Pages:
Author

Topic: The TRUTH about Darkcoin: ZERO Anonymity, EASY DOS attacks, & Amateur code base! - page 3. (Read 9018 times)

legendary
Activity: 1722
Merit: 1217
Quote
Darkcoin is prone to several cost-less DOS attacks that can destroy the whole network.

If its true do it and I'll pay you. I hold a certain interest in dark coin competition. Also it would be better for everyone involved if this monster was killed before it becomes any bigger and hurts even more people. But lets just say ill believe its THIS easy when i see it myself.
newbie
Activity: 28
Merit: 0
I normally stay well clear of these debates, for obvious reasons, but I do get frustrated when I see well-articulated responses from people who are clearly intelligent advocating this obviously broken architecture, mostly through much hand-waving and placating each other.

Masternodes have to be available and connected to in real time in order to be used. Mixing is based entirely on their availability. Thus, in order to control a substantial number of masternodes one merely has to own a handful, and make the rest of the masternode network unreachable.

For even a script-kiddie-level attacker these techniques and funds are easily found.

Need to render 1100 masternodes unreachable? No problem - SNMP amplification attacks will let you use a handful of boxes to amplify the bandwidth under your control. When a datacenter sees a clear flood of traffic for a particular IP address at the datacenter their response is always automatic and the same - their upstream data provider blackholes that IP address at the upstream bordergate. This means that you can use SNMP or DNS amplification attacks to render a dedicated machine (never mind a VPS) inoperable and unreachable to the outside world.

The most critical take away for you today is that this problem is unsolvable at the userland level. In other words, no matter how much dev worship there is there isn't a magical line of code that can be written that can prevent amplification attacks from devices and servers that are unrelated to and unconnected to the Darkcoin network. It is something that cannot be controlled or influenced.

The solution would literally be for Darkcoin to scrap masternodes and go back to the proverbial drawing board to find an architecture that uses passive blockchain mixing or similar, but I suspect it is too late and there are too many stubborn heads for that.

The problem I see with this is.

Say there are 1,240 master nodes on the network. Lets say they are each feeding off a 1Gb pipe

In order to take out 1,240 masternodes you would need at least 1,240Gbps sustained ddos attack. Pretty hard to pull off

You would also have to own a few masternodes to pull off the attack. Therefore making an sizeable investment. And then attempting to destory the value of that investment

Your essentially saying the bitcoin network is just as vulnerable. If thats the case you could ddos 1,240 pools and gain 51% hashing power. Its just not as easy as your making it seem I dont think

do you really think so? If someone wanted to destroy darkcoin's anonymity to say, catch someone whos engaging in illegal activity, then they(law enforcement) would probably have no issue ddosing all the masternodes, and what makes it even easier is that all the masternode's ip's are in the open.
legendary
Activity: 882
Merit: 1000
Quite simply, unless the BTC price falls to 0.0001 and the cost of spinning up enough fire power to destroy the network becomes negligible, this simply wont happen.

The cost currently and probably alway will outweigh the benefits. If you wish to argue anonymity and some of the bad decisions , then yeah maybe you could prove something. The rest is just nonsense. 
legendary
Activity: 1064
Merit: 1002
I normally stay well clear of these debates, for obvious reasons, but I do get frustrated when I see well-articulated responses from people who are clearly intelligent advocating this obviously broken architecture, mostly through much hand-waving and placating each other.

Masternodes have to be available and connected to in real time in order to be used. Mixing is based entirely on their availability. Thus, in order to control a substantial number of masternodes one merely has to own a handful, and make the rest of the masternode network unreachable.

For even a script-kiddie-level attacker these techniques and funds are easily found.

Need to render 1100 masternodes unreachable? No problem - SNMP amplification attacks will let you use a handful of boxes to amplify the bandwidth under your control. When a datacenter sees a clear flood of traffic for a particular IP address at the datacenter their response is always automatic and the same - their upstream data provider blackholes that IP address at the upstream bordergate. This means that you can use SNMP or DNS amplification attacks to render a dedicated machine (never mind a VPS) inoperable and unreachable to the outside world.

The most critical take away for you today is that this problem is unsolvable at the userland level. In other words, no matter how much dev worship there is there isn't a magical line of code that can be written that can prevent amplification attacks from devices and servers that are unrelated to and unconnected to the Darkcoin network. It is something that cannot be controlled or influenced.

The solution would literally be for Darkcoin to scrap masternodes and go back to the proverbial drawing board to find an architecture that uses passive blockchain mixing or similar, but I suspect it is too late and there are too many stubborn heads for that.

The problem I see with this is.

Say there are 1,240 master nodes on the network. Lets say they are each feeding off a 1Gb pipe

In order to take out 1,240 masternodes you would need at least 1,240Gbps sustained ddos attack. Pretty hard to pull off

You would also have to own a few masternodes to pull off the attack. Therefore making an sizeable investment. And then attempting to destory the value of that investment

Your essentially saying the bitcoin network is just as vulnerable. If thats the case you could ddos 1,240 pools and gain 51% hashing power. Its just not as easy as your making it seem I dont think
legendary
Activity: 1246
Merit: 1000
And so begins the promised barrage of FUD about Darkcoin that has been seen being planned in various IRC channels for the past few weeks.  Question is, why did ***** ***** choose 25th Feb for it to start?  And if you coin is better than Darkcoin then why not just win out by, er, being the better coin?



If the best software won in life Windows wouldn't exist today unfortunately.
legendary
Activity: 1722
Merit: 1002
Decentralize Everything
And so begins the promised barrage of FUD about Darkcoin that has been seen being planned in various IRC channels for the past few weeks.  Question is, why did ***** ***** choose 25th Feb for it to start?  And if you coin is better than Darkcoin then why not just win out by, er, being the better coin?

legendary
Activity: 938
Merit: 1000
anon coins.. uhm no.

unless its so good you don't even know if you have your own coins lol....

check this video out for an idea how easy it can be with the right analysis to see right through mixing and obfuscation.

A Quantitative Analysis of Altcoins — Princeton Bitcoin seminar final project http://youtu.be/x23C1sQg6wQ
hero member
Activity: 526
Merit: 500
i agree that darkcoin can be easily crashed
someone can destroy it if he got a lot of mining power, and it won't cost a lot of money to do so
sr. member
Activity: 294
Merit: 250
wow.....Really Really interesting read. Darkcoin is even scammier than i thought, and thats why I support it 100%!!

Nice trust btw, I especially liked this one: "Blatant scammer"

Darkcoin is my favorite coin. Have a lot in common
legendary
Activity: 2296
Merit: 1031
'shocking'... NOT.  No one should ever expect to be completely hidden.  Only way to stop from being caught electronically is to stay completely off the grid... and even then I'm not so sure you couldn't be hunted down if someone wants you bad enough.
hero member
Activity: 966
Merit: 1003
wow.....

Nice trust btw, I especially liked this one: "Blatant scammer"
sr. member
Activity: 294
Merit: 250
wow.....Really Really interesting read. Darkcoin is even scammier than i thought, and thats why I support it 100%!!
newbie
Activity: 42
Merit: 0
If all this is true, then why would someone hiding behind a new account? After all, it is clear that someone wants to knock down the price to buy cheaper ..
legendary
Activity: 1442
Merit: 1018
Anonymity through obscurity. Unless you can actually prove without a reasonable doubt that Address A paid Address Z with a factor of 3^8 pathways, by all means, knock yourself out. The masternodes used per round are random and only know their inputs and outputs. You would need control over all the masternodes in the chain used (however many rounds the user specifies) to be able to knowingly link A to Z.

At this point it doesnt matter that Anonymity in Darkcoin works or not because its over a clay base of masternodes.

Right, the most logical of counter-arguments. That "clay base" you speak of has substantial capital behind it. I'd take this "clay base" over a straw house any day of the week.

sorry then, very expensive and useless clay base.

lol, if you insist... How's Monero and the inflation working out for you? As your investment dwindles away into nothingness from the nonstop dumps.

And I should clarify, I have no issues with CN or the Monero dev team. Each coin does privacy in its own way. I do have a problem with bullshit being thrown by both sides (and yes, you kazuki, are part of the problem).
member
Activity: 81
Merit: 1002
It was only the wind.
Anonymity through obscurity. Unless you can actually prove without a reasonable doubt that Address A paid Address Z with a factor of 3^8 pathways, by all means, knock yourself out. The masternodes used per round are random and only know their inputs and outputs. You would need control over all the masternodes in the chain used (however many rounds the user specifies) to be able to knowingly link A to Z.

At this point it doesnt matter that Anonymity in Darkcoin works or not because its over a clay base of masternodes.

Right, the most logical of counter-arguments. That "clay base" you speak of has substantial capital behind it. I'd take this "clay base" over a straw house any day of the week.

Call it decentralized if you want, because technically, yes, it is. However, in practice, most of these MNs are hosted in the US, or with a company that is headquartered in the US. If DRK becomes a problem, the US Government won't force these providers to ban it, they will serve the providers with a national security letter, complete with gag order, and compromise the system that way. It matters little how decentralized your system is when the enemy has root on most of the nodes.

Therefore, control over all the masternodes is not only feasible for such an entity, it is downright likely.
donator
Activity: 1274
Merit: 1060
GetMonero.org / MyMonero.com
This is actually a far better problem for an anonymity coin to have than a protocol weakness.

A fundamental architectural failure betrays critically flawed thinking on the part of its creators. In fact, such open exposure to Sybil attacks indicates a lack of understanding of the fundamentals of network security - these attacks are so well known that it is as fundamental to the architecture of distributed systems as salted passwords are to the architecture of authentication systems. At this stage arguing that it doesn't have a protocol weakness is nonsensical - it merely doesn't have a protocol weakness that you know of.

The other blatant flaw in the "it's vulnerable to DOS attacks" critiscism is that it assumes a static network. The masternode network is not static, it's constantly moving. A masternode can be setup and hosted in minutes and then moved in minutes if need be. It's a moving target "cloud" that is not stuck behind a fixed DOS'able firewall in the way fluffypony alludes to.

A DDoS attack can be rerouted in seconds. Since every node knows every masternode this becomes a non-trivial problem to solve.

Furthermore, masternodes can and will be malicious against other masternodes when the time is right. This is already happening with mining pools in Bitcoin, what makes everyone think masternode operators will be any less aggressive?
donator
Activity: 1274
Merit: 1060
GetMonero.org / MyMonero.com
Especially if coming from somebody promoting or owning the website mymonero.com.
Why don't you just blow it off the table, if its so easy?
Or ask BCX to do it, he seems to be open for good and easy fun.

I have no desire to do that, but that does not mean I won't engage in debate.
donator
Activity: 1274
Merit: 1060
GetMonero.org / MyMonero.com
When a datacenter sees a clear flood of traffic for a particular IP address at the datacenter their response is always automatic and the same - their upstream data provider blackholes that IP address at the upstream bordergate. This means that you can use SNMP or DNS amplification attacks to render a dedicated machine (never mind a VPS) inoperable and unreachable to the outside world.

That's true.


Not quite, it only applies if the machine runs a DNS server.
Do Masternodes run BIND or something?

No it isn't - AT ALL - it would be a good idea to read up on terms you are unfamiliar with. An amplification attack uses other devices on the Internet with open SNMP or DNS servers to amplify the attack and flood the target machine with packets so that the data centre is forced to null-route the traffic. It has nothing to do with the target machine - in fact, even if the machine has no services running you can still run this attack, as the routers in the data centre will still route traffic to it.
legendary
Activity: 2548
Merit: 1245
to OP

- pls stop hiding behind fake accounts like Iranianfromhell666 on reddit and now this account on BTC, its just getting a bit sad really.
- thanks for giving Darkcoin some well-deserved attention, 1473 views for a post on BCT is impressive .. since most people in this Altcoin
Discussion Forum are used to trolls creating new accounts and attacking coins i trust most of these readers to prick right through this
post and form their own opinion about Darkcoin and maybe even get a bit more intrigued by it.

Maybe those people will start asking themself questions like : what is Darkcoin about? what does Darksend mean and what does it do exactly ?
what are Masternodes ? how many Masternodes are there and why do they keep growing so fast ? why is Darkcoin getting in the news more and more
lately ? why is it being attacked so much by trolls lately ? What is that Darkcoin InstantX i keep hearing about ?

Find answers to those questions and you my dear readers may have found more wisdom. To help you get started i will provide you with a link to the developer
of Darkcoin explaining some of those questions himself : https://www.youtube.com/watch?v=l1J5iYBpwNY

qwizzie



        
legendary
Activity: 3066
Merit: 1188
Need to render 1100 masternodes unreachable? No problem - SNMP amplification attacks will let you use a handful of boxes to amplify the bandwidth under your control. When a datacenter sees a clear flood of traffic for a particular IP address at the datacenter their response is always automatic and the same - their upstream data provider blackholes that IP address at the upstream bordergate.

This is actually a far better problem for an anonymity coin to have than a protocol weakness.

The criticism above is fair enough as far as network serviceability goes, but if it doesn't have any impact on the anonymity of historical transactions in the blockchain and they remain safe, then the job is more or less done.

All networks are subject to DOS attacks, whatever their nature. It's not a significant criticism of an anon-coin to say that it may be exposed to DOS attacks - who cares as long as the blockchain's safe ? Websites get DOS'd, eMail gets DOS'd, everything gets DOS'd. You just mitigate it, setup nodes elsewhere and carry on. The technology and the whole approach evolve to become progressively more optimal and resistant to serviceability attacks.

On the other hand, networks that rely on purely protocol based anonymisation are a ticking time bomb because if a crack emerges then you've got a potential can opener for the whole blockchain's worth of historical data.

That's why I think Darkcoin's got the right approach. If I want to make an anonymous transaction today, I don't give a sh*t about whether it can be DOS attacked tomorrow. But I DO care about my historical transaction staying anonymous.

The other blatant flaw in the "it's vulnerable to DOS attacks" critiscism is that it assumes a static network. The masternode network is not static, it's constantly moving. A masternode can be setup and hosted in minutes and then moved in minutes if need be. It's a moving target "cloud" that is not stuck behind a fixed DOS'able firewall in the way fluffypony alludes to.

So all in all, I think this post, far from exposing any weaknesses, only goes to demonstrate its fundemantal strength of approach in offering massive redundancy and pre-emptive anonymisation using the 2-tier system.

Pages:
Jump to: