Pages:
Author

Topic: Wonder who this solominer is? 88.6.216.9 - page 7. (Read 60498 times)

donator
Activity: 2772
Merit: 1019
I agree that it's a longshot for the ISP to pass a message to their customer, but if Mystery keeps using new relays we may eventually get one that will work with us.

Do you think the botnet operator will be sending the blocks from his home connection or some valuable C&C server he has? I'm not so sure about that. He's probably realying them through one of the bots he controls. Isn't it even possible the bots inject the blocks themselves?
hero member
Activity: 728
Merit: 500
165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
Say the ISP does take the node offline ... When the botnet loses its gateway ...


Read more carefully:


... and be clear that this particular person isn't the network C&C, please don't take them offline.  ...


I agree that it's a longshot for the ISP to pass a message to their customer, but if Mystery keeps using new relays we may eventually get one that will work with us.

Of course, the end result is we just get a long list of IPs.  Tracking those down and notifying them is an uphill battle, and not worth my time, but if other people are up to it I'm happy to help get them a hit list.
legendary
Activity: 1050
Merit: 1003
I think the true solution is:

RALLY THE PRICE UP,
BRINGING IN MORE MINERS,
OR WE ARE DEAD.






The corollary here is that if the price drops substantially then the system is likely to be fucked. Or alternatively, just halve the block reward a couple times. That will do the trick too. Or any combination of these two. Will be interesting to see what the new year brings us!
hero member
Activity: 1138
Merit: 523
Quote
This has been discussed ad nausaeum prior in this thread. The short answer is, if we require more than 1 tx, what is to stop the miner from sending coins to himself, which creates enough tx to make the block valid? The answer is nothing will stop such blocks. Read a few earlier posts for detailed discussion of your exact proposal.

Quote
Simply requiring 2+ tx per block is beyond useless.  Mystery could circumvent that in a day or less (or at least I could).

Absolutely right, I had Homer Simpson moment while writing that  Embarrassed
donator
Activity: 1218
Merit: 1079
Gerald Davis
I'd say the best way to go about it is get in contact with the relay node's ISP and inform them of the situation - and be clear that this particular person isn't the network C&C, please don't take them offline.  Just have them give the owner of that machine a call and ask them to join this thread.

Botnets are designed to be self healing. Say the ISP does take the node offline or even less likely decided to call the owner and ask them to look at an anonymous forum.  Say that node is patched airtight.

When the botnet loses its gateway it simply elvates another node of (as some have estimated 1.8 mlllion) its nodes.  If that one goes down it elevates another one.  If Botnets were easy to defeat they wouldn't exist.  People talk about the cost this botnet is causing (<$1M in miner revenue and slightly longer tx times).... that is nothing.

Botnets cause BILLIONS of dollars a year in lost productivity.  Billions as in >1000x any potential damage being caused to Bitcoin.  It is in the entire global community interest to eradicate them yet they still exist.
donator
Activity: 1218
Merit: 1079
Gerald Davis
True, my memory isn't the best at times. It should however be possible to require that all blocks include more than one transaction as per one of the BIP proposals

Simply requiring 2+ tx per block is beyond useless.  Mystery could circumvent that in a day or less (or at least I could).
hero member
Activity: 728
Merit: 500
165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
Agreed on all points.

Logging IPs may not help (they may be on TOR, or communicating through their C&C network to only submit hashes from a few IPs), but if we want to try I don't think Luke's patch is the way to go.  We don't need the whole network logging everything.  We just need to get that one node to log, and there's no need to turn on global logging to accomplish this.  Coercing him by deploying a patch and hoping he applies it is a precedent that I don't think should be set in this case.

I'd say the best way to go about it is get in contact with the relay node's ISP and inform them of the situation - and be clear that this particular person isn't the network C&C, please don't take them offline.  Just have them give the owner of that machine a call and ask them to join this thread.
hero member
Activity: 518
Merit: 500
Preventing miners from using unethically-sourced compute power is a different problem.  I'm sure plenty of people will have a problem with it, but I don't see any way to solve it.  If you know a way to distinguish botnets (once they are properly supporting the blockchain) from ethical miners, let us know.

Preventing is undoable and probably not even desirable. unethically-sourced is pretty vague, and its a thin line between a bot net, a borrowed, or rented PC.

However I wonder if there is a way we could help identify the victims of a bitcoin botnet somehow.  It may not be "bitcoin's job", but I also see no reason why we would not want to help law enforcement and AV companies to identify and take down these botnets. It would be good for bitcoin, and for the victims of these botnets.

I know luke published a patch that logs the IP of the relaying node, so that could be used to home in on the proxy being used to relay these blocks. Thats not a bad idea, but will probably not do a whole lot, as he switches proxies every few weeks. And its just a relaying proxy anyway, and most likely not the C&C node. Perhaps someone can think of a way to take it a step further to positively identify the IP of the machine that actually mined the bloc by somehow including it in the blockchain? Or of the machine that created the getworks ?

Just thinking out loud here.
rjk
sr. member
Activity: 448
Merit: 250
1ngldh
True, my memory isn't the best at times. It should however be possible to require that all blocks include more than one transaction as per one of the BIP proposals however then we are starting to move into the kind of regulation territory that I believe could quickly become detrimental to the project as a whole (and if this isn't workable with the current code feel free to spank me, I might even enjoy it  Kiss), so this needs handling with extreme care.
This has been discussed ad nausaeum prior in this thread. The short answer is, if we require more than 1 tx, what is to stop the miner from sending coins to himself, which creates enough tx to make the block valid? The answer is nothing will stop such blocks. Read a few earlier posts for detailed discussion of your exact proposal.
donator
Activity: 2772
Merit: 1019
I think the true solution is:

RALLY THE PRICE UP,
BRINGING IN MORE MINERS,
OR WE ARE DEAD.



put your money where your mouth is, man Wink
hero member
Activity: 728
Merit: 500
165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
what about ddosing (unknown) IPs outputting 1TX blocks? I realize the IP changed before.

Aside from the ethical problems with attacking someone who is probably not working for Mystery and is just a properly-operating relay node, it's not helpful in the long run.  Mystery can just start sending blocks through multiple relays.
hero member
Activity: 728
Merit: 500
165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
So, you are saying that if participating botnets modify their operation to never present a threat, but only to leech a significant amount of bitcoin for almost no expense, that developers will never consider this a problem?

I'm trying to ensure that miners have to actually perform the work they are paid to do - verify transactions, rather than slow down the whole network as Mystery is doing.  It's a solvable problem.

Preventing miners from using unethically-sourced compute power is a different problem.  I'm sure plenty of people will have a problem with it, but I don't see any way to solve it.  If you know a way to distinguish botnets (once they are properly supporting the blockchain) from ethical miners, let us know.
hero member
Activity: 518
Merit: 500
I say there is nothing wrong with this guy.

Nothing wrong with the code, nothing wrong with the protocol, nothing wrong with anything.

Move on folks, the system is perfect ...

You know how they say, if it ain't broke then don't fix it !

Smiley

hero member
Activity: 714
Merit: 500
I think the true solution is:

RALLY THE PRICE UP,
BRINGING IN MORE MINERS,
OR WE ARE DEAD.




donator
Activity: 2772
Merit: 1019
thanks for this fud stopper

your welcome

what about ddosing (unknown) IPs outputting 1TX blocks? I realize the IP changed before.

sounds like ostracism or vigilantism to me.

that would force people to register their ip with some central authority.

not a good idea.
hero member
Activity: 1138
Merit: 523
Quote
This has been discussed: It can not be done in a safe way, afaik. The problem is identifying such "illegitimate" blocks. There are legitimate 1-tx-blocks (eligius is mining them every day, as luke says). The grey data-series in my chart above reflects possibly legitimate 1-tx-blocks.

True, my memory isn't the best at times. It should however be possible to require that all blocks include more than one transaction as per one of the BIP proposals however then we are starting to move into the kind of regulation territory that I believe could quickly become detrimental to the project as a whole (and if this isn't workable with the current code feel free to spank me, I might even enjoy it  Kiss), so this needs handling with extreme care.

However I think that most peeps involved in this project as either miners, traders, users or whatever can more or less agree that the playing field has to be level for everyone and that sudden gaps in network service caused by incidents similar to what Eleuthria outlined a few posts back aren't acceptable unless they are caused by network luck, which this one clearly wasn't.

Stuff like this is also one of the huge barriers barring bitcoins wider adoption as people should be able to have fairly accurate ideas on when their BTC are where they're supposed to be. Atm I believe that the rule of thumb for transactions reaching 6 confirmations is 45-90min with rare spikes of up to about two hours, clearly that wouldn't have been the case last night which is imo fairly massive theoretical failcake for the project.

One of the corner stones in this whole project is it not relying on any kind of central authority apart from "the code". However in order for people to take this as a serious alternative to bank/payment-processor transactions there has to be an extremely consistent "level of service" for lack of a better term. Seeing as one of the worst possible situations with any kind of money/value is not knowing where it is or when it is supposed to arrive.
sr. member
Activity: 252
Merit: 250
Inactive
Can someone link me to the how to fix this problem thread? Thanks

is there some sort of  BIP in the works to enforce stricter rules on block validity ?

https://bitcointalk.org/index.php?topic=69423.0;all

tl;dr: There are two current proposals: 1) change the protocol to require that miners prove they have a copy of the blockchain; 2) change the relay policy to require that miners include a minimum quota of transactions.  #1 would probably solve the immediate problem and boot Mystery from the network.  #2 is a broader approach which prevents Mystery from just getting a copy of the blockchain and then still not including any transactions.  The major objection to #2 is it limits the miners' ability to reject transactions they deem unworthy, eg, insufficient fees paid.

Since the network does not appear to be in immediate danger we're still considering solutions.


So, you are saying that if participating botnets modify their operation to never present a threat, but only to leech a significant amount of bitcoin for almost no expense, that developers will never consider this a problem?

Hmmmm.
legendary
Activity: 1708
Merit: 1020
What I find amazing, the mystery miner is closing in on 51% each day, he is allready approaching stable 30+% whereas a month ago he was at 15-20% network hashrate.

My data doesn't support that:



The percentage of 1-tx blocks (measure on a daily basis) hasn't surpassed 20%.

EDIT: data since 3/07 2012:

Code:
 chain_id | blocks | mystery_blocks | long_mystery_blocks | txcount
---------+--------+----------------+---------------------+---------
       1 |   3768 |            548 |                 486 |  160704

so the average is 548.0 / 3768 = 14.5% (or 486.0 / 3768 = 12.9% if we exclude blocks <30s)

thanks for this fud stopper


what about ddosing (unknown) IPs outputting 1TX blocks? I realize the IP changed before.

where is bitcoinEXpress with his LOICs ?



hero member
Activity: 728
Merit: 500
165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
Can someone link me to the how to fix this problem thread? Thanks

is there some sort of  BIP in the works to enforce stricter rules on block validity ?

https://bitcointalk.org/index.php?topic=69423.0;all

tl;dr: There are two current proposals: 1) change the protocol to require that miners prove they have a copy of the blockchain; 2) change the relay policy to require that miners include a minimum quota of transactions.  #1 would probably solve the immediate problem and boot Mystery from the network.  #2 is a broader approach which prevents Mystery from just getting a copy of the blockchain and then still not including any transactions.  The major objection to #2 is it limits the miners' ability to reject transactions they deem unworthy, eg, insufficient fees paid.

Since the network does not appear to be in immediate danger we're still considering solutions.
donator
Activity: 2772
Merit: 1019
Quote
Is is possible the blocks where actually found by bots at the given time and where actually distributed among the p2p network of the botnet. Maybe the node/server that bridges botnet-p2p to bitcoin-exit-node was down and coincidentally not many blocks where found real bitcoin network so the longest chain could taken over by publishing these blocks when that bridge node came back up? Does this make sense at all?

The way I understand it yes sure.

However this is still becoming a real worry for users who'll end up facing unreasonable transaction times compared with the norm and will cause worries about the fundamental architecture of the network and its underlying code.

What's the norm? It is generally suggested to accept transaction at 6 confirmations. It is also generally known a secure tx can easily take longer than 1 hour.

Personally I don't give a toss about who's actually doing the mining even though botnets (if this is one) raise "moral" issues. However not including transactions in the blockchain is just plain fucked up.

Maybe a patch or something similar to reject this type of blocks ought to be included in the code as it's A slowing down the system and B apparently also destroying legitimate work, which is in no ones legitimate interest.

This has been discussed: It can not be done in a safe way, afaik. The problem is identifying such "illegitimate" blocks. There are legitimate 1-tx-blocks (eligius is mining them every day, as luke says). The grey data-series in my chart above reflects possibly legitimate 1-tx-blocks.


Some people may start screaming "this is the wild west and we don't want no stinking "regulations"" just think of it as going to a gun fight you can only bring a .22 while several of the other parties arrive carrying assault weapons. All I'm asking for here is that everybody gets to buy a nice piece of whoopass and bring it along if they are so inclined.
* molecular arming with whoopass
Pages:
Jump to: