Please answer to my posting: Your attack still assumes that you can split the internet. That you can dictate what blockchain each miner can see.
|
|
|
I don't think that you have 2 hours before anybody notices. The blocks will be generated at half the speed after you split off. And the miners themselves will see that their blocks are not in the legit chain.
You have to make sure that the miners know the illegitimate blockchain only, that's way harder than getting 50 % of mining power. This is the internet. Everybody connects to anybody.
But even if it worked, it looks like way too costly for the risk. Besides the risk of detection there is the thing that MtGox will know that your address with the 10k BTC has reverted a transaction. They won't take any more coins associated with that address.
|
|
|
If you collide an address, you don't have to do it with the same ECDSA key that the owner used.
That's interesting. I wonder why we don't just use the full 256 bit public key as the address (not hashed) -- and then use the 'first bits' rule in the every day. Satoshi made it this way, and it was ready when adopted, I think. Maybe he didn't think of that. Maybe he thought that ECDSA will require longer key length before SHA160 is broken.
|
|
|
Low chances to get a collision. You could do the same trick with any ECDSA signature, if you could do it with bitcoin.
Assuming that there are 10 million Bitcoin addresses out there in the block chain with value. The ECDSA keys are 256 bit.
This means you have to try out 2^256/10^7 = 1.2 * 10^70 addresses to get a match.
If you collide an address, you don't have to do it with the same ECDSA key that the owner used. This is basically a birthday attack on a 160 bit hash. 160 bits is probably enough. I recall that early digital money schemes had users picking random 64 bit integers and assumed no collisions. Loom is 64 bits too, as I recall. It is not a birthday attack. So it will take 2^159/2^26 = 2^133 tries on average to get that done, if there are 16 million addresses out there in use. With a birthday attack, you could generate two keys with identical addresses rather than forging somebody else's address with SQRT(2^160) = 2^80 tries, but what attack could you do with that?
|
|
|
The botnet would need many years for reaching a 50% probability of key collision.
Many millions of years. It's not impossible for a collision to be found, but there's not enough profit in it. Even if someone can find one address every hundred million years, all they get to spend is the balance of that one address. This equates to an averaged cost of fraud of way less than a millionth of a cent per transaction. It's not worth worrying about, when any simple trojan or social engineering attack is sure to net a few wallets. Many trillions of year. It is not possible. Not exactly that easy. As Bitcoin is meant to last a while and computers get faster exponentially, you have to look what's up in 50 years. Bitcoin will adapt newer crypto parameters as times passes, but old bitcoins have to be transferred to new addresses then.
|
|
|
Low chances to get a collision. You could do the same trick with any ECDSA signature, if you could do it with bitcoin.
Assuming that there are 10 million Bitcoin addresses out there in the block chain with value. The ECDSA keys are 256 bit.
This means you have to try out 2^256/10^7 = 1.2 * 10^70 addresses to get a match.
|
|
|
I recognize the sarcastic tone, but I couldn't understand your point. Surely you are not saying a federal reserve note is real money, are you? Ultimately, the only real money is something I can eat.
A number at mybitcoin is not a real Bitcoin. The most important thing about a real Bitcoin is that nobody but you knows the private keys.
|
|
|
As far as I know you can buy hardware directly with BTC. Who needs fiat money then?
|
|
|
Government isnt a threat to bitcoin - bitcoin is a threat to government.
One would hope. It needs a lot of work. No. They may ban it, but what does that mean? They banned cocaine, cannabis, raw milk. Who gives a shit?
|
|
|
For my casual wallet I always use the current git version. I never had to reload the blockchain or anything.
There is no upgrade procedure but replacing the old version with the new one.
|
|
|
Looks like a good idea to me, I will take a closer look when I find some time.
|
|
|
Speaking of secure private keys...
bcearl: Have you seen the BOTG script I whipped up. I was wondering what your opinion was? So far, the only flaw I can think of is some type of virus in the BIOS? But I'd imagine one that could spy on the terminal script would be a pretty big feat? A regular keylogger wouldn't work since the user is actually writing it down manually. I guess the really paranoid could use a new computer... A physical device of spying on you would work too but kind of rare...
I don't remember. If you give me a link, I will take a look.
|
|
|
that's me wearing the gay VIP pass
Only kids wear their pass openly.
|
|
|
Why? If you run VM it may be possible to read VM ram from outside. + Vmware has a suspend mode when it saves ram on HDD. Like hibernate on windows.
There is nothing you can do to protect a VM against the host. That's impossible because of the very principle of VMs. You can protect against the VM guest, not the other way. Stop telling people that bullshit, VMs are not useful for Bitcoin.
|
|
|
He probably isn't. Most religious people think it is their duty to be self-righteous bigoted assholes. How can any system of belief that characterizes non believers as evil wastes of space produce anything but assholes? I wasn't even going there - I'm not that strong of an atheist. I consider myself agnostic, mostly because I really don't give a fuck what people believe in as long as it stays out of public policy. The monotheistic belief include the doctrine that it has to be public policy.
|
|
|
or VM(heavily encrypted HD image, encrypt ram if possible).
Most stupid statement ever! If you don't know, shut the fuck up and don't confuse other noobs.
|
|
|
There are a lot of cults secretly worshipping US$ and its Cousins (€, £).
One is ruled by Tom Cruise, another one by a German hiding in Rome, Italy.
|
|
|
I know nothing more selfish than the people who think that they have surpassed their self.
|
|
|
Careful lol, PDF's can contain nasty things to...not saying it does I'm just not gonna be the one to find out
Yeah, that's why the PDF reader of Ubuntu isn't even allowed to open a URL in a browser.
|
|
|
You zip file seems broken.
PS: Please describe what your proposal does, what previous proposals didn't do already?
|
|
|
|