Bitcoin Forum
November 22, 2017, 07:31:04 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3]  All
  Print  
Author Topic: $250 Bounty Offered (Was $2000-$2500)  (Read 6205 times)
Mike Hearn
Legendary
*
expert
Offline Offline

Activity: 1526


View Profile
January 30, 2011, 04:55:35 PM
 #41

I think if the goal is to avoid detection+blocking then having the ability to run the protocol over HTTP by doing GETS and POSTS would work much better (no ssl).

I have a few issues with the idea of using SSL as obfuscation.

One is that some countries do in fact block or simply forbid encrypted connections. Spotting encrypted connections is easy because the data looks random whereas unencrypted protocols don't.

Examples: Tunisia "solved" SSL on the Google login page by simply hijacking the connection before the SSL connection was established. They solved it on Facebook by just blocking SSL entirely and forcing users to downgrade to the unencrypted version. Chinas GFW has been known to simply terminate connections that look like they're encrypted when they're leaving the country.

To really hide you need to look like regular web traffic as much as possible and you need the ability to rapidly change how the protocol looks. Then nothing but cutting off all web access will work.

How about this strawman proposal. Currently BitCoin travels over TCP port 8333. We can build an HTTP proxy for this such that a GET to

 http://www.some-site.com/bc/random-words?v=1

is equivalent to waiting for a message to arrive and a POST to that same URL is like sending a message. BitCoin is an entirely message based protocol and messages are small, so it will work OK. A cookie is used to keep the individual requests tied together to a logical connection. The proxy site then relays these messages into the p2p network as per usual. The random words could be anything and just pulled from a dictionary.

If you wanted to get really intense you could encode the messages steganographically into JPEGs or random HTML content.

To a DPI engine, this looks just like regular web browsing. There's some GETs, some POSTs, some cookies and the downloads/uploads are just binary. As long as there's no specific signature (like the current protocols beginning of message markers) this is probably quite hard to detect.

At the start, this can be implemented independent of the BitCoin client. Later on it could be integrated. Proxy lists could be distributed via a regular text file that has a signature on the end. A new command could be added that allows for new proxy lists to be downloaded from an existing proxy, to mimic the address discovery of the existing TCP based network.

Anyone who is serious about claiming this bounty should team up with a Snort expert to make sure that whatever solution they come up with is actually difficult to build detection scripts for.
1511335864
Hero Member
*
Offline Offline

Posts: 1511335864

View Profile Personal Message (Offline)

Ignore
1511335864
Reply with quote  #2

1511335864
Report to moderator
Join ICO Now Coinlancer is Disrupting the Freelance marketplace!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
da2ce7
Legendary
*
Offline Offline

Activity: 1222


Live and Let Live


View Profile
February 05, 2011, 06:16:50 AM
 #42

One of my Goals is to get Bitcoin Working on Freenet https://www.bitcoin.org/smf/index.php?topic=2312.0

Then one could download, install, and use bitcoin from a darknet. Cheesy

One off NP-Hard.
CaptainPicard
Jr. Member
*
Offline Offline

Activity: 42


View Profile
March 21, 2011, 10:53:53 PM
 #43

Here is how you would do SSL without needing CA certificates, and without man in the middle attacks.

Bitcoin is already distributed with the IP addresses of some initial seed nodes.
It would be changed so that it would also include the SSL public keys of those seed nodes.
This establishes a chain of trust.

Bitcoin would make a connection to those seed nodes to learn of other peers as it does now.
When the seednode refers a peer to the client, it also includes the peers SSL public key.

A bitcoin server must not accept incoming connections, unless the peer already knows its public key.
This makes it difficult for an attacker to connect to a specific target node it wants to monitor, it would first have to get the certificate referral from another node.

Using this method establishes a chain of trust starting with the public keys in the bitcoin program, and all nodes the client will eventually connect to in its lifetime.
It prevents any man in the middle attacks on the client.

This is the method used by freenet (I may be missing some details, see freenet source code).

As for older clients not supporting SSL there could be a transition period.
Initially the new version would try to make a SSL connection and if that does not work it falls back to the non-ssl method.
Yes this is vulnerable to an MITM attack by pretending a node doesn't do encryption.
After the SSL version has been out for some time and most people have upgraded, future versions would no longer accept unencrypted connections.
Matt Corallo
Hero Member
*****
expert
Offline Offline

Activity: 755


View Profile
March 21, 2011, 11:01:15 PM
 #44

3. UPnP support. Bitcoin should port forward the chosen high TCP port automatically. (Possibly port 8333/tcp too, if the answer to the question above is "Yes"). The GUI/command line should have a UPnP off/on toggle. It should be "on" by default. $250 Bounty still offered. UPnP should be off by default on the Linux build.
I'll split that if someone addes GUI toggle to my current branch and gets miniupnpc to compile properly on windows.  (My branch currently works on Linux/OSX via a command line toggle). 

Bitcoin Ubuntu PPA maintainer - donate to me personally: 1JBMattRztKDF2KRS3vhjJXA7h47NEsn2c
http://bitcoinrelaynetwork.org maintainer
PGP ID: 07DF 3E57 A548 CCFB 7530  7091 89BB B866 3E2E65CE
Matt Corallo
Hero Member
*****
expert
Offline Offline

Activity: 755


View Profile
March 22, 2011, 06:23:27 PM
 #45

3. UPnP support. Bitcoin should port forward the chosen high TCP port automatically. (Possibly port 8333/tcp too, if the answer to the question above is "Yes"). The GUI/command line should have a UPnP off/on toggle. It should be "on" by default. $250 Bounty still offered. UPnP should be off by default on the Linux build.
I'll split that if someone addes GUI toggle to my current branch and gets miniupnpc to compile properly on windows.  (My branch currently works on Linux/OSX via a command line toggle).  
I take that back, WxGUI stuff is done.  All thats left to do is get miniupnpc to compile on Windows and link properly with bitcoin without causing segfaults or implement MS' own UPnP library in bitcoin for windows.  Ill split the bounty 200/50 for anyone who can get that working.

Current version available at https://github.com/TheBlueMatt/bitcoin/tree/upnp

Bitcoin Ubuntu PPA maintainer - donate to me personally: 1JBMattRztKDF2KRS3vhjJXA7h47NEsn2c
http://bitcoinrelaynetwork.org maintainer
PGP ID: 07DF 3E57 A548 CCFB 7530  7091 89BB B866 3E2E65CE
genjix
Legendary
*
expert
Offline Offline

Activity: 1232


View Profile
March 24, 2011, 03:30:30 AM
 #46

From: http://bitcointalk.org/index.php?topic=4761.0

<spam>
---------------------------

As per this and this post, me & dissipate have setup a new site:

http://bitcoin.cz.cc

You propose features for Bitcoin. The front page shows a mix of the most donated proposals (10) and newest ones (5). Once the feature is implemented in Bitcoin then the bounty goes to the author and the proposal is deleted.

Think of it as an experiment into future methods for bitcoin based free software dev. Right now I'm just putting it out there to see what happens. If it grows then we can think about turning it into a bug tracker type thing with tickets, comments, statuses, assignment of tickets and search.

##############
For this to work, people have to know about it. Add it to your signatures!
"Vote up your favourite ideas to go into Bitcoin"
##############

Source code.
Matt Corallo
Hero Member
*****
expert
Offline Offline

Activity: 755


View Profile
April 12, 2011, 09:37:19 PM
 #47

UPnP pulled into mainline (79706a8e48a043b9ca83216ba9cbb7413e81710d) resolving all of the bounties in this thread.  If you want to pay out, a payout in BTC to the address in my signature would be nice Smiley

Bitcoin Ubuntu PPA maintainer - donate to me personally: 1JBMattRztKDF2KRS3vhjJXA7h47NEsn2c
http://bitcoinrelaynetwork.org maintainer
PGP ID: 07DF 3E57 A548 CCFB 7530  7091 89BB B866 3E2E65CE
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!