Bitcoin Forum

DDOSing is extremely hard to circumvent event for the top security experts in the world.

The status quo is tremendously easy to exploit by these Russian botnet operators. They seem to be doing it regularly now.

1. DDOSing all the pools.
2. They increase their bitcoin profits for awhile.

I don't see how this is going to stop in the long run.

What is the countermeasure? Pool hopping is not a great solution because they can just DDOS all the pools.

make it that the all miner will have a option that if a pool is not responsive for X second do solo mining...

Do those few DDoS attacks really have a noticable impact on the difficulty? How many percent of the total hashing power were down for how many percent of the time? I don't think it's really that much.

DDoSing all pools would require even more lots of (expensive) botnet members. I'm not sure if this pays off.

Possible remedies:

- Many more pools
- More private/hidden pools
- Back to solo mining

Cost to prevent bitcoin mining < Cost to mine bitcoins

Take the opportunity to study and understand the impact on a project like BitCoin? :)

The purpose of a decentralized authority is to prevent control (including destroying) that centralized authority.

If you all want to create a synthetic centralized authority in BitCoin - keep your priority in mining pools and profit rather than the fundamentals of the project.  It's an easy target for DDoS. :)

Expensive botnet members?
I can buy 1000 bots for 100$ or less, and have em DDoS for me.
Even cheaper if I write my own bot, which is not very difficult (even a FUD one).

If a botnet owner w/ around 15000 zombies (not very uncommon) wanted to mine coins, by golly he could. Set 7500 of em to CPU mining, the other 7500 to DDoS'ing the pools with bad packets.

This is happening all the time too.

We should do about DDoSing what everyone should do about DDoSing.

If I upload/download a britney spears song via a torrent I can potentially be liable for tens of thousands of dollars in "potential lost revenue" after my ISP surrenders all my information, but if a real functioning entity is actually prevented from having an online presence on the internet because my connection is part of a collective effort to bombard it off the internet, that's no problem?

Should start a lobby to get ISPs to knock zombie machines off the network until they can pass a scan showing they are no longer infected. Yes I know there's lots of international stuff too, doesn't seem a difficult program to institute worldwide.

That's still a relatively pathetic payout, given that most computers in botnets are compromised windows XP machines running old amd semprons and celerons/p4's or worse. They will output maybe 100-200khash per second or less with the average skewing up a bit by infected machines that run modern processors capable of mhash performance.

Even in an optimistic scenario the owner is wasting his botnet capacity and risking detection due to high CPU usage by end users, who despite being technically limited, will notice their computer coming down to a crawl.

botnetserver.exe to low priority :P

I think the best solution is having multiple pool fail overs.

We've seen DDOS's happen to a couple pools at once, but rarely more than that.

I'm not sure how you'd set up your miners, but there has to be a good solution to have 3 pools set up so if pool A goes down, goes to pool B, then to pool C.

Quite unlikely that all 3 pools would be down at the same time...