Bitcoin Forum

thinking about developing a DDOS coin based on attacking SSL certificate usage and a vpn coin that acts as a p2p proxy

It would help if you could elaborate  what you mean by 'DDOS coin' besides letting us speculate based on the name of it.
How can we know if it's possible if we have absolutely no idea what you're talking about? Is it a coin that will be used to carry out DDoS attacks? If so, then hell no. That'd be illegal and the developers would go down pretty fast.

ya a coin that would pay per DDOS of a website.  Sorry I didn't know someone had already posted a whitepaper on this subject.  I'll post algorithm and show that its possible. 

true

DDoS is not “activism”.  It is vigilante censorship via Internet arson.  Its ultimate result is to increase the centralization of the Internet under the power of huge “anti-DDoS” corporations who are part of the mass-surveillance infrastructure—thus destroying both privacy (https://bitcointalk.org/index.php?topic=2527738.msg25852987#msg25852987) and freedom of speech (https://bitcointalk.org/index.php?topic=2595534.msg26417042#msg26417042) in one blow.

Cloudflare loves scum like you (https://bitcointalk.org/index.php?topic=2485318.msg25449826#msg25449826); you are the enforcers who shove sites under their control.  Sites such as bitcointalk.org.

I hope you die of cancer.

Duly noted but 0day attacks are able to bring even the biggest conglomerates to their knees.  Also, shouldn't the antisec cartelize under a crypto currency to combat the cartel formation of the security/surveillance state?  

I think the most likely targets would be massive financial institution.  After all its for https only

https://www.youtube.com/watch?v=6J9ayHYClw8 (https://www.youtube.com/watch?v=6J9ayHYClw8)

your logic: somehow all antisec is secretly in bed with some omnipotent security apparatus

Isn't it dangerous? I mean come on, you know what will happen when you DDoS a website, right? And also it will consist of a team of hackers. How can you really make this coin to be on top? Unless if you are one of the bad guy out there, then this project will fit to them but it's not advisable to everyone since you are making trouble if you DDoS a website.

ya its dangerous.  being rich in bitcoins is also dangerous.  algorithm posted below. 

No, I think the most likely targets are sites such as bitcointalk.org—see below.  Plus the six million other sites which Cloudflare claims as customers.  Plus sites which have been censored off the Internet by DDoS.  And here, you want to (further) commercialize DDoS—so that anybody with deep pockets (or Deep State connections) can more easily buy censorship on demand.  Sounds like fun!

Do you really think that a big bank has a problem shielding its network behind another huge corporation’s anti-DDoS network?  This isn’t 2011 anymore.  They’re wise to this stuff.  Yet the more you monetize DDoS, the more likely a big bank will secretly buy some extra DDoS against its most hated competitor, bitcointalk.org.


No.  My read is that either you’re an undercover agent, or you’re a patsy sleeping on the floor next to the foot of the bed of the “omnipotent security apparatus” while you delude yourself that you’re fighting it.

I’m not bothering with your video right now.  It’s too cumbersome with my high-security Tor setup.

P.S., I forgot:


What the hell are you talking about?  Bitcoin isn’t illegal.  Unfortunately, neither is the absurdist centralized exploding clown car known as Ethereum—the coin which can’t keep its promises that code is law (https://web.archive.org/web/20160704190119/https://daohub.org/explainer.html).

I figure this is a pretty junk thread so I don't mind derailing slightly. Just wondering if you could briefly expound on the "centralized" issue.  I am much weaker in my deep knowledge of the Ethereum ecosystem than I am of Bitcoin.  My understanding is that they can not forcefully push code revisions to nodes.  But that Vitalik does have significant sway over the public opinion as a figure head, and therefore there is a socially centralized element.  Is there a formal "proof" of the underlying centralization/censorship, above and beyond social tendencies?

(For the record, I do have an issue with the DAO hard fork, I just don't know enough about the technical layout of their protocol to argue against them in an educated manner, which I would like to)

How are you going to be able to prove that you are DDoS'ing a website in order to get paid in "DDOS coins"? Is that something you can prove at all, or is proof not a necessity here?

What stops anyone to pay with BTC/LTC/ETH/USD/anything for DDOS attack?

(Also you may want to know that DDOS attakcs can be illegal)

It is a necessity of course. Here is more info about it: https://thehackernews.com/2016/08/ddoscoin-cryptocurrency.html

This will add no value to the Internet, honestly.
You should create DDoS prevention coin instead.

Seems you don't like crypto by the way.

Well i wanted to build contracts for ETH and charge people gas for using the contract much like I could
write using .Net web-services that could be deployed on ETH nodes that would fit the bill just fine but i was thinking
more like a service that could make calls out to HTTP web servers to validate credit card details or something

I am not sure but i don't think this is possible and ETH contracts are more about just storing strings or numbers
in a distributed system and charging "Gas" for doing so which makes it more like a global abacus in my book even if it used locks and ledgers
that is designed to make more profit for the miners/nodes

Please someone step in if you believe that i am wrong and put me right

What i would like to see is a type of contract/program that can be deployed and then used as a type of VPN or proxy-server
that uses credits or gas to ensure people using the service can only get free resources on the network if they are also
providing services to the network which could be anything from hosting a database to allowing others to share their
internet connection of even earned by helping other networks with mining coins.

if someone has not built this type of thing already then they soon will me thinks but it might well need a number
of centralized coordinators much like Bit-Torrent to work because trying to store even a small amount of data for
7.5bn people on 50,000 distributed machines all replicating each others is something that has already been tried out
and it does not scale, wastes resources but web-sites held on such a system like I have outlined here would be almost
impossible to DDOS. Throw in a few fall-over servers that charge extra gas in an emergency and you start to get a stable system.

This is the reason BTC can only process 7 transactions a second and VISA-Card can do 25,000 a second but the
penny is not dropping yet with the Bitcoin community 

I read the little advert in the footer of your post and was using Tor for years, loved it and even ran exit nodes at times
and even added code to a proxy server that would speed Tor up by sending some requests direct and some via Tor
because as you know it's dead slow.

That was until the day that a dedicated machine I was using to screen scrape a web-site via Tor picked up
a WannaCry virus that then encrypted all my files just about and left ransom notes all over the place asking
for payment via Bitcoin.

I used a remote terminal to monitor the machine from time to time and was not browsing or automating
a browser on the machine so can you guess where i think I picked the virus up from ?

My firewall blocks the DDOS but this attack got past me and now you know as much as i know but it's
very rare that i use Tor these days

I am no expert on WannaCry worm, but I can tell you some things about it as far as I know.

First of all, infections by viruses and worms almost always have nothing to do with DoS attacks (even more so with DDoS attacks).

WanaCry's main (I can't even find info on any other) propagation technique was over the network (this is why it is a worm, not a virus) using a SMB port.
It exploited a vulnerability in Windows initially discovered by NSA and kept secret for years until someone hacked and published it with many other fully developed exploits and hacking tools on the Internet. They called themselves The Shadow Brokers, as they tried selling some of them.

So your main issue here was using Windows, of course, instead of a well developed open source operating system like many Linux distributions.
But updating your Windows would have helped in this particular scenario.

I agree windows has more back doors than anything and is CIA spyware but i am very good with both inbound and outbound firewall rules on
the router and also keep an eye on process running and i am in a much better position than you to put a finger in the air and say where this virus
came from not that i can ever be 100% certain it was not something running inside Srvhost , Conhost , Taskhost and ten other windows programs
that are designed to make our machine to operate more like a remote terminal than a "Personal PC"

Infection was nothing to do with DDOS and I run a program to read sys-logs from the router and it's programmed
to kick back when i care to run it but it get boring in the end

Tor i tell you, don't make excuses for them, i loved it as much as you do today before this happened

"But updating your Windows would have helped in this particular scenario."

You mean download more MS back doors as the previous doors that have become public knowledge becomes locked

Windows is shit but it's too late for me to jump ship to Linux Mint or something

 

its illegal to run a 3rd party currency in every country in the world!!

The algorithm is 100% cryptographically secure and verifiable because of the use of a signing key in SSL.  Meaning its a form of POW not proof of bandwidth. 

Im glad to see some of the people here are still demanding trustless technology as opposed to "crypto currency 3.0" which is all going towards trust based (while patting themselves on the back as geniuses).  

ya the idea for a ddos coin has been kicked around on here since 2014 but nobody ever made one.  I'm obviously not Fed or NSA.  Don't lie you can't beat DDOS if the DOSers assign a random IP for each new ping.  

please refrain from quoting as the topic is sensitive and I often edit my posts in case I post inappropriately. 

wow someone else knows the algorithm. I thought I was unique... although I first conceived of this algorithm years ago I see now that someone else knows about it.  

https://thehackernews.com/2016/08/ddoscoin-cryptocurrency.html

maybe Eric and Benjamin hit financial markets instead of showing up in p2p??

Okay, wiseacre.  I cede to your superior knowledge of the world.  But then, I have a question for you:  Praytell, how do the Bitcoin developers get away with it?  Satoshi “always used Tor” (https://bitcointalk.org/index.php?topic=178330.msg1869406#msg1869406), as do I; but most current Bitcoin developers have their legal names, photos, and physical locations easily discoverable by the police.  Please explain to me their elite capture-avoidance techniques which they use to stay out of prison whilst developing illegal currency.  They have nowhere to run, if it’s “illegal in every country in the world!!”

Somebody should also tip off the Winkevoss brothers so they can stay one step ahead of the heat.


Glad to hear it.


If it’s not decentralized, trustless, and permissionless, then it’s Paypal 2.0 (but so much slower and more expensive than the real Paypal).

it wouldn't be illegal to make this, its only illegal to participate in a ddos or run the software.  

but then technically it could be considered export of munitions under cryptographic controls and running a 3rd party currency.  Satoshi is probably dead!!  some people make sacrifices for a tech enabled future they believe in. 

according to this research...  ddos coin would be both trustless and p2p.  that's all I'm going to say

Yeah, just like any other coin out there. trustless and p2p...

In order not to stray away from the topic I will just make a quick response.
I have no idea about your firewall, I can just tell you what I read about WannaCry and how it works.
It could very well be some other ransomware however, who knows.
If your firewall didn't block the SMB port (445 I think) then that is almost certainly where it came from.
If it did, then it might be from inside the network (maybe WannaCry stays dormant on some computers).

As for the updates, do as you wish. I can just tell you that you are defenseless without updates.
Not saying that they don't also add new vulnerabilities, they do, but at least they patch old well known ones.
You just can't win using Windows...

this whitepaper is probably stolen from me during an enhanced interrogation in my car circa july 2016... Vitalik wasn't such a good partner.  Him and Neal Koblitz put me in enhanced interrogation every night for a week and then it all went down.  now you know.  

still a good paper but nearly the exact design for the ddos coin I had in mind at the time.  

https://www.usenix.org/system/files/conference/woot16/woot16-paper-wustrow.pdf (https://www.usenix.org/system/files/conference/woot16/woot16-paper-wustrow.pdf)

inb4 paranoid about stolen work

I'll do a quick write up of how it works here:

SSL or https automatically signs all requests.  By requesting and https website the web server has to sign a document known as a certificate.  This allows the following proof, which is a chain of 2 signatures:


Algorithmic Notation:

1.  sign by the website
2.  sign by the miner
3.  verifier verifies both miner and website signatures



Mathematical Notation:

Verify Victim's Sig ( Verify Miner's Sig ( Sign Miner ( Sign Victim ( message certificate ) ) ) )


The DDOScoin paper uses a slightly different algorithm where instead of signing a second time the prover hashes the certificate with his public key, so in pseudocode:


hash ( "public address" + "victim signed certificate" )
// where (+) means concatenate //

a bunch of leftist Euro devs think V was an innocent victim but we know the truth now. 

this is a hack of proof of retrieval I posted on this forum around September 2014

the proof is per connection not for multiple connections to a single server that why you need block tree architecture with side chains (similar to the form of Bitcoin / Mastercoin) to create a verification that is 1 to N rather than 1 to 1.  

In their slideshow they don't even understand its not about bandwidth.  A proof of bandwidth is about bandwidth. This is POW

Not every crypto currency is trustless... ethereum is totally trust based on the community regulating which types of algorithms are run so their mining doesn't get exploited.  I can't hate on Ethereum anymore tho without sounding butthurt.  I just don't like the way crypto currency went where trust based assets and trust based mining is being touted as the next form of currency.  

bump

https://www.youtube.com/watch?v=2GLGZQ4Y8SM (https://www.youtube.com/watch?v=2GLGZQ4Y8SM)

"Im crack-fantastic"  -ytcracker

Perhaps not totally, but yeah, until casper will be fully deployed ETH probably less trustless of the top cryptos.

It's harsh, but I agree 100% Nullius.
well stated

[Edited to add & clarify: Lol, I just noticed the "I hope you die of cancer." part. that I DON'T agree with or cosign, lmao that's savage.]

Good Morning man,

First off, I'd like to say that your idea is dope and unique to me (I realize you say you've discovered a blockchain already moving in that direction).
with the compliment though comes a caveat, I couldn't and wouldn't support this blockchain at all.
User nullius bought up a great point about individuals such as yourself (who are causing network security and stability concerns) causing more issues than good.

But your logic on shouldn't the antisec cartelize under a crypto currency is somewhat frightening. Imagine the influx of script kiddies who buy some hardcore arse CIA tool off the dark web then strike websites?
also, logically, how do you protect your blockchain against 51% attacks?
Logically, wouldn't you encourage attack of your own blockchain?

I recommend a dual blockchain mining algorithm.  The main chain should be POS so that no resources going into securing the main chain dominate the subchains.  The subchain mining algorithm is a proof-of-DDOS computationally secured by SSL's signing key.  This is technically a proof of work, not a proof of bandwidth!  Casper, slasher, and regular POS are quality enough.  However, I wouldn't recommend delegated POS, because it seems unfair and anticompetitive to me. 

I don't have a nihilistic position based hatred of script kiddies... let em play. Yes, anybody could mine or even pay for DDOS of a signing certificate.  That's the idea --> monetize the algorithm and payload of DOS in a secure, trustless, p2p manner.  

To me, a better argument is the fact that a dominating financial class could use their bankrolls to manipulate the https domain names on the internet.  Skids aren't going to suddenly run the world.  

I see the coin gaining value via insider trading.  For example, purchase a short position on https://www.google.com then place a bounty on that website.  The price should decrease.  Maybe a better target is something like https://merchandisesellingcompany.com

bitcoin is the dominating financial class now

Interesting,
so if I'm understanding this correctly, you'd launch your blockchain with 2 genesis blocks, in essence forking the chain from the very beginning or am I missing something?


I agree. I like PoS over PoW but it does allow for those with more capital or the means of procuring more capital an unfair advantage in a PoS delegated consensus system.


Again, I believe your blockchain would bring more harm than good but I must admit to liking the way your mind is working and I'd still research and follow your blockchain. when you publish the whitepaper can you please tag me in the post?

You know your dual mining algorithms, but I am recommending a multi chain tree similar to the shape of the Bitcoin/Mastercoin system,  where Mastercoin is attached perpendicularly to the Bitcoin blockchain.  

POS does give an advantage to investors over hardware owners, but a POW similar to bitcoin uses the same resources as the proof of DDOS (computational work) so that would be a waste of the total CPU going to the blockchain based attack.  Anyways, the investors are often bitcoin holders so that gives the advantage to the bitcoin community rather than a centralized group of miners.  

 ;D damages are ok?

international government AI settles billions of USD continuously for this coin not to be released.  Now how do you feel?  They're the biggest mega conglomerate of all and on your side.  I think you are confused and mistaken about what the opposition to ourselves is here.   ???

If you wondered why all crypto currency "3.0" are trust based non radical solutions to modern finance, that's why ^^^ the government is paying people off not to release their disruptive work.  

Isnt it dangerous for the p2p transactions? i am not against this but i dont see any future with your plan.

payload state FUD!

There's a future.  They keep settling.  I would recommend using a proxy tho.  Your comment drops the price on the structured settlement, saving the gov money.  You affect both the bid and ask price for a disruptive crypto currency not to be released.  How do you feel now??

ddos coin is a real threat to the establishment

you could make a vpn on ethereum but since there is no proof of bandwidth it could be for https (SSL) only.  

also isn't a p2p vpn the worst way to make a vpn? it's technically possible but the low state of internet security or even data mining/spying by the miners makes it less optimal than a centralized service provided with trust and secrecy. 

whether the crypto currency is not illegal or can be spelled out for crime?

there was an ico Gladius that aims the same direction. look at it if u want.

I'm not the one who originally published on this and had some belief that it was redundant.  It would be illegal to mine so maybe it would go to large state actors.  You could invest.  I think it would go to hardened bot herders such as the types you see at defcon.  

Gladius spins p2p vpn in a better way.  People typically use vpn's to hide their ip addresses and browsing history.  This is possible but with the lack of a proof of bandwidth it isn't possible for http.  It would require a specialized browser as well.  

Sounds to be a good project if they can figure out the development part.  

edit: I stand corrected I don't think that Gladius is possible.  It requires either proof of bandwidth or usage of a signing key in the blockchain.  Impossible so far! 

if you could solve using the signing key in the blockchain without losing the key you would have a huge breakthrough. 

ok vpn coin works with a proof of retrieval and https websites only