Obvious threat to Bitcoin?

[tashlan]

This is my first post, so I'll say this here:  I find Bitcoin intriguing and believe there is a need in the world for something of this nature.  If Bitcoin fails, something else will appear to fulfill the world's need.  My suggestion is an attempt to improve Bitcoin and I appreciate all thoughtful responses, especially those that correct any misunderstandings I have.  I would like to thank everyone (Creator, Developers, and Community) for their efforts to date.

That said, I have a concern with the current implementation.  Unless I've misunderstood, one of the intents of the development community (in general) and/or creator of Bitcoin is to create a currency immune to the whims of Government and other large established organizations.

If that is the case, one very obvious flaw in the current design is the hard-coded incoming port (8333).

If a Government decided to act against Bitcoin, it would likely ask major ISP's to the block the incoming port, effectively ending active participation on the network for most users in that country.  Those ISP's may also deny (possibly compelled to deny) the port is being blocked.  Even if the situation is resolved with a new patch (assuming the website(s) haven't been seized at the same time), the incident would cause confusion and mistrust in the Bitcoin community.

I've seen the hard-coded port question raised on the forum before, but my impression was the developers considered the port issue an minor inconvenience rather than a threat vector against the protocol.  I may be incorrect in that assumption, but AFAIK, it is still too difficult (requiring recompilation) for average users to change the port number.  It is also unclear to me how other clients will respond to a client attempting to use a non-standard port.  I believe other P2P protocols have faced the same issue and largely solved it, so there should be some history and a path towards a solution.

Furthermore, the hard-coded port effects some users already.  Some equipment provided by ISP's (Residential Gateway's) do not allow for opening of an incoming port entirely and only allow selectively opening (port forwarding vs opening the port) thus limiting that household's ability to participate.  I understand there are ways around this, but ignoring this problem limits the potential user-base to only more technical users.

I look forward to everyone's thoughtful responses.

[1714019634]

1714019634

[1714019634]

1714019634

[1714019634]

1714019634

[Luke-Jr]

Pretty sure BitCoin already supports using basically any protocol. Might work better if it automatically tried others by default I suppose.

[theymos]

Even if the port was changed, Bitcoin messages are easily identifiable, as they are not encrypted and always start with the same four bytes. Instead of adding complex steganography/encryption to Bitcoin, Bitcoin is capable of running over Tor, which has done all of that work already.

It is also unclear to me how other clients will respond to a client attempting to use a non-standard port.

Bitcoin prefers not to make outbound connections to non-standard ports, so you wouldn't get any incoming connections. You could still connect, though.

Some equipment provided by ISP's (Residential Gateway's) do not allow for opening of an incoming port entirely and only allow selectively opening (port forwarding vs opening the port) thus limiting that household's ability to participate.

You don't need any open ports to connect.

[tashlan]

You don't need any open ports to connect.

It would appear I am doing something incorrectly then.

Code:

./minerd --threads 2 --url http://mining.bitcoin.cz:8332 --userpass username.machine:password
2 miner threads started, using SHA256 'c' algorithm.
json_rpc_call failed, retry after 30 seconds
HTTP request failed: The requested URL returned error: 400
json_rpc_call failed, retry after 30 seconds
HTTP request failed: The requested URL returned error: 400
json_rpc_call failed, retry after 30 seconds
HTTP request failed: The requested URL returned error: 400
json_rpc_call failed, retry after 30 seconds
HTTP request failed: The requested URL returned error: 400
json_rpc_call failed, retry after 30 seconds
HTTP request failed: The requested URL returned error: 400
json_rpc_call failed, retry after 30 seconds

EDIT:  I should make it clear, the first machine I tried didn't work either, until I forwarded port 8333 to it.  It like to contribute a few more machines, but I cannot 'open' the port on this router and they don't connect otherwise.

[theymos]

It would appear I am doing something incorrectly then.

That's an issue with a third-party miner/pool, not Bitcoin. Not everyone needs to be a miner, so this problem is not a "threat to Bitcoin".

Pooled mining doesn't use port 8333, and you can do it without even running Bitcoin, so this is probably something else. Try using a different miner. Maybe your firewall or router is blocking outbound port 8332.

[tashlan]

Okay, I stand corrected.  I just tried again with the official Bitcoin client.  It took a while, but it did finally connect and begin downloading blocks.  I will turn my attention to the miner instead.  Sorry for the distraction.

Also, thank you for answering some questions I had (but hadn't asked) about the nature of the protocol.  I can understand why the developers would want to leverage existing solutions (like TOR) to simplify the development process and focus on other areas first.  Again though, this may effectively limit the user-base to roughly that of whatever solution is being leveraged.  I hope the plan is to eventually build encryption into the client, thus widening its appeal to include users who know what Paypal is (for example), but have no idea what TOR is or how to use it.

Thank you for your time, theymos.

[Binford 6100]

Okay, I stand corrected.  I just tried again with the official Bitcoin client.  It took a while, but it did finally connect and begin downloading blocks.  I will turn my attention to the miner instead.  Sorry for the distraction.

Also, thank you for answering some questions I had (but hadn't asked) about the nature of the protocol.  I can understand why the developers would want to leverage existing solutions (like TOR) to simplify the development process and focus on other areas first.  Again though, this may effectively limit the user-base to roughly that of whatever solution is being leveraged.  I hope the plan is to eventually build encryption into the client, thus widening its appeal to include users who know what Paypal is (for example), but have no idea what TOR is or how to use it.

Thank you for your time, theymos.

i guess this thread is closed and only answer your question about Tor.

It is a network of computers that use a thing called onion routing (wikipedia -> onion routing if you'd like to know more)
In the Tor network there are 'exit nodes', 'routers' and 'clients'
Idea of onion routing is that the client is connected to a number or routers and sends his requests to the routers.
The routers then pass the requests to exit nodes.

Each connection is encrypted using a different pair of keys ensuring that the router does not know the content of the request and the result of the request. The exit node does not know who requested the data.

This makes the logs of the websites (and other services) pretty much useless because they contain only data about the exit nodes and no information on the clients, who used the service. The network has more than 300.000 clients (somewhere on the torproject.org site is the statistics section). this makes the use pretty anonymous.

If tou and your application use Tor, your location remains anonymized by the tor network. by it's design your true ip remains hidden.

[FreeMoney]

The Navy holds a patent on the idea of repeated encryption and decryption? Insane.

[Binford 6100]

The Navy holds a patent on the idea of repeated encryption and decryption? Insane.

The article also notes that Tor is unencumbered by the original onion routing patents ...

edit: quote from 1997 paper about the TOR design ... Determining who is talking to whom (called traffic analysis) is an important source of intelligence information. As military grade communication devices increasingly depend on the public communications infrastructure, it is important to use that infrastructure in ways that are resistant to traffic analysis. It may also be useful to communicate anonymously, for example when gathering intelligence from public databases. We describe bidirectional and real-time Anonymous Connections that are strongly resistant to eavesdropping and traffic analysis attacks by both insiders and outsiders. If necessary, communication is made anonymous by removing identifying information from the data stream. These anonymous connections have been prototyped in a system that protects the privacy of communication over the Internet and, in particular, the World Wide Web. Anonymous connections can protect both identity and location in many switched communication systems, such as wired, cellular, or satellite phone networks.

and yes, us navy and other institutions have been funding early development

[m0Ray]

Wanna think about I2P tunnel integration into bitcoin client.