tokeweed (OP)
Legendary
 Offline
Activity: 4130
Merit: 1461
Life, Love and Laughter...
|
 |
October 09, 2015, 04:28:23 AM |
|
I Broke BitcoinAlister Maclin can break Bitcoin on command. In an email, Maclin said he's been the one spamming the Bitcoin network over the last several days with enough force to compel a Bitcoin exchange to notify its customers that the attack was causing withdrawal issues. Of course, he added, "Alister Maclin" is an alias. In retrospect, I should have been more specific when I asked Maclin if there was a way for me to verify his claims. Normally, confirmation of this kind might come in the form of a cryptographic fingerprint, but when I contacted Maclin over email, he replied in broken English: “I will switch the stress-test on once again for a short period (~10 min) at 17:30 of your local time (there is 00:22 now in Moscow - I wanna sleep). You will see.” Slightly taken aback, I asked if Maclin meant 5:30 PM tomorrow. “Today! Now! I've already started it ten minutes ago  ” he replied. Sure enough, the number of transactions rejected by the Bitcoin network skyrocketed at 5:30 PM on Tuesday afternoon.  At 5:54 PM, Maclin emailed me again. “Switched off,” he wrote. “Now red lines on the third chart will return back to green.” And as it was written, so it was done. Things calmed down, the number of rejected transactions dropped back to normal levels, and the chart’s red spike settled back to green after an hour.  Maclin isn’t the first person to try and break the Bitcoin network. An exchange called Coinwallet.eu previously threw $48,000 USD in Bitcoin to the winds in an attempt to fill the network with tiny spam transactions and slow things down for everyone. By comparison, however, Maclin’s attack was extremely cheap, simple, and effective. Maclin used what’s known as a “malleability attack,” which takes advantage of the time delay between when bitcoins are sent and when the transaction record is included in a block and uploaded to the blockchain for posterity. A script written by Maclin, running on a virtual machine, captures transactions and re-broadcasts them to the Bitcoin network with a slightly different ID, thus creating a duplicate transaction, only one of which can be added to a block. Everybody’s bitcoins still get where they need to go, but it could take hours for the transaction to be confirmed instead of the usual 10 minutes... (cont.'d) More here: http://motherboard.vice.com/read/i-broke-bitcoin |
|
|
|
|
|
| R |
▀▀▀▀▀▀▀██████▄▄
████████████████
▀▀▀▀█████▀▀▀█████
████████▌███▐████
▄▄▄▄█████▄▄▄█████
████████████████
▄▄▄▄▄▄▄██████▀▀ | LLBIT | | | 4,000+ GAMES███████████████████
██████████▀▄▀▀▀████
████████▀▄▀██░░░███
██████▀▄███▄▀█▄▄▄██
███▀▀▀▀▀▀█▀▀▀▀▀▀███
██░░░░░░░░█░░░░░░██
██▄░░░░░░░█░░░░░▄██
███▄░░░░▄█▄▄▄▄▄████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | █████████
▀████████
░░▀██████
░░░░▀████
░░░░░░███
▄░░░░░███
▀█▄▄▄████
░░▀▀█████
▀▀▀▀▀▀▀▀▀ | █████████
░░░▀▀████
██▄▄▀░███
█░░█▄░░██
░████▀▀██
█░░█▀░░██
██▀▀▄░███
░░░▄▄████
▀▀▀▀▀▀▀▀▀ |
| | | | | | .
| | | ▄▄████▄▄
▀█▀▄▀▀▄▀█▀
▄▄░░▄█░██░█▄░░▄▄
▄▄█░▄▀█░▀█▄▄█▀░█▀▄░█▄▄
▀▄█░███▄█▄▄█▄███░█▄▀
▀▀█░░░▄▄▄▄░░░█▀▀
█░░██████░░█
█░░░░▀▀░░░░█
█▀▄▀▄▀▄▀▄▀▄█
▄░█████▀▀█████░▄
▄███████░██░███████▄
▀▀██████▄▄██████▀▀
▀▀████████▀▀ | .
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀
███▀▄▀█████████████████▀▄▀
█████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀
███████▀▄▀██████░█▄▄▄▄▄▄▄▄
█████████▀▄▄░███▄▄▄▄▄▄░▄▀
████████████░███████▀▄▀
████████████░██▀▄▄▄▄▀
████████████░▀▄▀
████████████▄▀
███████████▀ | ▄▄███████▄▄
▄████▀▀▀▀▀▀▀████▄
▄███▀▄▄███████▄▄▀███▄
▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄
▄██▀▄███░░░▀████░███▄▀██▄
███░████░░░░░▀██░████░███
███░████░█▄░░░░▀░████░███
███░████░███▄░░░░████░███
▀██▄▀███░█████▄░░███▀▄██▀
▀██▄▀█▄▄▄██████▄██▀▄██▀
▀███▄▀▀███████▀▀▄███▀
▀████▄▄▄▄▄▄▄████▀
▀▀███████▀▀ | | OFFICIAL PARTNERSHIP
SOUTHAMPTON FC
FAZE CLAN
SSC NAPOLI |
|
|
|
P-Funk
Sr. Member
Offline
Activity: 360
Merit: 250
Token
|
|
October 09, 2015, 04:29:41 AM |
|
Nothing's broken.
|
|
|
|
|
|
|
knight22
Legendary
Offline
Activity: 1372
Merit: 1000
--------------->¿?
|
|
October 09, 2015, 04:43:45 AM |
|
Nothing's broken.
Nope but it caused some annoying disruptions nonetheless. |
|
|
|
|
alwinlinzee
|
|
October 09, 2015, 04:47:31 AM |
|
I dont think Alister Maclin spent huge amount of money to get this done but rather he is a genius who can manipulate codes and java languages but i wish he does not do it again because a lot of people in this community suffers during that attack. |
|
|
|
Hazir
Legendary
Offline
Activity: 1596
Merit: 1005
★Nitrogensports.eu★
|
|
October 09, 2015, 04:54:18 AM |
|
Nothing is broken, and as far I as know no one get scammed or robbed. You could only be in trouble if you accept zero confirmation transactions, and that is rarely, if ever the case. In fact because people like him there we can have that security upgrade already in place. And that is rather good news. |
|
|
|
coinplus
Legendary
Offline
Activity: 1386
Merit: 1058
|
|
October 09, 2015, 04:58:32 AM |
|
I dont think Alister Maclin spent huge amount of money to get this done but rather he is a genius who can manipulate codes and java languages but i wish he does not do it again because a lot of people in this community suffers during that attack. We can request him not to repeat.. But what if a government plan against a decentralized system for the purpose of their own system. So, we need to be ready with a versatile robust system to face any kind of attack. Time to think of changes to withstand any kind of attack. Last time, many people suffered with higher fees and late transaction confirmations. |
|
|
|
|
|
alwinlinzee
|
|
October 09, 2015, 05:10:14 AM |
|
I dont think Alister Maclin spent huge amount of money to get this done but rather he is a genius who can manipulate codes and java languages but i wish he does not do it again because a lot of people in this community suffers during that attack. We can request him not to repeat.. But what if a government plan against a decentralized system for the purpose of their own system. So, we need to be ready with a versatile robust system to face any kind of attack. Time to think of changes to withstand any kind of attack. Last time, many people suffered with higher fees and late transaction confirmations. I think i must agreed with you that all necessary things should be put in place to avoid this type of attack again, bitcoin controls billions of dollars and we should be able to create a powerful defense even if we all have to donate. |
|
|
|
amaclin
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
October 09, 2015, 05:15:42 AM |
|
We can request him not to repeat.. Would you like to pay also? |
|
|
|
|
VirosaGITS
Legendary
Offline
Activity: 1302
Merit: 1068
|
|
October 09, 2015, 05:21:24 AM |
|
We can request him not to repeat.. Would you like to pay also? Hell no. I welcome these kinds of attacks. People who cause TX spam or any kind of attack against the network now is a boon. We need to get all the vulnerabilities out of the way. People that find way to disrupt the network until the issue get patched should be getting security bounty rewards. |
|
|
|
amaclin
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
October 09, 2015, 05:26:27 AM |
|
We need to get all the vulnerabilities out of the way. 1) Are you sure that every problem has a solution? (I am talking not about bitcoin, this is generic question) 2) Why should somebody fix vunerability if you do not want to pay for fixing? |
|
|
|
|
Kakmakr
Legendary
Offline
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
|
|
October 09, 2015, 05:31:52 AM |
|
What would be the goal behind this? Is this a white hat, just showing the possible exploits in the network or are there other motives behind this? In the end this will lead to more people not trusting the Bitcoin network and deciding to give up on the whole idea. Yes, Bitcoin was not brought down with this attack, but it is very disruptive. If the goal is to identify holes in the system, it should be submitted to the core developers and tested on the TestNet not on the live Blockchain.
It is not fun anymore and it disrupts business, if it delays transactions.
|
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
VirosaGITS
Legendary
Offline
Activity: 1302
Merit: 1068
|
|
October 09, 2015, 05:33:02 AM |
|
We need to get all the vulnerabilities out of the way. 1) Are you sure that every problem has a solution? (I am talking not about bitcoin, this is generic question) 2) Why should somebody fix vunerability if you do not want to pay for fixing? 1)Yes in a way or another. There is always a way for a problem to not be a problem anymore. No matter what. 2)A bounty paid from a miner tax would not be bad. I bet a system were someone find an exploit, come up with a solution and set a bounty, submit it for vote to miners. Change get implemented, next 1000 blocks have 0.01% reward sent to bounty. So sure i would pay. But i would never pay someone who is just black mailing. For example those DDoS kid extorting small pools to pay or else they get DDoS'd. |
|
|
|
Quickseller
Copper Member
Legendary
Offline
Activity: 2996
Merit: 2374
|
|
October 09, 2015, 05:33:10 AM |
|
Everybody’s bitcoins still get where they need to go, but it could take hours for the transaction to be confirmed instead of the usual 10 minutes Ummm, why exactly would it take longer to confirm because of transaction malleability? I think someone is confused.... |
|
|
|
|
TheGr33k
|
|
October 09, 2015, 05:35:34 AM |
|
Everybody’s bitcoins still get where they need to go, but it could take hours for the transaction to be confirmed instead of the usual 10 minutes Ummm, why exactly would it take longer to confirm because of transaction malleability? I think someone is confused.... It seems like people are pretending like they're waiting for the conflicted transaction to verify itself.. The transaction that gets approved gets approved just as quickly as any other regular transaction does. People are blowing this problem way out of proportion because it looks scary. It's unfortunate to see so much panic, but what can you expect from the public.. Hopefully it will get patched soon and we can all shh |
|
|
|
|
VirosaGITS
Legendary
Offline
Activity: 1302
Merit: 1068
|
|
October 09, 2015, 05:35:41 AM |
|
Everybody’s bitcoins still get where they need to go, but it could take hours for the transaction to be confirmed instead of the usual 10 minutes Ummm, why exactly would it take longer to confirm because of transaction malleability? I think someone is confused.... He is confusing this issue with the spam attack that raised the miner tx fee for sure. This malleability attack has nothing to do with that and sure a lot of transaction DOUBLE get rejected, that doesn't mean its not business as usual. |
|
|
|
|
TheGr33k
|
|
October 09, 2015, 05:37:49 AM |
|
Everybody’s bitcoins still get where they need to go, but it could take hours for the transaction to be confirmed instead of the usual 10 minutes Ummm, why exactly would it take longer to confirm because of transaction malleability? I think someone is confused.... He is confusing this issue with the spam attack that raised the miner tx fee for sure. This malleability attack has nothing to do with that and sure a lot of transaction DOUBLE get rejected, that doesn't mean its not business as usual. Sometimes script kitties like to pretend like anything out of the ordinary is spectacular and they're virtual gods in their own right. They try to show off, get publicity and pretend like they're rich because of these things because then they can lure in other scammers to scam them, and who would be there to stop them ? |
|
|
|
|
amaclin
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
October 09, 2015, 05:43:48 AM |
|
Sometimes script kitties like to pretend like anything out of the ordinary is spectacular and they're virtual gods in their own right. They try to show off, get publicity and pretend like they're rich because of these things because then they can lure in other scammers to scam them, and who would be there to stop them ? Are you talking about bitcointers?  I saw a very long topic they pretend to be "new elite" |
|
|
|
|
|
TheGr33k
|
|
October 09, 2015, 05:48:08 AM |
|
Sometimes script kitties like to pretend like anything out of the ordinary is spectacular and they're virtual gods in their own right. They try to show off, get publicity and pretend like they're rich because of these things because then they can lure in other scammers to scam them, and who would be there to stop them ? Are you talking about bitcointers? I saw a very long topic they pretend to be "new elite" All I know is the more the security flaws of bitcoin get exploited while we're still in the early stages, the better. I'm going to go ahead and tip my hat to any and everyone involved in making the blockchain more secure. Bitcoin protocol needs to be drilled repeatedly until it's going to have any valuable usage in the real world. Thank you for your service, soldier.  |
|
|
|
|
Guido
Legendary
Offline
Activity: 1061
Merit: 1001
|
|
October 09, 2015, 05:48:44 AM |
|
thanks for link to story tokeweed
very annoying but does need addressing
I have little faith in the core developers or foundation to agree zip these days
plus it takes them months, years to even code something small, then they make out their genius'
maybe this guy is doing us a favour in a way
but what if multiple people start doing it? what if he makes his 100 line code opensource
exchanges like cryptsy can't even get basic wallets for alts resynced in over a week. then shut down btc wallet for withdrawals due to this issue for days
shows how fragile things are right now
it would only take a few of these guys to affect price in a bad way, add block debate to conversation too
|
I am Bonkers BTW
Crypto OG
+
Digital Artist
|
|
|
|
