Cars have contributed positively to the development of the world and have contributed hugely to the health of people where would we be without cars taking people to the hospital when they need care or ambulances which save peoples life on the daily? If you want to argue about how cars kill people with their pollution I would argue back that they save more lives by providing access to those that do not have emergency healthcare close by a way of getting to those health care that they need.

I am working on a explanation for some of these vulnerabilities but trying to put it into a easy to understand way. I am struggling with some of the explanations which I have opened some topics about if you would like to help with the explanations.

I hope so they should be aware of the different vulnerabilities and understand that Bitcoin or the software they use for their Bitcoin is not bulletproof.

I have been reading some of the vulnerabilities that Bitcoin core has had recently and I do not understand the bullet point below

https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2021-May/018893.html

Can anyone explain to me what this means and how this effects the client and how critical this vulnerability is?

We have lost a lot of members recently and while they may have caused drama that is what got people engaged and currently Bitcointalk does not have any drama or major drama, mobile theme, aging forum software, mosts threads are beating the same bush a million times and people are getting tired of it. Its natural for high profile members to take extended breaks or leave the forum permanently just like any other forum but we are not replacing them. If you look at the top page for each board you will see the same names there are no real interesting members emerging and that could replace the old. The altcoin boards are a mess and that does not help encourage good quality members to join the forum and while the main bitcoin boards are ok we just lack the sort of discussions which would encourage members to join the forum. Most people joining the forum will find it via a search probably asking a question and seeking an answer but once that question has been answered they will disappear we just do not have the lure that the forum once had and I am not sure we can fix that. This is just how websites go and other forums are having similar results now that social medias like Reddit are a thing.

I hate to say it but I think going along with the NFTs and try to use that to stay relevant is the only way to go as that is bringing in the most attention right now.

I am researching the vulnerabilities and will be including a explanation of how it happens if anyone can provide explanations in this topic that would be great

hopefully this is useful to anyone researching about Bitcoin

In this forum everyone talks about the positives of Bitcoin but I thought it would be interesting to have a look at the negatives of Bitcoin and look at the vulnerabilities Bitcoin has suffered through Bitcoin clients and other software like Bitcoin Knots and wxBitcoin. I think it is important for newcomers to cryptocurrency to comprehend the dangers and the history of the vulnerabilities and exposures in order to be aware of the different types of risks that could be conceivable in the future. All of the listed vulnerabilities will already have a solution and I think it's important to think about that too. Throughout history of Bitcoin and the software used for access Bitcoin has experienced 44 documented vulnerabilities ranging from severe to harmless but before we look at them I would like to make it clarify that this is not a anti Bitcoin post and Bitcoin isn't only influenced by the weaknesses below.

I have before talked about negatives of Bitcoin and "timejacking"

It sounds like the gambling site was a amateurish setup and I doubt their identities or company would be easily tracked down and proving there was no terms of service stating whether or not it was stated would be difficult with the site no longer existing. This would probably be a difficult court case to win and might end up with costing the OP money.

I think this is something you should think about and maybe decide to change your name because you are going to have this problem all the time and at first look I thought this was some kind of impersonation attempt.

I'm sorry but what you are describing sounds like a multi hour commitment every week and because your company is not for a good cause (probably) or anything that people can rally behind (because you have not provided any details) I doubt you will find a volunteer willing to work multiple hours every week.

This is to vague and there needs to be a change to this so that its either rewarded for something or not given at all. You cannot state you will give out USDT as a reward from time to time and not give out any and your defense would be "we said time for time". You guys need to start getting serious if your company is to succeed.

The most important question that needs to be answered is whats the minimum withdrawal amount because if its 1 Bitcoin and you are paying a satoshi for each post that is going to take a very long time for someone to be able to withdraw and would not be worth it to most people. What do you do if your site is forced to close in a couple of months time do you keep the money because its below the minimum withdrawal or do you pay your customers anyway?

You are going to need a SEO specialist and someone who has connections on forums because going against the giants of Facebook who have top rank on most search engines is not going to be easy to beat.



I do not think advertisements are a big problem because if you take Facebook there are a lot of advertisements crammed everywhere and you probably have 3 advertisements on your screen at all times. Copyrighted content would only get the site blacklisted from search engines and if the OP were to receive a DMCA take-down they would just have to remove the copyrighted content. People post lots of copyrighted stuff on Facebook.

Paying with crypto is their marketing they are already paying directly to customers to get them to use their social media in promise for coins. It will probably take months to get anything worth while and at that point the site has earned probably double the amount from advertisements.

There is no limitations of a mobile browser like Firefox to your desktop Firefox except for the hardware it is running on. All extensions that I have tested on Firefox mobile has worked without any faults. The biggest problems will be resolution and ui problems and the ram issue if its ram intensive.

Abusing bugs is not sort of stealing its stealing outright and most gambling websites will have it in their terms of service that abusing bugs will result in money not being paid out and anyone caught may have their accounts banned.

OP does this gambling website still exist? They should have given you some compensation at least but I am guessing that the website was amateurish and did not have any bug bounties and they probably did not have it in their terms of service which then brings up the question whether it would be legal. I have read numerous gambling sites and they all have this get out of jail free card but if you report the bug they usually give some compensation.

I think this originated from the wall observer topic which is the most replied to and viewed topic on Bitcointalk. I'm not sure of the reason why they are hats but I think its just a way for the community to bond by wearing similar avatars. If a member is wearing a hat as a avatar they are probably active participants in the wall observer topic.  

WO Topic

I'm not going to patronize the members on this forum by going into the basics of how Bitcoin works but I'm sure that a lot of members here aren't quite sure of the possibilities of Bitcoin.  Bitcoin is not a perfect system and does have its faults anyone who is claiming that Bitcoin is a perfect system is in the honeymoon period of Bitcoin. Bitcoin is a revolutionary project which might not be the perfect solution to gaining control back in this world but it is certainly  the cryptocurrency that started the movement and therefore will always have a special place in the hearts of cryptocurrency fans.  

Timejacking in particular is a topic that was discussed ad nauseam in the early days of Bitcoin. The attack is only temporary and it would have to be a highly organized attack to do real damage other than disrupting the network. I'd like to revive the discussion about timejacking and see how the community's opinion on the subject has changed over the years.1 For anyone unfamiliar with the timejacking attack, I'll explain a little below:

Timejacking is a potential vulnerability in the Bitcoin system that was much discussed in the early days of Bitcoin. Timejacking is a vulnerability that exploits Bitcoin's handling of its timestamps. The idea behind timejacking is that an attacker can forge or broadcast a false timestamp of a transaction when connecting to a Bitcoin node allowing an attacker to change the node's network time and trick it into accepting an alternative Blockchain. This means that the attacker can effectively exploit this to do a double spend on the network.

I assume we all know what block rewards are but for those unfamiliar with the term  it's basically how Bitcoin regulates the production of Bitcoin so they don't get mined right away. When generating Bitcoins a timestamp is applied and these are fundamental to the distribution of Bitcoin. The difficulty of mining Bitcoin is directly related to these timestamps and the Bitcoin system automatically adjusts the difficulty of the network based on the timestamps of how long it took to process and mine the last block.

Bitcoin nodes have an internal clock that is responsible for these timestamps and synchronizes the network time to make sure it is the same as other nodes. Timestamps are the foundation of the Blockchain system. If you check your node you will see that it is currently using the system time that is on your machine. But if these timestamps differ from other nodes by about 60 minutes, then the node is not considered trustworthy and it will be removed from the Blockchain. Until the time is accurate and synchronizes it is considered running an alternate chain.

Timejacking is the result of this 60 minutes of play within the system. Timejackers can speed up or even slow down the time of the nodes by connecting as multiple peers and reporting inaccurate timestamps using an edited system time on their machines. Attacking the median time of the network could result in sending double spends. Another approach is to create a block called "Poison Pill" is when you are creating a new block with a timestamp that is 190 minutes ahead of the current time of the blockchains. To do this, they would need some of the network's computing power. Ideally a few percent to make this successful. The current Blockchain nodes would reject the newly created poison block because it is 260 minutes ahead of its own delayed network time, but miners mining to generate new Bitcoins will accept the new block as it is only 120 minutes ahead of their own accelerated network time. This means that the new poison block becomes isolated from the routine transaction processing on the network and as the network processing continues to process new blocks every new block created by the miners appears to be invalid due to the time difference between these new blocks. This means that the new blocks would immediately drop the invalid blocks without checking and verifying the history of the blocks. The attacker could continue to do this until there is an intervention from other Bitcoin node operators. This attack is more of a nuisance than a hack but with a system that relies on network trust it can quickly become a problem and cause panic within the network. AFAIK has not yet seen the poison block attack in the history of Bitcoin, possibly because there is no real benefit to be gained from it, but it is certainly possible and could disrupt the network enormously. As long as the attacker controls a significant portion of the network he can exploit the double-spending problem  which I'll explain later. By having a significant chunk of the network's power they could send transactions on these poison blocks and confirm them within an hour. Using the double spend on the poison blocks would be temporary until the network is stable and the poison blocks are rolled back. But this could be used to trick Bitcoin accepting merchants into accepting a payment that is basically a double spend on these poison blocks.

Now that people have noticed how rare merit is to receive I don't think there is many 50 merit transactions. These were probably sent because the merit system was new and people did not know the worth of merits.

Nice info graphic! I have gone through and noted down any spelling mistakes that I have found and included a date so you can easily find them and change them.

Dates of the spelling mistakes :

November 22 2009: "he" "aswell"
January 15 2010: "annoucned"
June 11 2010: "being"
July 29 2010: "tim"
April 27 2011: "headquaters"
August 19 2012: "enery"
December 28 2016: "paymnet"


If you ctrl + F the words which are incorrectly spelled you should be able to find them quickly and amend them.

The lightning network is a great concept in general and has better privacy. However I'm a big fan of transparency and I think the way the current Blockchain displays all transactions that have occurred is a good way of doing it. In the lightning network you cannot see what transactions are going on because they are not stored within the Blockchain. One of the trades off of this is people who know your address will know how much you are spending which could be a privacy concern to those that are trading often and dealing with strangers a lot. Also we should look at the way fees work in the lightning network. They are generally much lower than on chain Blockchain but if you are routing through others payment channels then they will probably request a cut of the transaction which some might not like. It works in the same way the current Blockchain works but instead miners are receiving the cut.

I'm going to try and go through most of the pros and cons of the lightning network and see who agrees with me. I'm not an expert at the lightening chain but am definitely watching the space as I consider it to be one of the most interesting off chain developments being worked on and because we only have the Blockchain to compare to I'll compare each point to that.

Blockchain Vs Lightening Network

Privacy:

Without a doubt the lightening network is far superior to the Blockchain when it comes to privacy although despite some of the criticisms with using one address it has no major trade offs for the improved privacy. Basically when you send a transaction via the lightening network there is little worry to it being recorded permanently on the Blockchain and if it were to get recorded it does not display sources or locations of the funds. One of my favorite things about the Blockchain is it uses a sort of onion like encryption method to nodes so that nodes cant monitor addresses and transactions which is a much improved version over any other implementation of nodes interacting with the blockchain that I have seen.

Confirmation Speed:

This is a big one and one of the biggest criticisms that Bitcoin has is that transactions take too long to confirm. However this is intentional to allow miners to use their hashing power to get cuts of the transaction and keep the network alive and circulating. The only problem with this is depending on the current average network fees you could be waiting days for your transaction to confirm. In comes the lightening network which offers instant transactions almost like your credit card in how quick transactions are sent. I say "almost" because we have to allow for latency on the network but this is generally zero and your transaction should be sent right away. The blockchain manages transactions differently and actually purposely makes transactions confirm before being sent. This is to check whether all nodes on the network are up to date and a double spend hasn't happened.

However there is a drawback to this. You could continuously keep on sending your transactions on the same payment channel and have they sent instantly and received instantly too. However if you actually want to deposit this amount onto the Blockchain remember that the lightening network is off chain and the Bitcoin won't be deposited or recorded to be on the Blockchain until you decide to deposit it by closing a channel. depending on network usage and a few other factors this usually takes around 10 minutes. This is where things get a little complicated too. If the user that you are sending too requires 6 confirmations because of their business practice or whatever you will still have to wait despite you streamlining the process by using a off chain solution.

There is also another problem when dealing with the lightening networks confirmation. Basically it requires two people to open and close a channel. Opening and closing a channel usually takes around about 10 minutes like previously stated however if one side of the transaction doesn't agree to close the channel then the channel will remain open and this could take up to two weeks to be resolved. Therefore anyone you deal with on the lightening network requires a little bit of trust when dealing with them that they won't just disappear and not close the channel because that could be a pain in the arse for both parties. I can't see why anyone would do this on purpose as it just slows the process down for both but I would think that this does happen.

Fees:
Bitcoin fees can become expensive especially when the network has been congested like in the past. This does not really happen on the lightening network as you are not paying miners to use their hashing rate exactly and instead you are paying for the use of payment channels which every payment channel that you go through will want a cut of the transaction. This is usually pretty low when compared to Bitcoin fees though.

Centralization:
Because of the nature of the Lightening Network it is at danger of becoming centralized. What I mean by centralized is there will be great benefit to those that send transactions on a daily basis to use the same node every time which in time people will see the need of creating what has become known as "super nodes".

The best example I have seen of this is if you were to go to a fast food restaurant and they have created a node for their store in the city. They would keep this node open so that customers could pay instantly without having to create a new channel every time. This could eventually evolve into a nation wide and potentially worldwide payment channel rather than smaller ones being made all the time. America might decide that all american citizens can pay their taxes through the "United States Payment Channel" which would mean greater centralization in nodes.  

The last time I checked the Lightening network did not check for existing channels and it is possible to broadcast to a older payment channel. However the best practice would be to make sure after every transaction the payment channel has been closed unless you are sending transaction fairly regular to justify keeping that payment channel open. My recommendation is to always close payment channels regardless though to increase privacy and decrease the potential of centralization.

It's one of two things. They have collected all emails from public databases and maybe paid for a few dumps too or they just made it up.There have been massive leaks in the last few years from big companies such as yahoo. I'm talking millions so its not unheard of to get that amount of emails. But I very much doubt that if he is indeed selling emails they aren't related to Bitcoin or cryptocurrency.

I think its worth mentioning that anyone selling emails that they haven't collected from their own site and can provide evidence of that is committing fraud and it shouldn't even be allowed on the forums.

Its not what you can do with transactions but the capability of causing massive amounts of panic and pushing the price down of Bitcoin as a result. If all the mining pools which have more than 10% merged together in an attempt of pushing prices down because of the panic which would result as soon as a 51% attack happens then it could both be lucrative for them and a lot of profit could be made.

The price would be pushed down because of the amount of people willing to now sell their coins in fear that Bitcoin is dying. Resulting in more people willing to lower their prices until they find a buyer and eventually the Bitcoin market would crash. Depending on the amount of time spent on the 51% attack depends on the profit that could be generated.

The attacker would have to time it perfect in order to not spend too much money on the resources required to have that amount of computational power directed towards a 51% attack.

Right now is actually a prime time for an attack to do just this. The Bitcoin market would eventually recover once everything evens out and the attack has stopped.

However a lot of trust would be lost with the pools mentioned and I'm not sure what the consequences of this would be.

Even if pools which combined have a total over 50% hash rate combined (which is unlikely due to different goals and agendas) it would not be the death of Bitcoin unless they would be able to continually  keep the hash rate above 51%. Well to be honest they would have to have more hash rate than that to be able to control the vast majority of the network. Something like 75% would likely render the network useless for the time it was being attacked.

51% attack is only effective for the time it is taking place. No one in the world has the motives or funds to tackle this 24/7. Its literally on the spectrum of nuclear war and flying pigs. Its just not worthwhile to anyone other than government operators that wish to take down Bitcoin because its a threat to politics and the banking system.

But then you have a huge amount of people which would be converted into hashing power that would be willing to combat it. These pools could be the ones to defend the network rather than the ones attacking it.

I doubt many people are going to take you up on your suggestion here you come to a forum which the majority of its users like to keep a low profile and will avoid any potential thing that could dox them or prove where about they live.