Pages:
Author

Topic: You are threatening Bitcoin’s security - page 6. (Read 32360 times)

sr. member
Activity: 392
Merit: 250
Quote
In a conspiracy to make 800-1k$ per day? I want in on that!

I meant to say that was approximately the value of what is being collected from fees @ current ghash rate, without any further control/manipulation of the system.

Yeah, I know what you meant. If you don't trust them then don't use their services. If you think they are conspiring to take down bitcoin then don't use bitcoin. If you're using bitcoin and griping about mass conspiracy then you're either in it for the money and only worried about losing it or just plain being hypocritical. This is the 3rd time this argument has come up in 2 weeks and degenerated into the hypothetical of Slush and Tyco conspiring to take over the network and/or the possibility of someone breaking into a pool and stealing/redirecting all the coins. It's old now.

As mentioned before, they could be the most trustworthy people in the world, but that does not take away from the fact that the community should do something about what could be a potential problem. Those guys run a great service and kudos to them, their reward is the fairly easy-to-come-by fees they are picking up for running a good service early in the bitcoin game. Deviating from large pools is healthier for bitcoin in general though: only the people that are concerned with immediate profits as opposed to the success of bitcoin in general would be the ones that would indirectly promote such lopsided control.

Except the community is the one causing the "problem". It's not Tyco's or Slush's fault that a majority of people are using their services! It's pretty basic nature that most people want to be part of the largest group. So far the only "do something" I have seen is to ask them to limit their member, to which I would say no if I were them. Again, this is the 3rd time I have seen the argument that they need to be regulated when people are going to them freely. The only thing that can be done it to ask/motivate miners to diversify themselves. The only way to reach them all is for the pool to disappear since some percentage of them probably don't use the forums let alone live on them. It's also not very productive to try to get people to diversify in threads like this that start out dramatic, post incorrect information, and degenerate into flaming and conspiracy.

The basis of bitcoin is a free (as in open) currency and economy, even down to the code. I'm shocked! ShOcKeD! I tell you that free market principles have sprung up. Simple stuff like, providing the best service for an acceptble fee for example. Who would have though?!
legendary
Activity: 2058
Merit: 1431
Could you explain?  So let's say I run 3 miners and I point them to my local bitcoin -server (Which is also the wallet?)

That's all I need to do? 

Is this any different from how the larger pools work?  Will I still get the long pull etc?
1. set up bitcoin.conf properly (be sure to allow your miner's IP)
2. start in server mode
3. connect your miner to your server
4. wait for profit

that's all you need to do.
newbie
Activity: 56
Merit: 0
I recommend anyone with more than one-two decent GPU's to mine solo. It is more efficient long term. It increases security of bitcoin. The only downside of solo mining is purely psychological "not boiling pot" syndrome.

Myself and my clients are mining solo and stopped using third party pools long time ago.


So if I have 4-5 GPUS mining solo, won't they be competing against each other? 

they won't compete, they will get unique work.

Could you explain?  So let's say I run 3 miners and I point them to my local bitcoin -server (Which is also the wallet?)

That's all I need to do? 

Is this any different from how the larger pools work?  Will I still get the long pull etc?
why
member
Activity: 73
Merit: 10
why! do ur own job.
Quote
In a conspiracy to make 800-1k$ per day? I want in on that!

I meant to say that was approximately the value of what is being collected from fees @ current ghash rate, without any further control/manipulation of the system.

Yeah, I know what you meant. If you don't trust them then don't use their services. If you think they are conspiring to take down bitcoin then don't use bitcoin. If you're using bitcoin and griping about mass conspiracy then you're either in it for the money and only worried about losing it or just plain being hypocritical. This is the 3rd time this argument has come up in 2 weeks and degenerated into the hypothetical of Slush and Tyco conspiring to take over the network and/or the possibility of someone breaking into a pool and stealing/redirecting all the coins. It's old now.

As mentioned before, they could be the most trustworthy people in the world, but that does not take away from the fact that the community should do something about what could be a potential problem. Those guys run a great service and kudos to them, their reward is the fairly easy-to-come-by fees they are picking up for running a good service early in the bitcoin game. Deviating from large pools is healthier for bitcoin in general though: only the people that are concerned with immediate profits as opposed to the success of bitcoin in general would be the ones that would indirectly promote such lopsided control.
legendary
Activity: 2058
Merit: 1431
I recommend anyone with more than one-two decent GPU's to mine solo. It is more efficient long term. It increases security of bitcoin. The only downside of solo mining is purely psychological "not boiling pot" syndrome.

Myself and my clients are mining solo and stopped using third party pools long time ago.


So if I have 4-5 GPUS mining solo, won't they be competing against each other? 

they won't compete, they will get unique work.
newbie
Activity: 56
Merit: 0
I recommend anyone with more than one-two decent GPU's to mine solo. It is more efficient long term. It increases security of bitcoin. The only downside of solo mining is purely psychological "not boiling pot" syndrome.

Myself and my clients are mining solo and stopped using third party pools long time ago.


So if I have 4-5 GPUS mining solo, won't they be competing against each other?   If anyone wanted to put together a real nice mining pool guide I bet a lot more people would be that route.

For the good of security, multi miner pool guide!
sr. member
Activity: 392
Merit: 250
Quote
In a conspiracy to make 800-1k$ per day? I want in on that!

I meant to say that was approximately the value of what is being collected from fees @ current ghash rate, without any further control/manipulation of the system.

Yeah, I know what you meant. If you don't trust them then don't use their services. If you think they are conspiring to take down bitcoin then don't use bitcoin. If you're using bitcoin and griping about mass conspiracy then you're either in it for the money and only worried about losing it or just plain being hypocritical. This is the 3rd time this argument has come up in 2 weeks and degenerated into the hypothetical of Slush and Tyco conspiring to take over the network and/or the possibility of someone breaking into a pool and stealing/redirecting all the coins. It's old now.
legendary
Activity: 2058
Merit: 1431
And politicians DESERVE to take a scrape off the top.  They went through the trouble to build the government and manage it day to day.  Of course they deserve a share of our tax dollars!  I have no problem with that
And both happen because you allow it. One with majority vote, and the other with usage of the service. One is much easier to solve than the other though.
that's why i solo mine :p
sr. member
Activity: 392
Merit: 250
And pool operators DESERVE to take a scrape off the top.  They went through the trouble to build the pool and manage it day to day.  Of course they deserve a share of the profits!  I have no problem with that.
And politicians DESERVE to take a scrape off the top.  They went through the trouble to build the government and manage it day to day.  Of course they deserve a share of our tax dollars!  I have no problem with that
And both happen because you allow it. One with majority vote, and the other with usage of the service. One is much easier to solve than the other though.
why
member
Activity: 73
Merit: 10
why! do ur own job.
Quote
In a conspiracy to make 800-1k$ per day? I want in on that!

I meant to say that was approximately the value of what is being collected from fees @ current ghash rate, without any further control/manipulation of the system.
legendary
Activity: 2058
Merit: 1431
And pool operators DESERVE to take a scrape off the top.  They went through the trouble to build the pool and manage it day to day.  Of course they deserve a share of the profits!  I have no problem with that.
And politicians DESERVE to take a scrape off the top.  They went through the trouble to build the government and manage it day to day.  Of course they deserve a share of our tax dollars!  I have no problem with that
sr. member
Activity: 392
Merit: 250
Quote

The "exact exploit conditions presented by the creator" are having => 50% of the network power, which no one person has, and also that they are anonymous so that no one knows where to go looking if someone trys said exploit.

No one can know if pool owners can be in cahoots with one another. At current rates, pools the size of deepbit are already making profit potentials upwards of 800-1k$ daily.

And, if deepbit were larger if used for an attack, how much could it net from such an attack before being discovered?  Right now, I think not that much [but still considerable ... but not enough for operators to give up their revenue stream].  I wouldn't expect pool owners to be part of it [although surprises do occur, but I don't think so for the current time frame anyway].

If a major pool is ever hacked, it's much more likely to be hacked quietly with the intent of the attacker redirecting the pool's earnings to himself.

In this community, how long would it take for a flood of messages to show up on the message board saying people aren't getting their payouts? I'm guessing as soon as 6-8 people posted sequentially there would be mass exodus. Even this style of attack would have limited success.
legendary
Activity: 1708
Merit: 1007
Quote

The "exact exploit conditions presented by the creator" are having => 50% of the network power, which no one person has, and also that they are anonymous so that no one knows where to go looking if someone trys said exploit.

No one can know if pool owners can be in cahoots with one another. At current rates, pools the size of deepbit are already making profit potentials upwards of 800-1k$ daily.

And, if deepbit were larger if used for an attack, how much could it net from such an attack before being discovered?  Right now, I think not that much [but still considerable ... but not enough for operators to give up their revenue stream].  I wouldn't expect pool owners to be part of it [although surprises do occur, but I don't think so for the current time frame anyway].

If a major pool is ever hacked, it's much more likely to be hacked quietly with the intent of the attacker redirecting the pool's earnings to himself.
sr. member
Activity: 392
Merit: 250
Quote

The "exact exploit conditions presented by the creator" are having => 50% of the network power, which no one person has, and also that they are anonymous so that no one knows where to go looking if someone trys said exploit.

No one can know if pool owners can be in cahoots with one another. At current rates, pools the size of deepbit are already making profit potentials upwards of 800-1k$ daily, not to mention the power that comes with having that much of the network.

In a conspiracy to make 800-1k$ per day? I want in on that!
legendary
Activity: 1708
Merit: 1007
This thread topic is exactly why I never thought that open pools were a good idea.  That said, the ability to create more pools will lead to a proliferation of said pools competing for contributers.  So it's unlikely that any one pool could ever collect the 50% minimum in order to attack the blockchain even for a short while, as the more pools there continue to be, the less of a percentage that each is ever likely to be able to accumulate.

Once again, open source competitiveness comes to the rescue.
member
Activity: 98
Merit: 10
Quote

The "exact exploit conditions presented by the creator" are having => 50% of the network power, which no one person has, and also that they are anonymous so that no one knows where to go looking if someone trys said exploit.

No one can know if pool owners can be in cahoots with one another. At current rates, pools the size of deepbit are already making profit potentials upwards of 800-1k$ daily.

And, if deepbit were larger if used for an attack, how much could it net from such an attack before being discovered?  Right now, I think not that much [but still considerable ... but not enough for operators to give up their revenue stream].  I wouldn't expect pool owners to be part of it [although surprises do occur, but I don't think so for the current time frame anyway].
member
Activity: 98
Merit: 10
This thread demonstrates why bitcoin is a joke and always will be.

You people flock to bitcoin supposedly to reclaim public, distributed control over a currency, and then you just give away the power to the first pool operator who asks for it.

What a joke.

The fact that people are actually arguing here that "deepbit would never do such a thing" is unbelievable. Is he Jesus now? Is he your new guru? I thought the entire point of bitcoin was that no one would be the guru, no one would have control.

And then you have the incredibly naive and ignorant argument that if someone abused the network people would "rally" to save it. What fantasy world is this? That's not what would happen. People would abandon the currency because they don't want to sink more money into a flawed concept and flawed community.

Amateur hour. The fact that one man already actively controls enough cryptographic power to break the validity of the currency with NO OVERSIGHT and people put their BLIND FAITH in him..... no serious person is going to have confidence in the currency when they learn that the exact exploit conditions presented by the creator have already been fulfilled, and not through investing significant personal resources either, but fulfilled because bitcoin users VOLUNTARILY GAVE AWAY their cryptographic authority to him. Amazing!

 

For the record, the attack is technically possible at > 50%, but to make any real amount of return on implementing this attack would require a significantly greater percentage as it would be noticed rather quickly if the attacker was only able to build a new chained block that is longer than the original at slightly faster than the rest of the pool.  As we know, however, knocking out another large pool, as happened when Slush went down last weekend or so, resulted in a flood of people into deepbit and a huge spike in hash rate, so being at 50% or so already (hypothetical case) and taking out a 30% pool with say 2/3 of them going to deepbit [considering the number of pools that exist today], that would put deepbit at 70% making it a huge threat for attack.  I do not think Tycho would do this as he is making a lot of money the way it is and destroying a revenue stream for a one time gain and somehow cashing out or spending the coins would not be beneficial for him.  More likely is a remote attacker taking over the pool.  I am glad measures are being taken to to avoid such an attack [by at least a few pools], but there are those out there, with enough motive, that will eventually attempt it in all likelihood given the opportunity [which is the subject of this thread].

The point of this post; an attack would not in all likelihood destroy the bitcoin economy, but it would damage it [trust would go down and apparent risk would go up and thus prices would drop].  Many people would lose funds they thought they had from the pool used for the attack, but it would be distributed, so it is probably less likely to destroy the market as destroy the pool that performed the attack [nobody would use the pool again if it had been used as a weapon for theft].  Worst case is that people would go back to solo mining making the growth of network hashing power slow or even reverse [which might be a good thing] and virtually eliminating the threat for the future.  Pools are only dangerous if used as a weapon [although they are drawing in a lot of hardware causing a "waste" of a lot of electricity that wouldn't be as great with solo mining ... many simply wouldn't solo mine].  I want to see bitcoin do well and I do not want to see such an attack ever occur and I am pretty sure that the pool operators don't either [kills their revenue stream].  Consider how fast they would have to "rechain" multiple blocks without detection to get a large loot. 

Solution?  Not sure if feasible, but if some sort of pool existed that itself was a member of all other pools and watches out for duplicate base block data to come through as shares of work then it could be detected rather quickly.  Problem .. it would take a large central database at this pool and it would cost significant money to maintain it and have the ability to compare work to past solved blocks.  I don't know if it could be profitable [and it itself could still be cracked ... but we trust banks, for the most part, with our fiat money, so there has to be some level of trust].

Let me pose this.  What would pool users do if ALL pools except one went down over the course of a few hours or minutes?  Would they jump to the one remaining pool?  Now suppose that all but the largest pool went down; would they still jump to the one remaining pool?  That is where pool miners need self control [and it is proven by history that they do not have it currently when one large pool goes down].  Honestly, I think all users should setup an alternative configuration to switch over to solo mining in such a situation or simply just temporarily shut down.  Do the people have the will?

Essentially, I think the risk to bitcoin isn't huge in the long term if such an attack were to take place, at least not if it takes place with the market at it's current size or a significantly larger size.  A potentially costly solution could keep the pools monitored and potentially offset some of the costs by paying enough miners to support it by doing the work pulled from the pools being monitored [probably not feasible, but an idea ... pool operators would payout the monitoring pool of course], and last, miners need to control their emotions and greed to avoid and stop an attack when discovered [if not too late] as I indicated.  The potential for attack and damage from it is real, but the end of bitcoin from such an attack is unlikely.

If you read this far, congratulations Smiley  Eventually, if this project turns out as well as expected, some larger merchants are going to get in on the currency, but that is going to require brokers to handle transactions [i.e. reversals for fraud], and accountability of these merchants to their respective government(s) for taxes.  In fact, this could already be an issue for some (I bet most people are net negative from hardware investment or barely positive, so taxes are probably not an issue for most ... yet).  Converting to fiat currency leaves a trail for the tax collectors to go after I think.  Keep receipts for your hardware and electricity investment [hobby income in the US is taxable only when profits exceed expenses of the hobby]. 

Be safe.

why
member
Activity: 73
Merit: 10
why! do ur own job.
Quote

The "exact exploit conditions presented by the creator" are having => 50% of the network power, which no one person has, and also that they are anonymous so that no one knows where to go looking if someone trys said exploit.

No one can know if pool owners can be in cahoots with one another. At current rates, pools the size of deepbit are already making profit potentials upwards of 800-1k$ daily, not to mention the power that comes with having that much of the network.
hero member
Activity: 702
Merit: 503
I conclude that most of the miners are short-sighted people directly selling their Bitcoins for Dollars. They mine on deepbit because it’s too much of a hassle to switch or they don’t really know that a single entity (or even a few entities) in control of >50% of the network’s hashrate are dangerous, and even then, as long as they can convert their BTC into USD today, they won’t care.

If Bitcoin fails, the grashoppers just move on. Nice!

Right. This was so even before the first pool, not to mention Deepbit. For those who think it's a remote possibility, Deepbit already came really close if not over 50% recently, when Slush went down for a while...

For such people, Bitcoin is not about Satoshi's ideals, or bettering the world we live in; it's just about greed and "it's-all-about-me" personal profit... Cheesy
sr. member
Activity: 392
Merit: 250
You people flock to bitcoin supposedly to reclaim public, distributed control over a currency, and then you just give away the power to the first pool operator who asks for it.

Key word is give. It can be taken away too.

The fact that people are actually arguing here that "deepbit would never do such a thing" is unbelievable. Is he Jesus now? Is he your new guru? I thought the entire point of bitcoin was that no one would be the guru, no one would have control.

That's free market principles at work. They provide a great service and people use it until they do something to lose people's trust then they go elsewhere.

And then you have the incredibly naive and ignorant argument that if someone abused the network people would "rally" to save it. What fantasy world is this? That's not what would happen. People would abandon the currency because they don't want to sink more money into a flawed concept and flawed community.


If by save then you mean abandon the site and redistribute the power by going to other pools that are springing up left and right or going solo, then yes, absolutely.

Amateur hour. The fact that one man already actively controls enough cryptographic power to break the validity of the currency with NO OVERSIGHT and people put their BLIND FAITH in him..... no serious person is going to have confidence in the currency when they learn that the exact exploit conditions presented by the creator have already been fulfilled, and not through investing significant personal resources either, but fulfilled because bitcoin users VOLUNTARILY GAVE AWAY their cryptographic authority to him. Amazing!

People put blind faith in their federal governments, state governments, city governments, local governments, home owners associations, parent/teacher associations, and any other group that they join voluntarily. Oversight is it's own joke. Everyone thinks they know how to do it right and do it better. The difference here is that protesting is as easy as pulling your hashing power and moving it somewhere else. Until users are given a reason to do so they will keep using whatever service they choose.

The "exact exploit conditions presented by the creator" are having => 50% of the network power, which no one person has, and also that they are anonymous so that no one knows where to go looking if someone trys said exploit.
Pages:
Jump to: