Bitcoin Network is under sybil attack

[chek2fire]

I think bitcoin network is official under sybil attack atm. We have atm 1137 (13.84%) nodes from a single provider Choopa, LLC

https://bitnodes.21.co/nodes/?q=Choopa,%20LLC

and next we have 917 (11.16%) nodes from Amazon.com, Inc.
This is a very dangerous situation and i dont know how anyone cant react to this.

[1714940210]

1714940210

[Jet Cash]

Well I'll try to run my core 0.12 node as much as possible. I'm afraid I am only able to run 1 node, but I'll do that if it will help.

[--Encrypted--]

forgive my ignorance but how dangerous is this kind of attack? I've just read about it here and looks like the worst the attackers can do if they're succesful is not relaying anything to anyone. which sounds pretty bad.

[xhomerx10]

Well Choopa (via VULTR) has virtual private servers from $0.007 per hour (1 CPU, 15GB SSD, 768MB memory and 1TB bandwidth) and they give you $5 for signing up (which is also the monthly cost of the server listed above) and dedicated servers (beefier) starting at $.089 per hour.  Seems like somebody should inform them of the abuses happening on their service.  It might even save them some money.

[BARR_Official]

So it could be hundreds of different people renting these nodes, and not Amazon trying to attack Bitcoin

[Alley]

Here is my reaction.  Yawn...

[exstasie]

So it could be hundreds of different people renting these nodes, and not Amazon trying to attack Bitcoin

Classic nodes went up 1300-1400 in a day. You saying 1300-1400 people brought nodes online all at once? Not saying it's impossible, but pretty unlikely. There is someone now boasting on reddit about owning 800 nodes in the cloud, paid through May.

It shouldn't need to be said, but one person controlling 800 nodes can do more harm to the network than good. Sure, they can help bootstrap new nodes and relay blocks. But that level of centralization means that nodes that are predominantly communicating with his nodes are open to Sybil attack.

I validate on a listen-only node, so my Core node does not count towards "reachable nodes." But I assure you, I will only be running Core. In any case I don't find one person running hundreds of nodes a compelling reason to support a Classic fork. LOL. Sybil away, Classikkers! We'll see how far you get.

[Hirose UK]

I think bitcoin network is official under sybil attack atm. We have atm 1137 (13.84%) nodes from a single provider Choopa, LLC

https://bitnodes.21.co/nodes/?q=Choopa,%20LLC

and next we have 917 (11.16%) nodes from Amazon.com, Inc.
This is a very dangerous situation and i dont know how anyone cant react to this.

let me make something clear here. what is sybil? is that an organization, a community, a system or a name? because I thought it was a system, but I found a thread in Press section that said that sybil is a woman's name. so tell me what sybil is.

then how dangerous is the situasion? what can we do for the solution?

[exstasie]

I think bitcoin network is official under sybil attack atm. We have atm 1137 (13.84%) nodes from a single provider Choopa, LLC

https://bitnodes.21.co/nodes/?q=Choopa,%20LLC

and next we have 917 (11.16%) nodes from Amazon.com, Inc.
This is a very dangerous situation and i dont know how anyone cant react to this.

let me make something clear here. what is sybil? is that an organization, a community, a system or a name? because I thought it was a system, but I found a thread in Press section that said that sybil is a woman's name. so tell me what sybil is.

then how dangerous is the situasion? what can we do for the solution?

https://en.bitcoin.it/wiki/Weaknesses#Sybil_attack

Named for: https://en.wikipedia.org/wiki/Sybil_(book)

[Kakmakr]

These people did the same thing, when we had the XT vs Core battle and they ran several virtual XT servers running to bump the XT statistics. I do not know how effective this strategy will be, because Bitcoin makes these attacks more difficult by only making an outbound connection to one IP address per /16 (x.y.0.0). Incoming connections are unlimited and unregulated, but this is generally only a problem in the anonymity case, where you're probably already unable to accept incoming connections.

I wonder how strong these services are against Denial of Service (DoS) attacks?

[chek2fire]

Nodes is a very important part of bitcoin ecosystem and the last defend in malicious attack from miners. For example in 51% malicious attack nodes can prevent the miner to destroy the network. In a hard fork scenario again nodes can block to relay the the new blocks and transactions.
The other danger think with such a sybil attack is that someone can easy use all of this nodes to get some informations from bitcoin transactions like to identify from where this transactions came from

[Lauda]

Here an nice article that does some analysis in regards to this problem: A date with Sybil.

Classic nodes went up 1300-1400 in a day. You saying 1300-1400 people brought nodes online all at once? Not saying it's impossible, but pretty unlikely. There is someone now boasting on reddit about owning 800 nodes in the cloud, paid through May.

All their nodes are controller by less than 300 people. They're using this to show that there is "support" for Classic. However, they're just trying to manipulate people as this is not really the case (read the linked article). I've actually read a claim (somewhere on /r/btc) from someone saying that they're behind 800 of such nodes (I have no idea whether this is true).

[AliceWonderMiscreations]

Is there a range of IP addresses that can be blacklisted in the client to avoid connecting to nodes on these cloud providers?

I'd rather not connect to nodes that are mass produced not knowing what their intentions might be.

Sure it is doubtful all 8 of my connections will end up with one of these clowns, but I want the redundancy of 8 nodes that are not up to no good.

[hdbuck]

yawn.

such impotent forkers

[Zarathustra]

Here an nice article that does some analysis in regards to this problem: A date with Sybil.

Classic nodes went up 1300-1400 in a day. You saying 1300-1400 people brought nodes online all at once? Not saying it's impossible, but pretty unlikely. There is someone now boasting on reddit about owning 800 nodes in the cloud, paid through May.

All their nodes are controller by less than 300 people.

70% of hash power is controlled by 3 Chinese people whith whom Blockstream/Core signs backroom deals.

[valiz]

95% of Classic nodes are in tech clouds. A phonecall and they're finished.

[chek2fire]

Here an nice article that does some analysis in regards to this problem: A date with Sybil.

Classic nodes went up 1300-1400 in a day. You saying 1300-1400 people brought nodes online all at once? Not saying it's impossible, but pretty unlikely. There is someone now boasting on reddit about owning 800 nodes in the cloud, paid through May.

All their nodes are controller by less than 300 people.

70% of hash power is controlled by 3 Chinese people whith whom Blockstream/Core signs backroom deals.

This is not a problem at all because no one node control more than 30% of this hash power. Expect that you think chinese people act like zerg. What will you say if the same power controlled from white people in Zurich or in Usa? I am very sure that then you will have no problem with this situation. To find a centrilized mining problem look to any other altcoin not to bitcoin. For example in ehtereum one single node has 49% of hashpower atm.

[Zarathustra]

Here an nice article that does some analysis in regards to this problem: A date with Sybil.

Classic nodes went up 1300-1400 in a day. You saying 1300-1400 people brought nodes online all at once? Not saying it's impossible, but pretty unlikely. There is someone now boasting on reddit about owning 800 nodes in the cloud, paid through May.

All their nodes are controller by less than 300 people.

70% of hash power is controlled by 3 Chinese people whith whom Blockstream/Core signs backroom deals.

This is not a problem at all because no one node control more than 30% of this hash power. Expect that you think chinese people act like zerg. What will you say if the same power controlled from white people in Zurich or in Usa? I am very sure that then you will have no problem with this situation. To find a centrilized mining problem look to any other altcoin not to bitcoin. For example in ehtereum one single node has 49% of hashpower atm.

The logic of the Blockstream/Core supporters: a concentration at 300 people is a problem - a concentration at 3 people is not.

[chek2fire]

if we were a small team then the hard fork will happen 6 months before and we will not have all this every day drama and whining. Take out from your bubble and see what really happen. The financial system want to crap bitcoin and do a small part of it.

[Zarathustra]

if we were a small team then the hard fork will happen 6 months before and we will not have all this every day drama and whining. Take out from your bubble and see what really happen. The financial system want to crap bitcoin and do a small part of it.

BlockstR3eam/PWC/AXA/China

[hdbuck]

if we were a small team then the hard fork will happen 6 months before and we will not have all this every day drama and whining. Take out from your bubble and see what really happen. The financial system want to crap bitcoin and do a small part of it.

BlockstR3eam/PWC/AXA/China

awww, fork off already.

[chek2fire]

today Classic supporters wake up and decide altogether to switch off their nodes..

[Zarathustra]

if we were a small team then the hard fork will happen 6 months before and we will not have all this every day drama and whining. Take out from your bubble and see what really happen. The financial system want to crap bitcoin and do a small part of it.

BlockstR3eam/PWC/AXA/China

awww, fork off already.

Forking and Revolution is a process, not an event.

[chek2fire]

ok... whatever you say 

[franky1]

Anyway, i hope they run out of money before their plan succeed

i too am not happy about the sybil attack and i hope that the core fanboys abusing amazons free trial fail for their propoganda mission to fake classic nodes to spread doomsday scenarios about why people should join the blockstream cult and be controlled by blockstream.

i know the blockstream shills are grabbing funds under the pretense of pretending to be classic supporters, to then abuse the amazon trial and keep the funds to themselves.

i really wish people would see through all that drama of core vs classic and just think about code and community. having the buffer AND segwit prepares everyone for any eventuality without contention. yet it seems blockstream love contention as it strokes their ego.

so folks stop stroking anyones ego and just protect yourself by having the code for all features available. then there is no contention or debate or corporate control.

[Zarathustra]

Anyway, i hope they run out of money before their plan succeed

i too am not happy about the sybil attack and i hope that the core fanboys abusing amazons free trial fail for their propoganda mission to fake classic nodes to spread doomsday scenarios about why people should join the blockstream cult and be controlled by blockstream.

i know the blockstream shills are grabbing funds under the pretense of pretending to be classic supporters, to then abuse the amazon trial and keep the funds to themselves.

i really wish people would see through all that drama of core vs classic and just think about code and community. having the buffer AND segwit prepares everyone for any eventuality without contention. yet it seems blockstream love contention as it strokes their ego.

so folks stop stroking anyones ego and just protect yourself by having the code for all features available. then there is no contention or debate or corporate control.

BTW, The debunking of the SegWit Fraud of the charlatans@blockstream-core and its cheerleaders is progressing with exponentially increasing speed, the nearer the arrival of that monster comes and threatens the community.

https://www.reddit.com/r/btc/comments/4amfpi/iguana_bitcoin_full_node_developer_jl777_argues/
https://bitcointalk.org/index.php?topic=1398994.0

[watashi-kokoto]

BTW, The debunking of the SegWit Fraud of the charlatans@blockstream-core and its cheerleaders is progressing with exponentially increasing speed, the nearer the arrival of that monster comes and threatens the community.

Do they at least pay you well? If so, what are the other benefits?

EDIT: being a corporate shill must be really terrible, sitting in the cubicle, I guess they have quota of how many posts you need to make.

tell us more I'm really curious

[Zarathustra]

BTW, The debunking of the SegWit Fraud of the charlatans@blockstream-core and its cheerleaders is progressing with exponentially increasing speed, the nearer the arrival of that monster comes and threatens the community.

Do they at least pay you well? If so, what are the other benefits?

EDIT: being a corporate shill must be really terrible, sitting in the cubicle, I guess they have quota of how many posts you need to make.

tell us more I'm really curious

Yes, tell us something about your salary you get from BlockstR3am/PWC/AXA/TPTB.

[BellaBitBit]

Nodes is a very important part of bitcoin ecosystem and the last defend in malicious attack from miners. For example in 51% malicious attack nodes can prevent the miner to destroy the network. In a hard fork scenario again nodes can block to relay the the new blocks and transactions.
The other danger think with such a sybil attack is that someone can easy use all of this nodes to get some informations from bitcoin transactions like to identify from where this transactions came from

thank you for this explanation, I think I understand more about nodes.  In regards to the last sentence - Aren't transactions traceable to someones identity anyway?

[actmyname]

Nodes is a very important part of bitcoin ecosystem and the last defend in malicious attack from miners. For example in 51% malicious attack nodes can prevent the miner to destroy the network. In a hard fork scenario again nodes can block to relay the the new blocks and transactions.
The other danger think with such a sybil attack is that someone can easy use all of this nodes to get some informations from bitcoin transactions like to identify from where this transactions came from

thank you for this explanation, I think I understand more about nodes.  In regards to the last sentence - Aren't transactions traceable to someones identity anyway?

Only their wallet (unless they mix them) and the wallet addresses but I'm under the assumption that controlling the nodes would allow access to the transaction origin's IP address? Correct me if I'm wrong, I'm not too advanced in this subject.

[franky1]

BTW, The debunking of the SegWit Fraud of the charlatans@blockstream-core and its cheerleaders is progressing with exponentially increasing speed, the nearer the arrival of that monster comes and threatens the community.

https://www.reddit.com/r/btc/comments/4amfpi/iguana_bitcoin_full_node_developer_jl777_argues/
https://bitcointalk.org/index.php?topic=1398994.0

Here is my mindset.

have both 2mb AND segwit to protect yourself and to be a true full node capable of validating anything that comes in the future. to avoid contention and control.

but personally make standard old fashioned transactions. .. and here is why


as you can see. if we stay at 1mb and blindly follow blockstreams roadmap. then the real full archival node POTENTIAL bloat of segwit is 1.9mb for 3800 transactions.
compared to 2mb block of old fashioned transactions being 4000tx for 2mb. (yes you may think its a small difference, but read on)

and if you then add on blockstreams other roadmap feature Confidential Payment Codes(CPC) which adds another 250bytes to each tx. then those 3800 transactions per 1mb block balloon upto 2.85mb

so if everyone done a SW+CPC transaction instead of a standard transaction. then they are filling up hard drives by nearly 3mb for just 3800 transactions.
yet if everyone done standard old fashioned transactions in a 2mb block. the blocks would only be 2mb each (at most) for4000 tx.. (instead of 2.85mb on the roadmap)

so i did laugh when blockstream shills doomsdayed the 2mb block being too much bloat. yet saying that the blockstream roadmap was not bloat.(hello wake up!! 1mb blockstream roadmap features =2.85mb potential bloat!, 2mb standard tx=2mb potential bloat.)

so with 2mb+SW+CPC code in EVERY node.. it can allow UPTO 5.7mb of bloat per block. BUT. as long as people only do and prefer to do standard transaction we can have 4000 tx for 2mb
if things bottleneck people can go to SW transaction types for 7600..(as a last resort/backup plan)
but i really hope blockstream doesnt force CPC as a standard feature. because not only would that over bloat the transactions. but no longer make the bitcoin transparant ledger as transparant. and people will no longer be able to fully validate the blockchain because the numbers dont add up. causing risks to bugs and hacks of creating newcoin.

blockstream are delaying 2mb for one reason. they want CPC invente first and to use the 2mb not as real capacity growth. but to cover the bloat caused by CPC.

dont blindly follow the roadmap. get the 2mb buffer in sooner and cover yourself for all future developments because a corporation forces you down a single lane of one way traffic heading towards a traffic jam.

[hdbuck]

^

1MB is not "blockstream roadmap" you idiot.

you can bitch about it all you want, they are powerless, and just as core devs are.

its all about the consensus.

[chek2fire]

my bad english cant help to answer to you but you are very wrong with what you say. Big block create many problems especially to miners and especially to relay problems. They all know this in mining system and they find it with through the recent spam attack.
Is not only a deal with blockstream or evil core team.  Is a deal because they have a very serious tech reason behind it./

[Kprawn]

This Sybil attack should open some people's eyes to another vulnerability in the consensus model, if these spoof nodes are deemed to be valid nodes. If anyone else with enough money can do this

attack successfully, we need to consider another approach to this problem. The people with economic interest in Bitcoin failing, could fund a sustained attack for months and the only counter for that

will be to fund a opposing implementation with more spoofed nodes.   

[franky1]

my bad english cant help to answer to you but you are very wrong with what you say. Big block create many problems especially to miners and especially to relay problems. They all know this in mining system and they find it with through the recent spam attack.
Is not only a deal with blockstream or evil core team.  Is a deal because they have a very serious tech reason behind it./

1. POOLS handle the tx validations and propagation, not the individual miners(asics).. in china. there are warehouses of miners(asics) but the pool handling the proper data are in iceland switzerland, america etc.
miners are just handed a piece of data AFTER the pool has combined and validated a few thousand txs, the asics job is then to hash out a piece of data that is not the whole block.. they contain no hard drives, the asics do not check balances or signatures. they just hash a small piece of data over and over. again it is the pools central server that does all of that and the pools central server is not hindered by the chinese fire wall because they dont have the pool server in china.

the ASIC miners are in china because they want the factory very close to the manufacturer to save hours/days on delivery of new units.

EG
i can join eligius pool which is not hosted in china, using an asic miner held in china. and the china firewall will not restrict my miner in any way because the data my miner handles is not the same data the pool handles.

anyone else debating the bloat argument should really compare 2mb old style txs to a blockstream roadmapped segwit+confidential payment codes and see that its blockstream that are more bloated and offering less transactions per megabyte

[bebeko]

I think Chinese were under this sybil attack. Because of their greediness attitude it is possible that Chinese people that are mining bitcoin were responsible for doing this.

[chek2fire]

Nodes is a very important part of bitcoin ecosystem and the last defend in malicious attack from miners. For example in 51% malicious attack nodes can prevent the miner to destroy the network. In a hard fork scenario again nodes can block to relay the the new blocks and transactions.
The other danger think with such a sybil attack is that someone can easy use all of this nodes to get some informations from bitcoin transactions like to identify from where this transactions came from

thank you for this explanation, I think I understand more about nodes.  In regards to the last sentence - Aren't transactions traceable to someones identity anyway?

it happens before in tor network where a successfully sybil attack from Fbi, NSA? was id the users of the network. I am very sure the same can happen and to bitcoin network and recover transactions id especially from thin wallet that has the flaw to connect to only to few nodes

[chek2fire]

my bad english cant help to answer to you but you are very wrong with what you say. Big block create many problems especially to miners and especially to relay problems. They all know this in mining system and they find it with through the recent spam attack.
Is not only a deal with blockstream or evil core team.  Is a deal because they have a very serious tech reason behind it./

1. POOLS handle the tx validations and propagation, not the individual miners(asics).. in china. there are warehouses of miners(asics) but the pool handling the proper data are in iceland switzerland, america etc.
miners are just handed a piece of data AFTER the pool has combined and validated a few thousand txs, the asics job is then to hash out a piece of data that is not the whole block.. they contain no hard drives, the asics do not check balances or signatures. they just hash a small piece of data over and over. again it is the pools central server that does all of that and the pools central server is not hindered by the chinese fire wall because they dont have the pool server in china.

the ASIC miners are in china because they want the factory very close to the manufacturer to save hours/days on delivery of new units.

EG
i can join eligius pool which is not hosted in china, using an asic miner held in china. and the china firewall will not restrict my miner in any way because the data my miner handles is not the same data the pool handles.

anyone else debating the bloat argument should really compare 2mb old style txs to a blockstream roadmapped segwit+confidential payment codes and see that its blockstream that are more bloated and offering less transactions per megabyte

first time i read about this scenario. Are you sure about this? Can you prove it?

[chek2fire]

 Choopa, LLC disappear from node count almost completely and from 1000+ nodes today has only (48)!

[ATguy]

today Classic supporters wake up and decide altogether to switch off their nodes..

Yes, with Core nodes switching off at the same time! Just seems like one VSP got offline and virtual servers seems to be good choice for part of Classic and Core nodes. So no sybil attack at all.

Unfortunatelly Classic nodes have to be at cloud services because of ongoing DDoS attacks, but why so many Core nodes are at cloud services when no registered DDoS attacks against Core nodes

[chek2fire]

because with one good vps server you can accept more connections than a home server.

[watashi-kokoto]

Yes, tell us something about your salary you get from BlockstR3am/PWC/AXA/TPTB.

Tell us more about those amazing clients, great deals and bosses, and the objectives you have.

you're my favourite shill

[chek2fire]

I really like to know and someone from Classic team to inform us how much will cost us per month to use the after fork Coinbase bitcoin version with this big data centers from nodes to relay every day transactions?

[ATguy]

because with one good vps server you can accept more connections than a home server.

So do you still consider it as a sybil attack by mix of Classic and Core nodes, or you just close the thread to dont continue to spread FUD when you acknowledge yourselves some people are preffering to use good vps server because of better bandwith (and DDoS protection) and not as a intention to attack Bitcoin network ?

[chek2fire]

because with one good vps server you can accept more connections than a home server.

So do you still consider it as a sybil attack by mix of Classic and Core nodes, or you just close the thread to dont continue to spread FUD when you acknowledge yourselves some people are preffering to use good vps server because of better bandwith (and DDoS protection) and not as a intention to attack Bitcoin network ?

Fud is the whining for 6 months about the "death" of bitcoin from a small group of ppl and not this thread. Centralization of bitcoin nodes and attack like this that happen before some hours is a very serious problem and no one can take it so easy.

[Lauda]

So do you still consider it as a sybil attack by mix of Classic and Core nodes, or you just close the thread to dont continue to spread FUD when you acknowledge yourselves some people are preffering to use good vps server because of better bandwith (and DDoS protection) and not as a intention to attack Bitcoin network ?

So you really think that somebody who allegedly created 800 full nodes is doing this to support the network? Where have they been this whole time? What a joke.

Centralization of bitcoin nodes and attack like this that happen before some hours is a very serious problem and no one can take it so easy.

No one besides the people who are behind it.

[franky1]

first time i read about this scenario. Are you sure about this? Can you prove it?

what part?

ok heres an image to help


A= world wide bitcoin network
B= a mining pools network.
C= a pool, note a pool can be anywhere in the world, does not need physical attachment to a stratum location or asic location
E=a stratum servers, note a stratum can be anywhere in the world, does not need physical attachment to a pool location or asic location
F=a asic miner, note a asic can be anywhere in the world, does not need physical attachment to a pool location or stratum location

ok.. now then the pool(a) handles the transaction validation and decides what transactions it needs to put into a block. it then makes a BLOCKHEADER and sends that over the internet to the stratum servers(d). these stratum servers then over the internet send this small blockheader along with the difficulty required to the asics(f)

please note that that the asics do not receive 1mb of data that is 2000 transactions(based on a full block) they receive a blockheader and a difficulty and they transmit back a possible solution.(said it twice incase you glossed over it)

to clarify:
asics, stratums and pools do not send out every hash attempt to the bitcoin network and pools do not send every transaction to the stratum/asics..

so no matter how many transactions a block may have. an asic does not care, because all they handle is a blockheader and subsequent hashs. not full blocks.
no matter if the asic is in china and the pool is in iceland. an asic does not care, because all they handle is blockheader and subsequent hashs. not full blocks.

so many pools have asic farms in china so they can be just an hour delivery away from the asic manufacturers, rather then days oversea's shipping.
but the POOL server can be anywhere in the world. because what a pool handles (true blocks headers and hashes) vs what the asic handles(headers and hashes) are 2 different things.

[chek2fire]

first time i read about this scenario. Are you sure about this? Can you prove it?

what part?

ok heres an image to help


A= world wide bitcoin network
B= a mining pools network.
C= a pool, note a pool can be anywhere in the world, does not need physical attachment to a stratum location or asic location
E=a stratum servers, note a stratum can be anywhere in the world, does not need physical attachment to a pool location or asic location
F=a asic miner, note a asic can be anywhere in the world, does not need physical attachment to a pool location or stratum location

ok.. now then the pool(a) handles the transaction validation and decides what transactions it needs to put into a block. it then makes a BLOCKHEADER and sends that over the internet to the stratum servers(d). these stratum servers then over the internet send this small blockheader along with the difficulty required to the asics(f)

please note that that the asics do not receive 1mb of data that is 2000 transactions(based on a full block) they receive a blockheader and a difficulty and they transmit back a possible solution.(said it twice incase you glossed over it)

to clarify:
asics, stratums and pools do not send out every hash attempt to the bitcoin network and pools do not send every transaction to the stratum/asics..

so no matter how many transactions a block may have. an asic does not care, because all they handle is a blockheader and subsequent hashs. not full blocks.
no matter if the asic is in china and the pool is in iceland. an asic does not care, because all they handle is blockheader and subsequent hashs. not full blocks.

so many pools have asic farms in china so they can be just an hour delivery away from the asic manufacturers, rather then days oversea's shipping.
but the POOL server can be anywhere in the world. because what a pool handles (true blocks headers and hashes) vs what the asic handles(headers and hashes) are 2 different things.

ok i can understand what you say. My question is where is the servers of Antpool and other chinese miners if it outside China.

[ATguy]

So you really think that somebody who allegedly created 800 full nodes is doing this to support the network? Where have they been this whole time?

If we assume 150 Core nodes and 650 Classic nodes, then it fits the much higher DDoS risk for Classic nodes, thus the need to run on good DDoS protected vps. Classic is new, so these had to come recently. Such Core nodes maybe just come recently as well to pretend as Core nodes not switching to Classic (which is happening).

Probably both such Core and Classic nodes are run to support network with fully validating nodes, not to attack it (unless you can prove such malicious intend).

PS: I assume the pic representing BlockStream, at least it fits so well

[franky1]

So do you still consider it as a sybil attack by mix of Classic and Core nodes, or you just close the thread to dont continue to spread FUD when you acknowledge yourselves some people are preffering to use good vps server because of better bandwith (and DDoS protection) and not as a intention to attack Bitcoin network ?

bitnodes incentive 2015

needs we say more about sybil attacks based on core design

[franky1]

If we assume 150 Core nodes and 650 Classic nodes, then it fits the much higher DDoS risk for Classic nodes, thus the need to run on good DDoS protected vps. Classic is new, so these had to come recently. Such Core nodes maybe just come recently as well to pretend as Core nodes not switching to Classic (which is happening).

Probably both Core and Classic nodes are run to support network with fully validating nodes, not to attack it (unless you can prove such malicious intend).

PS: I assume the pic representing BlockStream, at least it fits so well

are you also forgetting the other few hundred core nodes(majority) using other VPS (OVH SAS) (Hetzner)
what about BTCC's 100 node campaign

what about the raspberry Pi node campaign more recently?

[ATguy]

are you also forgetting the other few hundred core nodes(majority) using other VPS (OVH SAS) (Hetzner)

Are there even data how many nodes are only home based? I assume home based are mostly running only part of the time during a day, which based on the Core periodic daily fluctuation seems few hundrend, maybe up to one thousand home nodes only.

what about the raspberry Pi node campaign more recently?

Running full node on such obsolete and low spec computer ? Pi has indeed future only with BlockStream, but it is not good Bitcoin future if full nodes must be compatible with such low spec computers as Pi...

[LiteCoinGuy]

So it could be hundreds of different people renting these nodes, and not Amazon trying to attack Bitcoin

Classic nodes went up 1300-1400 in a day. You saying 1300-1400 people brought nodes online all at once? Not saying it's impossible, but pretty unlikely. There is someone now boasting on reddit about owning 800 nodes in the cloud, paid through May.

[chrisvl]

there are no limits no one can prevent someone to run node,peoples try to save money using cheap hosts,

[Lauda]

If we assume 150 Core nodes and 650 Classic nodes, then it fits the much higher DDoS risk for Classic nodes, thus the need to run on good DDoS protected vps. Classic is new, so these had to come recently. Such Core nodes maybe just come recently as well to pretend as Core nodes not switching to Classic (which is happening).

Core nodes are not switching to Classic. This is false, unless you're saying that somebody is managing to fool the chart by replacing a node every time somebody changed. This would have to be timed properly, and would honestly not make sense. Classic supporters (e.g. Armstrong) are actively supporting the Sybil attack. If they really wanted to support the network, they'd at least distribute their nodes among many datacenters.

PS: I assume the pic representing BlockStream, at least it fits so well

It doesn't fit (yet) and hopefully won't. Maybe I should have added the word Classic somewhere for clarification.

[chrisvl]

Lauda are you wrong is not only armstrong classic supporter,Armstrong have money and can pay for differently datacenters,the peoples do everything they can to save money,and choose cheap datacenters if you don't like it please offer money to those peoples to change datacenters if you can't do that don't speak for many datacenters

[Lauda]

Lauda are you wrong is not only armstrong classic supporter,Armstrong have money and can pay for differently datacenters,the peoples do everything they can to save money,and choose cheap datacenters if you don't like it please offer money to those peoples to change datacenters if you can't do that don't speak for many datacenters

No, I'm not. If you want to support the network, then do it right. There are plenty of places where it won't cost you a fortune. This is one of the services that is being used to spread the attack, however it seems to have more locations available now (IIRC). There was at least 1 tweet of Brian asking people to join in. Additionally it is worth keeping in mind that only 1 out of 4 of those nodes is a full node. The rest are pruned nodes.
Did you not see this?

[franky1]

ok i can understand what you say. My question is where is the servers of Antpool and other chinese miners if it outside China.

san fransisco - https://myip.ms/info/whois/104.20.54.190/k/55850274/website/antpool.com

anywhere in the world

[chrisvl]

Lauda are you wrong is not only armstrong classic supporter,Armstrong have money and can pay for differently datacenters,the peoples do everything they can to save money,and choose cheap datacenters if you don't like it please offer money to those peoples to change datacenters if you can't do that don't speak for many datacenters

No, I'm not. If you want to support the network, then do it right. There are plenty of places where it won't cost you a fortune. This is one of the services that is being used to spread the attack, however it seems to have more locations available now (IIRC). There was at least 1 tweet of Brian asking people to join in. Additionally it is worth keeping in mind that only 1 out of 4 of those nodes is a full node. The rest are pruned nodes.
Did you not see this?

It is obvious your love to Bitcoin Classic

[exstasie]

Here an nice article that does some analysis in regards to this problem: A date with Sybil.

Classic nodes went up 1300-1400 in a day. You saying 1300-1400 people brought nodes online all at once? Not saying it's impossible, but pretty unlikely. There is someone now boasting on reddit about owning 800 nodes in the cloud, paid through May.

All their nodes are controller by less than 300 people.

70% of hash power is controlled by 3 Chinese people whith whom Blockstream/Core signs backroom deals.

To be fair, pool admins will lose control of hash power quickly if they go against their miners' interests. Just look at Ghash.io.

Regarding "backroom deals" (), Eric at HaoBTC indicated that Jeff Garzik similarly met with Chinese miners to facilitate support of Classic. After meeting with him they decided against it.

Many Chinese Bitcoiners - not only miners, but also exchanges and wallet services, originally supported Classic for its support of 2MB block size, but after meeting Jeff Garzik in Beijing, many backtracked because they didn't believe that the team behind is capable or there is a roadmap.

The logic of the Blockstream/Core supporters: a concentration at 300 people is a problem - a concentration at 3 people is not.

Please tell us about your solution to mining centralization that has somehow been lost on the entire community.

Oh, and on the subject of mining centralization: https://www.reddit.com/r/bitcoin_devlist/comments/3bsvm9/mining_centralization_pressure_from_nonuniform/

[exstasie]

Unfortunatelly Classic nodes have to be at cloud services because of ongoing DDoS attacks

That's not really an excuse. There also is not evidence of the scope of this effect. Let us know how it works out after a fork when hardly any Classic users run their own nodes and they depend on a few entities controlling all their nodes on a cloud service. :popcorn:

[btcltccoins]

No need to worry about bitcoins. Even if it iis under attack, it wont be
defeated so easily. Bitcoin miners will come to a solution as always. So as a bitcoin user there is nothing
to worry about at the present.

[ATguy]

Unfortunatelly Classic nodes have to be at cloud services because of ongoing DDoS attacks

That's not really an excuse. There also is not evidence of the scope of this effect. Let us know how it works out after a fork when hardly any Classic users run their own nodes and they depend on a few entities controlling all their nodes on a cloud service. :popcorn:

Well, the cloud VPS have very good DDoS protection, home connections are not very well protected against such DDoS attacks. The DDoS attacks shoved unless you have much more nodes than few thousands, you need the nodes under very good DDoS protection, otherwise almost all Bitcoin nodes can be taken down anytime if serious attacker wants. So having 5000 home nodes is not solution to Bitcoin node decentralization, these home nodes are very likely to be down quickly when DDoS attack hits.

You either need much more home nodes, or rely on few thousand well protected cloud vps nodes. If Bitcoin scales many times in the number of users using Bitcoin, maybe more users will run home nodes, but until then you must protect the few thousand nodes very well.

[Lauda]

It is obvious your love to Bitcoin Classic

My personal view of Bitcoin Classic is irrelevant in this case. The chart does not lie.

Well, the cloud VPS have very good DDoS protection, home connections are not very well protected against such DDoS attacks. The DDoS attacks shoved unless you have much more nodes than few thousands, you need the nodes under very good DDoS protection, otherwise almost all Bitcoin nodes can be taken down anytime if serious attacker wants. So having 5000 home nodes is not solution to Bitcoin node decentralization, these home nodes are very likely to be down quickly when DDoS attack hits.

That's still not a good excuse. If those 'people' cared about decentralization at all, they would not be starting up hundreds of nodes at the same datacenters. They'd spread them out to multiple places. Those 800 nodes at Amazon are as important as a single node at Amazon. They can be shut down easily without the need for any kind of DDoS.

[arruah]

I like Bitcoin Classis.

[RealPhotoshoper]

I think bitcoin network is official under sybil attack atm. We have atm 1137 (13.84%) nodes from a single provider Choopa, LLC

https://bitnodes.21.co/nodes/?q=Choopa,%20LLC

and next we have 917 (11.16%) nodes from Amazon.com, Inc.
This is a very dangerous situation and i dont know how anyone cant react to this.

what is sybill attack?is that really bad attack?and what will effect for bitcoins network?
if this is dangerous situation,how can we kept our bitcoins safe?please tell me,i dont reall understand.

[chek2fire]

bitcoin is very safe and you dont have to afraid about that. Sybil attack the most problem that can do is to recover info for the transactions or to block transactions the node tha take part to this attack. Nothing more.

[exstasie]

bitcoin is very safe and you dont have to afraid about that. Sybil attack the most problem that can do is to recover info for the transactions or to block transactions the node tha take part to this attack. Nothing more.

That's assuming Sybil attackers have no hash power. If they do, they can use Sybils to facilitate double spend attacks. But yeah, the biggest problem with Sybils is the prospect of transaction censorship.

[Lauda]

what is sybill attack?is that really bad attack?and what will effect for bitcoins network?

Well, basically it is an attack in a system such as Bitcoin where a single entity tries to control as many nodes as possible.

The attacker can refuse to relay blocks and transactions from everyone, disconnecting you from the network.
The attacker can relay only blocks that he creates, putting you on a separate network. You're then open to double-spending attacks.
If you rely on transactions with 0 confirmations, the attacker can just filter out certain transactions to execute a double-spending attack.
Low-latency encryption/anonymization of Bitcoin's transmissions (With Tor, JAP, etc.) can be defeated relatively easy with a timing attack if you're connected to several of the attacker's nodes and the attacker is watching your transmissions at your ISP.

It is not that problematic and you can read more about it here and here.

if this is dangerous situation,how can we kept our bitcoins safe?please tell me,i dont reall understand.

As an average user, you don't really need to worry about this right now. Just enjoy using Bitcoin.

[chek2fire]

New info about Classic sybil attack





https://twitter.com/sysmannet/status/712320429239603200

https://twitter.com/sysmannet/status/712320018659155968

As i say and imo is a very danger situation when a big part of bitcoin node system controlled from only one provider like choopa. My question is how can we block this nodes to connect to our nodes? Anyone know what are their ip range?
As you remember we have done this before when chainalysis do a sybil attack before some months and we have block back then their nodes to connect to our nodes.

[Straux]

There should be a max of 1-10 nodes per single entity/IP. It will cause alot of trouble for these attackers, and give us a stronger sense of safety

[Lauda]

As i say and imo is a very danger situation when a big part of bitcoin node system controlled from only one provider like choopa. My question is how can we block this nodes to connect to our nodes? Anyone know what are their ip range?

I don't think that you should block whole IP ranges. You could work with a few individuals and summarize a list of these nodes and block them all if you really wanted to. It shouldn't take you that much time.

There should be a max of 1-10 nodes per single entity/IP. It will cause alot of trouble for these attackers, and give us a stronger sense of safety

I disagree with the 'per single entity' part. If I host 100 nodes all around the world (i.e. no way of shutting all down at once) am I not helping keep the decentralization? There's a huge difference between hosting all of them at 1 place by various entities and hosting them everywhere by a single entity.

[adamstgBit]

you are not under a sybil attack, until the nodes start misbehaving.
the nodes in question are working perfectly relying TX, working within expected parameters.
all this is an economic show of force by the bitcoin classic community. there is nothing hostile about it.

[hdbuck]

you are not under a sybil attack, until the nodes start misbehaving.
the nodes in question are working perfectly relying TX, working within expected parameters.
all this is an economic show of force by the bitcoin classic community. there is nothing hostile about it.

bwahahahah.

fork off adam.

[icecube45]

I think bitcoin network is official under sybil attack atm. We have atm 1137 (13.84%) nodes from a single provider Choopa, LLC

https://bitnodes.21.co/nodes/?q=Choopa,%20LLC

and next we have 917 (11.16%) nodes from Amazon.com, Inc.
This is a very dangerous situation and i dont know how anyone cant react to this.

nothing can be done to combat this, aws and other cloud providers offer massive grants and credits,

just about anyone could conduct this type of attack with the right amount of resources.

in the end you cant stop it merely hope the network componsates.

[Lauda]

you are not under a sybil attack, until the nodes start misbehaving.

It is a Sybil attack. Nobody is going to keep quiet and wait for them to "misbehave".

the nodes in question are working perfectly relying TX, working within expected parameters.

Perfectly draining the bandwidth of real ('legit') node owners. Might be time to summarize a list and block them

all this is an economic show of force by the bitcoin classic community. there is nothing hostile about it.

You shouldn't have gone to that other forum. It might be too late for you already.

nothing can be done to combat this, aws and other cloud providers offer massive grants and credits,

You can block them.

[Lauda]

https://bitnodes.21.co/nodes/ are attacking my altcoin network also
daily , I have been working a lot on this and they are making nodes/peers with "f yeah bitcoin classic" and all sorts of weird names

What are you talking about? This does not even make sense. Who is attacking your "network" and why? I'm not even sure how this is relevant to the OP.

[Labumi]

In my opinion, this is indeed a very dangerous situation, but I think this would not be possible until a fairly high level, because of the security system in the network of bitcoin is very safe and it may be just a network interruption or an excess of something. So the possibility of this situation will last for some time

[Lauda]

In my opinion, this is indeed a very dangerous situation, but I think this would not be possible until a fairly high level, because of the security system in the network of bitcoin is very safe and it may be just a network interruption or an excess of something. So the possibility of this situation will last for some time

This post makes does not make any sense. I highly suggest improving your language skills before posting in such threads.

[ACP]

In my opinion, this is indeed a very dangerous situation, but I think this would not be possible until a fairly high level, because of the security system in the network of bitcoin is very safe and it may be just a network interruption or an excess of something. So the possibility of this situation will last for some time

This post makes does not make any sense. I highly suggest improving your language skills before posting in such threads.

It's related to this topic. If you see this kind of attack hit the bitcoin network to the strength of hitting all it's seeders and major pools. You will just see the bitcoin wallet look like it's out of sync when in fact it's not.
The only way to stop it is to manually drop the ip's within iptables . This isn't about debating, discussion.   

[Lauda]

It's related to this topic.

I never said that it wasn't. I said that it was very bad to decipher due to the way that it was written (e.g. bad punctuation).

If you see this kind of attack hit the bitcoin network to the strength of hitting all it's seeders and major pools. You will just see the bitcoin wallet look like it's out of sync when in fact it's not.
The only way to stop it is to manually drop the ip's within iptables . This isn't about debating, discussion.   

Nobody ever said that Sybil attacks weren't a possibility. It has been listed on the Wiki page for a reason. The network has to remain as decentralized as possible and the number of nodes need not become very low in order to make attacks on the network harder.