Topic: Stuxnet and bitcoin... - page 2. (Read 2831 times)

you can not shuntdown a P2P network.



"they" try since 15 years, now ... 

Have you ever programmed in ladder logic..?

I would LOVE to see you "detect a virus" in ladder logic, love to.

Having seen the kinds of software protections my friends have removed, I very much doubt that... In one case they even removed a hardware, dongle-based protection, where the protected program downloaded part of the decryption code from the dongle - and they cracked it without even having the dongle! Unless the protected program needs to be constantly on-line and receive information from the producer's server... And even then it's doubtful.

Of course, it depends what you mean by "re-write". In one case the protection was very complex. The protected program was encrypted and the decryption code was some kind of finite state automaton, basically consisting of instruction/jump-to-another-instruction pairs and practically impossible to debug and understand. The image on the disk was "position-protected", meaning that the installer recorded on which sectors the program was installed and it wouldn't run if copied elsewhere (or if the disk was defragmented, but this wasn't widely used way back then). So, my friend let the program decrypt itself and run in memory and then dumped the whole memory image. Then reduced the available memory and repeated the procedure, so he had two memory dumps of the same program loaded at two different addresses. From the differences of the two images he re-constructed the (equivalent) EXE header and ended up with the original program minus the protection. I guess you could call that "re-writing" it.

You can make parts of the program inaccessible until some condition is met (e.g., you can, cryptographically, hide the payload of a virus until the virus has found what it is looking for), but once the condition is met, it's game over, you know what the program does and how to counter it.

I could write a lock that would be impossible to remove.....  You'd have to re-write.

No, it was only the first case of state-sponsored cyber warfare that gained media exposure.


In other words, Stuxnet has nothing to do with it. You are basically asking what if somebody released a virus targeting the full Bitcoin nodes. Clearly, it has to spread much more successfully than Stuxnet (i.e., not via USB sticks - maybe be a network worm using some zero-day exploit) and have a payload completely different from that of Stuxnet.

A much more profitable attack would be a virus that has a keylogger to steal the password to the user's wallet and then use the stolen password to steal the contents of that wallet. There are many such viruses, BTW, none of them very successful. Believe it or not, Bitcoing isn't that widespread to make such an attack wildly profitable. A much more efficient investment for the attacker's time is to create some malware (virus or some non-replicating malware) that steals banking credentials for on-line banking sites. And, indeed, that are many more such malicious programs and they bring much more profit to their creators.


And I know people who find and remove such locks for fun. But that's again irrelevant to the issue at hand.

More cyber war, Stuxnet was really just the first major example of cyber warfare.

Write it to take down any comp running a bitcoin node.   PLC's it was messing with, which is pretty crazy because no one ever thought people would write viruses for PLC's..  These control the back-up power to everything..  Done a bunch of back up systems with PLC's, due to the air-gap no virus protection is really thought of.

Although to get this on to all of the nodes would not be an easy task.. if even possible. 

I know of people writing "locks" for the code if the customer is known to not pay..  Well hey what do you know after 3 months it won't work and you haven't paid.. shame.  That is some shady stuff though.

I would fear the people would do the same to us...  Well not you or I we are no one but the gifted speakers and thinkers of our community.  Probably hide it as several "unfortunate accidents".. :S.

What does Stuxnet have to do with this?! It was a worm spreading via USB sticks (if autorun/autoplay was not disabled on the victim's machine) and had a payload interfering with SCADA systems (industrial controllers).

If bitcoin goes where we all think it's going, there will be no holds barred in the battle.
Bitcoin devs will be 'jumping' from windows if they can't be coerced.
Car bombs might come later in desperation I guess...

That would be pretty extreme. Don't forget that the people behind Stuxnet did not just stop after creating the worm. They also went ahead and assassinated a bunch of Iranian nuclear scientists. If Bitcoin devs started getting blown up with car bombs then this would be mean war.

No, I don't think so. It is possible to affect all the nodes at the same time. Until now, Bitcoin network has still been the most secure network provided by the miners all around the world. Even it is possible, due to the nodes located in the different parts of the world, once it comes out , it will be reported and some solutions will come out to fix it immediately.

Yes.
And no. As long as the network remains distributed.

Would the best attack against us be creating a mimic of stuxnet and taking out all the nodes at exactly the same time.....

Is this a legit concern for us?