WTF - Kiddy Porn in the Blockchain for life?

[acoindr]

Yes, it is possible to store arbitrary data in the block chain. The block chain can store text, which in turn can be used to represent various forms of data.

You have to understand that data is just data. It only means something when put together a certain way, sometimes for intentional meaning, sometimes hidden meaning. Also understand that because binary (1's and 0's) can be represented many ways (like tapping your feet timely, or etching tick marks somewhere) it's possible to store information on basically anything in almost any medium.

There is in fact ascii art hidden in the block chain of Ben Bernanke and Len Sassaman:

http://pastebin.com/raw.php?i=BUB3dygQ

You can also put more nefarious text there too, but there are many ways to be nefarious.

If you don't want people to be able to store possibly nefarious data with you then you have to do much more than stop running a full Bitcoin node (note you can use Bitcoin without storing the block chain, e.g. blockchain.info).

Most Internet users accept browser cookies, which are files that allow sites to store text info on your computer. You can put links to child pornography, ascii art, encoded picture files etc. in cookie files just as you can in the block chain. The usual size limit on cookie files is 4KB. The image below is 2KB:



So if you want to be sure you're not inadvertently storing information in a form you're not aware of you better stop using any cookies (or check every one in countless formulaic ways). But the fun doesn't stop there. Most browsers also store a history of sites you've visited. Guess what? The Internet runs on text as in Hyper TEXT Markup Language. Any web address you visit can append an arbitrary amount of text data to the URL after the ? as in goodsite.com?arbitraryhiddenchildpornencodedtext so you have to also stop letting your browser store any information on sites you visit.

Your browser also downloads Javascript, Java, and Flash files to name a few things often downloaded while viewing ordinary Web pages. Any of these can be used to store arbitrary data on your computer.

Just as there is cocaine on physical cash many people are unaware of, so to are there ways to "dirty" things people usually consider clean without them even being aware of it. That didn't start and won't end with Bitcoin.

[1714165531]

1714165531

[1714165531]

1714165531

[1714165531]

1714165531

[1714165531]

1714165531

[Peter Todd]

Gregory Maxwell posted a very good long-term solution to the problem of arbitrary data in the blockchain a few weeks ago on the bitcoin-development email list: To prevent arbitrary data storage in txouts — The Ultimate Solution

It's not something that can be implemented overnight, but it is there if needed in the future.

EDIT: Also in the short term dust outputs less than 54uBTC in value will probably soon be banned making dumping data in the block chain a lot more expensive: https://github.com/bitcoin/bitcoin/pull/2577

[scintill]

I've dumped the stuff I could find.  It's about as benign as it can be, just a dump ostensibly from some Hidden Wiki pages ("Jailbait", "Hard Candy") with links to pedo communities and stuff.  There are several other files, including the original bitcoin whitepaper and some DRM encryption keys; I may catalog them if I can.  (A connected address is 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa, you can pretty easily spot the large embedding transactions on blockchain.info.)  Here's a partial dump, BE CAREFUL if you feel downloading plain-text URLs to pedo/CP sites could endanger you: http://pastebin.com/09WdxDiJ

For the skeptical ones unwilling or unable to verify, you can look at the transactions below.  I can't think of many real reasons to send dozens of satoshis, one at a time, to random multisig addresses, so it's not that far of a stretch to imagine this is a way to embed data, even if you can't personally verify.  BE AWARE that viewing the transaction is, in a way, viewing this stuff, just in an encoded form.  It will just look like bitcoin addresses, though.  dde7cd8e8f073a525c16c5ee4e4a254f847b7ad6babef257231813166fbef551, 4a0088a249e9099d205fb4760c28275d4b8965ac9fd56f5ddf6771cdb0d94f38.

This is unfortunate, but I am surprised it hadn't already happened, and for all we know there already has been some encoded/encrypted actual contraband in the blockchain.

[Elwar]

See this thread about illegal content on the blockchain:
https://bitcointalk.org/index.php?topic=11381.0

Also, I have added the following porn to the blockchain:

80085

[Stardust]

For those that want to verify and have a Linux/BSD OS:

In .bitcoin/blocks do strings -20 blk00053.dat | less
It's a few pages down.

There is also a file encoded in hex in blk00052.dat (unrelated to the CP links in blk00053.dat) and there is lots of spam in many blk*.dat.

Personally I think this needs to be fixed, I don't feel comfortable having CP links, Bernanke/Sassaman, or Luke-Jr's prayers on my computer.

[Littleshop]

For those that want to verify and have a Linux/BSD OS:

In .bitcoin/blocks do strings -20 blk00053.dat | less
It's a few pages down.

There is also a file encoded in hex in blk00052.dat (unrelated to the CP links in blk00053.dat) and there is lots of spam in many blk*.dat.

Personally I think this needs to be fixed, I don't feel comfortable having CP links, Bernanke/Sassaman, or Luke-Jr's prayers on my computer.

Which pool is responsible for blk00053.dat?

[Peter Todd]

Which pool is responsible for blk00053.dat?

bitparking is mined dde7cd8e8f073a525c16c5ee4e4a254f847b7ad6babef257231813166fbef551 and BTC Pool 4a0088a249e9099d205fb4760c28275d4b8965ac9fd56f5ddf6771cdb0d94f38

The former is pays just under the 5mBTC/KB that the reference client requires as a minimum fee, so bitparking is probably using either non-standard fee rules, or the new 1mBTC/KB minimum that will be part of the upcoming 0.8.2 That said, I also noticed BTC Guild mined most of the recent PGP strong set timestamping, and many of those transactions were also just under the 5mBTC/KB minimum - makes me wonder if the latter re-used the code from the former.

[eleuthria]

Which pool is responsible for blk00053.dat?

bitparking is mined dde7cd8e8f073a525c16c5ee4e4a254f847b7ad6babef257231813166fbef551 and BTC Pool 4a0088a249e9099d205fb4760c28275d4b8965ac9fd56f5ddf6771cdb0d94f38

The former is pays just under the 5mBTC/KB that the reference client requires as a minimum fee, so bitparking is probably using either non-standard fee rules, or the new 1mBTC/KB minimum that will be part of the upcoming 0.8.2 That said, I also noticed BTC Guild mined most of the recent PGP strong set timestamping, and many of those transactions were also just under the 5mBTC/KB minimum - makes me wonder if the latter re-used the code from the former.

Fees are not required for high enough priority transactions.  BTC Guild uses default bitcoind (0.8 with 0.8.1 patches) transaction selection, other than providing more than 17 kb per block to high-priority/low fee{or no fee} transactions since we also mine larger than the 250 KB default max size.  (blockmaxsize=475000, blockminsize=250000, blockprioritysize=50000 are the arguments used with BTC Guild's bitcoind instances for most servers)

[Peter Todd]

Fees are not required for high enough priority transactions.  BTC Guild uses default bitcoind (0.8 with 0.8.1 patches) transaction handling, other than providing more than 17 kb per block to high-priority/low fee{or no fee} transactions since we also mine larger than the 250 KB default max size.

Those transactions aren't high priority because they have dust outputs, their inputs are very recent coins, and they are over the 10KB limit for priority transactions.

[Matthew N. Wright]

You can also paste CP on IRC. Does that mean that everyone in the chatroom is breaking the law and the servers need to be shut down now?

(Deja vu, hasn't this topic been covered feverishly already in 2010 and 2011?)

[bbit]

ewwww

[scintill]

(Deja vu, hasn't this topic been covered feverishly already in 2010 and 2011?)

Yep, but at least it's actually happened now.  Not that it changes the theoretical answers that were already discussed back then.

Personally I think this needs to be fixed, I don't feel comfortable having CP links, Bernanke/Sassaman, or Luke-Jr's prayers on my computer.

Better stop using Bitcoin then, because the ASCII tributes and prayers are tens of thousands of blocks back and if you want to have a secure blockchain you'll have to keep them to be able to properly verify it.  It's possible after you've synced up the blockchain and the offending material is far enough back, you could scrub it in a hex editor and still run fine.  If any transactions you care about are tainted by the ones you censored, there might be problems, not sure.  And you might temporarily screw up anyone trying to download those blocks from you because the hash won't match.

And if you're hoping to censor stuff like this in the future, think again: these transactions are just sending coins to addresses whose hash/publickey happens to contain offensive ASCII data.  There's no way to stop that without a probability of breaking legitimate transactions that just happen to have "bad" data.  "Sorry sir, the system is telling us the ASCII value for your address contains the word "TITS", so we can't give you your withdrawal."

[QuestionAuthority]

I don’t understand why anyone today would ever run a full node like Bitcoind or Bitcoin-Qt. Do you just like waiting hours for the catch up every time you fire up your computer to send coins? The block chain porn pollution issue is nonexistent for users running an SPV node like MultiBit or no node at all, like blockchain.info or Electrum.

[tvbcof]

I don’t understand why anyone today would ever run a full node like Bitcoind or Bitcoin-Qt. Do you just like waiting hours for the catch up every time you fire up your computer to send coins? The block chain porn pollution issue is nonexistent for users running an SPV node like MultiBit or no node at all, like blockchain.info or Electrum.

Either the problem of objectionably data in the block chain is non-existent for you if you were a peer, or it's a problem that when attacked will impact everyone relying on the infrastructure which are peers.  It may be a valid assumption that people with the wherewithal to be peers are more prepared to protect themselves against harassment than 'amateurs' though.  At least for now.

Accd to Hearn you don't need an up-to-date blockchain to send BTC.  It makes some sense that that would be the case, but I've not tried it first hand.  Accd to Garzik users can help the network by being peers.

[QuestionAuthority]

I don’t understand why anyone today would ever run a full node like Bitcoind or Bitcoin-Qt. Do you just like waiting hours for the catch up every time you fire up your computer to send coins? The block chain porn pollution issue is nonexistent for users running an SPV node like MultiBit or no node at all, like blockchain.info or Electrum.

Either the problem of objectionably data in the block chain is non-existent for you if you were a peer, or it's a problem that when attacked will impact everyone relying on the infrastructure which are peers.  It may be a valid assumption that people with the wherewithal to be peers are more prepared to protect themselves against harassment than 'amateurs' though.  At least for now.

Accd to Hearn you don't need an up-to-date blockchain to send BTC.  It makes some sense that that would be the case, but I've not tried it first hand.  Accd to Garzik users can help the network by being peers.

The average users (especially new users) do not need to run a full node. I think there are enough full nodes worldwide to protect against a 50% attack. If you have any fear over what's in the blockchain then don’t run a full node. This will all be solved eventually with tx pruning. What happened with ultraprune? I thought Pieter Wuille was going to implement that a while back anyway.

[Peter Todd]

The average users (especially new users) do not need to run a full node. I think there are enough full nodes worldwide to protect against a 50% attack. If you have any fear over what's in the blockchain then don’t run a full node. This will all be solved eventually with tx pruning. What happened with ultraprune? I thought Pieter Wuille was going to implement that a while back anyway.

51% attacks are about mining, not full nodes. Ultraprune will be implemented, but more work needs to be done on working out how blockchain data will be distributed. Give it a few more months at least.

Running a full node is safer and more anonymous than SPV nodes, let alone web wallets and similar. For example when you run a SPV node you have to tell your peers what addresses you are interested in. Those addresses are obscured with bloom filters, kinda like telling your peer "tell me about addresses starting with 1bk, 1y4, 1z2 etc." but it will always be less anonymous than running a full node directly and will become even less anonymous as transaction volume increases and the specificity of your bloom filter increases.

[QuestionAuthority]

The average users (especially new users) do not need to run a full node. I think there are enough full nodes worldwide to protect against a 50% attack. If you have any fear over what's in the blockchain then don’t run a full node. This will all be solved eventually with tx pruning. What happened with ultraprune? I thought Pieter Wuille was going to implement that a while back anyway.

51% attacks are about mining, not full nodes. Ultraprune will be implemented, but more work needs to be done on working out how blockchain data will be distributed. Give it a few more months at least.

Running a full node is safer and more anonymous than SPV nodes, let alone web wallets and similar. For example when you run a SPV node you have to tell your peers what addresses you are interested in. Those addresses are obscured with bloom filters, kinda like telling your peer "tell me about addresses starting with 1bk, 1y4, 1z2 etc." but it will always be less anonymous than running a full node directly and will become even less anonymous as transaction volume increases and the specificity of your bloom filter increases.

But if you’re worried about porn would it not be better to have a web wallet? New users that see things like this might be dissuaded from using Bitcoin because they think they are required to take all the baggage that comes with it if they decide to use Bitcoin and that’s not true.

[tvbcof]

...
But if you’re worried about porn would it not be better to have a web wallet? ...

Seems just the opposite to me.  If that were a problem (which I doubt) then the wallet service is likely to be frozen along with your ability to use it for as long as the investigation takes.

Of course a well designed wallet service like blockchain.info will have work-arounds for that problem.  OTOH, some of the workarounds may be responsible for the rash of thefts that have plagued them lately.

[QuestionAuthority]

...
But if you’re worried about porn would it not be better to have a web wallet? ...

Seems just the opposite to me.  If that were a problem (which I doubt) then the wallet service is likely to be frozen along with your ability to use it for as long as the investigation takes.

Of course a well designed wallet service like blockchain.info will have work-arounds for that problem.  OTOH, some of the workarounds may be responsible for the rash of thefts that have plagued them lately.

I guess it’s better than having the porn at your house. I didn’t know about the blockchain.info thefts. I don’t use that service. Everything I read lately seems designed to keep new people from ever wanting to try Bitcoin.

[tvbcof]

... Everything I read lately seems designed to keep new people from ever wanting to try Bitcoin.

That is a prescient and sad observation actually.  I had not really thought of it, but you are probably right.

I've been interested in the solution for years and a lot of my friends know of my interest.  Historically I've been a little bi-polar on whether people should get involved at all.  Lately a lot of my friends have been asking me about getting started, and now I feel it Bitcoin more likely to 'succeed' so I am usually inclined to be encouraging these days.  At least to the 'right' people.

I am, as you might have detected, strongly in favor of the 'full peer' approach, but pretty frustrated about how impractical that is in a lot of cases.  When I introduce people I usually use an on-line wallet, but with all kinds of warnings about how the dangers.  For people who are doing non-trivial amounts, I do go ahead and encourage a full node and Armory so they can do flexible paper wallets and generally get a handle on the system.  It only really would be a good idea for people who are pretty technical though as my most interested friends tend to be.

I consider it something of a duty to advise people to be prepared for a total loss.  I've always felt, however, that if Bitcoin 'goes', it will probably go so big that a pretty modest footprint now will pay off well.  Thus there is no good reason to sink a lot of money into it.