It's Tor, not TOR.

Tor is most commonly used for anonymous Web browsing, but it can anonymize any TCP traffic. In Bitcoin-Qt, the default proxy settings (127.0.0.1:9050, version 5) in the network options are usually appropriate for Tor. Just run Tor and tell Bitcoin-Qt to use the proxy.

That'd be greater than the network-adjusted time plus 2 hours...

Bitcoin Core is pretty easy to block. I think that just blocking port 8333 would cause serious problems for Chinese users. (There are some nodes on the network that don't use port 8333, but they're rare.) Bitcoin isn't designed to be difficult to block -- that's what Tor is for. It's been possible to run Bitcoin through Tor since version 0.1 AFAIK.

Note that adding the IP to your hosts file will cause bitcointalk.org to break for you if I ever change the IP address. It's probably better to use Tor.

Let me know if there's anything I can do to help Chinese users access the site.

Are people in China still able to connect to the Bitcoin network using Bitcoin Core, MultiBit, etc.?

Your DNS is broken. That's not the forum's IP address. Adding the correct IP (109.201.133.195) to your hosts file is a good idea. Tor will also work.

I don't completely block huge IP ranges like that.


He knows that he's behind the world's largest censorship system, but yet he immediately assumes that two unrelated sites going down at the same time is a conspiracy by their operators to block Chinese users?? That's really stupid.

Bitcoin.org and bitcointalk.org have recently experienced DDoS attacks, which are very annoying. I've long been uncertain about how these attacks should best be prevented. I really don't want to use CloudFlare because their man-in-the-middle position plus their ability to act almost like a CA makes MITM attacks extremely easy for them, even if you use their new feature where you don't have to give them your HTTPS private key. I don't trust them. I also don't want to use other DoS mitigation companies unless there's absolutely no other choice because a lot of them look pretty unreliable, and I prefer to minimize trust wherever possible.

Ideally, I'd like to protect the forum by buying the necessary hardware and Internet connections myself, but I'm not too familiar with how the Internet works at a hardware level. Does anyone know what I would need to do to prevent large (>10 Gbps) DDoS attacks? All past attacks against the forum have been UDP or SYN floods which just overwhelm the Ethernet adapter. Would buying more, higher-capacity Ethernet adapters be enough, or would I also need hardware firewalls, upgraded upstream routers, more servers, etc.?

In the sitemap system that I wrote, more active topics get higher priority. Google says that they only use that to compare between different pages on the same site, though.

I think that Google especially likes the forum for new stuff because the sitemap makes it easy for them to quickly crawl new topics. They seem to have trouble parsing pages completely, though, which sometimes hurts search placement.

I don't do anything really strange to bypass ad-blocking, so I kind of doubt that this is the cause. If it is, then ABP or LastPass must be seriously broken.

The ABP bypassing methods are:
- Various CSS classes are randomized.
- The ad area looks just like a post from ABP's perspective, and it's surrounded by a random number of invisible "posts", so ABP can't target it accurately.
- If a link is blocked by ABP, and if the URL of the link is exactly equal to one of the URLs listed in the getabplink function (see the HTML source of any forum page), then the forum undoes the ad blocking using some simple JavaScript that I wrote. This code is only ever run once (after a 300ms delay on Chrome, immediately after the page loads on Firefox), so it shouldn't be able to cause endless reprocessing of the page or anything like that.

I deleted the spam PMs and banned all of the users and IPs sending them.

The forum sells ad space in the area beneath the first post of every topic page. About 25% of ad income goes to the forum moderators as thanks for all of their work. (There are many moderators, so each moderator gets only a small amount -- moderators should be seen as volunteers, not employees.) The rest is stored in the forum's treasury (verifiably), where it sits until the forum needs it.

Ads are allowed to contain any non-annoying HTML/CSS style. No images, JavaScript, or animation (no marquee or blinking). Ads must appear 3 or fewer lines tall in my browser (Firefox, 700px wide). Ad text may not contain lies, misrepresentation, or inappropriate language. Ads may not link directly to any NSFW page. Ads may be rejected for other reasons, and I may remove ads even after they are accepted.

There are 10 total ad slots which are randomly rotated. So one ad slot has a one in ten chance of appearing. Eight of the slots are for sale here. Ads appear only on topic pages with more than one post, and only for people using the default theme.

The ad lasts at least 7 days starting from when I put it up. (However, if you look at the ad history you'll see that ads usually get at least 8 days, and sometimes as many as 10, but this is random and definitely not guaranteed.)

Stats

Exact historical impression counts per slot:
https://bitcointalk.org/adrotate.php?adstats

Info about the current ad slots:
https://bitcointalk.org/adrotate.php?adinfo

Ad blocking

Hero members, Donators, VIPs, and moderators have the ability to disable ads. I don't expect many people to use this option. These people don't increase the impression counts for your ads.

I try to bypass Adblock Plus filters as much as possible, though this is not guaranteed. It is difficult or impossible for ABP filters to block the ad space itself without blocking posts. However, filters can match against the URLs in your links, your CSS classes and style attributes, and the HTML structure of your ads.

To prevent matches against URLs: I have some JavaScript which fixes links blocked by ABP. You must tell me if you want this for your ads. When someone with ABP and JavaScript enabled views your ads, your links are changed to a special randomized bitcointalk.org URL which redirects to your site when visited. People without ABP are unaffected, even if they don't have JavaScript enabled. The downsides are:
- ABP users will see the redirection link when they hover over the link, even if they disable ABP for the forum.
- Getting referral stats might become even more difficult.
- Some users might get a warning when redirecting from https to http.

To prevent matching on CSS classes/styles: Don't use inline CSS. I can give your ad a CSS class that is randomized on each pageload, but you must request this.

To prevent matching against your HTML structure: Use only one <a> and no other tags if possible. If your ads get blocked because of matching done on something inside of your ad, you are responsible for noticing this and giving me new ad HTML.

Auction rules

Post your bids in this thread. Prices must be stated in BTC per slot. You must state the max number of slots you want. When the auction ends, the highest bidders will have their slots filled until all eight slots are filled.

I reserve the right to reject bids, even days after the bid is made. In particular, bids from people with less than 15 activity points are likely to be rejected. I recommend not getting into a bidding war with someone who has less than 15 activity points, as their bids might not be accepted, but your latest bids will still stand. If you need to know right away whether someone's bids will be accepted, PM me.

So if someone bids for 8 slots @ 5 BTC and this is the highest bid, then he'll get all 8 slots. If the two highest bids are 8 slots @ 4 BTC and 1 slot @ 5 BTC, then the first person will get 7 slots and the second person will get 1 slot.

The notation "2 @ 5" means 2 slots for 5 BTC each. Not 2 slots for 5 BTC total.

- When you post a bid, the bids in your previous posts are considered to be automatically canceled. You can put multiple bids in one post, however.
- All bid prices must be evenly divisible by 0.05.
- The bidding starts at 0.50.
- I will end the auction at an arbitrary time no more than 12 days from now. (I will probably end the auction 1-3 days before the ads are scheduled to go up.)
- If two people bid at the same price, the person who bid first will have his slots filled first.
- Bids are considered invalid and will be ignored if they do not specify both a price and a max quantity, or if they could not possibly win any slots

If these rules are confusing, look at some of the past forum ad auctions to see how it's done.

You must pay for your slots within 24 hours of receiving the payment address. Otherwise your slots may be sold to someone else. I will send you the payment information via forum PM from this account ("theymos", user ID 35). You might receive false payment information from scammers pretending to be me. They might even have somewhat similar usernames. Be careful.

Auction ended. Final result:
Slots BTC/Slot Person
4 2.25 MariaQin
1 2.20 UpDown.BT
1 2.20 sunxiaoxiao
1 2.10 Exmoney
1 2.10 FortuneJack

BTW, if you are unfamiliar with how tax works with Bitcoin, you'll probably be really confused at how the forum experienced a net loss in 2013 but still paid a lot of tax. That happens because every expense "triggers" substantial capital gains, and therefore capital gains tax. The forum essentially pays a variable-rate tax on all expenses.

If you're interested: I used the LIFO method for calculating capital gains. My idea is to "save up" BTC batches until they become long-term, which has a lower tax rate. My understanding is that you can use any capital gains calculation method, though. (This is not tax advice -- consult a CPA.)

I finally got the forum's 2013 taxes finished (after an extension).

Here's the final accounting summary for 2011-2013. All values are USD at transaction time because this makes the numbers more easy to understand, though the forum only holds BTC.


Here are the totals for 2014 up to now. These numbers are in BTC.
- Income: 522
- Expenses: 1505 (1257 Slickage, the rest mostly mods)

Also, 250 BTC was probably lost when treasurer paraipan died, unfortunately. Recovering that BTC is maybe still possible, but it's probably unlikely.

The forum currently has about 5568 BTC in reserve.

I'm probably not going to do that. Responding to a clearly fake threat with violence (via police/government) strikes me as wrong and excessive, especially when it's just some stupid kid.

He hasn't caused much harm as of yet. He didn't steal any bitcoins or release any sensitive info. (The screenshots didn't contain any useful info.) The worst he's done is convince some people to send him a little money. I advise restraint, especially since we don't know for sure whether this kid actually is the hacker. I haven't seen much evidence of that.

The people who maintain EasyList are idiots. They regularly add filters that break this forum, and they don't even succeed at blocking most ads. (Well-designed forum ads are impossible to block using ABP.)

They were created by Satoshi. They can be considered public domain as far as I'm concerned.

I never used my real name in emails to Satoshi, and Satoshi never called be my my real name.


Everyone knows that Bitcoin runs on drama, so this should do wonders for the recent price slump!

"Satoshi" removed the other maintainers. The SourceForge administrators will need to fix it.

There's no particular risk to the Github repository. Satoshi doesn't have any special access there.