: Is this statement True or False about Bitcoin (Read 3368 times)

legendary
Activity: 1708
Merit: 1010
If you mean non-listening nodes, they don't matter because to take the network offline all you need to do is take out the listening nodes.

No, I don't mean non-listening nodes, but those would qualify also because they are intermittently listening.  The network is a very fault tolerant, self-healing system.
legendary
Activity: 1526
Merit: 1134
If you mean non-listening nodes, they don't matter because to take the network offline all you need to do is take out the listening nodes.
legendary
Activity: 1708
Merit: 1010
Nobody smart would attempt to DoS Bitcoin by outrunning the chain. That's not a threat worth worrying about. You can knock nodes offline without any expensive computation and because all nodes are discoverable that means you can take the network temporarily offline, until people upgrade to a new software version that is more DoS resistant.

Not all nodes are discoverable.
legendary
Activity: 1526
Merit: 1134
Nobody smart would attempt to DoS Bitcoin by outrunning the chain. That's not a threat worth worrying about. You can knock nodes offline without any expensive computation and because all nodes are discoverable that means you can take the network temporarily offline, until people upgrade to a new software version that is more DoS resistant.
member
Activity: 70
Merit: 10
But if the attack were sprung right away like that, wouldn't it hit folk's radar pretty quick?  As I understand it, you can't simultaneously wrest control of the network AND dodge the difficulty increase.
unk
member
Activity: 84
Merit: 10
right, it requires a redundancy that is not presently part of the bitcoin system. the problem is that it will never be clear, without a non-bitcoin mechanism for reaching meta-consensus, which block chain is the 'honest' one. as an example, it might not be the first; for all we know, the first was the attack, and the 1000 others were the remedy to the attack. (this once happened in response to an integer-overflow bug that led to a mended block chain at satoshi's direction with the help of powerful miners.)

"s" once outlined a detailed mechanism for redundancy, but he or she was apparently pushed away from the forum by extremist responses and deleted that post. but i recall a model similar to freenet as one robust anti-double-spending mechanism.
member
Activity: 70
Merit: 10
seems like a couple public write-once block databases would sew this up - in a total OMFG freak out the clients could go into quorum mode...  freenet, maybe?
unk
member
Activity: 84
Merit: 10
oh, i misread. that is indeed possible, and it hasn't gotten enough attention. it's like an expanded version of the 'finney attack' and could be used quite strategically to significant negative effect.

in some ways, it's a particular case of the sort of problem that ben laurie was warning us about at http://links.org.

i don't believe anything in the code limits large reorganizations, except the hard-coded checkpointing of particular blocks at some releases. the network couldn't easily survive if newly downloaded clients disagreed with the old ones about the state of the network. they need to validate each proposed chain for themselves and accept the one with the greatest total proof of work. (that said, i haven't stayed current with each new release of the code, so i'm not sure if it has been modified in this respect. but unless very sophisticated, my belief is that such a change wouldn't make much sense.)
member
Activity: 70
Merit: 10
you can't easily go back that far even with massive hashing power. satoshi's original paper shows this numerically.

i believe the whitepaper covers the case of trying to undo a transaction, whereas - as i understand it, trippy was speaking of maintaining a "shadow" fork that would suddenly emerge and attempt to usurp the block chain since the fork.

perhaps the maths cover that case as well, and i'm ignorant of their full implications.
unk
member
Activity: 84
Merit: 10
you can't easily go back that far even with massive hashing power. satoshi's original paper shows this numerically.
member
Activity: 70
Merit: 10
Once somebody has more computing power than everybody else put together, they should go about 1,000 blocks back and try to build a new chain building off that, in secret. (This would take a week.) However their chain will not include any of the transactions from the last 1,000 legitimate blocks. Once it becomes longer than the existing chain, they publish it and instantaneously a whole week of transactions un-happen, i.e. they are reversed and the money (including mining fees) returns to the hands of the original owner, whereas the 50,000 BTC legitimately mined disappear, and the new 50,000 BTC generated are owned by one bitcoin address, the attacker's.

As I understand the code, clients running after the fork and before the merge won't pay any attention to that new block chain.  Newly booting ones may have to decide which to believe, but no one is going to rewind past the last few blocks.

I'd love to hear anyone that's deeper into the code than I correct me on that.
unk
member
Activity: 84
Merit: 10
You could (temporarily) DoS all of Bitcoin for far less money than a million dollars. However, DoS attacks are illegal

one concern i've long had is that several kinds of 'attacks' or at least attempts at denying service to achieve external effects (like market manipulation) conform to bitcoin's network and functional protocol and thus are probably unlikely to be regulated. but it's a grey area.

in any case, to give my own reply to the original question, i believe it's a true statement. even the most intuitive attack that requires no special knowledge (the 'overwhelm the hashing power of the network' attack) would cost only a few million dollars at present for permanent purchase of the necessary hardware, and far less for rental. there are many cleverer things that can be done, however. for example, analyses by bytecoin and "s" have explained similar attacks that require fewer resources.

this isn't really a threat to the bitcoin technology as a whole. satoshi wasn't particularly concerned with it, as you can see from his last few messages at the forum. but as i and others have pointed out for a long time, it makes any individual block chain subject to more potential kinds of market manipulation that many speculators seem to suspect.

bitcoin will likely continue, but the value in any particular block chain can at present be very easily 'attacked' through denial of service and similar mechanisms. that we haven't seen much more than a denial-of-service attack on mt gox and a few mining pools likely reflects nothing more than the still-relatively-small footprint of bitcoin and the fact that it is not presently easy to profit from falls in the price of a bitcoin at any significant scale.
legendary
Activity: 1708
Merit: 1010
If they can craft transactions that are really heavy, that could obstruct the network for a while ?

Yes, but then the miners would be laughing at the attacker, because he would have to be paying them for the privilage of attacking the network.  This kind of attack ends once the money runs dry.
legendary
Activity: 1708
Merit: 1010
I won't say who via twitter but a #Hacker, #engineer, #entrepreneur. #Consultant had this to say

"You could shut Bitcoin down with a DDoS that would cost under $1 million to execute."

That statement is not true.  A DDOS attack would, at worst, prevent the network from normal function while the attack was ongoing.  It couldn't do any lasting harm to the currency system or the network, a non-trivial portion of which does not exist in any "publicly" accessible form that can be dossed at all.
legendary
Activity: 1526
Merit: 1134
You could (temporarily) DoS all of Bitcoin for far less money than a million dollars. However, DoS attacks are illegal, doubly so if you use a botnet to get lots of IPs and anonymize your tracks.

If somebody does actually start DoSing Bitcoin, I guess it'd be time to add autodrop code that would detect and block bad IPs. The attack could be quite disruptive until people upgraded to the new version.
sr. member
Activity: 266
Merit: 250
Does this make it less threatening?
Yes.  The fewer entities that have motivation to do it, the less threatening it is.
jr. member
Activity: 56
Merit: 1
He might have been referring to the penny-flood type of attack.
Or creating ultra big transactions by sending massive ammount of coins to yourself split in a high number of different addresses/clients. The attack funding would actually be spent on fees. If they can craft transactions that are really heavy, that could obstruct the network for a while ?
legendary
Activity: 1153
Merit: 1012
...
Who would do this?  A government, I suppose.  But you wouldn't do it to make money!

Does this make it less threatening?

Bitcoin opposes state authority - therefore it is not unlikely to happen.
legendary
Activity: 2618
Merit: 1007
I won't say who via twitter but a #Hacker, #engineer, #entrepreneur. #Consultant had this to say

"You could shut Bitcoin down with a DDoS that would cost under $1 million to execute."

I would rephrase it to:

"You could severely disrupt Bitcoin with a DDoS that would cost under $1 million to execute."

Reasons/Targets:
Attacking main pools + the IRC channel as single point of failure would make transactions VERY slow to process. Once 3-4 big pools are down, it takes ~1 hour to mine 1 block + the miners WON'T solo mine but try to switch to other pools (if even) effectively DDOSing these to death too. Miners are more like sheep, they seem to like to be in herds! Wink

As a result the exchange rate on MtGox would plummet, if some more alert miners cash out, then skyrocket again if some investors have any money lying around. Chaos + Confusion will break out.

I think you will cause a nice weekend and a deep dent in the global hashrate with this, in the end it won#t bring Bitcoin down though, and might very likely even lead to more popularity of BTC than before (if it is really a big attack, not just a DOS attempt at 1 single pool). It might however shatter trust a bit, making people more alert with what they are doing with their money...
sr. member
Activity: 266
Merit: 250
Yes they were flawed, it was only a back-of-the-envelope calculation. I didn't think the maintenance cost and building cost would be so expensive compared to the GPUs themselves, but you probably know better.

I think you may have misunderstood my line of attack though. Once somebody has more computing power than everybody else put together, they should go about 1,000 blocks back and try to build a new chain building off that, in secret. (This would take a week.) However their chain will not include any of the transactions from the last 1,000 legitimate blocks. Once it becomes longer than the existing chain, they publish it and instantaneously a whole week of transactions un-happen, i.e. they are reversed and the money (including mining fees) returns to the hands of the original owner, whereas the 50,000 BTC legitimately mined disappear, and the new 50,000 BTC generated are owned by one bitcoin address, the attacker's.

This would cause a massive panic and the price of BTC would crash on the exchanges.

They are then pretty much done in my opinion. They can turn off their datacentre and as long as everybody knows that the datacentre is there and can be powered up again at any time, people will not want to use bitcoins or any similar system.

Of course ideally all the miners would rally together and increase the network power, so much so that our attacker is forced to order another batch of GPUs or give up. But that's a little too idealistic for me.
So in this scenario, they will have spent a massive amount of money on computing power.  And it has to be FAR greater than the current combined network (to create fake week-old transactions, and to catch up to present, and then finally to surpass the present).  And then, according to your scenario, they will create their own 50,000 BTC (which, at current market prices is itself worth almost $1M), and then throw away that $1M, by driving the price of BTC to zero.

Who would do this?  A government, I suppose.  But you wouldn't do it to make money!
Pages:
Jump to: