Bitcoin Forum
April 20, 2014, 06:24:44 PM *
News: Due to the OpenSSL heartbleed bug, changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Poll
Question: What type of pool payouts do you prefer?
Bitcoins - 2924 (80.4%)
Bank transfer / USD - 389 (10.7%)
Gold/silver coins and bars - 323 (8.9%)
Total Voters: 3634

Pages: 1 ... 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 [208] 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 ... 819
  Print  
Author Topic: [850 TH] Slush's Pool (mining.bitcoin.cz); TX FEES + VarDiff  (Read 2076163 times)
mitchel
Newbie
*
Offline Offline

Activity: 22


View Profile

Ignore
October 23, 2011, 06:36:13 PM
 #4141

so...is there a problem with payouts?
1398018284
Hero Member
*
Offline Offline

Posts: 1398018284

View Profile Personal Message (Offline)

Ignore
1398018284
Reply with quote  #2

1398018284
Report to moderator
Unbeatable Service & Product Support
Grab Your Miners at GAWMiners.com
Order Before April 25th to receive
Double your Hashing Power for 1 week!

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1398018284
Hero Member
*
Offline Offline

Posts: 1398018284

View Profile Personal Message (Offline)

Ignore
1398018284
Reply with quote  #2

1398018284
Report to moderator
1398018284
Hero Member
*
Offline Offline

Posts: 1398018284

View Profile Personal Message (Offline)

Ignore
1398018284
Reply with quote  #2

1398018284
Report to moderator
1398018284
Hero Member
*
Offline Offline

Posts: 1398018284

View Profile Personal Message (Offline)

Ignore
1398018284
Reply with quote  #2

1398018284
Report to moderator
1398018284
Hero Member
*
Offline Offline

Posts: 1398018284

View Profile Personal Message (Offline)

Ignore
1398018284
Reply with quote  #2

1398018284
Report to moderator
Jack of Diamonds
Sr. Member
****
Offline Offline

Activity: 252



View Profile

Ignore
October 23, 2011, 06:45:37 PM
 #4142

A malicious attacker needs not to target the pool or hidden service;
since TOR is a relatively low bandwidth network it takes very few resources to grind all active onion routers to a halt.

All active router info is publicly available at directory server.
Every router merely knows the last and next hop, the origin of attack cannot be traced and it only shows up as large amounts of traffic & appears as a normal router

DoS against the entire TOR network is also cheaper than a well hosted single site with high bandwidth.
Even a 20gbps attack would render the network unusably slow. It is a brute force method but it will achieve the goal & make a pool unreachable.

It only needs to last as long as people switch to other pools, and if they come back, target the network again.

1f3gHNoBodYw1LLs3ndY0UanYB1tC0lnsBec4USeYoU9AREaCH34PBeGgAR67fx
Thralen
Full Member
***
Offline Offline

Activity: 122


View Profile

Ignore
October 23, 2011, 07:20:03 PM
 #4143

A malicious attacker needs not to target the pool or hidden service;
since TOR is a relatively low bandwidth network it takes very few resources to grind all active onion routers to a halt.

All active router info is publicly available at directory server.
Every router merely knows the last and next hop, the origin of attack cannot be traced and it only shows up as large amounts of traffic & appears as a normal router

DoS against the entire TOR network is also cheaper than a well hosted single site with high bandwidth.
Even a 20gbps attack would render the network unusably slow. It is a brute force method but it will achieve the goal & make a pool unreachable.

It only needs to last as long as people switch to other pools, and if they come back, target the network again.

So obviously, your "solution" which is, in essence, advocating for extortion, is the way to go? *shakes head*

Be careful, next step would be a bitcoin mafia and the next thing you know people will be waking up with the heads of servers in bed with them...

In history, if you look for it, traditionally when you give in to extortion they then try to extort more, and more... and then some more. Until there is nothing left. You can always count on human nature, so long as you know that human nature includes a massive helping of greed.

Thralen

Supporting bitcoin as best I can with 1. mining, 2. buying with bitcoin, 3. selling (or trying to) for bitcoin. If you make a donation to:  1MahzUUEYJrZ4VbPRm2h5itGZKEguGVZK1  I'll get it into circulation.
Jack of Diamonds
Sr. Member
****
Offline Offline

Activity: 252



View Profile

Ignore
October 23, 2011, 07:27:11 PM
 #4144

Mt. Gox's strategy with a few alterations would be perfect from a financial standpoint (maximum profit, lowest expenses, and highest uptime)

Pay ~30% of Prolexic's charged rates to the biggest attacker, with an agreement of keeping other attackers away.
If 'offender' breaks the deal by demanding a bigger cut or by not being hostile towards other attackers, you siphon the extra to Prolexic and give nothing to the 'offender'.

'Offender' is forced to choose between earning $0 per month or convincing you to accept back the earlier rate, maybe lower.

1f3gHNoBodYw1LLs3ndY0UanYB1tC0lnsBec4USeYoU9AREaCH34PBeGgAR67fx
mitchel
Newbie
*
Offline Offline

Activity: 22


View Profile

Ignore
October 23, 2011, 07:30:22 PM
 #4145

so....is slush aware of the payout issue?

Thralen
Full Member
***
Offline Offline

Activity: 122


View Profile

Ignore
October 23, 2011, 07:46:32 PM
 #4146

Mt. Gox's strategy with a few alterations would be perfect from a financial standpoint (maximum profit, lowest expenses, and highest uptime)

Pay ~30% of Prolexic's charged rates to the biggest attacker, with an agreement of keeping other attackers away.
If 'offender' breaks the deal by demanding a bigger cut or by not being hostile towards other attackers, you siphon the extra to Prolexic and give nothing to the 'offender'.

'Offender' is forced to choose between earning $0 per month or convincing you to accept back the earlier rate, maybe lower.

or offender says "hell with them, I'll teach them a lesson" and puts them down repeatedly, potentially driving them out of business. That was the reason they were paying in the first place, to stay online. Then the offender picks up the newer companies springing up to take over from the first and demands a bigger cut saying "Look what I did to them, you can avoid it if..."

It is extortion, plain and simple. Here, let me give you the definition:

extort:verb: to obtain from a person by force, intimidation, or undue or illegal power

and this is what you say is the perfect plan? Perchance, what do you consider the worst plan? Actually standing by your principals and trying to work out a different solution? Just sayin...

And on that note, I think it is time to change to my secondary pool until Slush is back and figures out what is up with payments.

Thralen

Supporting bitcoin as best I can with 1. mining, 2. buying with bitcoin, 3. selling (or trying to) for bitcoin. If you make a donation to:  1MahzUUEYJrZ4VbPRm2h5itGZKEguGVZK1  I'll get it into circulation.
notawake
Jr. Member
*
Offline Offline

Activity: 58


View Profile

Ignore
October 23, 2011, 07:52:21 PM
 #4147

A malicious attacker needs not to target the pool or hidden service;
since TOR is a relatively low bandwidth network it takes very few resources to grind all active onion routers to a halt.

All active router info is publicly available at directory server.
Every router merely knows the last and next hop, the origin of attack cannot be traced and it only shows up as large amounts of traffic & appears as a normal router

DoS against the entire TOR network is also cheaper than a well hosted single site with high bandwidth.
Even a 20gbps attack would render the network unusably slow. It is a brute force method but it will achieve the goal & make a pool unreachable.

It only needs to last as long as people switch to other pools, and if they come back, target the network again.

I think you are underestimating the Tor network.

As I mentioned in my previous post, Tor has some DDOS protections built-in, as described here. These will make many forms of DDOS over Tor impossible or very hard to do. Tor only allows TCP connections through the network.

Currently, according to this source, the Tor network is about 8.5 Gb/s. Obviously, this is less than 20 Gbps, but the Tor bandwidth is distributed across more than 2500 servers with multiple ISPs across the world. This arrangement would be cost prohibitive for slush to acquire on his own. Instead of messing with 1-2 ISPs, an attacker has to mess with 100s of them, including Amazon (yes, I saw some EC2 instances in the list) and universities, which tend to have some of the best connections. This will decrease the chance that the attack will work.

If the attacker is using a botnet, there is a higher chance that, for example, compromised machines with SBC Global IPs will be attacking Tor nodes that also have SBC Global IPs. This ISP now has an incentive to investigate and disconnect the compromised machines. Additionally, each ISP has it's own DDOS defense strategy. Some may fail, but some will work.

The public directory does not include Tor bridges, which further adds security to the Tor network.

Mt. Gox's strategy with a few alterations would be perfect from a financial standpoint (maximum profit, lowest expenses, and highest uptime)

Pay ~30% of Prolexic's charged rates to the biggest attacker, with an agreement of keeping other attackers away.
If 'offender' breaks the deal by demanding a bigger cut or by not being hostile towards other attackers, you siphon the extra to Prolexic and give nothing to the 'offender'.

'Offender' is forced to choose between earning $0 per month or convincing you to accept back the earlier rate, maybe lower.

I didn't know that Mt. Gox had that strategy, but you also have to consider motive. It appears that a major attacker would want to take down a mining pool so that the difficulty goes down and the attacker makes (or at least expects to make) more money. The attacker may even be aiming for 51% network power. So it may be more profitable for the attacker to continue attacking rather than take a relatively small amount of money from slush. But this is less likely to apply for Mt. Gox since attacks on exchanges would drive down the value of Bitcoin.

I also don't understand how one attacker can keep away other attackers given that attackers usually don't reveal themselves to each other. Also, the attacker isn't "forced to choose between earning $0 per month or convincing you to accept back the earlier rate, maybe lower" because they can choose to take the money they earned through extortion and invest it in attacking you. That's usually how extortion works. Once the gravy train starts flowing, it's hard to stop it.

Bitcoin: 1HZRowLTkmF6M8V11vj2dmVf2r9VK7dVfo | Namecoin: MxT6tjJZcYZeWUGNgsAMxJ7wpDgKMdub4y

Output Transactions for a Given Address to CSV Format
mitchel
Newbie
*
Offline Offline

Activity: 22


View Profile

Ignore
October 23, 2011, 08:00:40 PM
 #4148

A malicious attacker needs not to target the pool or hidden service;
since TOR is a relatively low bandwidth network it takes very few resources to grind all active onion routers to a halt.

All active router info is publicly available at directory server.
Every router merely knows the last and next hop, the origin of attack cannot be traced and it only shows up as large amounts of traffic & appears as a normal router

DoS against the entire TOR network is also cheaper than a well hosted single site with high bandwidth.
Even a 20gbps attack would render the network unusably slow. It is a brute force method but it will achieve the goal & make a pool unreachable.

It only needs to last as long as people switch to other pools, and if they come back, target the network again.

Are you an attacker Jack of Diamonds?
Thralen
Full Member
***
Offline Offline

Activity: 122


View Profile

Ignore
October 23, 2011, 08:11:04 PM
 #4149

A malicious attacker needs not to target the pool or hidden service;
since TOR is a relatively low bandwidth network it takes very few resources to grind all active onion routers to a halt.

All active router info is publicly available at directory server.
Every router merely knows the last and next hop, the origin of attack cannot be traced and it only shows up as large amounts of traffic & appears as a normal router

DoS against the entire TOR network is also cheaper than a well hosted single site with high bandwidth.
Even a 20gbps attack would render the network unusably slow. It is a brute force method but it will achieve the goal & make a pool unreachable.

It only needs to last as long as people switch to other pools, and if they come back, target the network again.

Are you an attacker Jack of Diamonds?


I'm thinking his botnet must not be being profitable for him. It is the only reason I an see for advocating for pools to contribute to further illegal behavior as well as probably cut profits for miners since the pool owner will have to recoup costs someplace. *shrug*

Thralen

Supporting bitcoin as best I can with 1. mining, 2. buying with bitcoin, 3. selling (or trying to) for bitcoin. If you make a donation to:  1MahzUUEYJrZ4VbPRm2h5itGZKEguGVZK1  I'll get it into circulation.
Portnoy
Hero Member
*****
Offline Offline

Activity: 952

My money; Our Bitcoin.


View Profile

Ignore
October 23, 2011, 08:15:28 PM
 #4150

A malicious attacker needs not to target the pool or hidden service;
since TOR is a relatively low bandwidth network it takes very few resources to grind all active onion routers to a halt.

All active router info is publicly available at directory server.
Every router merely knows the last and next hop, the origin of attack cannot be traced and it only shows up as large amounts of traffic & appears as a normal router

DoS against the entire TOR network is also cheaper than a well hosted single site with high bandwidth.
Even a 20gbps attack would render the network unusably slow. It is a brute force method but it will achieve the goal & make a pool unreachable.

It only needs to last as long as people switch to other pools, and if they come back, target the network again.

Are you an attacker Jack of Diamonds?

If you want I can make him an offer he can't refuse.

Some day, and that day may never come, I may call upon you to do a service for me. But, until that day, accept this, as a gift.

Wink


Where do I get free bitcoins?     ☯  ♞  ➹  ☂  ★  ☎  ♫
The maintained and updated list of verified free bitcoin sites.
Thralen
Full Member
***
Offline Offline

Activity: 122


View Profile

Ignore
October 23, 2011, 08:32:06 PM
 #4151

A malicious attacker needs not to target the pool or hidden service;
since TOR is a relatively low bandwidth network it takes very few resources to grind all active onion routers to a halt.

All active router info is publicly available at directory server.
Every router merely knows the last and next hop, the origin of attack cannot be traced and it only shows up as large amounts of traffic & appears as a normal router

DoS against the entire TOR network is also cheaper than a well hosted single site with high bandwidth.
Even a 20gbps attack would render the network unusably slow. It is a brute force method but it will achieve the goal & make a pool unreachable.

It only needs to last as long as people switch to other pools, and if they come back, target the network again.

Are you an attacker Jack of Diamonds?

If you want I can make him an offer he can't refuse.

Some day, and that day may never come, I may call upon you to do a service for me. But, until that day, accept this, as a gift.

Wink



Glad someone got the heads of servers reference...  Cheesy

Supporting bitcoin as best I can with 1. mining, 2. buying with bitcoin, 3. selling (or trying to) for bitcoin. If you make a donation to:  1MahzUUEYJrZ4VbPRm2h5itGZKEguGVZK1  I'll get it into circulation.
slush
Hero Member
*****
Offline Offline

Activity: 1078



View Profile WWW

Ignore
October 23, 2011, 08:33:35 PM
 #4152

Is there an issue with payout on BTC right now?

Yes, payouts were not working since yesterday database crash and I didn't noticed that. My apologize, it's fixed now.

Btw it's funny that those people who received their rewards twice (because reward updates in database failed thanks to db issues) aren't complaining here ;-).

Thralen
Full Member
***
Offline Offline

Activity: 122


View Profile

Ignore
October 23, 2011, 09:12:57 PM
 #4153

Is there an issue with payout on BTC right now?

Yes, payouts were not working since yesterday database crash and I didn't noticed that. My apologize, it's fixed now.

Btw it's funny that those people who received their rewards twice (because reward updates in database failed thanks to db issues) aren't complaining here ;-).

Thanks Slush, re: payouts fixed... re:people not mentioning double payout, see my quote from a few messages earlier:

"You can always count on human nature, so long as you know that human nature includes a massive helping of greed."

Thralen...

Supporting bitcoin as best I can with 1. mining, 2. buying with bitcoin, 3. selling (or trying to) for bitcoin. If you make a donation to:  1MahzUUEYJrZ4VbPRm2h5itGZKEguGVZK1  I'll get it into circulation.
Jack of Diamonds
Sr. Member
****
Offline Offline

Activity: 252



View Profile

Ignore
October 23, 2011, 10:37:28 PM
 #4154

because they can choose to take the money they earned through extortion and invest it in attacking you. That's usually how extortion works. Once the gravy train starts flowing, it's hard to stop it.
https://bitcointalk.org/index.php?topic=49038.msg584062#msg584062


They can't. Prolexic itself is impossible to bring down even with the largest available botnet. It has more bandwidth than Google.
Mt. Gox routes all traffic through them in the event of DDoS (such as the recent attack during which they experienced 11gbps attack; medium size)

Routing traffic to a gigantic DDoS mitigator with multi terabit/s capacity is a checkmate against the attacker.
There is nothing more you can do at that point, even if you had 1000gbps attack capacity.

Downside: It costs a lot of money (in the 4-5 figures) per month. If you persuade 'attacker' to voluntarily stop in exchange for a smaller sum than charged by Prolexic, both sides win.
By being forced to pay exorbitant prices to a prevention company both sides lose in the long run.

Of course, it's not an 'orthodox business practice'. But money is money, it has no pride or ego. It's numbers.

1f3gHNoBodYw1LLs3ndY0UanYB1tC0lnsBec4USeYoU9AREaCH34PBeGgAR67fx
Crypt_Current
Hero Member
*****
Offline Offline

Activity: 686


Shame on everything; regret nothing.


View Profile

Ignore
October 23, 2011, 11:27:52 PM
 #4155

If you persuade 'attacker' to voluntarily stop in exchange for a smaller sum than charged by Prolexic, both sides win.

The problem with that scenario is the attacker has all the power to choose when to start again... so what if the attacker was paid?  The attacker could be having a particularly bad day and need to take it out on someone...

10% off at CampBX for LIFE:  https://campbx.com/main.php?r=C9a5izBQ5vq  ----  Authorized BitVoucher MEGA reseller (& BTC donations appreciated):  https://bitvoucher.co/affl/1HkvK8o8WWDpCTSQGnek7DH9gT1LWeV5s3/
LTC:  LRL6vb6XBRrEEifB73DiEiYZ9vbRy99H41  NMC:  NGb2spdTGpWj8THCPyCainaXenwDhAW1ZT
naypalm
Hero Member
*****
Offline Offline

Activity: 714



View Profile WWW

Ignore
October 23, 2011, 11:31:14 PM
 #4156

Thanks for keeping it running! My home is nice and toasty now Cheesy

OgNasty
Donator
Hero Member
*
Offline Offline

Activity: 1064


Powered by NastyFans


View Profile WWW

Ignore
October 23, 2011, 11:33:37 PM
 #4157

Pardon my ignorance of NMC. Where do I get a NMC wallet?

You can use mine.  My6ZwP3kVVdaVZ8uNMfes82cq2qEzZNkrF   Grin

slush
Hero Member
*****
Offline Offline

Activity: 1078



View Profile WWW

Ignore
October 24, 2011, 12:19:00 AM
 #4158

On the connection issue; you are able to pick your exit nodes which should allow one to find nodes that have the best connection between them and the pool of choice.

Exit nodes are used only for accessing public Internet, they're not used for hidden services. It's good, because throughput of exit nodes is usually the main reason for low performance (you need to be real Tor supporter to run exit node; I hanged 10Mbit node after two years of fighting for it with my ISP).

Hidden services are building circuits (usually three hops) to few random long-running tor relays after startup. Then service publish it's descriptor with list of it's rendez-vous nodes. Client pick onion address and retrieve descriptor. Then choose one of rendez-vous node and create (usually three hops) circuit to them, which finally create pipe for routing TCP traffic.

Although rendez-vous nodes for given service are publicly known, Tor automatically re-route traffic when node is going down, so there's usually only few-second downtime, which make connection between user and hidden service pretty DDoS resilent.

When anonymity is not an issue, it's also possible to setup shorter routes than "(client) -> OR1 -> OR2 -> (rendez-vous) -> OR3 -> OR4 -> (hidden service)". Technically is necessary only "(client) -> (rendez-vous) -> (hidden service)", which makes connection much faster. Although I know how to setup one-hop connection manually using control port, it needs source changes to use only one hop circuits  together with automatic rendez-vous failover, so it will need some time to setup this on pool.

slush
Hero Member
*****
Offline Offline

Activity: 1078



View Profile WWW

Ignore
October 24, 2011, 12:32:40 AM
 #4159

So I guess for now we throw torify in front of the miner and if this takes off wait for (or help with) patching miners to try and proxy .onion domains?  Or maybe I should say, adding a new user, turning off LP and doing torify python phoenix.py ... Just Works.  And cgminer uses curl which supports SOCKS (and of course see the Tor FAQ about SOCKS and potential privacy issues) so it should Just Work too, but I haven't fiddled with that yet.

Yes, both torify or SOCKS5 proxy in miners should work. Actually it would be really amazing if somebody write short howto for running miners over Tor (maybe to bitcoin.it wiki?). Unfortunately torify works only in Linux, so Windows users need miner with SOCKS5 support.

slush
Hero Member
*****
Offline Offline

Activity: 1078



View Profile WWW

Ignore
October 24, 2011, 12:36:02 AM
 #4160

What do you think about paying protection money to a hypothetical multi-gbps attacker
at a rate of say -50 - -80% of what a datacenter will take for professional anti-DDoS/mitigation services?

Nonsense. Accepting attacker's game isn't a solution.

Another issue is that attacker is anonymous and with unknown intention, so there's nobody to bribe :-). But I'm strictly refusing an idea to pay for such "protection".

Pages: 1 ... 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 [208] 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 ... 819
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!