PeerGuardian for bitcoin.

[Anonymous]

Could the open source PeerGuardian be forked to support bitcoin so that it blocks known  ip addresses that are behaving badly?This will help stop bad agents (you know who) from tracking and collecting data about bitcoin users.This works well for blocking rogue ip addresses of anti piracy organisations.Because it is distributed if an ip behaves badly on one single node it can automatically be added to the blacklist for all nodes.This doesn't have to be part of the core bitcoin program it could just be an optional download.

Perhaps an ip block list that concentrates on organisations that are anti alternative currencies would be the ideal solution.I dont think I need to specify who those organisations are.....(ahem...Ed and Elaine Brown  )

 

[The Madhatter]

Censoring IPs is a moot point when investigators/anti-currency groups/government could easily use TOR to bypass it. (Or botnets, or open proxies, vpn services, and on and on...)

We just need to make the Bitcoin client robust enough to detect the "evil doers" (thanks dubbya), and refuse to communicate on a case-by-case basis.

[Anonymous]

Censoring IPs is a moot point when investigators/anti-currency groups/government could easily use TOR to bypass it. (Or botnets, or open proxies, vpn services, and on and on...)

We just need to make the Bitcoin client robust enough to detect the "evil doers" (thanks dubbya), and refuse to communicate on a case-by-case basis.

Would the bitcoin client be able to do this over the entire network so that if one node was attacked it would harden all the nodes?

[The Madhatter]

I had posted on the forum 5 or 6 months ago about how to make the client harder to detect. (I can't remember the title of the post atm.) So allow me to reiterate:

The post involved making the Bitcoin client select a random port to bind to and not offering a handshake upon connecting to it. Make the connecting party send the handshake. This would improve privacy a LOT.

An attacker would connect to some random port on your computer and get dead air. A valid Bitcoin client connecting to your computer would *send* a handshake to invoke a response from your computer. (Why should it volunteer to identify itself? lol?)

I also think that the Bitcoin clients should emulate what TOR has recently done (as of 3-4 versions ago). TOR's bridge system spoofs the SSL to look like Firefox connecting to Apache. Bitcoin should do the same.

If the Bitcoin clients just looked like thousands and thousands of Firefox browsers connecting to Apaches on random port numbers it would make a passive attack (DPI) a waste of time.

The only vector for attack at this point would be someone running a valid node and looking at the IP seed files. If you are in a country where running Bitcoin is illegal you should be running Bitcoin over TOR (or some other onion/garlic network) or not running it at all.

[The Madhatter]

No. That would be foolish. Why should your Bitcoin node trust mine? I could start spreading IPs across the network that I claim are bad and the entire network blocks them.

It would have to be per-node on a case-by-case basis.

Would the bitcoin client be able to do this over the entire network so that if one node was attacked it would harden all the nodes?

[The Madhatter]

(Oh, the other vector of attack would be the IRC channel. But hey, I switch that off on my clients for various reasons.. one of which is my uncanny ability to get everyone klined. )

[Anonymous]

No. That would be foolish. Why should your Bitcoin node trust mine? I could start spreading IPs across the network that I claim are bad and the entire network blocks them.

It would have to be per-node on a case-by-case basis.

Would the bitcoin client be able to do this over the entire network so that if one node was attacked it would harden all the nodes?

ok.Maybe I am confusing this with the idea of a distributed reputation system. 

Why doesnt the same thing happen in peerguardian though?You could spread ip addresses claiming to be from the mpaa ?

[The Madhatter]

Oh it can and does happen.

Why doesnt the same thing happen in peerguardian though?You could spread ip addresses claiming to be from the mpaa ?

[theymos]

The BlueTack blocklists used by every IP-blocking program are horribly managed. Several times I've found that I was blocked on my consumer-level, dynamic AT&T service. I once read that 60% of the entire IP address space is blocked by BlueTack's list, though I have not confirmed this.

You wouldn't need to fork the code of PeerGuardian (or PeerBlock, which is maintained): just create your list and import it into the blocking program. I don't think it's a good idea, though -- IP addresses are poor identifiers.