SC2 Diff drop related to the recent attacks on Bitcoin pools?

[Nachtwind]

Been following a discussion on BTC-e's shoutbox that made me.. sceptical towards SC2.

I've been never a friend of such theories but this one strikes with logic and looks realistic. Here are some of the facts that seem prooven:

- Two days ago there was a massive strike on Bitcoin by DDossing the major pools. Deepbit, Slush and BTCGuild were taken down
- Two days ago SC2's hashrate came to a sudden downfall with a retarget almost 40% lower

It has been proven that there was a single "client" been mining more or less than 50% of the blocks being referenced to as the "dick" because his miner id on the block exporer was "8=====D".
This "dick" was not online during the attacks. (Would love to point at the Block Explorer but it seems to ignore it or not show its miner_id anymore...)



Sothe discussion on BTC-e was as follows:
Why did noone stop a botnet that has such a power on the network? Even with "cop"-nodes or trusted nodes or whatever theyre called. Consensus between many people here and in the discussionw was that it could be possible to ban a miner from the fork, i havent seen evidence for that and will just continue to move along this assumption for this discussion.

So, why did noone stop the dick from mining? Because a large scale botnet with that MH, should be at about 15 to 20mh, maybe more, must be composed of several thousand computers. Of course harnessing a largge potential for DDOSing.
As we know from Bitcoin ban of a botnet always leads to but one thing: a DDOS. So if such a large scale botnet would have been banned from SC2 the fork would have had to face a massive DDOS. It wouldnt be sufficient to take out the nodes, but imagine someone dossed all pools and all but one exchange just for a few days and dumps the amount of coins this botnet must have. Panic sell, end of the chain.

What is now striking is the coincidence of attacks on bitcoin pools while the botnet was evidently not mining on SC2. We have heard a lot about deals with botherders in the past few days - so has there been such a thing with SC2 investors (dont want to name RS since there is NO PROOF whatsoever for that..) to keep BTC low while SC2 is flourishing? When the diff on Sc2 is low many people can harness their BTC Hashing power to run SC2.. especially NOW that GPU mining is released as well (as i type this seems another strange coincident to me..).

I really dont think that this conspiricy could actually have hapened but as arthur c clarke once wrote about random incidents:

One time is an accident
Two times are coincident
Three times is a plan.

So summed up:
Botnet is allowed to mine a shitload of coins but doesnt dump them on the markets (the markets volumes are just not that high). The Botnet is down while Attacks on BTC Pools happen. Diff drops of course. When diff is low a GPU Miner is released to allow BTC miners to profitable swing to SC..

It all just fits nicely.

[1714167116]

1714167116

[1714167116]

1714167116

[BitcoinPorn]

tl;dr, SolidCoin benefits from Bitcoin attack, but not the other alt coins because they are CPU based?

[Lolcust]

Other coins don't have a(n alleged ) buddy  botnet pwning those they consider competitors  

[Bitcoin Oz]

If the botnet is also a trusted node it would have even more motivation to attack bitcoin.

[Lolcust]

If the botnet is also a trusted node it would have even more motivation to attack bitcoin.

And no motivation to ever harm SC2s since it already has more solidcoins than you could shake a stick at

Devious stuff (if true)

[Clipse]

It would be funny if its true, it just shows even more how vulnerable bitcoin is if it could get manhandled like this and actually broken down ?

[Lolcust]

Few things can not be manhandled by a pissed botnet of sufficient size.

[sadpandatech]

It would be funny if its true, it just shows even more how vulnerable bitcoin is if it could get manhandled like this and actually broken down ?

 Bitcoin was in no way broken. The larger Pools were. Two completely different things. It shows the weakness of the mining aspect in too much centralization is all.

I've been never a friend of such theories but this one strikes with logic and looks realistic. Here are some of the facts that seem prooven:

- Two days ago there was a massive strike on Bitcoin by DDossing the major pools. Deepbit, Slush and BTCGuild were taken down
- Two days ago SC2's hashrate came to a sudden downfall with a retarget almost 40% lower

It has been proven that there was a single "client" been mining more or less than 50% of the blocks being referenced to as the "dick" because his miner id on the block exporer was "8=====D".
This "dick" was not online during the attacks. (Would love to point at the Block Explorer but it seems to ignore it or not show its miner_id anymore...)



Sothe discussion on BTC-e was as follows:
Why did noone stop a botnet that has such a power on the network? Even with "cop"-nodes or trusted nodes or whatever theyre called. Consensus between many people here and in the discussionw was that it could be possible to ban a miner from the fork, i havent seen evidence for that and will just continue to move along this assumption for this discussion.

So, why did noone stop the dick from mining? Because a large scale botnet with that MH, should be at about 15 to 20mh, maybe more, must be composed of several thousand computers. Of course harnessing a largge potential for DDOSing.
As we know from Bitcoin ban of a botnet always leads to but one thing: a DDOS. So if such a large scale botnet would have been banned from SC2 the fork would have had to face a massive DDOS. It wouldnt be sufficient to take out the nodes, but imagine someone dossed all pools and all but one exchange just for a few days and dumps the amount of coins this botnet must have. Panic sell, end of the chain.

What is now striking is the coincidence of attacks on bitcoin pools while the botnet was evidently not mining on SC2. We have heard a lot about deals with botherders in the past few days - so has there been such a thing with SC2 investors (dont want to name RS since there is NO PROOF whatsoever for that..) to keep BTC low while SC2 is flourishing? When the diff on Sc2 is low many people can harness their BTC Hashing power to run SC2.. especially NOW that GPU mining is released as well (as i type this seems another strange coincident to me..).

I really dont think that this conspiricy could actually have hapened but as arthur c clarke once wrote about random incidents:

One time is an accident
Two times are coincident
Three times is a plan.

So summed up:
Botnet is allowed to mine a shitload of coins but doesnt dump them on the markets (the markets volumes are just not that high). The Botnet is down while Attacks on BTC Pools happen. Diff drops of course. When diff is low a GPU Miner is released to allow BTC miners to profitable swing to SC..

It all just fits nicely.

Very interesting. Are you able to say just how much hash power it was pointed at SC2 that was gone during BTC pool attacks?  I am not at all familiar with SC2 diff so can't do the math myself.....

Been following a discussion on BTC-e's shoutbox that made me.. sceptical towards SC2.

[BitterTea]

It would be funny if its true, it just shows even more how vulnerable bitcoin is if it could get manhandled like this and actually broken down ?

Only the centralized pools, not Bitcoin. If everyone used p2pool, we wouldn't even be having this conversation.

[DeathAndTaxes]

The interesting problems you create when making your block chain "botnet friendly", and that botnet is tiny.  The SC hashing power indicates it has roughly 1600 quad core CPUs hashing.  For the botnet to have ~50% of hashing power it only took 800 average zombie computers (or was running more nodes at reduced load).  Some botnets have 250,000+ zombied computers.

The botnet that attack Bitcoin pools was much larger 800 computers.  Slush indicated his provider shut him off when inbound flood exceeded 5GB/s.  Likely if this 800 computer "dick" is the same botnet then the botnet operator is just using a tiny piece of the computing power to test out SolidCoin.

A 250,000 node botnet would have roughly 99.6% of network hashing power.  It would also eventually mine 1 million coins and become a trusted node and then have complete control of the network.  Of course there is no reason to have 99.6% of hashing power as 51% power = 100% power.  Once an attacker accumulates 1M coins (and thus has an "owned" trusted node to sign their attack blocks) it would only take a pathetic 800 bots to takeover the entire network.

I doubt that will happen because ScamCoin is worthless so nobody with that kind of computing power is going to waste it going after something without value but it means that ScamCoin is going nowhere.  If it remains small it avoids botnets.  If it becomes large it can be smashed by even the tiniest botnets.

I have a couple of questions to the OP:
Who decides to ban people from a network?  
Should anyone have that kind of power?  
Is the network really PEER to PEER (as in equals) if someone can ban someone else from the network?  Isn't that more like king-vassal network?

[Clipse]

Let me rephrase then. It just shows how vulnerable bitcoin is atm with the way users are utilising it via centralised pools.

[DeathAndTaxes]

It would be funny if its true, it just shows even more how vulnerable bitcoin is if it could get manhandled like this and actually broken down ?

When did bitcoin break down?  When did the network stop running?  When did transactions stop getting confirmatons?

Some pool operators couldn't handle the botnet attack but there is no requirement to use a massive pool.  Hell there is a technology (p2pool) to make a pool completely distributed.  Not only would that make them hardened against botnets it would also mean a pool no longer represents a 51% risk.  A p2pool could have 100% of the network hashing power and would represent no risk to security of the network as each miner works independently.

[Clipse]

I doubt that will happen because ScamCoin is worthless so nobody with that kind of computing power is going to waste it going after something without value but it means that ScamCoin is going nowhere.  If it remains small it avoids botnets.  If it becomes large it can be smashed by even the tiniest botnets.

Really? Please tell me how many cookies did the internetz steal from you, every post of yours contain some childish remarks.

When did bitcoin break down?  When did the network stop running?  When did transactions stop getting confirmatons?

Some pool operators couldn't handle the botnet attack but there is no requirement to use a massive pool.  Hell there is a technology (p2pool) to make a pool completely distributed.  Not only would that make them hardened against botnets it would also mean a pool no longer represents a 51% risk.  A p2pool could have 100% of the network hashing power and would represent no risk to security of the network as each miner works independently.

And thats what I said, if you take down all the pools right now indefinitely, bitcoin will come to an halt until everyone either continue solomining(not a chance) or move to something like p2pool as mentioned earlier.

[DeathAndTaxes]

you able to say just how much hash power it was pointed at SC2 that was gone during BTC pool attacks?

Not much.  Looks like around 800 computers.  The attack across major pools was magnitudes larger than that.  IF they are connected it means a botnet operator was just throwing a tiny fraction of their computing power towards SC2 possibly as a test.  When the attack started they stopped everything else to be able to put 100% of botnet power against the major pools.

[DeathAndTaxes]

Let me rephrase then. It just shows how vulnerable bitcoin is atm with the way users are utilising it via centralised pools.

How.  The network continued to operate.  Hashing power didn't even decline that much.  Falling BTC prices resulted in more of a decline.  The 3 large pools make nice targets because they are so large.  To bring down a pool requires lots of bandwidth.  Conventional pool operators are vulnerable to botnets.  If anything I think this may be a good thing.  We have seen migration away from the large pools.  The 4 largest pools combined now have less hashing power as % of overall network than prior to the two attacks.  

That was just two attacks.  If the botnets kept it up and attack more often (say one attack every 3 days) more miners would get sick of pools that don't respond and either solo mine, join p2pool or join smaller conventional pools. All improve the security of the network.

And thats what I said, if you take down all the pools right now indefinitely, bitcoin will come to an halt until everyone either continue solomining(not a chance) or move to something like p2pool as mentioned earlier.

There are over a hundred pools (likely more at wiki if often out of date) sustaining an attack against all of them would be difficult.  
Durring the attacks many people DID solomine so not sure why that is "not a chance".  p2pool is currently working now so that is already any option.  Pools are prefered because they reduce volatility but one actually makes slightly more solo mining (pool fees + stales due to server latency + losing transaction fees + potential share witholding attack against pool).  If I had no other choice I would solo mine, my cgminers are setup to auto failover across 3 pools and then go to solo mining..  Hell some crazy people solo mine right now despite having the option of using pools.

[johnj]

And thats what I said, if you take down all the pools right now indefinitely, bitcoin will come to an halt until everyone either continue solomining(not a chance) or move to something like p2pool as mentioned earlier.

You're right Clipse - centralization of any kind is a weakness in any p2p network.  Good thing Bitcoin users have the option of many, many pools and even the ddos-proof p2pPool.

What choice to SC users have to avoid centralization? Given your premise, "if you take down all the trusted nodes right now indefninitely, solidcoin will come to a halt forever".

Gee, what sounds worse

[sadpandatech]

you able to say just how much hash power it was pointed at SC2 that was gone during BTC pool attacks?

Not much.  Looks like around 800 computers.  The attack across major pools was magnitudes larger than that.  IF they are connected it means a botnet operator was just throwing a tiny fraction of their computing power towards SC2 possibly as a test.  When the attack started they stopped everything else to be able to put 100% of botnet power against the major pools.

  Thanks for the numbers, Death.

  Yea, it makes it seem unlikely 'Dick' is part of the Botnet. I mean, unless his zombies are only capable of either running a Miner or running a Syn Flooder one at a time, why would he even bother to stop the 800~ from mining. I'd have em keep mining and packet flood at the same time. Might lag a few getworks out but with longpolling, you'd proably not lose much hash. Though its been a while since I've played with any of that. Is Syn Flooding with maxed size packets cpu intensive?  I don't recall it being but its been yearsssss..

  And on that note, for everyone else. Max packet size for IPv4 is roughly 65k. Divide that just into the 5GB/s that just one pool had on it to die and you come up with atleast the number of zombies at that one time, at that one pool.  Or roughly 80,000 zombies at just that one point... 

  Death, on a more technical note of the attacks, it seems he was much more tactical this time as well. Meaning he was aware that once he exceeded certain pools hosting badnwidth limits for DDos protection they would flip the switch. Which would have enabled him the ability to not have to split all his zombies up across 5 pools at once. I am not sure what the other pools hosts had for pipe limits in place, but atleast at the ones with low DDos detection points it enables the botnet OP to be effective with fewer bots.  My best guess based on previous attacks and soem spreading at the time is in the line of 175k to 250k botnet. Nasty stuff. And how fuggin bored or agenda prone must one be do use one for this. Aside from the fruitlessness of it, they put themselves in greater and greater risk of being Idented or hijacked by another controller(i.e., gov loves doing that or other thugs).


   Cheers

[stryker]

funny really because its all the retard *shit-brixx style chains that actually are vulnerable..... have a nice day script boy

[Lolcust]

A 250,000 node botnet would have roughly 99.6% of network hashing power.  It would also eventually mine 1 million coins and become a trusted node and then have complete control of the network.  Of course there is no reason to have 99.6% of hashing power as 51% power = 100% power.  Once an attacker accumulates 1M coins (and thus has an "owned" trusted node to sign their attack blocks) it would only take a pathetic 800 bots to takeover the entire network.

Well, that depends on what those boxes are like - if those are mostly single-core lame Chinese PCs with decent-ish connections, it might have taken more to get same hashes, but provided far more DOS potential.

Also, the hypothetical botnet could be mining with only a fraction of its overall boxcount - the reason why it might attack mostly when it is not mining is primarily due to the fact that it is going to take "rests" anyway (to leverage asymmetric diff adjust to mine more coins), and attacks during those periods so that not a single kb of traffic is "drawn away" from the attack (a petty kind of efficiency-humping, but all to plausible for someone whose business model is essentially building great armies out of petty components)

Also, a kind soul has suggested that maybe the bot herder  IS one of the "10 trusted individuals" thus giving him every incentive possible to make SC's "bitcoin gonna dieee" marketing hype look "real" (it's not like the herder could sell his million coins off, assuming this scenario was true), which seems reasonable, if quite hypothetical, proposal.

All in all, methinks, the best way to go about it would be to wait for the next "BTC-related" DDoS outbreak and see if it coincides with weird SC2 diff drop once again. Several such repetitions would strongly suggest that it is not coincidental, and such repetitions can be trivially ascertained by multiple neutral parties.

 Yea, it makes it seem unlikely 'Dick' is part of the Botnet. I mean, unless his zombies are only capable of either running a Miner or running a Syn Flooder one at a time, why would he even bother to stop the 800~ from mining.
   Cheers

He would stop for a seemingly unrelated reason - to leverage asymmetric adjust so he can get more coins.

The reason attack happened then would be to ensure so that the "resting" bots can use all of their bandwidth too, out of sheer petty "nitpicker" efficiency drive that seems consistent with a "good" botherder mindset.

We could trivially test this hypothesis by waiting and seeing if future mass DDoS sprees coincide with oddball diff drops in SC

[Lolcust]

lolcust.... do the world a favour and die.... ok? if u need help drop me a pm

Not a chance mate  :-P