Bitcoin Forum

Bitcoin => Bitcoin Discussion => Topic started by: tokeweed on October 09, 2015, 04:28:23 AM



Title: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: tokeweed on October 09, 2015, 04:28:23 AM
Quote
I Broke Bitcoin

Alister Maclin can break Bitcoin on command. In an email, Maclin said he's been the one spamming the Bitcoin network over the last several days with enough force to compel a Bitcoin exchange to notify its customers that the attack was causing withdrawal issues. Of course, he added, "Alister Maclin" is an alias.

In retrospect, I should have been more specific when I asked Maclin if there was a way for me to verify his claims.

Normally, confirmation of this kind might come in the form of a cryptographic fingerprint, but when I contacted Maclin over email, he replied in broken English: “I will switch the stress-test on once again for a short period (~10 min) at 17:30 of your local time (there is 00:22 now in Moscow - I wanna sleep). You will see.”

Slightly taken aback, I asked if Maclin meant 5:30 PM tomorrow. “Today! Now! I've already started it ten minutes ago :)” he replied. Sure enough, the number of transactions rejected by the Bitcoin network skyrocketed at 5:30 PM on Tuesday afternoon.

http://motherboard-images.vice.com/content-images/contentimage/no-id/1444232600383997.png

At 5:54 PM, Maclin emailed me again. “Switched off,” he wrote. “Now red lines on the third chart will return back to green.” And as it was written, so it was done. Things calmed down, the number of rejected transactions dropped back to normal levels, and the chart’s red spike settled back to green after an hour.

http://motherboard-images.vice.com/content-images/contentimage/no-id/1444232678283885.png

Maclin isn’t the first person to try and break the Bitcoin network. An exchange called Coinwallet.eu previously threw $48,000 USD in Bitcoin to the winds in an attempt to fill the network with tiny spam transactions and slow things down for everyone. By comparison, however, Maclin’s attack was extremely cheap, simple, and effective.

Maclin used what’s known as a “malleability attack,” which takes advantage of the time delay between when bitcoins are sent and when the transaction record is included in a block and uploaded to the blockchain for posterity. A script written by Maclin, running on a virtual machine, captures transactions and re-broadcasts them to the Bitcoin network with a slightly different ID, thus creating a duplicate transaction, only one of which can be added to a block. Everybody’s bitcoins still get where they need to go, but it could take hours for the transaction to be confirmed instead of the usual 10 minutes... (cont.'d)

More here:  http://motherboard.vice.com/read/i-broke-bitcoin


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: P-Funk on October 09, 2015, 04:29:41 AM
Nothing's broken.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: --Encrypted-- on October 09, 2015, 04:39:57 AM
https://bitcointalk.org/index.php?action=profile;u=197593
that's him. in case anyone missed.

and
Quote
But Maclin’s window may be closing. A Bitcoin update designed to fix the malleability issue has been in the works (https://github.com/bitcoin/bips/blob/master/bip-0062.mediawiki) for over a year, and the latest attack could be just the spark to light a fire under it.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: knight22 on October 09, 2015, 04:43:45 AM
Nothing's broken.

Nope but it caused some annoying disruptions nonetheless.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: alwinlinzee on October 09, 2015, 04:47:31 AM
https://bitcointalk.org/index.php?action=profile;u=197593
that's him. in case anyone missed.

and
Quote
But Maclin’s window may be closing. A Bitcoin update designed to fix the malleability issue has been in the works (https://github.com/bitcoin/bips/blob/master/bip-0062.mediawiki) for over a year, and the latest attack could be just the spark to light a fire under it.
I dont think Alister Maclin spent huge amount of money to get this done but rather he is a genius who can manipulate codes and java languages but i wish he does not do it again because a lot of people in this community suffers during that attack.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Hazir on October 09, 2015, 04:54:18 AM
https://bitcointalk.org/index.php?action=profile;u=197593
that's him. in case anyone missed.

and
Quote
But Maclin’s window may be closing. A Bitcoin update designed to fix the malleability issue has been in the works (https://github.com/bitcoin/bips/blob/master/bip-0062.mediawiki) for over a year, and the latest attack could be just the spark to light a fire under it.
Nothing is broken, and as far I as know no one get scammed or robbed. You could only be in trouble if you accept zero confirmation transactions, and that is rarely, if ever the case. In fact because people like him there we can have that security upgrade already in place. And that is rather good news.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: coinplus on October 09, 2015, 04:58:32 AM
https://bitcointalk.org/index.php?action=profile;u=197593
that's him. in case anyone missed.

and
Quote
But Maclin’s window may be closing. A Bitcoin update designed to fix the malleability issue has been in the works (https://github.com/bitcoin/bips/blob/master/bip-0062.mediawiki) for over a year, and the latest attack could be just the spark to light a fire under it.
I dont think Alister Maclin spent huge amount of money to get this done but rather he is a genius who can manipulate codes and java languages but i wish he does not do it again because a lot of people in this community suffers during that attack.

We can request him not to repeat..
But what if a government plan against a decentralized system for the purpose of their own system. So, we need to be ready with a versatile robust system to face any kind of attack. Time to think of changes to withstand any kind of attack. Last time, many people suffered with higher fees and late transaction confirmations.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: alwinlinzee on October 09, 2015, 05:10:14 AM
https://bitcointalk.org/index.php?action=profile;u=197593
that's him. in case anyone missed.

and
Quote
But Maclin’s window may be closing. A Bitcoin update designed to fix the malleability issue has been in the works (https://github.com/bitcoin/bips/blob/master/bip-0062.mediawiki) for over a year, and the latest attack could be just the spark to light a fire under it.
I dont think Alister Maclin spent huge amount of money to get this done but rather he is a genius who can manipulate codes and java languages but i wish he does not do it again because a lot of people in this community suffers during that attack.

We can request him not to repeat..
But what if a government plan against a decentralized system for the purpose of their own system. So, we need to be ready with a versatile robust system to face any kind of attack. Time to think of changes to withstand any kind of attack. Last time, many people suffered with higher fees and late transaction confirmations.
I think i must agreed with you that all necessary things should be put in place to avoid this type of attack again, bitcoin controls billions of dollars and we should be able to create a powerful defense even if we all have to donate.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: amaclin on October 09, 2015, 05:15:42 AM
We can request him not to repeat..
Would you like to pay also?


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: VirosaGITS on October 09, 2015, 05:21:24 AM
We can request him not to repeat..
Would you like to pay also?

Hell no. I welcome these kinds of attacks. People who cause TX spam or any kind of attack against the network now is a boon. We need to get all the vulnerabilities out of the way. People that find way to disrupt the network until the issue get patched should be getting security bounty rewards.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: amaclin on October 09, 2015, 05:26:27 AM
We need to get all the vulnerabilities out of the way.
1) Are you sure that every problem has a solution? (I am talking not about bitcoin, this is generic question)
2) Why should somebody fix vunerability if you do not want to pay for fixing?


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Kakmakr on October 09, 2015, 05:31:52 AM
What would be the goal behind this? Is this a white hat, just showing the possible exploits in the network or are there other motives behind this? In the end this will lead to more people not trusting the Bitcoin network and deciding to give up on the whole idea. Yes, Bitcoin was not brought down with this attack, but it is very disruptive. If the goal is to identify holes in the system, it should be submitted to the core developers and tested on the TestNet not on the live Blockchain.

It is not fun anymore and it disrupts business, if it delays transactions.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: VirosaGITS on October 09, 2015, 05:33:02 AM
We need to get all the vulnerabilities out of the way.
1) Are you sure that every problem has a solution? (I am talking not about bitcoin, this is generic question)
2) Why should somebody fix vunerability if you do not want to pay for fixing?

1)Yes in a way or another. There is always a way for a problem to not be a problem anymore. No matter what.
2)A bounty paid from a miner tax would not be bad. I bet a system were someone find an exploit, come up with a solution and set a bounty, submit it for vote to miners. Change get implemented, next 1000 blocks have 0.01% reward sent to bounty.

So sure i would pay. But i would never pay someone who is just black mailing. For example those DDoS kid extorting small pools to pay or else they get DDoS'd.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Quickseller on October 09, 2015, 05:33:10 AM
Quote
Everybody’s bitcoins still get where they need to go, but it could take hours for the transaction to be confirmed instead of the usual 10 minutes
Ummm, why exactly would it take longer to confirm because of transaction malleability?

I think someone is confused....


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: TheGr33k on October 09, 2015, 05:35:34 AM
Quote
Everybody’s bitcoins still get where they need to go, but it could take hours for the transaction to be confirmed instead of the usual 10 minutes
Ummm, why exactly would it take longer to confirm because of transaction malleability?

I think someone is confused....

It seems like people are pretending like they're waiting for the conflicted transaction to verify itself.. The transaction that gets approved gets approved just as quickly as any other regular transaction does.
People are blowing this problem way out of proportion because it looks scary. It's unfortunate to see so much panic, but what can you expect from the public.. Hopefully it will get patched soon and we can all shh


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: VirosaGITS on October 09, 2015, 05:35:41 AM
Quote
Everybody’s bitcoins still get where they need to go, but it could take hours for the transaction to be confirmed instead of the usual 10 minutes
Ummm, why exactly would it take longer to confirm because of transaction malleability?

I think someone is confused....

He is confusing this issue with the spam attack that raised the miner tx fee for sure. This malleability attack has nothing to do with that and sure a lot of transaction DOUBLE get rejected, that doesn't mean its not business as usual.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: TheGr33k on October 09, 2015, 05:37:49 AM
Quote
Everybody’s bitcoins still get where they need to go, but it could take hours for the transaction to be confirmed instead of the usual 10 minutes
Ummm, why exactly would it take longer to confirm because of transaction malleability?

I think someone is confused....

He is confusing this issue with the spam attack that raised the miner tx fee for sure. This malleability attack has nothing to do with that and sure a lot of transaction DOUBLE get rejected, that doesn't mean its not business as usual.

Sometimes script kitties like to pretend like anything out of the ordinary is spectacular and they're virtual gods in their own right. They try to show off, get publicity and pretend like they're rich because of these things because then they can lure in other scammers to scam them, and who would be there to stop them ?


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: amaclin on October 09, 2015, 05:43:48 AM
Sometimes script kitties like to pretend like anything out of the ordinary is spectacular and they're virtual gods in their own right. They try to show off, get publicity and pretend like they're rich because of these things because then they can lure in other scammers to scam them, and who would be there to stop them ?
Are you talking about bitcointers?  ;D
I saw a very long topic they pretend to be "new elite"


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: TheGr33k on October 09, 2015, 05:48:08 AM
Sometimes script kitties like to pretend like anything out of the ordinary is spectacular and they're virtual gods in their own right. They try to show off, get publicity and pretend like they're rich because of these things because then they can lure in other scammers to scam them, and who would be there to stop them ?
Are you talking about bitcointers?  ;D
I saw a very long topic they pretend to be "new elite"

All I know is the more the security flaws of bitcoin get exploited while we're still in the early stages, the better. I'm going to go ahead and tip my hat to any and everyone involved in making the blockchain more secure. Bitcoin protocol needs to be drilled repeatedly until it's going to have any valuable usage in the real world. Thank you for your service, soldier. :D


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Guido on October 09, 2015, 05:48:44 AM
thanks for link to story tokeweed

very annoying but does need addressing
I have little faith in the core developers or foundation to agree zip these days
plus it takes them months, years to even code something small, then they make out their genius'

maybe this guy is doing us a favour in a way
but what if multiple people start doing it? what if he makes his 100 line code opensource

exchanges like cryptsy can't even get basic wallets for alts resynced in over a week. then shut down btc wallet for withdrawals due to this issue for days

shows how fragile things are right now

it would only take a few of these guys to affect price in a bad way, add block debate to conversation too


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: TheGr33k on October 09, 2015, 05:53:18 AM
thanks for link to story tokeweed

very annoying but does need addressing
I have little faith in the core developers or foundation to agree zip these days
plus it takes them months, years to even code something small, then they make out their genius'

maybe this guy is doing us a favour in a way
but what if multiple people start doing it? what if he makes his 100 line code opensource

exchanges like cryptsy can't even get basic wallets for alts resynced in over a week. then shut down btc wallet for withdrawals due to this issue for days

shows how fragile things are right now

it would only take a few of these guys to affect price in a bad way, add block debate to conversation too

The core developers need assistance all on fronts, because they're short-staffed and not paid. I don't personally think it would be the end of the world for bitcoin to get hammered in price while we work out some bugs/growing-pains. Weak exchanges, pump-and-dumps and investors that don't belong in the cryptography industry will get theirs if this were the case. Scare away the bandits, feign disorder comrades.

Core has had a fix for this already however, and most 3rd parties are failing to adopt.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Q7 on October 09, 2015, 05:54:40 AM
I think he has done the community a great deal of favor by pointing out weaknesses in the system. At least once we know where the loophole is we can have a patch to cover up during the next update. At least on the bitcoin price this has not been affected as it is still on yhe uptrend.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: amaclin on October 09, 2015, 06:05:41 AM
what if he makes his 100 line code opensource
Do not worry about it.
One has some knowledge in bitcoin protocol and programming skills would be able to write it himself.

upd: typo fixed


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: TheGr33k on October 09, 2015, 06:08:30 AM
what if he makes his 100 line code opensource
Do now worry about it.
One has some knowledge in bitcoin protocol and programming skills would be able to write it himself.


Basically it is already open-source, at least as of recently. Anyone who wants to be doing this is already doing it because they can easily find the resources readily available to do so.
I'm sure anybody with advanced knowledge has moved on to the next thing and this is old-news, and not worth anymore time.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: alwinlinzee on October 09, 2015, 06:41:03 AM
There seems to be similarity between these names Alister Maclin and Amaclin or it was just a coincidence?


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: TKeenan on October 09, 2015, 07:00:10 AM
Why should somebody fix vunerability if you do not want to pay for fixing?
I am going to kill your dog.  Your dog is vulnerable.  I could fix this vulnerability - but you are going to have to pay me for that.

Fuck you Maclin.  It is very hard to build a tall building.  It is very easy to blow one up.  You think you are some kind of genius?  Typical Russian prick.  

If you are even slightly talented, use your talent to improve the protocol rather than finding a weakness to exploit and get off trying to claim you dominate bitcoin.  The core devs will remove this minor tick in due course and you will again be the same miserable piece of shit you were yesterday.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: ~Bitcoin~ on October 09, 2015, 07:06:36 AM
Why the member who love bitcoin is trying to break its network or working system? Is it only for security test or just to get bitcoin down? Everybody here i think loves the way bitcoin work but why all of these test or attacks going on by the people who love bitcoin.  ??? ???


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Guido on October 09, 2015, 07:18:55 AM
Why the member who love bitcoin is trying to break its network or working system? Is it only for security test or just to get bitcoin down? Everybody here i think loves the way bitcoin work but why all of these test or attacks going on by the people who love bitcoin.  ??? ???

try reading the article by visiting link
he doesn't love bitcoin


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: --Encrypted-- on October 09, 2015, 07:22:05 AM
Why the member who love bitcoin is trying to break its network or working system? Is it only for security test or just to get bitcoin down? Everybody here i think loves the way bitcoin work but why all of these test or attacks going on by the people who love bitcoin.  ??? ???

it will only make it stronger, if anything. any kind of system will improve every time it faced and survived an attack.
nothing is broken. and these attacks will not break bitcoins.

if bitcoin can be taken down by just one man then it should be considered a failed system.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: amaclin on October 09, 2015, 07:36:19 AM
There seems to be similarity between these names Alister Maclin and Amaclin or it was just a coincidence?
yes it's me


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: amaclin on October 09, 2015, 07:37:57 AM
If you are even slightly talented, use your talent to improve the protocol
It is not possible [to improve protocol].

any kind of system will improve every time it faced and survived an attack.
Wrong assumption.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: alwinlinzee on October 09, 2015, 07:44:31 AM
There seems to be similarity between these names Alister Maclin and Amaclin or it was just a coincidence?
yes it's me
More than anything i like people that says the truth even in the faces of strong oppositions.
If i may ask, why did you do it? and what do you intend to achieve?


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: amaclin on October 09, 2015, 07:47:00 AM
More than anything i like people that says the truth even in the faces of strong oppositions.
If i may ask, why did you do it? and what do you intend to achieve?
I want to tell you that bitcoin is too weak for you lifetime savings


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: onemorexmr on October 09, 2015, 07:48:53 AM
More than anything i like people that says the truth even in the faces of strong oppositions.
If i may ask, why did you do it? and what do you intend to achieve?
I want to tell you that bitcoin is too weak for you lifetime savings

but you havent shown that?

only thing you showed is that many services are unable to learn from past accidents...but nothing bad happened because of your mallability "attack": even the price did not react.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: LMGTFY on October 09, 2015, 07:57:04 AM
More than anything i like people that says the truth even in the faces of strong oppositions.
If i may ask, why did you do it? and what do you intend to achieve?
I want to tell you that bitcoin is too weak for you lifetime savings

Uh, OK. Are many Bitcoin users keeping their lifetime savings in BTC? What proportion of users are we talking about? And how did you find this out?

How has this proportion changed as your efforts to educate users progress?


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: amaclin on October 09, 2015, 08:00:21 AM
but you havent shown that?
Should I talk about atheism in a church?


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: mezzomix on October 09, 2015, 08:03:41 AM
but you havent shown that?

No, but at least he had his 5 minutes of fame.  ;)


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: alwinlinzee on October 09, 2015, 08:14:01 AM
More than anything i like people that says the truth even in the faces of strong oppositions.
If i may ask, why did you do it? and what do you intend to achieve?
I want to tell you that bitcoin is too weak for you lifetime savings
Good to understand your reason but now that you know about its weakness how do we make it strong because there is possibility that a lot of people might die of one ailment or the other if they loss their bitcoins especially those that have put their life investment in it.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: LMGTFY on October 09, 2015, 08:25:32 AM
More than anything i like people that says the truth even in the faces of strong oppositions.
If i may ask, why did you do it? and what do you intend to achieve?
I want to tell you that bitcoin is too weak for you lifetime savings
Good to understand your reason but now that you know about its weakness how do we make it strong because there is possibility that a lot of people might die of one ailment or the other if they loss their bitcoins especially those that have put their life investment in it.

What drew me to Bitcoin initially is that it gives me control over my finances. With that control comes responsibility. If anyone has put all their life savings in Bitcoin, they need to take responsibility for that.

However, I remain to be convinced that people are that naïve, and in sufficient numbers, to warrant the excuse amaclin has offered.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: amaclin on October 09, 2015, 08:26:44 AM
Good to understand your reason but now that you know about its
weakness how do we make it strong because there is possibility
that a lot of people might die of one ailment or the other if they
loss their bitcoins especially those that have put their life investment in it.

Let me give you an example.
Assume you have two semi identical electric instruments. For example two drills.
The only difference between them that the first one consumes 1kWH and the second 2kWH
You are reasonable.
What will you do? There are several possibilities:
1) Use both instruments time-to-time
2) Use first one
3) Use second one
4) Modify first one to improve it
5) Modify second one to improve it
6) Research the difference and improve both instruments...
7) ... etc



Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: onemorexmr on October 09, 2015, 08:27:57 AM
wever, I remain to be convinced that people are that naïve, and in sufficient numbers, to warrant the excuse amaclin has offered.

actually we need people attacking bitcoin. and as amaclin has shown that some services are still vulnerable to this he made bitcoin a favor.

i just cant follow his reasoning


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: hedgy73 on October 09, 2015, 08:28:50 AM
We need to get all the vulnerabilities out of the way.
1) Are you sure that every problem has a solution? (I am talking not about bitcoin, this is generic question)
2) Why should somebody fix vunerability if you do not want to pay for fixing?

So can the vulnerability be fixed that you have exploited?


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: onemorexmr on October 09, 2015, 08:34:18 AM
We need to get all the vulnerabilities out of the way.
1) Are you sure that every problem has a solution? (I am talking not about bitcoin, this is generic question)
2) Why should somebody fix vunerability if you do not want to pay for fixing?

So can the vulnerability be fixed that you have exploited?

his answer will be: "no, and it cant be fixed without open another one" (he has already answered that one)

my answer is:
 - some services have improved (eg coinbase)
 - its not a vulnerability at all (no money got lost that way; its just a little inconvenient)
 - there is a BIP which may get implemented


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: amaclin on October 09, 2015, 08:37:52 AM
So can the vulnerability be fixed that you have exploited?
This one can be fixed.
But tx malleability is not major problem of bitcoin.

his answer will be: "no, and it cant be fixed without open another one" (he has already answered that one)
Sorry. I see here some misunderstanding
Fixing the vulnerability can lock your funds and open problems.
I do not know how to explain it more clear.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: --Encrypted-- on October 09, 2015, 08:44:13 AM
This one can be fixed.
But tx malleability is not major problem of bitcoin.

then what is this problem that makes bitcoin "too weak for our lifetime savings"?


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: johnyj on October 09, 2015, 02:00:09 PM
http://statoshi.info/dashboard/db/transactions

Just one month after the coinwallet spam, here is another one. Currently my mempool is 25MB and I have not raised the minrelayfee

This proved that you must have a very small block size to make sure the network and CPU can handle this kind of spam

And I think default fee should raise to 0.0005 to make this kind of attack more expensive


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Mickeyb on October 09, 2015, 02:07:52 PM
All of this stuff, all these attack, stress tests, malleability attacks can only improve Bitcoin network. Devs and smart people of this community will see the problems and release patches while preventing this from happening again. This is the way I see it.

So nothing is broken. I wouldn't be worried until if some day some person causes the attack that will make people lose coins for example, this would be devastating. All these other attacks are just helping us in a long run.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: BitcoinNewsMagazine on October 09, 2015, 02:11:35 PM
thanks for link to story tokeweed

very annoying but does need addressing
I have little faith in the core developers or foundation to agree zip these days
plus it takes them months, years to even code something small, then they make out their genius'

maybe this guy is doing us a favour in a way
but what if multiple people start doing it? what if he makes his 100 line code opensource

exchanges like cryptsy can't even get basic wallets for alts resynced in over a week. then shut down btc wallet for withdrawals due to this issue for days

shows how fragile things are right now

it would only take a few of these guys to affect price in a bad way, add block debate to conversation too

The core developers need assistance all on fronts, because they're short-staffed and not paid. I don't personally think it would be the end of the world for bitcoin to get hammered in price while we work out some bugs/growing-pains. Weak exchanges, pump-and-dumps and investors that don't belong in the cryptography industry will get theirs if this were the case. Scare away the bandits, feign disorder comrades.

Core has had a fix for this already however, and most 3rd parties are failing to adopt.

Take some time and read bitcoin-dev transcripts (http://bitcoinstats.com/irc/bitcoin-dev/logs/2015/10/08#l1444332212.0) end of each day. Developers are quite aware of the problem and are already addressing it. amaclin had his 15 minutes time to move on.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: kolloh on October 09, 2015, 02:25:28 PM
These attacks will only make bitcoin stronger as bitcoin is further developed and patches are put in place to help prevent these things.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Holliday on October 09, 2015, 04:19:24 PM
More than anything i like people that says the truth even in the faces of strong oppositions.
If i may ask, why did you do it? and what do you intend to achieve?
I want to tell you that bitcoin is too weak for you lifetime savings

So, what is strong enough for my lifetime savings?


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Nicolas Dorier on October 10, 2015, 02:42:53 AM
amaclin, I appreciate what you are doing, but I also don't get my head around your motivations, nor why it proves that Bitcoin is weak.

It makes me think of the first spam, all sirens ringing that Bitcoin will die of small block, then the next one nobody cared about because it was fixed by every actors, at every level.
The 1GB mempool one was a bit more bothersome, but still not a big deal and that will be fixed soon at the bitcoin core level.

What do you consider "safe enough for your life savings" ? I'm not exactly bullish on the alternatives either.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: tl121 on October 10, 2015, 03:01:52 AM
Responsible disclosure of what is (more or less) a security bug, would be to notify the developers of the problem and give them some time to post a fix.  After the time period has expired, it would seem perfectly reasonable to publish the bug. As I understand it, this class of problems has been known for several years.  Thus it is not surprising that we are getting these attacks now. There is considerable history that shows that often a KITA is often needed to get security bugs fixed in proprietary and open source software.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: AGD on October 10, 2015, 07:25:37 AM
So if amaclin makes these 100 lines of code public, Bitcoin will die?


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Amph on October 10, 2015, 07:28:36 AM
So if amaclin makes these 100 lines of code public, Bitcoin will die?

no, this is only a pesky attack, it will not broke nothing

More than anything i like people that says the truth even in the faces of strong oppositions.
If i may ask, why did you do it? and what do you intend to achieve?
I want to tell you that bitcoin is too weak for you lifetime savings

So, what is strong enough for my lifetime savings?

i can guess... bank? but that would be hilarious, unless he is working there and want to destroy the little hype arond bitcoin


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: alwinlinzee on October 10, 2015, 08:39:28 AM
Good to understand your reason but now that you know about its
weakness how do we make it strong because there is possibility
that a lot of people might die of one ailment or the other if they
loss their bitcoins especially those that have put their life investment in it.

Let me give you an example.
Assume you have two semi identical electric instruments. For example two drills.
The only difference between them that the first one consumes 1kWH and the second 2kWH
You are reasonable.
What will you do? There are several possibilities:
1) Use both instruments time-to-time
2) Use first one
3) Use second one
4) Modify first one to improve it
5) Modify second one to improve it
6) Research the difference and improve both instruments...
7) ... etc


You are speaking in parable but i feel that we should speak plain and direct words  in a matter that is as sensitive as this.
I do not see this as a competitions for people to display their skills we should thread this with CAUTION


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: turtlehurricane on October 10, 2015, 08:52:07 AM
I built a program that does the exact same thing, it's script kiddie stuff. This form of 'attack' is not an issue, barely a nuisance if anything.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Denker on October 10, 2015, 10:08:24 AM
All of this stuff, all these attack, stress tests, malleability attacks can only improve Bitcoin network. Devs and smart people of this community will see the problems and release patches while preventing this from happening again. This is the way I see it.

So nothing is broken. I wouldn't be worried until if some day some person causes the attack that will make people lose coins for example, this would be devastating. All these other attacks are just helping us in a long run.

Yes I agree with you. Bitcoin is still a baby and will have to withstand several growing pains I believe. After each solved issue and flaw Bitcoin becomes more and more resilient.I'm not worried for the slightest.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Nicolas Dorier on October 10, 2015, 10:10:08 AM
I built a program that does the exact same thing, it's script kiddie stuff. This form of 'attack' is not an issue, barely a nuisance if anything.
Can you run it so it force HighS to LowS ? Would limit the consequences of the attack


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: turtlehurricane on October 10, 2015, 10:38:44 AM
I built a program that does the exact same thing, it's script kiddie stuff. This form of 'attack' is not an issue, barely a nuisance if anything.
Can you run it so it force HighS to LowS ? Would limit the consequences of the attack
I'm talking about spam attack, I I didn't see that part in the OP about malleability. I built a dust collector to get that coinwallet.eu giveaway BTC and it totally worked, lots and lots of double spends and rejected transactions though.

The data in the OP looked more like a dust attack to me, where's the proof that was the high S low S attack?

Both are a nuisance in any case, not real attacks...


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: AGD on October 10, 2015, 10:46:22 AM
So if amaclin makes these 100 lines of code public, Bitcoin will die?

no, this is only a pesky attack, it will not broke nothing

This is not a "pesky attack" anymore, when a few thousand people or a botnet start to run the script.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: mezzomix on October 10, 2015, 11:01:29 AM
It's not an attack at all. It's a test for bad implementations and bad business models. My nodes do not even relay those high S transactions.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: RussianRaibow on October 10, 2015, 11:02:46 AM
So if amaclin makes these 100 lines of code public, Bitcoin will die?

no, this is only a pesky attack, it will not broke nothing

This is not a "pesky attack" anymore, when a few thousand people or a botnet start to run the script.
For those, using a correct wallet implementation, that does not try to spend UTXO, it'd still be a "pesky attack". Certain bitcoin processor/forwarder/notifier are doing it wrong, e.g. BitPay. They're accepting unconfirmed Tx. They are gonna suffer.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: mezzomix on October 10, 2015, 02:00:25 PM
Certain bitcoin processor/forwarder/notifier are doing it wrong, e.g. BitPay. They're accepting unconfirmed Tx.

The only problem is to use unconfirmed transaction outputs to create new transactions. Accepting unconfirmed transactions is no problem if it's done right. The changed S value does not change the transaction input or output definitions.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Amitabh S on October 10, 2015, 02:15:16 PM
Which exchange was this attack related to? I can assume several wallets and exchanges will lose money if they use txhash to determine whether a payment was successful. This is apparently what MagicalTux claims to have emptied Gox's wallets (which seems implausible). 


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: mezzomix on October 10, 2015, 03:54:18 PM
Which exchange was this attack related to? I can assume several wallets and exchanges will lose money if they use txhash to determine whether a payment was successful. This is apparently what MagicalTux claims to have emptied Gox's wallets (which seems implausible). 

Mark Karpeles lied when he claimed that this money was lost because of transaction malleability. Today the transaction malleabilty behaviour is well known. Only dumb idiots send a money again without any check and lose money if they do not find the expected transaction ID in a block.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: dothebeats on October 10, 2015, 04:05:57 PM
Actually, it's pretty good that someone is exploiting some vulnerabilities in the network for the developers to take a closer look at the code and patch it up as soon as they can. What's annoying is that it hurts businesses and normal individuals who just wants to send and receive transactions. It kinda scares them to accept bitcoin and be open about it again.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: tl121 on October 10, 2015, 05:23:08 PM
Actually, it's pretty good that someone is exploiting some vulnerabilities in the network for the developers to take a closer look at the code and patch it up as soon as they can. What's annoying is that it hurts businesses and normal individuals who just wants to send and receive transactions. It kinda scares them to accept bitcoin and be open about it again.

The problem isn't that the developers didn't understand the problem or know how to fix it.  The problem is that they lacked the leadership skills to implement the fix.  They have known about the problem since October 4, 2012!

https://bitcointalk.org/index.php?topic=8392.msg1245898#msg1245898

The problem is that bitcoin lacks leadership and governance.  There are "leaders" who can foresee problems but who can not propose and sell acceptable solutions.  The  malleability attack has been known for three years, but no fix has been deployed.  This is because the "leaders" are afraid that the obvious solutions would not be implemented by the followers.  A "leader" who is afraid that he would not be followed is no leader.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: mezzomix on October 10, 2015, 05:27:42 PM
Seems that 0.11.1 will get the low S check: https://github.com/bitcoin/bitcoin/commit/71cc9d9fe829efd9c9b012c4cd1ece1d988b4869 (https://github.com/bitcoin/bitcoin/commit/71cc9d9fe829efd9c9b012c4cd1ece1d988b4869)


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: thejaytiesto on October 10, 2015, 05:50:42 PM
thanks for link to story tokeweed

very annoying but does need addressing
I have little faith in the core developers or foundation to agree zip these days
plus it takes them months, years to even code something small, then they make out their genius'

maybe this guy is doing us a favour in a way
but what if multiple people start doing it? what if he makes his 100 line code opensource

exchanges like cryptsy can't even get basic wallets for alts resynced in over a week. then shut down btc wallet for withdrawals due to this issue for days

shows how fragile things are right now

it would only take a few of these guys to affect price in a bad way, add block debate to conversation too

I haven't done any Bitcoin movements in the past week so I don't know to what extent this is a real problem. I need to get my Bitcoins from Coinut to my wallet so we'll see how it goes. I think it's clear somethings needs to be done quick but its a bit overblown saying he broke anything.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: iGotSpots on October 11, 2015, 01:59:50 PM
I move BTC daily for years and never even felt a hiccup the entire time. Nice 'attack' lol


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: notbatman on October 11, 2015, 10:13:29 PM
Ok, I don't know exactly what they/he were/was doing but Microsoft just patched it. The attack has to be more than just on the Bitcoin network, as you can see whatever MS changed in the last update fixed it.

Here's today's snapshot with the patch being applied just before 12 PM.

https://i.imgur.com/0jS1djD.png

Here's a week long snapshot.

https://i.imgur.com/5uI8byd.png

Looks like this new attack started on the 8th.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: mayax on October 11, 2015, 11:00:50 PM
Actually, it's pretty good that someone is exploiting some vulnerabilities in the network for the developers to take a closer look at the code and patch it up as soon as they can. What's annoying is that it hurts businesses and normal individuals who just wants to send and receive transactions. It kinda scares them to accept bitcoin and be open about it again.

The problem isn't that the developers didn't understand the problem or know how to fix it.  The problem is that they lacked the leadership skills to implement the fix.  They have known about the problem since October 4, 2012!

https://bitcointalk.org/index.php?topic=8392.msg1245898#msg1245898

The problem is that bitcoin lacks leadership and governance.  There are "leaders" who can foresee problems but who can not propose and sell acceptable solutions.  The  malleability attack has been known for three years, but no fix has been deployed.  This is because the "leaders" are afraid that the obvious solutions would not be implemented by the followers.  A "leader" who is afraid that he would not be followed is no leader.


"leader" means central power. central power means BTC belongs to "him". You want decentralization? Then, face it :)


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: BitcoinNewsMagazine on October 11, 2015, 11:13:21 PM
Ok, I don't know exactly what they/he were/was doing but Microsoft just patched it. The attack has to be more than just on the Bitcoin network, as you can see whatever MS changed in the last update fixed it.

Here's today's snapshot with the patch being applied just before 12 PM.

https://i.imgur.com/0jS1djD.png

Here's a week long snapshot.

https://i.imgur.com/5uI8byd.png

Looks like this new attack started on the 8th.

Microsoft patching bitcoin? Source for your graphs please. Statoshi (http://statoshi.info/dashboard/db/transactions) shows there is still a problem:

https://bitcoinnewsmagazine.com/wp-content/uploads/2015/08/screenshot-statoshi-info-2015-10-11-19-08-42.png


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Plento on October 11, 2015, 11:14:36 PM
I'm generally a fan of these attacks.  Highlights problems that require a resolve.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: rychallenge on October 11, 2015, 11:25:46 PM
Nothing's broken.

Nope but it caused some annoying disruptions nonetheless.
a lot of annoying distruption, across many service in bitcoin.

thing like this i think is good...this way bitcoin and community can help fix these error from happening in issues in future!


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Meuh6879 on October 12, 2015, 12:03:38 AM
Nothing's broken.

Nope but it caused some annoying disruptions nonetheless.

like 100% CPU in poor nodes ...
but the other face of this, i can test the maxmempooltx setting now (500-800).

http://imagizer.imageshack.us/a/img909/6038/bcyHbV.png


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: Meuh6879 on October 12, 2015, 12:08:27 AM
a lot of annoying distruption, across many service in bitcoin.

many block explorer crash, it's true.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: notbatman on October 12, 2015, 12:18:39 AM
Ok, I don't know exactly what they/he were/was doing but Microsoft just patched it. The attack has to be more than just on the Bitcoin network, as you can see whatever MS changed in the last update fixed it.

Here's today's snapshot with the patch being applied just before 12 PM.

https://i.imgur.com/0jS1djD.png

Here's a week long snapshot.

https://i.imgur.com/5uI8byd.png

Looks like this new attack started on the 8th.

Microsoft patching bitcoin? Source for your graphs please. Statoshi (http://statoshi.info/dashboard/db/transactions) shows there is still a problem:

https://bitcoinnewsmagazine.com/wp-content/uploads/2015/08/screenshot-statoshi-info-2015-10-11-19-08-42.png

Obviously MS isn't patching bitcoind directly but their patch clearly resolved the issue. The source of the graph is p2pool. Finally, I don't consider a backlog of spam an issue; I reject everything under 0.0005 BTC as spam.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: shorena on October 12, 2015, 08:30:50 AM
Ok, I don't know exactly what they/he were/was doing but Microsoft just patched it. The attack has to be more than just on the Bitcoin network, as you can see whatever MS changed in the last update fixed it.

Here's today's snapshot with the patch being applied just before 12 PM.

https://i.imgur.com/0jS1djD.png

Here's a week long snapshot.

https://i.imgur.com/5uI8byd.png

Looks like this new attack started on the 8th.

Microsoft patching bitcoin? Source for your graphs please. Statoshi (http://statoshi.info/dashboard/db/transactions) shows there is still a problem:

https://bitcoinnewsmagazine.com/wp-content/uploads/2015/08/screenshot-statoshi-info-2015-10-11-19-08-42.png

Obviously MS isn't patching bitcoind directly but their patch clearly resolved the issue. The source of the graph is p2pool. Finally, I don't consider a backlog of spam an issue; I reject everything under 0.0005 BTC as spam.

I have questions...

#1 what does the graphs show? The x axis is unlabelled.

#2 What MS patch are you talking about?


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: notbatman on October 12, 2015, 09:06:43 AM
Ok, I don't know exactly what they/he were/was doing but Microsoft just patched it. The attack has to be more than just on the Bitcoin network, as you can see whatever MS changed in the last update fixed it.

Here's today's snapshot with the patch being applied just before 12 PM.

https://i.imgur.com/0jS1djD.png

Here's a week long snapshot.

https://i.imgur.com/5uI8byd.png

Looks like this new attack started on the 8th.

Microsoft patching bitcoin? Source for your graphs please. Statoshi (http://statoshi.info/dashboard/db/transactions) shows there is still a problem:

https://bitcoinnewsmagazine.com/wp-content/uploads/2015/08/screenshot-statoshi-info-2015-10-11-19-08-42.png

Obviously MS isn't patching bitcoind directly but their patch clearly resolved the issue. The source of the graph is p2pool. Finally, I don't consider a backlog of spam an issue; I reject everything under 0.0005 BTC as spam.

I have questions...

#1 what does the graphs show? The x axis is unlabelled.

#2 What MS patch are you talking about?

1) That's my hash rate over time.

2) Not sure, MS automatically installs updates and I haven't bothered see what was installed; KB articles tend to be a dry read.


Title: Re: Man Behind Week-Long Bitcoin Attacks Reveals Himself
Post by: amaclin on October 12, 2015, 09:19:51 AM
2) Not sure, MS automatically installs updates and I haven't bothered see what was installed; KB articles tend to be a dry read.

I am waiting for a day when Bitcoin Core updates will be installed automatically. ;D