Topic: Milestone crossing for the official bitcoin client - page 3. (Read 6187 times)

Well then.  That settles that.  Bitcoin is dooomed!  Because mcorlett said so.  And when pressed, endeavored to prooove (^^) it.

It's been a lot of fun and I'll miss you guys, but now there's no way that anybody will ever again bother to download such a massive blockchain.

Over 2 GIGAbytes?  How could that much data possibly be moved?  Maybe by sneakernet (forklift) on tape drives?  Lord knows our 2400 baud modems won't do it.

Not to mention that no operating system can handle such large files, what with them being limited to a 16-bit address space.

And don't forget, this is ALL the fault of SatoshiDice.  Bad, bad, terrible, evil, wicked SatoshiDice.  Why, oh why, did they have to go and ruin Bitcoin?

/so much FUD so little time

This is not a security vulnerability. Please don't discuss it as if it were.

I would think it would be quite important to draw the distinction between complaining and being genuinely worried. SatoshiDice has directly lengthened the download speed when there were less resource-intensive options available.

SatoshiDice spams blockchain -> blockchain grows unnecessarily -> users complain -> users leave -> death of Bitcoin(?)

Wrong! There are attempts clearly visible in the blockchain, both on prodnet, as well as testnet. You may also take a look at the Litecoin alternative chain for some serious spamming.

Since you're so bothered with accurate sources, please list the countermeasures implemented directly because of SatoshiDice, sans "ignoring 1dice addresses" (which in itself is a flawed way to describe it).

Clogging up confirmations?! Such a claim would require extraordinary evidence.  Not mere supposition and propagation of hearsay. Please detail how exactly you go about doing such a thing in a manner more destructive than that of SatoshiDice.

I don't think I have to address this...

Thanks for the on-point response mcorlett!

First, decreasing time available to deliver solutions is a good thing because that means there's also less time available for an adversary to use the vulnerability.

Second, the plural of anecdote is not data.  Some reddheads complaining about their lack of instant gratification does not indicate SatoshiDice has in any way retarded Bitcoin node growth.

That's why (third) you (and nobody else) know or have any way to give real numbers.  Extraordinary claims such as 'ZOMG SpamToshidie -> death of Bitcoin' require extraordinary evidence.  Not mere supposition and propagation of hearsay.

Fourth, while the 'transaction spam attack' and corresponding blockchain bloat are not 0-day in the narrow sense, they were in the broad sense that before SatoshiDice the network response to them was untested and no countermeasures had ever been put into place.

Fifth, pool ops are doing more than ignoring 1dice addresses.  I'm surprised that's the only response you're aware of.

No matter, the other countermeasures have already provided a number of ways to respond to intentionally malicious transaction spam.

Thus, we are in fact less prone to say, the ButtCoin clowns deciding to pay lots of transaction fees solely for the purpose of clogging up confirmations and blockchain downloads, than before SatoshiDice forced the issue.

Sixth, we are once again digressing into a generic white vs black hat debate.  Sure, I was mildly annoyed at having to change my linkedin password, but OTOH anyone registered at Gawker deserved to be doxed into a puddle of blubbering goo.  So you may scold and wag your finger at the black hats all you like, while I stand firm and enjoy epic lulz with Wikileaks and Anonymous.

This is it : blk0002.dat is here.

That's right! It's also decreasing the time available for them to deliver said solutions.

These are just a few I found searching for keywords such as "slow" or "blockchain download":
https://bitcointalksearch.org/topic/how-to-make-blockchain-download-faster-56423
https://bitcointalksearch.org/topic/bitcoin-slow-to-download-the-block-chain-88311
http://www.reddit.com/r/Bitcoin/comments/o08f0/bitcoin_block_chain_server/
http://www.reddit.com/r/Bitcoin/comments/l636n/blocks_not_downloading_cant_get_my_coins_what/
http://www.reddit.com/r/Bitcoin/comments/jadmu/is_there_any_way_to_speed_up_the_initial/
http://www.reddit.com/r/Bitcoin/comments/qe90z/is_there_a_copy_of_the_bitcoin_transaction/
http://www.reddit.com/r/Bitcoin/comments/s60sj/why_is_block_downloading_so_slow/
http://www.reddit.com/r/Bitcoin/comments/vtoqg/my_bitcoin_blockchain_is_taking_days_to_download/

I don't know. It's very hard to give any real numbers. They don't have to completely quit and uninstall their client for their experience to be considered failed in my book. If the blockchain is taking a long time to download (sometimes days), they can't receive and spend bitcoins.

What?! This is not a zero-day.

The pools are only deprioritizing transations to and from the many 1dice... addresses, so this changes nothing in terms of other attackers. We would be no less or more prone to this if SatoshiDice were not around.

Same thing with the people who hacked Last.fm and LinkedIn before leaking millions of username and password combinations, right? Let's not blame the messenger, but the companies.

That's another great point!

We want people to use Bitcoin, we *need* people to use Bitcoin.

SatoshiDice is helping popularize the use of Bitcoin for transactions. 

Blockchain growth and payment of miners' fees are direct measurements of its (and Bitcoin itself's) success. 

We're trying to present Bitcoin as ready for prime time and real world usage.  It doesn't help anybody to coddle and protect it like a delicate testnet.

This debate is simply an instance of the eternal white vs black hat approach to compsec.  It won't be resolved, but the discussion can enlighten and entertain both participants and spectators.

Does SatoshiDice have an API?  I'd like to see SatoshiDice become a back end gambling service layer for inclusion in all sorts of online/mobile gaming.  Let's accelerate Android generation penetration!

By penalizing the success of SatoshiDice we subsidize failure, and should only expect to get more of it.

More transactions please!  Grow the blockchain faster!  Peace through strength!  Onward cryptoanarchists!

/manifesto

Not to mention SatoshiDice has paid more miners' fees than all other bitcoin transactions combined in history.

That's right, Satoshi did mention the issue(s) in his white paper.  And yes, SatoshiDice (but no, not *me* personally as I've yet to roll them) is increasing pressure on developers to deliver solutions.

Can you cite any evidence for your claim that it's "turning more people off because of the increased size and lengthened download time of the blockchain?"  Can you quantify such evidence if it exists?

Exactly (or about) how many nodes have been abandoned because their operators ragequit due to an (arguably prematurely) increased blockchain footprint?  How would you even begin an estimate?

SatoshiDice is subsidizing further progress by incentivizing (I hate that word) actual usage of a known exploit. 

While theoretical solutions may be developed based on the white paper, nothing can sufficiently approximate actual exploitation in the wild.  That's why testnets exist.

Thank you SatoshiDice, for giving us early warning of and opportunity to proactively respond to the inevitable blockchain growth problem, before any malicious adversary used the exploit to cause the type of critical, and potentially irrecoverable, damage often resulting from zero-day attacks!

Measures currently being deployed against (i.e. because of) SatoshiDice by pool operators have already hardened the network to some extent against this vector.  That's a Good Thing!

We must not blame the messenger and should instead be grateful for the valuable feedback SatoshiDice has provided, especially if blockchain bloat is as humungous an issue as many here believe.

Satoshi even mentioned the issue in the original paper, so SatoshiDice most definitely wasn't first to identify this problem. You're only giving the developers less time to come up with well-written lite clients and transaction pruning, while turning more people off because of the increased size and lengthened download time of the blockchain. Nice job!

Thank you for saying that. 

SatoshiDice has done us a favor by identifying and demonstrating weaknesses in the algorithm that are ripe for improvement.

It's better to discover and fix vulnerabilities now, rather than have adversaries exploit them for attacks later.

/semi-threadjack

To draw an analogy in real life: not everything that is legal to do, is considered well-mannered.

If they are valid transactions then its not pollution its a problem with bitcoin itself that needs to be fixed.

There are ways of doing what you do without polluting the blockchain, you know.

blk0001.dat will be at most 2130706432 bytes, or 2080768 KiB, or 2032 MiB.

Actually maybe Bitcoin was their project!! Get hundreds of thousands of nerds to store several gigabytes of fake money on their hard drives... so stupid it might actually work

I don't want to highjack my own thread but there is a rumor that satoshidice was developed by a joint venture composed of Toshiba, Western digital and Seagate. 

Yes, if only people would stop using Bitcoin, THEN Bitcoin would thrive!

Thanks, SpamtoshiDice!

Yes no file will be larger than 2Gb.

If it gets bigger than 4gb will windows xp support it ?