Pages:
Author

Topic: MTGOX hits $570 "A bug in the bitcoin software makes it possible for someone to" (Read 3486 times)

sr. member
Activity: 475
Merit: 255
Any bitcoin-QT since 2012 idiot.

Nope wrong. There are none. If you can find one thats available right now I'll pay you 1BTC. I'm putting my money where my mouth is.

Oficiall bitcoin-QT will correctly identify spent coins even if tx id is modified by third party.
You can download from here: https://bitcoin.org/en/download
You can send 1 BTC to 1ZePhramiDqjYJzqiyUFaY5qhz5k4unRC
 Smiley


LOL! It's vulnerable. I can change the transaction ID in the block still and if you are using the transaction ID to track the payment it'll appear gone to you. Your client will notice the new tx as it gets broadcasted to it but it won't "know" that its actually the other tx.

Of course the client does not "lose" the BTC, no client that I know of does that when the txid is changed in transit.


Why would anyone serious with larger transactions use transaction ID for tracking payments???
Of course Mt.Gox will try to blame the others and mark them as scammers and maybe even hackers.  Wink
legendary
Activity: 1246
Merit: 1010
Obviously this press release begs the question "how many BTC did Gox lose?"  And in my opinion, if Gox was solvent they would have said something reassuring in that regard.

EDIT: LOL, Tzupy and I are feeling the same vibe!
legendary
Activity: 2170
Merit: 1094
IMO MtGox should clarify how many bitcoins were stolen (scammed may be a better word) from them using this vulnerability that they didn't patch against.
They probably still have about a hundred thousands of coins in reserve, so they can cover the theft, but it would be good to know the magnitude of the problem.
newbie
Activity: 42
Merit: 0
Any bitcoin-QT since 2012 idiot.

Nope wrong. There are none. If you can find one thats available right now I'll pay you 1BTC. I'm putting my money where my mouth is.

Oficiall bitcoin-QT will correctly identify spent coins even if tx id is modified by third party.
You can download from here: https://bitcoin.org/en/download
You can send 1 BTC to 1ZePhramiDqjYJzqiyUFaY5qhz5k4unRC
 Smiley


LOL! It's vulnerable. I can change the transaction ID in the block still and if you are using the transaction ID to track the payment it'll appear gone to you. Your client will notice the new tx as it gets broadcasted to it but it won't "know" that its actually the other tx.

Of course the client does not "lose" the BTC, no client that I know of does that when the txid is changed in transit.
sr. member
Activity: 475
Merit: 255
Any bitcoin-QT since 2012 idiot.

Nope wrong. There are none. If you can find one thats available right now I'll pay you 1BTC. I'm putting my money where my mouth is.

Oficiall bitcoin-QT will correctly identify spent coins even if tx id is modified by third party.
You can download from here: https://bitcoin.org/en/download
You can send 1 BTC to 1ZePhramiDqjYJzqiyUFaY5qhz5k4unRC
 Smiley


If you want some background of my claim: http://www.cryptocoinsnews.com/2014/02/10/mt-gox-blames-bitcoin-core-developer-greg-maxwell-responds/

Quote
Not that Bitcoin-QT handles Malleability fantastically – but because it tracks inputs it will still detect the mutant transactions. An interesting point which I haven’t pointed out elsewhere is that for the question of basic funds safety in re-issuing a transaction malleablity is basically irrelevant.
Quote
Say you pay someone and it doesn’t go through (or it does and you don’t see it because its been mutated and your software can’t detect that), and they ask you to reissue…. if you reissue without double-spending any of the original inputs you are at risk of getting robbed. This is true with or without malleability. Without the double-spend of at least one input the original transaction could just go through in addition to your reissue.

Say that you do make sure to double spend at least one input – then the result is funds safe safe, regardless of if a mutation happened.

Say you want to support _canceling_ a payment (send me the goat instead!) rather than reissue you still must double-spend the attempted payment to cancel it, since it still might go through if you don’t. And the double spend works to protect this case regardless of if the transaction was mutated.

For support and accounting purposes you absolutely do need tools to identify mutated transactions, so long as mutation exists… so we ought to provide some better tools there. But I can’t think a case where mutation handling is necessary or sufficient for cancellation security, but – rather – input tracking appears to be both necessary and sufficient in all cancellation cases.

This helps explain why Bitcoin-QT – whose mutation handling kinda stinks – doesn’t ever end up in a really bad situation with mutants: it tracks inputs pretty well.
sr. member
Activity: 475
Merit: 255
Any bitcoin-QT since 2012 idiot.

Nope wrong. There are none. If you can find one thats available right now I'll pay you 1BTC. I'm putting my money where my mouth is.

Oficiall bitcoin-QT will correctly identify spent coins even if tx id is modified by third party.
You can download from here: https://bitcoin.org/en/download
You can send 1 BTC to 1ZePhramiDqjYJzqiyUFaY5qhz5k4unRC
 Smiley
full member
Activity: 159
Merit: 100
no one knows how much was stolen. It's quite difficult to noticed 10BTC missing out of hundreds of thousands. You could easily write that off as a mistake. That could be extra transaction fees that accumulated.

How is that difficult? This can be done automatically on a continuous basis. NO discrepancy should be tolerated. Not a single satoshi. There cannot be any "mistakes" if the code is flawless. Anything different, even 1 satoshi is a huge red flag and reason to persist to work on it until you find and fix the bug before it grows above your head.
hero member
Activity: 518
Merit: 500
They worded this pretty nicely, I must say. Let me bold up the proper translation:

MtGox language: "A bug in the Bitcoin software"

Proper English: "A bug in OUR Bitcoin software."

That is all there is to this. Thanks for panicing on the other exchanges.
hero member
Activity: 728
Merit: 500

...

I then tell MtGox staff that transaction A didn't confirm. They check it and they see transaction A was rejected and will never confirm but what they don't realize is it was just changed to transaction B by me, so they resend the transaction.

Huh

Profit.

Can they not just go back to such conversations with people that claimed this, and then figure out who was scamming them? Is there some sort of plausible deniability here for the scammer in this method that I'm missing, or not?

They should know who got extra coins out, but if they cleared their account there isn't much to do. There is even possibility they didn't provide real ID...
sr. member
Activity: 378
Merit: 250
I would have said that Gox is dead, especially in light of spreading this FUD...  But then again, I'm sure we'll still find morons going back to it and maintaining it...  As there's still morons who went back to 50BTC after doing this same exact sh!t...
legendary
Activity: 1762
Merit: 1011

...

I then tell MtGox staff that transaction A didn't confirm. They check it and they see transaction A was rejected and will never confirm but what they don't realize is it was just changed to transaction B by me, so they resend the transaction.

Huh

Profit.

Can they not just go back to such conversations with people that claimed this, and then figure out who was scamming them? Is there some sort of plausible deniability here for the scammer in this method that I'm missing, or not?
hero member
Activity: 703
Merit: 502
You're technically correct on that point. But it's only one exchange, mtgox, that allowed this limitation to grow unchecked into a major problem, you agree? The problem is removed if only sufficiently* confirmed transactions are accepted. (* I'll admit I don't know how deep into the chain they need to be before the risk is neutralized)

Your misunderstanding here is how it works

I deposit money into gox and withdraw it

mtgox sends it to my address and it get transaction ID A

I mine a block and include the transaction in my block, but as the miner I can CHANGE THE TRANSACTION ID TO B.

I then tell MtGox staff that transaction A didn't confirm. They check it and they see transaction A was rejected and will never confirm but what they don't realize is it was just changed to transaction B by me, so they resend the transaction.

Huh

Profit.


and they don't notice that they have paid another "unauthorised" transaction? Transaction ID B will still show as a payment by them - and they will not know why they made that payment (by unauthorised I mean a transaction without a corresponding withdrawl request on their system). If they are not running a double check on every outgoing transaction to ensure against employees quietly defrauding them if nothing else, then they deserve to fail.
newbie
Activity: 44
Merit: 0
MTgox should be completely ignored...

It's not their fault bitcoin is broke...  Cheesy
But it's their fault they spread FUD about something that's not true. It's not BTC that is the problem, it's Mtgox internal system.
http://www.cryptocoinsnews.com/2014/02/10/mt-gox-blames-bitcoin-core-developer-greg-maxwell-responds/

I trust Maxwell more than I trust Mtgox.
legendary
Activity: 1470
Merit: 1007
You're technically correct on that point. But it's only one exchange, mtgox, that allowed this limitation to grow unchecked into a major problem, you agree? The problem is removed if only sufficiently* confirmed transactions are accepted. (* I'll admit I don't know how deep into the chain they need to be before the risk is neutralized)

Your misunderstanding here is how it works

I deposit money into gox and withdraw it

mtgox sends it to my address and it get transaction ID A

I mine a block and include the transaction in my block, but as the miner I can CHANGE THE TRANSACTION ID TO B.

I then tell MtGox staff that transaction A didn't confirm. They check it and they see transaction A was rejected and will never confirm but what they don't realize is it was just changed to transaction B by me, so they resend the transaction.

Huh

Profit.

I'm not a dev, so I can be corrected on this one, but to my understanding the solution is for mtgox to check their outputs and keep track of them, before deciding to trust the claim and resend the tx.
newbie
Activity: 42
Merit: 0
And no one knows how long it took for them to notice that numbers don't quite line up in their balance sheet...

no one knows how much was stolen. It's quite difficult to noticed 10BTC missing out of hundreds of thousands. You could easily write that off as a mistake. That could be extra transaction fees that accumulated.

But the thing I will say is once this attack was executed it would be very obvious what has happened because when Gox tries to spend the change those transactions won't work etc etc.
hero member
Activity: 728
Merit: 500
You're technically correct on that point. But it's only one exchange, mtgox, that allowed this limitation to grow unchecked into a major problem, you agree? The problem is removed if only sufficiently* confirmed transactions are accepted. (* I'll admit I don't know how deep into the chain they need to be before the risk is neutralized)

Your misunderstanding here is how it works

I deposit money into gox and withdraw it

mtgox sends it to my address and it get transaction ID A

I mine a block and include the transaction in my block, but as the miner I can CHANGE THE TRANSACTION ID TO B.

I then tell MtGox staff that transaction A didn't confirm. They check it and they see transaction A was rejected on the blockchain but what they don't realize is it was just changed to transaction B by me, so they resend the transaction.

Huh

Profit.

And no one knows how long it took for them to notice that numbers don't quite line up in their balance sheet...
newbie
Activity: 42
Merit: 0
You're technically correct on that point. But it's only one exchange, mtgox, that allowed this limitation to grow unchecked into a major problem, you agree? The problem is removed if only sufficiently* confirmed transactions are accepted. (* I'll admit I don't know how deep into the chain they need to be before the risk is neutralized)

Your misunderstanding here is how it works

I deposit money into gox and withdraw it

mtgox sends it to my address and it get transaction ID A

I mine a block and include the transaction in my block, but as the miner I can CHANGE THE TRANSACTION ID TO B.

I then tell MtGox staff that transaction A didn't confirm. They check it and they see transaction A was rejected and will never confirm but what they don't realize is it was just changed to transaction B by me, so they resend the transaction.

Huh

Profit.
legendary
Activity: 1470
Merit: 1007
Reading comprehension isn't your strong side, huh?

Please find me a wallet that prevents the transaction ID from being modified in-transit. Thats all I said. There are none so if your tracking payment by transaction ID's which is something almost everyone does then your vulnerable.

You're technically correct on that point. But it's only one exchange, mtgox, that allowed this limitation to grow unchecked into a major problem, you agree? The problem is removed if only sufficiently* confirmed transactions are accepted. (* I'll admit I don't know how deep into the chain they need to be before the risk is neutralized)


EDIT: I'll admit, I reacted unfairly to your first post on this. You did, in fact, only point out it a real flaw. But maybe you can see that this thread is about discussing mtgox' responsibilities. And they *are* fully responsible for not locally adressing and containing a know flaw. That's the basic point I would make here.
newbie
Activity: 42
Merit: 0
Who wants to keep their wealth on service that doesn't exactly track their funds or audit them regularly?

The whole point of Bitcoin is so you can take control of your own money and can transact without having to trust third parties.

Why did you give your money to to Gox? should have kept it in your wallet Tongue
newbie
Activity: 42
Merit: 0
Any bitcoin-QT since 2012 idiot.

Nope wrong. There are none. If you can find one thats available right now I'll pay you 1BTC. I'm putting my money where my mouth is.
Pages:
Jump to: