Bitcoin Forum
April 18, 2014, 03:13:38 AM *
News: Due to the OpenSSL heartbleed bug, changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Bitcoin Faucet changes  (Read 9035 times)
Gavin Andresen
Hero Member
*****
Offline Offline

Activity: 1330


Chief Scientist


View Profile WWW

Ignore
June 23, 2010, 02:23:46 PM
 #1

So I've been watching the IP addresses of people getting 5 free bitcoins from the Bitcoin Faucet ( https://freebitcoins.appspot.com/ ).

And I see some... uh, interesting patterns.  Like these successful requests for coins:

Code:
79.117.152.158 - - [21/Jun/2010:12:17:02 -0700] "POST / HTTP/1.1" 200 1234
79.117.159.197 - - [21/Jun/2010:12:16:24 -0700] "POST / HTTP/1.1" 200 1234
79.117.135.236 - - [21/Jun/2010:12:10:23 -0700] "POST / HTTP/1.1" 200 1234
79.117.163.238 - - [21/Jun/2010:12:08:50 -0700] "POST / HTTP/1.1" 200 1234
79.117.155.23 - - [21/Jun/2010:12:08:07 -0700] "POST / HTTP/1.1" 200 1234

My apologies if there actually are a bunch of new bitcoin users using IP addresses in the 79.117 range...  but I'm guessing somebody there is getting more than their fair share of free bitcoins.

There are several suspicious requests from the 192.38.95.* address block, too.

So I've made some changes to the Faucet.  You won't notice them unless you try to cheat; if you do try to cheat, you'll have to solve a CAPTCHA to get coins.

If that doesn't discourage cheating, I'll modify the code so that if it think you're trying to cheat it requires a CAPTCHA and only gives out a bitcoin nickel (0.05 bitcoins)...

Will I see you in Amsterdam?
  http://bitcoin2014.com/
1397790818
Hero Member
*
Offline Offline

Posts: 1397790818

View Profile Personal Message (Offline)

Ignore
1397790818
Reply with quote  #2

1397790818
Report to moderator
1397790818
Hero Member
*
Offline Offline

Posts: 1397790818

View Profile Personal Message (Offline)

Ignore
1397790818
Reply with quote  #2

1397790818
Report to moderator
    mBitCASINOWIN BITCOINS IN OUR
24/7 LIVE DEALER CASINO

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1397790818
Hero Member
*
Offline Offline

Posts: 1397790818

View Profile Personal Message (Offline)

Ignore
1397790818
Reply with quote  #2

1397790818
Report to moderator
Xunie
Full Member
***
Offline Offline

Activity: 132



View Profile

Ignore
June 24, 2010, 10:51:01 AM
 #2

Lol, bitnickel!

Anyhow, I was expecting this.
And what about those using proxies?
I don't wanna be an #@!%!#% here, but ehh... I think the "5 BTC for FREE!" thing, is kinda... flawed...

Thank me for this post here: 1PyNKEyqtDFB4HBG8ueDVxdPZfgwC6gAqw
Caffeinism -- a toxic condition caused by excessive ingestion of coffee and other caffeine-containing beverage.
Gavin Andresen
Hero Member
*****
Offline Offline

Activity: 1330


Chief Scientist


View Profile WWW

Ignore
June 24, 2010, 06:17:36 PM
 #3

I don't wanna be an #@!%!#% here, but ehh... I think the "5 BTC for FREE!" thing, is kinda... flawed...
"flawed" ??

I've been telling people it is a half-baked, I've-lost-my-friggin-mind idea!

So far, I count it as a big success-- I've learned a lot that will help me with my next Bitcoin-related project, I've made a bunch of people a teeny-tiny bit happier, and I've personally invested just under $1.00 worth of bitcoins over the last two weeks.

I did throw in the towel today and turned on reCAPTCHA for everybody getting bitcoins (it looks like somebody DID bother to write a robot to harvest coins through proxies).  It was fun trying to come up with new, creative ways of detecting cheating, but I have more important things to work on.

Will I see you in Amsterdam?
  http://bitcoin2014.com/
sirius
Bitcoiner
Staff
Sr. Member
*****
Offline Offline

Activity: 426



View Profile

Ignore
June 24, 2010, 09:37:39 PM
 #4

http://www.decaptcher.com/


It costs someone $2 per 1000 captchas. So, they could suck out 5000 bitcoins for $2. lol. Smiley

But, that should help stop most people Smiley

I guess that's why the forum still gets those annoying spam user registrations despite the captcha.

Identifi - P2P Identity and Reputation Database
I'm not a forum admin - please contact theymos instead.
virtualcoin
Newbie
*
Offline Offline

Activity: 13


View Profile

Ignore
June 24, 2010, 10:07:30 PM
 #5

Gavin, why don't you just block all served Bitcoin addresses?
Would it be easy to generate them automatically?
Gavin Andresen
Hero Member
*****
Offline Offline

Activity: 1330


Chief Scientist


View Profile WWW

Ignore
June 24, 2010, 11:13:45 PM
 #6

Gavin, why don't you just block all served Bitcoin addresses?
Would it be easy to generate them automatically?
It is easy to generate them automatically (it is easy to write code that asks the Bitcoin program to generate and return a new address).

Will I see you in Amsterdam?
  http://bitcoin2014.com/
llama
Member
**
Offline Offline

Activity: 103


View Profile

Ignore
June 25, 2010, 04:25:48 AM
 #7

Funny how on this forum the same people play both sides of the table--on the one hand, trying to come up with ways to preserve absolute anonymity (e.g. the heroin store thread), and then coming here and trying to do sort of the opposite to protect BTC Faucet. 

I love it  Grin

satoshi
Founder
Sr. Member
*
Offline Offline

Activity: 364


View Profile

Ignore
June 26, 2010, 09:39:52 PM
 #8

Many big ISPs give you a new IP every time you connect, usually in the same class B (a.b.?.?).  Maybe you should have a minimum time between payments per class-B.

If you can't solve the problem, you can always keep lowering the amount of bitcoins given until it's manageable, and always require captcha.
Gavin Andresen
Hero Member
*****
Offline Offline

Activity: 1330


Chief Scientist


View Profile WWW

Ignore
June 26, 2010, 11:15:07 PM
 #9

Turning on the CAPTCHA for everybody has slowed the flow of coins from the faucet to a very manageable trickle.

Oh, and regarding anonymity versus non-anonymity:  I was careful not to tie IP addresses to Bitcoin addresses when implementing the Bitcoin Faucet.  So I remember that somebody at IP address 96.240.216.119 received bitcoins at 12:30pm today.  And I remember that somebody with Bitcoin address 1P3rpbSybuGgeL1bRwCJFWbn4yBjRNQrbY

Will I see you in Amsterdam?
  http://bitcoin2014.com/
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!