Bitcoin Forum
December 16, 2017, 08:08:09 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 4 »  All
  Print  
Author Topic: What if dev-team is compromised?  (Read 5278 times)
Rassah
Legendary
*
Offline Offline

Activity: 1680


Director of Bitcoin100


View Profile
September 04, 2013, 06:51:17 PM
 #21

How do you know it isn't already?

Because your handlers wouldn't allow you to say that, and if you reply, it's proof you are still alive and not in solitary confinement.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513411689
Hero Member
*
Offline Offline

Posts: 1513411689

View Profile Personal Message (Offline)

Ignore
1513411689
Reply with quote  #2

1513411689
Report to moderator
1513411689
Hero Member
*
Offline Offline

Posts: 1513411689

View Profile Personal Message (Offline)

Ignore
1513411689
Reply with quote  #2

1513411689
Report to moderator
1513411689
Hero Member
*
Offline Offline

Posts: 1513411689

View Profile Personal Message (Offline)

Ignore
1513411689
Reply with quote  #2

1513411689
Report to moderator
theymos
Administrator
Legendary
*
Offline Offline

Activity: 2870


View Profile
September 04, 2013, 07:54:48 PM
 #22

Because your handlers wouldn't allow you to say that, and if you reply, it's proof you are still alive and not in solitary confinement.

That's exactly what they want you to think.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Rassah
Legendary
*
Offline Offline

Activity: 1680


Director of Bitcoin100


View Profile
September 04, 2013, 09:52:30 PM
 #23

Because your handlers wouldn't allow you to say that, and if you reply, it's proof you are still alive and not in solitary confinement.

That's exactly what they want you to think.

Crap. Guess I better cash out that 750 before it becomes worthless!  Grin

Kouye
Sr. Member
****
Offline Offline

Activity: 336


Cuddling, censored, unicorn-shaped troll.


View Profile
September 04, 2013, 09:59:38 PM
 #24

Wow.
Answer is much simplier than that.

If devs try to cheat, they will be busted within 30 seconds at most, and will be jailed/banned/replaced.

/thread.

[OVER] RIDDLES 2nd edition --- this was claimed. Look out for 3rd edition!
I won't ever ask for a loan nor offer any escrow service. If I do, please consider my account as hacked.
gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 2366



View Profile
September 04, 2013, 10:08:05 PM
 #25

If devs try to cheat, they will be busted within 30 seconds at most, and will be jailed/banned/replaced.
oh... if were true ...

But it's not.  The assumption that it is already true is probably a major reason that it isn't: a catch 22.

Bitcoin will not be compromised
jbreher
Legendary
*
Online Online

Activity: 1862


lose: unfind ... loose: untight


View Profile
September 04, 2013, 10:38:15 PM
 #26

Does bitcoin have some type of alert/alarm when a fork exists so I can avoid taking payments or sending during this time?

Yes. If there's an invalid chain longer than your current chain, Bitcoin will automatically give you a warning and go into safe mode. 0.8.5 (probably) will go into safe mode if a competing chain is even approaching a dangerous length.

OK - where do I learn what this 'safe mode' is?

Anyone with a campaign ad in their signature -- for an organization with which they are not otherwise affiliated -- is automatically deducted credibility points.

I've been convicted of heresy. Convicted by a mere known extortionist. Read my Trust for details.
gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
September 04, 2013, 11:38:32 PM
 #27

Does bitcoin have some type of alert/alarm when a fork exists so I can avoid taking payments or sending during this time?

Yes. If there's an invalid chain longer than your current chain, Bitcoin will automatically give you a warning and go into safe mode. 0.8.5 (probably) will go into safe mode if a competing chain is even approaching a dangerous length.

OK - where do I learn what this 'safe mode' is?

https://en.bitcoin.it/wiki/Alerts

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
elor70
Member
**
Offline Offline

Activity: 84


View Profile
September 04, 2013, 11:58:37 PM
 #28

i dont think they have that much power over us...

im3w1l
Sr. Member
****
Offline Offline

Activity: 280


View Profile
September 05, 2013, 01:29:42 AM
 #29

Story time:

The year is 2016. Bitcoin has been a massive success, and is adopted far and wide. The success naturally lead to an influx of new users with different values from the old timers. Eternal September set in slowly, but surely. New voices were heard, questions were being asked. "Pedophilia is horrible and must be banned", "We can't go fund some terrorists", "Is is it really fair that 10% of users own 90% of bitcoin?". At first they were few enough that the community could point and laugh. They were written off as trolls. But the tides of history swept in mercilessly. They grew in strength. One day it was announced on the forums: "50% of bitcoins are to be redistributed to disadvantaged groups". A long explanation of privilege and of how some people had not had a fair chance at securing coins followed. People were upset. Can they really do that? The early adopters were most upset of all, both because of the theft, but also because they very truer believers. Forum post after forum post were written to talk some sense into the dev team. Banwave after banwave rolled in. Of course it didn't make them disappear. But it hid them. Safely away from the large hordes of users that didn't really care and just wanted to buy stuff online. The crowds network effects are made of. A fork was created where the redistribution had never taken place. The ideologues used it, but it never really caught on. Most users were to lazy to type in a new chain configuration. And besides, wasn't it right that everyone got a fair chance in the new age?

The End
thechevalier
Jr. Member
*
Offline Offline

Activity: 40



View Profile
September 05, 2013, 03:35:11 AM
 #30

Yes, that is a real threat.

Some would argue the dev-team is already compromised--what with their rush to cozy up to regulators (not what I think).

That's why projects like btcd are so important. It's concerning there are not more independent implementations of the Bitcoin protocol.


TraderTimm
Legendary
*
Offline Offline

Activity: 2030



View Profile
September 05, 2013, 05:18:58 AM
 #31

And then began the dark times...

"The Blockchain Wars"

Paul always knew he wanted to be a miner. Now with Bitcoin entering its final years of rewarding those with the dedication and grit to keep their machines running, all racing along the the difficulty curve that rose from the foggy depths of single digits towards the trillions. Just one found block, and he wouldn't have to work for the rest of his life. Not that he minded, there were plenty of places where his skills could be utilized, but it wasn't for him.

Paul dreaded the monotony and slow death that large corporations offered, especially after the special economic zones started running. Wedded to a firm for life, working up the ranks and sucking down the horrible beverages, most designed to "accentuate" your mental skills. Pure chemical blather, he thought.

But nothing like mining. Nothing like tweaking your machine until it was churning just fast enough to produce hashes, but cool enough not to self-combust. Paul was a pro. He had all the latest tech, everything had been through a few test baths of sub-zero coolant, just to get a baseline. He would then start working on the custom enclosures and pressure vessels that would house his hyperactive circuits, keeping them just on the right side of self-destruction.

That's when his jaw buzzed. A dropdown slid into his view, announcing Jerry's insistent hail. Tensing his muscles slightly, he made the scissor-like motion to answer.

"Look -- hey Paul-o, we gotta shift and shift it now, man!"

Jerry's breathing was ragged, and for a moment Paul thought he was running away from something.

"I'm in the shop, what's the deal?"

"Its the chain man - we gotta boost off this chain before we get our asses swamped!"

Satoshi save us, not this shit again...

"Look, I only have 10 PetaHashes and that's all from recycled stuff, and most of that is splintered along some alts that I care about. You want to play chain-war, you get someone else."

"Comon Paul.. look, you gotta back me here - you know if my alt gets swamped then I'm done, right? I've worked on this so LONG..."

Ragged breath, some coughing rattling down the thinband in slight attenuated shifts.

"Alright, fine. I'll see if I can cobble together some of the older shit I have in storage. I'll get back to you, k?"

"Oh THANKS MAN, You and me baby -- we're gonna make 'em wish they never tried!! Woo-"

Paul cut off the call mid whoop, not wanting to subject himself to another aural beating. Great. Another chain war, another series of long feints to defend somebody's idea of the best cryptonomy. Paul shook his head, knowing he'd support his friend, but at what cost? He had his own projects, thank you -- and having to turn most of his capacity over to some other chain... dammit, dammit...

Well, beats working for the corps, and at least you get to stay in this boosted unit on the edge of the zone. Paul put his head in his hands, trying to knead out some of the tiredness from behind his eyes.


fortitudinem multis - catenum regit omnia
Dabs
Staff
Legendary
*
Offline Offline

Activity: 1890



View Profile
September 05, 2013, 05:51:43 AM
 #32

Ok, how do you forcefully re-distribute coins that are buried more than 100 blocks deep already?

Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 2366



View Profile
September 05, 2013, 06:40:05 AM
 #33

Ok, how do you forcefully re-distribute coins that are buried more than 100 blocks deep already?
Pretty trivially when almost everyone is on a SPV node because a full node requires gigabits of network connectivity, and when everyone who isn't would have to accept the invalid blocks or otherwise be left behind by the economic supermajority of people who are. Tongue  (this is all in some fantasy world where Bitcoin is widely used enough for a seriously funded attack, right?)

Bitcoin will not be compromised
Dabs
Staff
Legendary
*
Offline Offline

Activity: 1890



View Profile
September 05, 2013, 08:54:04 AM
 #34

The fairy tales I'm reading so far are just the not-too-distant future, or a close future. I don't see SPV only nodes existing except on mobile devices.

A lot of people will keep their full nodes for at least the next decade, or two.

I use only bitcoin-qt on my laptop, that's a full node right? I don't see myself switching from it for a long time. When it takes up half of my hard drive space, I may consider the alternatives, but for now I will keep using this.

Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
virtualmaster
Hero Member
*****
Offline Offline

Activity: 504



View Profile
September 06, 2013, 10:34:44 AM
 #35

This is a really serious threat compromising Bitcoin on the developer side.
Let me show some ideas how the Namecoin identity and namespace system could contribute to improve this threat.
If every developer and some security experts creates a Namecoin identity for ex. id/gagarin and id/bob and they publicate this on their main website.
http://dot-bit.org/Namespace:Identity
Everybody could check the authenticity of their files or expertise analysis published against the key on their Namecoin id id/gagarin and id/bob.

It could be also created a new namespace bitcoin/ and they create there also an identity bitcoin/gagarin and bitcoin/bob for bitcoin related issues, which is signed with their key published on id/gagarin and id/bob. It could be created also namespace entries for every subproject, like gagarin084, gagarin091 ....
In every namespace entry would be stored the signature of the downloadable file. L
like bitcoin/gagarin084{
"signature" : "signaturetext",
"update-priority" : "high",
"improovements" : "security, client-graphic",
"comments" : "...",
"available" : "http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.8.4/",
...
}

In bitcoin/gagarin he makes an entry for every version
bitcoin/gagarin
{
...
"releases" : [..., "gagarin083", "gagarin084"]
}

Some security experts or known developers could publish their meaning on every release.
For ex.

like bitcoin/bob084{
"signature" : "signaturetext",
"downloaded from" : "http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.8.4/",
"version" : "windows binary",
"network-communication" : " not checked",
"local-activity" : "checked",
local-encryption" : "checked",
"comments" : "it seems to be in order, no dubious activity detected",
...
}


So every release is signed and commented from authenticated authors and the signatures are stored unfalsifiable in the Namecoin blockchain.
It is not affected by website hijacking or take down.

You can explore the entries from the namecoin client or from the web
explorer.bit/ -> for ex. id/khal (enable .bit browsing)
It works on any namespace like anything/youimagine.


Calendars for free to print: 2014 Calendar in JPG | 2014 Calendar in PDF Protect the Environment with Namecoin: 2014 Calendar in JPG | 2014 Calendar in PDF
Namecoinia.org  -  take the planet in your hands
BTC: 15KXVQv7UGtUoTe5VNWXT1bMz46MXuePba   |  NMC: NABFA31b3x7CvhKMxcipUqA3TnKsNfCC7S
gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 2366



View Profile
September 06, 2013, 11:39:34 AM
 #36

Everybody could check the authenticity of their files or expertise analysis published against the key on their Namecoin id id/gavin and id/bruce.
I hate to crap on someones neat idea, but this sounds completely pointless. You need some way to know that these IDs are the right people, and that id/gavin isn't just some squatter and the real gavin isn't id/gavin11.  If you've solved that then you can just use the PGP signatures we already have.

Better, the PGP keys are connected to the PGP web of trust, so you do have a starting point to cold validate the keys at least as belonging to specific named people. 

Bitcoin will not be compromised
virtualmaster
Hero Member
*****
Offline Offline

Activity: 504



View Profile
September 06, 2013, 12:14:11 PM
 #37

Everybody could check the authenticity of their files or expertise analysis published against the key on their Namecoin id id/gavin and id/bruce.
I hate to crap on someones neat idea, but this sounds completely pointless. You need some way to know that these IDs are the right people, and that id/gavin isn't just some squatter and the real gavin isn't id/gavin11.  If you've solved that then you can just use the PGP signatures we already have.

Better, the PGP keys are connected to the PGP web of trust, so you do have a starting point to cold validate the keys at least as belonging to specific named people. 
May be you have right with the real names. So I changed them even if they are not so suggestive.

Calendars for free to print: 2014 Calendar in JPG | 2014 Calendar in PDF Protect the Environment with Namecoin: 2014 Calendar in JPG | 2014 Calendar in PDF
Namecoinia.org  -  take the planet in your hands
BTC: 15KXVQv7UGtUoTe5VNWXT1bMz46MXuePba   |  NMC: NABFA31b3x7CvhKMxcipUqA3TnKsNfCC7S
Luckybit
Hero Member
*****
Offline Offline

Activity: 714



View Profile
September 06, 2013, 02:14:12 PM
 #38

Suppose someone accidentally the whole dev team? Or suppose it is infiltrated? Or suppose they are bought off?

How should we as a community react? Probably fork right, but what fork? It is easy to imagine a dozen forks springing up before things stabilize. In a worst case they could be so weak, the original, comprised chain becomes the favored one, simply because it is easier to stick with the status quo.

Maybe we could benefit from a chain of command or something?

It's open source so it wont make much of a difference but it does mean an audit would be necessary and a complete rewrite.
crazy_rabbit
Legendary
*
Offline Offline

Activity: 1176


RUM AND CARROTS: A PIRATE LIFE FOR ME


View Profile
September 06, 2013, 02:55:21 PM
 #39

The US government intelligence agencies have been interested in Bitcoin for a number of years now. I'm sure if it's compromised, it's been compromised for awhile now.

That said, this is why it's important to be open source and make sure everyone is checking everything.

more or less retired.
TraderTimm
Legendary
*
Offline Offline

Activity: 2030



View Profile
September 06, 2013, 10:25:33 PM
 #40

In all seriousness though, I'd like to have a mechanism whereby if a core developer is approached by any gov't to compromise bitcoin, they have to resign - and announce that publicly, signing the message with the same pgp signature used to commit their changes to the Bitcoin codebase.

I know that the devs wouldn't just sit there if such a situation occurred, but I'd feel better knowing there was some kind of notification process to deal with it.

fortitudinem multis - catenum regit omnia
Pages: « 1 [2] 3 4 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!