|
There are 2 serious problem with VPN :
1. There's no way to verify if VPN honor your privacy (never store log, never share user's information, etc.)
2. Few crap VPN have bad security such as DNS request leak or using outdated/week encryption
Frankly i'd recommend another option such as Tor. But if it's not an option for you, then i'd recommend ProtonVPN, TorGuard or NordVPN which popular among people who're looking for privacy
|
|
|
|
While i agree with your opinion, it's tall-order because : 1. Maintain open-source software is expensive and difficult, many companies don't bother do it especially because they obtain security through obscurity 2. Open-source isn't guarantee there's no spy or backdoor. For example, firmware on one of Bitmain's ASIC (i think it's Antminer S9) had a backdoor for remote shutdown. 3. One people simply can't verify all source-code of software/hardware he uses, he must trust others at some point. While it's a bit off-topic, have you tried using computer for everyday usage only with open-source software/driver? I tried it for a bit, but it's extremely difficult. There weren't any free/open-source driver for my wi-fi card and it's GPU driver isn't good enough is crap for 3D gaming. I'm not overly familiar with this subject, but I think there are independent hardware manufacturer you can switch to, like Raspberry pi.
Unfortunately, not all parts of Raspberry Pi is open source. Some hardware parts, especially it's SoC (System-on-a-chip) is closed source and it's open source GPU driver isn't as good as Proprietary GPU driver. |
|
|
|
LND which is client of LN have RPC API, but the downside is you must set a device (VPS, Pi, etc.). Their documentation/guide page is down at this moment though. Hi,
There are no such thing as Lightning address or transactions, on lightning are exchanged bitcoin transactions.
I think he meant : 1. Node's IP address which used to to connect to that node 2. Transaction which happen off-chain. But only sender, receiver and nodes used to route transaction who have such information.
|
|
|
|
Finally i have free time to read your thesis. My comment, thoughts & question :
1. On 1 - Introduction. You forget to mention 2 proposals (which published before date before of your thesis) which aim to improve anonymity which are BIP 151 and 156, even though it's not anonymization by modify transaction. Remember that these are confined to the network layer of Bitcoin: 1. With BIP156, your IP address will no longer be tied to your personal transactions from the perspective of connected Bitcoin nodes. 2. With BIP151, all relayed transaction data will be encrypted from the perspective of someone analysing internet traffic (but connected Bitcoin nodes will still see the transactions unencrypted). Neither of those BIPs will change the ability to analyse transactions on the blockchain OP's thesis describe sybil attack, so IMO it's worth to mention those BIP which have few/some correlation. 2. Upcoming bitcoin proposal, Schnorr MuSig could improve privacy on transaction with multiple input, you might be interested.
No, Musig Schnorr makes using multiple inputs less expensive. This only incentivises coinjoins, it does not make them any more private. edit: Musig is for threshold based multisig that is safe to use with signature aggregation (without Musig, the last person adding their sig to an n of n aggregated public key could cheat by throwing out all the previous keys and replacing them with 1 key that belongs to them, and pretend that all the previous people's keys are aggregated together into it, so they can steal everyone's money). And so Musig doesn't have anything to do with privacy or anonymity on the blockchain either I've seen some sources (including it's paper and Core's developer commentary) mention MuSig improve privacy since outsider can verify signature validity without see used public key. Do i interpret it wrong or they're talking privacy on different aspect? |
|
|
|
1 of x does not make any sense.
At first glance it doesn't, but it makes sense if you fully trust the other who have the key and have intention to make joint wallet/account. Even though IMO sharing wallet files where both party know the password is more convenience. Additionally, x of y where all of y have same address is also possible. BTW, it's already discussed on https://bitcointalk.org/index.php?topic=5094261.msg49104564#msg49104564There are few ridiculous things possible done with Bitcoin, especially when scripting/P2SH is involved. What is the difference with this and a regular wallet?
As you can guess, only inconvenience for first time setup and generate slightly larger transaction. |
|
|
|
It's good idea to keep sub-forum/section/child-board keep tidy, but just like any sticky thread (including official rules), it will be ignored. For example on Bitcoin Technical Support, there's [READ BEFORE POSTING] Tech Support Help Request Format. But i almost never see people use the format and sometimes members had to ask necessary information first (such as log files, core's version and OS) before help the poster. |
|
|
|
which directory data should i remove , so it will start downloading blockchain again ?
/root/.bitcoin/blocks ?
/root/.bitcoin/chainstate
You only need to delete /root/.bitcoin/blocksYou might want to delete chainstate (which contain all UTXO) and txindex (which contain all transaction index) folder as well since both of them will be recreated anyway and just in case if those two are corrupted as well. |
|
|
|
1. Have you looked on similar project such as IPFS? You could combine/build your blockchain network on top of IPFS just like what Filecoin did 2. Assuming you're using public permissionless blockchain model, have you thought any ways to prevent majority attack or make it really difficult? 3. Allowing PDF files uploaded together with PGP signature for it could improve trust/security problem assuming users who want to download PDF files already have valid public PGP key for verification The thing about documents is they aren't verified the way bitcoin transactions are. For a transaction to be accepted by peers, it just needs to have a valid set of inputs and outputs with enough coins to spend. A blockchain for PDF files can verify that a PDF was uploaded, but there is no way a node can verify the content of the PDF, and whether or not it is legitimate. That requires human intervention, and at this point, you might as well not use a blockchain at all. I don't see how the two work together.
There are few things you can check/verify such as : 1. Verify it it's actual PDF file or only uses .pdf extension 2. Check PDF file is corrupted or not 3. Check PDF version 4. Check if Steganography is used to hide message/file |
|
|
|
There's too much risks downloading blockchain from 3rd party, you better download whole blockchain once on fast PC with fast internet connection then copy it to other 20 devices. But if you like to live dangerously, there are few sites/thread about it : 1. https://bitcointalk.org/index.php?topic=1310261.0 (outdated) 2. https://getbitcoinblockchain.com/ (rarely see people mention this website) 3. https://bitcointalk.org/index.php?topic=2321650 (also outdated) What is the bottleneck with the current version for the download? I'm asking because if it's the network, I can get a 10G server to download the data and use rsync later as you said (some locations have quite limited ports, and I think rsync will be faster in those cases).
Ordered by most-common reason : 1. Disk I/O 2. Sync speed 3. CPU 4. RAM I doubt your 20 devices uses SSD (or have it in big capacity), so you definitely will experience bottleneck on Disk I/O. |
|
|
|
Thanks for the information. Looking at my own list ( http://loyce.club/Merit/banned/359716.html), i can't understand why the members are banned even though they went as far as to analysis malicious chrome add-ons and make detailed guide for air-gapped wallet. Any plans to add "banned users merited by ranks"? It would be great to see such info since there are times when member with high-rank and made really good/useful posts got banned. |
|
|
|
Thanks for sharing. I take a quick look and while you list lots of attack scenario, you forget to mention de-anonymization attack through Tor exit or VPN which leak information such as DNS request (or you intentionally left it as it's complex enough to make separate research) You might want move this thread to Development & Technical Discussion as you'll get more people who interested or can give better feedback. P.S. will add comment after i done read the paper or/and try python code |
|
|
|
|
Regarding points 4 about "There is no transparency in MLMs", few MLMs try to deceive user by make their MLMs system open-source or put it on blockchain's DApps to make user think "it's not scam/dangerous if it's transparent".
But the fact that their system is open-source and audit-able doesn't change the fact the risks mentioned on points 1-3 still exist.
|
|
|
|
Additionally, you can use -addnode=<node's IP> or -connect=<node's IP> as startup parameter if you only want to connect to a specific node once. Use -connect=<node's IP> if you only want connect to one node. But if you don't use Bitcoin Core as your full node client, the syntax or parameter might be different. More info : https://bitcoin.stackexchange.com/a/41427 |
|
|
|
I'd wager it's centralized, closed-source or based on public permissioned/private permissioned blockchain. It won't stop all the pinheads here writing 'I be buy facebookcoin. Goodest investment it'.
It's not exactly wrong thought process (at least for short-term investment) since people know anything made by big company always bring momentum and it could be used to gain short-term profit. |
|
|
|
Personal Benefits:
1. You have the full control over your fund.
3. You are trusting yourself, your funds are secured.
1. If you mean only yourself owning private key/seed, then it's also possible with SPV/Lite wallet 3. IMO it's biased opinion, you still need to trust software/client which used to run full nodes. The real benefit is you don't need trust other full nodes where as you need to partially-trust them if you use SPV/Lite wallet |
|
|
|
TPS isn't really accurate measurement because : 1. That depends on average transaction size. 2. That depends whether it's legacy or segwit transaction, legacy is about 4x bigger when it's compared with segwit transaction using weight units. But assuming all transaction using segwit and contain 1 input/2 output using P2SH SegWit which have 561 weight unit [1]. That means : 1. Maximum transaction in a block are 7130 (4000000 max block weight size / 561 transaction's weight unit) 2. Average block time is 10 minutes, which means maximum TPS is 11.8833 (7130 transaction / 600 second) Most research using 1 input/2 output as standard/common transaction type, so IMO it's safe to say 11 TPS is expected TPS of Bitcoin even though the reality (common transaction type) might be different. References : 1. https://en.bitcoin.it/wiki/Weight_units |
|
|
|
Let's revise it to 100 earned merits and 1500 activity. That is a much more important account to lose and will become more so over time.
I have better suggestion, all members can vote (with small requirement to prevent abuse), but have different vote weight/power which based on sigmoid function. The hard part would be choosing which function is used and set it's notation value. But DT system can't be perfect and most of user's suggestion only change or add more attack vectors.
I see ZERO improvement here so far using this new pseudo decentralised system for trust. Let's revise it to be truly decentralised. Let's get some sensible elder members on DT and those that have ZERO untrustworthy deeds in their OWN history here.
I'll just requote my own post. TLDR : DT system has always been and will be centralized. A few years back it was way more decentralised than now.I remember reading the rules mprep posted and was facinated about the thinking this board had.
DT system has always been centralized, theymos always could forcefully remove/add any member into DT1/DT2, change DT algorithm and remove feedback without anyone agreement/consent. P.S. i'm not saying theymos is evil or tyrant, but proving DT system has always been centralized |
|
|
|
The closest thing that i could think is Bitcore full node client - The starting guide ( https://bitcore.io/start) mention NodeJS as requirement - It has web services ( https://bitcore.io/api/service/web) - It offers lots of API features, especially compared with built-in Bitcoin Core RPC-JSON - Their API docs mention creating transaction ( https://bitcore.io/api/lib/transaction) Another full node client called bcoin also exist, but i never use or know it's reputation. They even claim upcoming bitcoin improvement such as MAST and MuSig Schnorr. P.S. I never used Bitcore and Bitcore is developed by BitPay which known for it's bad treatment on Bitcoin for past few years. |
|
|
|
|
Show Posts
