Bitcoin Forum
December 08, 2016, 12:13:58 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: DDoS, the ultimate solution  (Read 1342 times)
alan2here
Sr. Member
****
Offline Offline

Activity: 331


View Profile
August 12, 2011, 10:35:28 PM
 #1

And it was developed by bitcoiners, me and Lolocust.

You would pay, for example £10 per month to connect to the internet, much like as things are today, but only some of that would go to your ISP/maintenance of the internet, lets say £5. The other £5 would be split among the addresses you sent packets to in proportion of how many packets (or how much data) you sent to them. So for example if you used half the packets you sent that month attacking another address then the owner of that address would receive £2.50, as well as money from anyone else attacking his address.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481199238
Hero Member
*
Offline Offline

Posts: 1481199238

View Profile Personal Message (Offline)

Ignore
1481199238
Reply with quote  #2

1481199238
Report to moderator
1481199238
Hero Member
*
Offline Offline

Posts: 1481199238

View Profile Personal Message (Offline)

Ignore
1481199238
Reply with quote  #2

1481199238
Report to moderator
nmat
Hero Member
*****
Offline Offline

Activity: 602


View Profile
August 12, 2011, 11:06:55 PM
 #2

Interesting concept. But how did you develop this solution? You created an ISP?
alan2here
Sr. Member
****
Offline Offline

Activity: 331


View Profile
August 12, 2011, 11:09:18 PM
 #3

The idea was developed :¬P We havn't implemented it yet. Every ISP may need to be on board if it were to be implmented.
nmat
Hero Member
*****
Offline Offline

Activity: 602


View Profile
August 12, 2011, 11:16:57 PM
 #4

You will also have to contact every hosting service to tell them to start accepting payments. How will I earn money with my web server running at my laptop in my basement? And how are you going to pay me Euros when I get visits from Zimbabwe?
gusti
Legendary
*
Offline Offline

Activity: 1102


View Profile
August 12, 2011, 11:17:57 PM
 #5

DDOS are usually made from botnets with thousands of compromised machines, you cannot charge the machine owners or ISP's for that traffic

If you don't own the private keys, you don't own the coins.
nmat
Hero Member
*****
Offline Offline

Activity: 602


View Profile
August 12, 2011, 11:24:03 PM
 #6

DDOS are usually made from botnets with thousands of compromised machines, you cannot charge the machine owners or ISP's for that traffic

The idea is that the money you currently pay to your ISP will be partly divided among the sites you visit. This could be interesting not only to defeat DDOS, but also to help supporting websites.
JoelKatz
Legendary
*
Offline Offline

Activity: 1386


Democracy is vulnerable to a 51% attack.


View Profile WWW
August 12, 2011, 11:30:22 PM
 #7

And it was developed by bitcoiners, me and Lolocust.

You would pay, for example £10 per month to connect to the internet, much like as things are today, but only some of that would go to your ISP/maintenance of the internet, lets say £5. The other £5 would be split among the addresses you sent packets to in proportion of how many packets (or how much data) you sent to them. So for example if you used half the packets you sent that month attacking another address then the owner of that address would receive £2.50, as well as money from anyone else attacking his address.
The biggest problem with this scheme is that it creates several perverse incentives. For example, sites with no value whatsoever and very low bandwidth could use malware to launch DDoS attacks on themselves to make money. Even if they only had a miniscule amount of bandwidth, they would still get paid for packets that never made it to their pipe.

Also, most sites have saturated outbound bandwidth but plenty of inbound bandwidth to spare. This would given them a perverse incentive to induce visitors to send them useless data as much as possible to fill up their inbound bandwidth to make more money.

If the receiving ISP keeps the money, nothing is done to stop DDoS attacks. Neither the sender nor their ISP pays any more money, they just change who gets it, so they have no incentive to stop the attacks. And even if the 'victim' site gets the money, the DDoS can still do damage way above the value of the compensation.

Also, with the technology needed to do this, you could implement much better solutions. The problem is largely that the technology doesn't exist, not that there are no good ideas for ways to solve it if you get to assume anything is possible.

I am an employee of Ripple.
1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
Lolcust
Member
**
Offline Offline

Activity: 112


Hillariously voracious


View Profile
August 13, 2011, 09:49:34 PM
 #8

Yay, whitelisted!

DDOS are usually made from botnets with thousands of compromised machines, you cannot charge the machine owners or ISP's for that traffic

You see, in a way every packet you send already has a cost (even if you are on what is deceptively called "unmetered")

The idea here is to have a tiny payment to the receiving side being "attached" to every packet, so that every site you visit receives a tiny tiny (under normal, non DDoS situation)  payment


 The biggest problem with this scheme is that it creates several perverse incentives. For example, sites with no value whatsoever and very low bandwidth could use malware to launch DDoS attacks on themselves to make money. Even if they only had a miniscule amount of bandwidth, they would still get paid for packets that never made it to their pipe.

Well, some folks already more or less do that when they hire botswarms to hit their ads and counters, though the "pay packet" scheme would indeed somewhat increase the incentive to attract even more "non-consensual" traffic.


Also, most sites have saturated outbound bandwidth but plenty of inbound bandwidth to spare. This would given them a perverse incentive to induce visitors to send them useless data as much as possible to fill up their inbound bandwidth to make more money.

Well, aside from crude redirects and botnets, how would they do this ? Cajole folks into uploading random crap ? File hosting services would be very happy, though...

 
And even if the 'victim' site gets the money, the DDoS can still do damage way above the value of the compensation.

Well, yes, but it is still better to have (damage - compensation) than just damage Smiley


Also, with the technology needed to do this, you could implement much better solutions. The problem is largely that the technology doesn't exist, not that there are no good ideas for ways to solve it if you get to assume anything is possible.

Of course, the technology is (almost) completely hypothetical, but methinks it's still a nice idea worthy of some (fairly relaxed) contemplation.

Geist Geld, the experimental cryptocurrency, is ready for yet another SolidCoin collapse Wink

Feed the Lolcust!
NMC: N6YQFkH9Gn9CTm4mpGwuLB5zLzqWTWFw67
BTC: 15F8xbgRBA1XZ4hmtdFDUasroa2A5rYg8M
GEG: gK5Lx6ypWgr69Gw9yGzE6dsA7kcuCRZRK
JoelKatz
Legendary
*
Offline Offline

Activity: 1386


Democracy is vulnerable to a 51% attack.


View Profile WWW
August 14, 2011, 01:25:06 AM
 #9

Quote

Also, most sites have saturated outbound bandwidth but plenty of inbound bandwidth to spare. This would given them a perverse incentive to induce visitors to send them useless data as much as possible to fill up their inbound bandwidth to make more money.

Well, aside from crude redirects and botnets, how would they do this ? Cajole folks into uploading random crap ? File hosting services would be very happy, though...
Exactly. When you're on a Facebook page, for example, you are constantly sending queries to Facebook. Those queries, generated by Javascript authored by Facebook. How often they send queries and how big those queries are is completely under Facebook's control. Currently, their incentive is to be efficient to minimize the amount of data they have to handle. But they have tons of inbound bandwidth to spare, so if they got paid for people uploading, their incentive would go 100% the other way.

 
Quote
And even if the 'victim' site gets the money, the DDoS can still do damage way above the value of the compensation.

Well, yes, but it is still better to have (damage - compensation) than just damage Smiley
I don't agree. Damage less minimal compensation after the fact that is not tied to the amount of damage can be *much* worse. This jibes with common sense (how can you complain about attacks when someone is paying you for taking them?) and with experience.

A good example is a day care center that had a huge problem with late pickups. That meant an employee had to stay late, and none of their employees wanted to do that. So they had an idea -- make people pay $5/minute for late pickups. Guess what -- late pickups shot through the roof. Why? Because with this system, people now felt they had a right to make late pickups and weren't working so hard to avoid the inconvenience. They quickly got rid of the penalty.

Quote

Also, with the technology needed to do this, you could implement much better solutions. The problem is largely that the technology doesn't exist, not that there are no good ideas for ways to solve it if you get to assume anything is possible.
Of course, the technology is (almost) completely hypothetical, but methinks it's still a nice idea worthy of some (fairly relaxed) contemplation.
Then allow us to push filters up the router chain.

I am an employee of Ripple.
1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
Lolcust
Member
**
Offline Offline

Activity: 112


Hillariously voracious


View Profile
August 14, 2011, 05:54:30 PM
 #10

Quote


Well, aside from crude redirects and botnets, how would they do this ? Cajole folks into uploading random crap ? File hosting services would be very happy, though...
Exactly. When you're on a Facebook page, for example, you are constantly sending queries to Facebook. Those queries, generated by Javascript authored by Facebook. How often they send queries and how big those queries are is completely under Facebook's control. Currently, their incentive is to be efficient to minimize the amount of data they have to handle. But they have tons of inbound bandwidth to spare, so if they got paid for people uploading, their incentive would go 100% the other way.

Indeed, re-optimizing one's scripts to "milk" micropayments out of userbase would become an issue, that I have to agree with.

 
 
And even if the 'victim' site gets the money, the DDoS can still do damage way above the value of the compensation.

 I don't agree. Damage less minimal compensation after the fact that is not tied to the amount of damage can be *much* worse. This jibes with common sense (how can you complain about attacks when someone is paying you for taking them?) and with experience.

A good example is a day care center that had a huge problem with late pickups. That meant an employee had to stay late, and none of their employees wanted to do that. So they had an idea -- make people pay $5/minute for late pickups. Guess what -- late pickups shot through the roof. Why? Because with this system, people now felt they had a right to make late pickups and weren't working so hard to avoid the inconvenience. They quickly got rid of the penalty.

Well that is somewhat peculiar.

Is there a paper about that daycare case for me to read ?

As for the DDoS case, methinks that de-facto market reason for counteracting it at ISP level would remain, as customers who are damaged by such actions above the measure to which it is compensated would still seek to migrate to a better ISP.


Then allow us to push filters up the router chain.

I would if I could, but I can't  Wink

Geist Geld, the experimental cryptocurrency, is ready for yet another SolidCoin collapse Wink

Feed the Lolcust!
NMC: N6YQFkH9Gn9CTm4mpGwuLB5zLzqWTWFw67
BTC: 15F8xbgRBA1XZ4hmtdFDUasroa2A5rYg8M
GEG: gK5Lx6ypWgr69Gw9yGzE6dsA7kcuCRZRK
JoelKatz
Legendary
*
Offline Offline

Activity: 1386


Democracy is vulnerable to a 51% attack.


View Profile WWW
August 14, 2011, 06:34:01 PM
 #11

As for the DDoS case, methinks that de-facto market reason for counteracting it at ISP level would remain, as customers who are damaged by such actions above the measure to which it is compensated would still seek to migrate to a better ISP.
This is like saying the solution to crime is more private security and burglar alarms. Sure, that helps, but only because we don't have *real* solutions.
Quote

Then allow us to push filters up the router chain.
I would if I could, but I can't  Wink
You're inventing solutions based on technology that doesn't exist anyway. So why not invent good ones rather than mediocre ones?

I am an employee of Ripple.
1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
BCEmporium
Legendary
*
Offline Offline

Activity: 938



View Profile
August 14, 2011, 06:46:03 PM
 #12

Vote AGAINST this idea.

Reason:

It breaks network neutrality.
As no one has the "global web jurisdiction" (No, US doesn't "rule the World"), some ISP's will not bite this scheme and will not pay, so the "payees" and "payer ISP's" may attempt to block or slow those ISP's.
mc_lovin
Legendary
*
Offline Offline

Activity: 1134


www.bitcointrading.com


View Profile WWW
August 14, 2011, 10:57:41 PM
 #13

I think a more practical solution is to get an angry mob together and go kick the asses of those DDoSers.


Lolcust
Member
**
Offline Offline

Activity: 112


Hillariously voracious


View Profile
August 17, 2011, 08:58:05 AM
 #14

This is like saying the solution to crime is more private security and burglar alarms. Sure, that helps, but only because we don't have *real* solutions.

But... that is exactly how it works with "vanilla" crime, no?  Huh



You're inventing solutions based on technology that doesn't exist anyway. So why not invent good ones rather than mediocre ones?


Well, point Smiley

Vote AGAINST this idea.

Reason:

It breaks network neutrality.
As no one has the "global web jurisdiction" (No, US doesn't "rule the World"), some ISP's will not bite this scheme and will not pay, so the "payees" and "payer ISP's" may attempt to block or slow those ISP's.

Methinks there exists no network neutrality at the global scale, since, you know, China, Belarus and other such countries.

I think a more practical solution is to get an angry mob together and go kick the asses of those DDoSers.



Alas, we're quite far from punching people in the face via TCP/IP. That would solve so many problems...

Geist Geld, the experimental cryptocurrency, is ready for yet another SolidCoin collapse Wink

Feed the Lolcust!
NMC: N6YQFkH9Gn9CTm4mpGwuLB5zLzqWTWFw67
BTC: 15F8xbgRBA1XZ4hmtdFDUasroa2A5rYg8M
GEG: gK5Lx6ypWgr69Gw9yGzE6dsA7kcuCRZRK
dree12
Legendary
*
Offline Offline

Activity: 1232



View Profile
August 17, 2011, 01:15:12 PM
 #15

Also, what if you send all that $5 to yourself? That wouldn't prevent DDOS at all.

Example: Set up an IP, a.a.a.a. Get all your botnets to visit a.a.a.a, which doesn't respond at all (or responds using a fixed message that takes no processing time) 10000000 times, then visit facebook 9999 times. You still completed the DDOS, at no cost to yourself due to rounding.
ElectricMucus
Legendary
*
Offline Offline

Activity: 1540


Drama Junkie


View Profile
August 17, 2011, 03:16:31 PM
 #16

 Shocked

afik this might actually work

Vote AGAINST this idea.

Reason:

It breaks network neutrality.
As no one has the "global web jurisdiction" (No, US doesn't "rule the World"), some ISP's will not bite this scheme and will not pay, so the "payees" and "payer ISP's" may attempt to block or slow those ISP's.
Well under the current network architecture yes. But I think this would be very helpful in a picopeering darknet since it would have to implement fork of tcp/ip.
More later of I figure out exactly what OP meant..

First they ignore you, then they laugh at you, then they keep laughing, then they start choking on their laughter, and then they go and catch their breath. Then they start laughing even more.
Vladimir
Hero Member
*****
Offline Offline

Activity: 812


-


View Profile
August 17, 2011, 03:40:35 PM
 #17

This is basically what MAFIAA and Ko pulled of with all those CD/DVD blanks levy in countries like Canada. Nice gig if you can get it.

-
joulesbeef
Sr. Member
****
Offline Offline

Activity: 476


moOo


View Profile
August 17, 2011, 03:48:17 PM
 #18

awesome, I am never optimizing another jpg again.

Interesting idea, with unintended consequences that I fear will make it not work.

mooo for rent
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!