Bitcoin Forum
November 19, 2024, 02:46:33 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: « 1 ... 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 [639] 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 ... 2127 »
  Print  
Author Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency  (Read 4671003 times)
smooth
Legendary
*
Offline Offline

Activity: 2968
Merit: 1198



View Profile
September 04, 2014, 02:45:27 PM
 #12761

Great news on the fix Dev's. I see my main mining pool has just resumed payments, but Polo is still frozen. A few questions:

1) Will the fix require a new build for everyone?
2) I think someone (smooth or fluffy) said the Windows blockchain download hadn't been checked yet a few hours ago. Is it safe to download the new Windows chain yet?
3) Any other guidance on what to do to get going again?

Thanks,
Q

Yes there will be a new build. I'm not sure about the Windows blockchain. We'll follow up on that.
mechanikalk
Member
**
Offline Offline

Activity: 99
Merit: 91


View Profile WWW
September 04, 2014, 02:45:31 PM
 #12762

Everybody knows that Dingleberry (BBR) is crap.
xulescu
Sr. Member
****
Offline Offline

Activity: 263
Merit: 250


View Profile
September 04, 2014, 02:46:18 PM
 #12763


ot: interesting how quick people are starting to worship the blockchain, viewed as an untouchable entity from above. i tought this tech was made to
give us, the people, the power back to decide
. what sense does it make if we don't use this power but replacing the authority enslavement by an
blockchain enslavement?


The bolded part is indeed part of what the whole point is. The part which is also italicized is not precisely true. The tech is made to PREVENT arbitrary "us, the people" from deciding. That's why there is a consensus protocol.
fluffypony
Donator
Legendary
*
Offline Offline

Activity: 1274
Merit: 1060


GetMonero.org / MyMonero.com


View Profile WWW
September 04, 2014, 02:47:45 PM
 #12764

Everybody knows that Dingleberry (BBR) is crap.

Stop it.

mechanikalk
Member
**
Offline Offline

Activity: 99
Merit: 91


View Profile WWW
September 04, 2014, 02:52:49 PM
 #12765

Everybody knows that Dingleberry (BBR) is crap.

Stop it.

I am kind of flattered to get a response from fluffypony...
oda.krell
Legendary
*
Offline Offline

Activity: 1470
Merit: 1007



View Profile
September 04, 2014, 02:54:07 PM
 #12766

I hold both XMR and BBR (until something better may arise) - I don't see any reason for hostility between the two projects...

It is both annoying and intriguing actually.

+1


Everybody knows that Dingleberry (BBR) is crap.

-1


(Sorry for the sort of low content post, but sometimes, that's all the information that needs to be transmitted, imo.)


Back on topic:

Thanks, tacotime, smooth, fluffypony for keeping us update in realtime. This is precisely the emergency response I was hoping for.

Two questions:

1) Can you already rule out that the same (or similar) attack can be mounted again?

2) Can you already rule out conclusively that no lasting damage was done (as in: according to the pre-attack ownership situation)? Any chance that some subtle damage was done that'll be discovered only later?

Not sure which Bitcoin wallet you should use? Get Electrum!
Electrum is an open-source lightweight client: fast, user friendly, and 100% secure.
Download the source or executables for Windows/OSX/Linux/Android from, and only from, the official Electrum homepage.
nexern
Hero Member
*****
Offline Offline

Activity: 597
Merit: 500



View Profile
September 04, 2014, 02:54:16 PM
 #12767


ot: interesting how quick people are starting to worship the blockchain, viewed as an untouchable entity from above. i tought this tech was made to
give us, the people, the power back to decide
. what sense does it make if we don't use this power but replacing the authority enslavement by an
blockchain enslavement?


The bolded part is indeed part of what the whole point is. The part which is also italicized is not precisely true. The tech is made to PREVENT arbitrary "us, the people" from deciding. That's why there is a consensus protocol.

interesting and i thought i can decide by which client i am running on my box and therefore which chain i am supporting. isn't this what you would call a free decision?
aminorex
Legendary
*
Offline Offline

Activity: 1596
Merit: 1030


Sine secretum non libertas


View Profile
September 04, 2014, 02:54:52 PM
 #12768

As usual, I am delighted to see the outcome, and impressed by the rapid isolation of what is actually a fairly subtle defect in rather obfuscated code, the promptness and effectiveness of the damage control, and the well-ordered transparent process which got us there.

If this level of service does not suffice to elicit your financial contributions for the core commensurate with your financial benefit, you are a scoundrel and a cad.


Give a man a fish and he eats for a day.  Give a man a Poisson distribution and he eats at random times independent of one another, at a constant known rate.
mmortal03
Legendary
*
Offline Offline

Activity: 1762
Merit: 1011


View Profile
September 04, 2014, 02:55:13 PM
 #12769


There have been too many issues that have come to light recently.

The mining exploit that has been going on and has just been disclosed shocked me.

That wasn't recent, and it was Bytecoin that made use of that to do a massive pre-mine. There is/was no "mining exploit" in Monero. The uncovering of that was the whole reason Monero was created in the first place.

Quote
This looks like an unravelling of the problems, not a temporary blimp. At the back of my mind now is: 'what next?'

I'm an investor, Peter Todd is more competent to give a technical analysis. It doesn't look good.

If you can't get your facts straight, then you shouldn't invest. There's no "unraveling" of problems here indicative of anything. Bitcoin also had bumps in the road.
aminorex
Legendary
*
Offline Offline

Activity: 1596
Merit: 1030


Sine secretum non libertas


View Profile
September 04, 2014, 02:57:49 PM
 #12770

Oh well price will obviously fall. Price will obviously come back. The time frame that this will happen is unclear. One things is sure. Panic sellers and panic buyers will lose...

I believe that MP and the XMR markets on Poloniex have operated continuously with no substantive price movement.  The moonshot may resume uninterrupted.

Give a man a fish and he eats for a day.  Give a man a Poisson distribution and he eats at random times independent of one another, at a constant known rate.
aminorex
Legendary
*
Offline Offline

Activity: 1596
Merit: 1030


Sine secretum non libertas


View Profile
September 04, 2014, 02:59:04 PM
 #12771

Oh well price will obviously fall. Price will obviously come back. The time frame that this will happen is unclear. One things is sure. Panic sellers and panic buyers will lose...
How they can both lose??
Careful timing.

Give a man a fish and he eats for a day.  Give a man a Poisson distribution and he eats at random times independent of one another, at a constant known rate.
Quicken
Sr. Member
****
Offline Offline

Activity: 280
Merit: 250


View Profile
September 04, 2014, 02:59:55 PM
 #12772

Oh well price will obviously fall. Price will obviously come back. The time frame that this will happen is unclear. One things is sure. Panic sellers and panic buyers will lose...

I believe that MP and the XMR markets on Poloniex have operated continuously with no substantive price movement.  The moonshot may resume uninterrupted.

I think the XMR markets on Polo were/are actually stealth-frozen. Although nothing shows on the exchange page, I tried to put an order in, and it told me the market was frozen.
iCEBREAKER
Legendary
*
Offline Offline

Activity: 2156
Merit: 1072


Crypto is the separation of Power and State.


View Profile WWW
September 04, 2014, 03:00:29 PM
Last edit: September 04, 2014, 04:16:23 PM by iCEBREAKER
 #12773

I hold both XMR and BBR (until something better may arise) - I don't see any reason for hostility between the two projects...

It is both annoying and intriguing actually.

The reason for the hostility is a cross between sibling rivalry and the narcissism of minor differences.

The more we have in common with other people, the more horrified and antagonized we are upon disagreement.

A Christian and a Buddhist can more easily have a nice enlightening exchange of theological perspectives without conflict than say, an Orthodox Jew and an Ultra-orthodox one.  Because less cognitive dissonance is triggered and less ego is at stake.



Last night's Troll Block Crisis, however, did more to build bridges between and demonstrate the resiliency/anti-fragility of XMR/BBR than any grousing in the aftermath can undo.   Cool


██████████
█████████████████
██████████████████████
█████████████████████████
████████████████████████████
████
████████████████████████
█████
███████████████████████████
█████
███████████████████████████
██████
████████████████████████████
██████
████████████████████████████
██████
████████████████████████████
██████
███████████████████████████
██████
██████████████████████████
█████
███████████████████████████
█████████████
██████████████
████████████████████████████
█████████████████████████
██████████████████████
█████████████████
██████████

Monero
"The difference between bad and well-developed digital cash will determine
whether we have a dictatorship or a real democracy." 
David Chaum 1996
"Fungibility provides privacy as a side effect."  Adam Back 2014
Buy and sell XMR near you
P2P Exchange Network
Buy XMR with fiat
Is Dash a scam?
smooth
Legendary
*
Offline Offline

Activity: 2968
Merit: 1198



View Profile
September 04, 2014, 03:00:53 PM
 #12774

1) Can you already rule out that the same (or similar) attack can be mounted again?

2) Can you already rule out conclusively that no lasting damage was done (as in: according to the pre-attack ownership situation)? Any chance that some subtle damage was done that'll be discovered only later?

I'll answer both at the same time. This particular attack can't be mounted again. We haven't pushed out the official fix yet, but exploit it requires growing the blocks sizes, which takes time. We'd never let that happen. The full fix will be out soon. This hole is plugged.

Any software can have vulnerabilities and exploits. This is exacerbated by the fact that we got the code from a bunch of lying scammers who despite that character flaw, happen to have some talent when it comes to cryptography and to a lesser extent coding. We are reviewing the code and paying qualified people to review the code in order to identify and correct problems to the greatest extent possible. Further we will be restructuring, refactoring, and/or replacing some of the code in order to further increase its robustness and trustworthiness (removing obfuscation for example).

tacotime
Legendary
*
Offline Offline

Activity: 1484
Merit: 1005



View Profile
September 04, 2014, 03:02:37 PM
 #12775

Back on topic:

Thanks, tacotime, smooth, fluffypony for keeping us update in realtime. This is precisely the emergency response I was hoping for.

Two questions:

1) Can you already rule out that the same (or similar) attack can be mounted again?

2) Can you already rule out conclusively that no lasting damage was done (as in: according to the pre-attack ownership situation)? Any chance that some subtle damage was done that'll be discovered only later?

1) yes, it's an overflow bug in C.
2) yes, once the nodes all update no more corrupted blocks should be generated. the corrupted block now needs to be hardcoded into the software.

Code:
XMR: 44GBHzv6ZyQdJkjqZje6KLZ3xSyN1hBSFAnLP6EAqJtCRVzMzZmeXTC2AHKDS9aEDTRKmo6a6o9r9j86pYfhCWDkKjbtcns
smooth
Legendary
*
Offline Offline

Activity: 2968
Merit: 1198



View Profile
September 04, 2014, 03:03:11 PM
 #12776

Oh well price will obviously fall. Price will obviously come back. The time frame that this will happen is unclear. One things is sure. Panic sellers and panic buyers will lose...

I believe that MP and the XMR markets on Poloniex have operated continuously with no substantive price movement.  The moonshot may resume uninterrupted.

I think the XMR markets on Polo were/are actually stealth-frozen. Although nothing shows on the exchange page, I tried to put an order in, and it told me the market was frozen.

Polo and every other exchange we were able to reach (which unfortunately did not include Mintpal) was frozen within minutes of the fork. Polo's UI has some issues with displaying frozen status though.

freebud
Newbie
*
Offline Offline

Activity: 33
Merit: 0


View Profile
September 04, 2014, 03:03:31 PM
 #12777

If anyone had any questions regarding the competence and integrity of the Monero core team, here is the monero-dev irc log:

[13:13] <rfreeman_w> the bug appears to be wrong calculation of variable "cnt" that is supposed to be rounded to 2^n but is not for 514
[13:14] <rfreeman_w> testing and making PR
[13:14] * taaku has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[13:15] * rfreeman_w has quit (Remote host closed the connection)
[13:15] * billotronic has quit (Read error: Connection reset by peer)
[13:15] * rfreeman_w (~rfreeman@gateway/tor-sasl/rfreemanw) has joined #monero-dev
[13:16] * dasdasdasd (b24ef1d5@gateway/web/cgi-irc/kiwiirc.com/ip.178.78.241.213) has joined #monero-dev
[13:16] <superresistant> are we garanted that there will be no rollback ?
[13:16] <superresistant> can the pool operators resume payment ?
[13:17] <fluffypony> superresistant: yes - one 70kb bad block doesn't mess the entire chain up irrevocably
[13:17] <fluffypony> and we're way past it anyway
[13:17] * bagad has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[13:17] * rerfe (4fb8f522@gateway/web/cgi-irc/kiwiirc.com/ip.79.184.245.34) has joined #monero-dev
[13:18] * rerfe has quit (Client Quit)
[13:19] * dEBRUYNE has quit (Ping timeout: 260 seconds)
[13:20] <smooth> yeah but im wondering about the crazy rules about mixing types on bit shifts and stuf
[13:21] <kinglark> ...
[13:21] * wwww has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[13:21] * taaku (7d105f0b@gateway/web/cgi-irc/kiwiirc.com/ip.125.16.95.11) has joined #monero-dev
[13:22] <rfreeman_w> smooth, the error is here:
[13:22] <rfreeman_w>     for (i = 1; i < sizeof(size_t); i <<= 1) {      cnt |= cnt >> i;   }       cnt &= ~(cnt >> 1);
[13:22] <smooth> whats wrong with it
[13:22] * sk00t3r (c0853e02@gateway/web/cgi-irc/kiwiirc.com/ip.192.133.62.2) has joined #monero-dev
[13:23] <smooth> fills in all the lower bits then clears all but the upper bit
[13:23] <rfreeman_w> for value of 514 it rounds it to 513, instead of power of two like 512 like in other cases
[13:23] <tewinget> errrrr
[13:24] <rfreeman_w> or, is that not a problem?  for 514, and some other numbers like 1026 2050 3074 and so on, it produces odd numbers, while it seems they wanted to produce powers of two
[13:25] * dEBRUYNE (~Henkdenee@27-195-ftth.onsbrabantnet.nl) has joined #monero-dev
[13:27] * Teezy (~ident@91-157-187-191.elisa-laajakaista.fi) has joined #monero-dev
[13:27] <rfreeman_w> I assume resulting cnt is supposed to be nearest lesser power of two there?  If yes, then  http://p.suchdig.com/p/pvk. shows difference.
[13:28] * erl has quit (Quit: I used to think I was indecisive, but now I'm not too sure.)
[13:28] * xmining has quit (Ping timeout: 260 seconds)
[13:28] * xmining_ (xmining@108.62.233.111) has joined #monero-dev
[13:28] * taaku has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[13:29] <rfreeman_w> tewinget, first number that differs is the number that is used in the bad-block, so I think that was the bug that caused it.   Any thoughts?
[13:30] <fluffypony> but we only forked 2 blocks later
[13:32] <rfreeman_w> I think it caused that somehow. are the 2 next blocks fully correct?
[13:32] * taaku (7d105f0b@gateway/web/cgi-irc/kiwiirc.com/ip.125.16.95.11) has joined #monero-dev
[13:32] <rfreeman_w> not sure how that problem is exactly resulting in chain split but that must be it
[13:33] <tewinget> I'm gonna go and get some breakfast so I have any energy at all.
[13:33] <moneromooo> I don't suppose this code uses any implementation defined behavior (eg, unsigned overflow) ?
[13:34] <moneromooo> Which might cause, eg, Linux and Windows builds to get different results ?
[13:34] <rfreeman_w> moneromooo, well it does
[13:34] <rfreeman_w> the verification of hash seems to depend on sizeof(size_t) Cheesy
[13:35] * Davet (615c1b1d@gateway/web/cgi-irc/kiwiirc.com/ip.97.92.27.29) has joined #monero-dev
[13:35] <rfreeman_w> it will break faster on 32 bit
[13:35] <rfreeman_w> maybe for some implementation it would even pass for 514?
[13:35] <sk00t3r> How can I confirm I am on the correct chain? My deamon has not been on in a few days.
[13:36] <smooth> rfreeman_w sizeof(size_t)*8 i think. it should be bits not bytes
[13:36] * taaku has quit (Client Quit)
[13:36] <rfreeman_w> ok give me few minutes I will make PR that we can review
[13:36] * Davet has quit (Client Quit)
[13:37] * uzer111 (567fd0d9@gateway/web/cgi-irc/kiwiirc.com/ip.86.127.208.217) has joined #monero-dev
[13:38] <rfreeman_w> Who ever written that original code anyway? With no comments and in style perfect to hide corner case bug
[13:38] <smooth> its retarded there is a much better way to figure that out, maybe in O(1) some bit twiddling thing
[13:38] <smooth> anding with cnt-1 or something
[13:39] <smooth> i never remeber those tricks
[13:39] * Yolo (25b957a7@gateway/web/cgi-irc/kiwiirc.com/ip.37.185.87.167) has joined #monero-dev
[13:39] <smooth> but as coded im pretty sure my fix is right
[13:39] <tewinget> if we're pretty sure on rounding down to nearest power of 2 (or up)
[13:39] * rdymac has quit (Excess Flood)
[13:39] * Yolo has quit (Client Quit)
[13:39] <smooth> test it with smaller numbers
[13:39] <smooth> you get the same results
[13:39] <smooth> its when it gets bigger (since sizeof(size_t) =8) it doesn't work
[13:40] <tewinget> uint i = 1;  while (i < cnt) i << 1;  i >> 1;  cnt = cnt & ~i;
[13:40] <tewinget> done
[13:40] <smooth> yeah that probably works too
[13:40] <smooth> better make sure its exactly the same as the old one for smaller numbers though
[13:40] <smooth> im a little more comfortable with the small fix, but this is fine if teted
[13:41] * sammy007 (~sammy007@unaffiliated/sammy007) has joined #monero-dev
[13:42] * rdymac (~rdymac@unaffiliated/rdymac) has joined #monero-dev
[13:44] * Jojatekok (50635747@gateway/web/freenode/ip.80.99.87.71) has joined #monero-dev
[13:45] <Jojatekok> hello!
[13:45] <smooth> Jojatekok hi there
[13:45] <Jojatekok> good luck with recovering the situation of Monero... :/
[13:45] <Jojatekok> it will strenghten us, though
[13:45] <Jojatekok> and release weak hands
[13:45] <smooth> Jojatekok we think we found the exploit
[13:45] <smooth> still analyzing it
[13:46] <Jojatekok> smooth: freakin' awesome o.O
[13:46] <Jojatekok> acting in 8 hours, like a boss :O
[13:46] <smooth> ive been up for like 80
[13:46] <Jojatekok> and took down Polo trading in 10 min
[13:46] <smooth> i was getting ready to crash when the attack started
[13:46] <Jojatekok> yeah, awesome
[13:46] <smooth> with the spam
[13:46] <hegemoOn> sk00t3r: use "diff" command inside your bitmonerod
[13:46] <hegemoOn> and look at the block level
[13:46] <smooth> i had a really, really bad feeling about the spam attack being purposeful
[13:46] <rfreeman_w> this detects and tests the bug: https://github.com/rfree2monero/bitmonero/commit/b417abfb7a297d09f1bbb6de29030f8de9952ac8
[13:47] <hegemoOn> diff
[13:47] <hegemoOn> 2014-Sep-04 14:46:57.879129 BH: 203144, DIFF: 1275428366, HR: 21257139 H/s
[13:47] <Jojatekok> wow guys
[13:47] <hegemoOn> current valid blockchain is 203144
[13:47] <Jojatekok> okay, Monero is officially a serious coin
[13:47] <sk00t3r> hegemo0n: Thanks man.
[13:48] <rfreeman_w> the bug causes the hash function to run time too many, so it causes random results. For future all allocs should at least zero fill the memory.
[13:48] <smooth> rfreeman how is it random
[13:49] <smooth> uninitilized memory hashed into it?
[13:49] <hegemoOn> sk00t3r: if not, then download the blockchain boostrap, stop bitmonerod, erase the current blockchain.bin, and replace it by the fresh downloaded one and startagain bitmonerd
[13:49] <sammy007> so is fluffypony's patch is a preventive cure for now?
[13:49] <rfreeman_w> smooth, seems so. didn't tested fully
[13:49] <smooth> that would explain consensus failure i think
[13:49] <smooth> or would it
[13:49] <fluffypony> sammy007: not merged yet - we're deciding
[13:50] <rfreeman_w> smooth, the fix for the bug is not released yet? because I'm preparing final PR
[13:50] <smooth> nothing released yet
[13:50] <rfreeman_w> the 30 block size is just temporary to fix miners right?  should I finish my PR? a
[13:50] <smooth> seems to me the block woudl just get rejected a lot
[13:50] <Jojatekok> fluffypony: there should be an alarm system implemented into the blockchain, which core devs may control
[13:50] <Jojatekok> fluffypony: like in Bitcoin
[13:50] <smooth> rfreeman_w yes that is temp
[13:50] <smooth> 30kb
[13:50] <sk00t3r> hrgrmo0n: Thanks. I'll do that tonight if I see Im on the wrong one. I doubt it since it has been a few days since I have opened bitmonerod
[13:50] <Jojatekok> fluffypony: but our alarms may block outgoing TXes after block 'n'
[13:51] <fluffypony> Jojatekok: that's centralised, we won't do that
[13:51] <sammy007> fluffypony: just my 5 cents, seems it can affect pool's payouts
[13:51] <hegemoOn> sk00t3r: you cannot know until you check
[13:51] <Jojatekok> ok, ikr, but BTC has it...
[13:51] <fluffypony> Jojatekok: that's just an alerts system, which we will implement once we've decided how we want to do so
[13:52] <smooth> fluffypony> Jojatekok well i could see it as a temporary measure while the code is so sucky
[13:52] <Jojatekok> smooth: exactly
[13:52] <fluffypony> also just because an alert is issued doesn't mean people will upgrade
[13:52] <Jojatekok> fluffypony: that's why there should be alertimportance levels
[13:53] <Jojatekok> so, for instance, an alarm may talk about a mandatory update, and block all the incoming and outgoing TXes
[13:53] <smooth> we may need to do somethign special about that block
[13:53] * taaku (7d105f0b@gateway/web/cgi-irc/kiwiirc.com/ip.125.16.95.11) has joined #monero-dev
[13:54] * tacotime has quit (Ping timeout: 240 seconds)
[13:54] * bobbydoe (48e58189@gateway/web/cgi-irc/kiwiirc.com/ip.72.229.129.137) has joined #monero-dev
[13:57] * dadadoo has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[14:00] * oiearg has quit (Quit: Page closed)
[14:00] * taaku has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[14:01] * oiaerga (175cd202@gateway/web/freenode/ip.23.92.210.2) has joined #monero-dev
[14:03] * rfreeman_w has quit (Ping timeout: 264 seconds)
[14:05] * eaf (54724df9@gateway/web/freenode/ip.84.114.77.249) has joined #monero-dev
[14:05] * Tom_Cruise (~Tom@107-206-162-128.lightspeed.irvnca.sbcglobal.net) has joined #monero-dev
[14:08] * amin0rex has quit (Read error: Connection reset by peer)
[14:08] * amin0rex (~alk@71-8-128-127.dhcp.stcd.mn.charter.com) has joined #monero-dev
[14:09] * Tom_Cruise has quit (Ping timeout: 245 seconds)
[14:12] * rfreeman_w (~rfreeman@gateway/tor-sasl/rfreemanw) has joined #monero-dev
[14:15] * eaf has quit (Ping timeout: 246 seconds)
[14:16] * xmrhodler (57725749@gateway/web/cgi-irc/kiwiirc.com/ip.87.114.87.73) has joined #monero-dev
[14:17] <rfreeman_w> smooth, maybe bin that block by hash and disable part of normal validation?
[14:17] <rfreeman_w> pin
[14:18] * xmrhodler has quit (Client Quit)
[14:19] * xmrhodler (57725749@gateway/web/freenode/ip.87.114.87.73) has joined #monero-dev
[14:20] * grubles (~grubles@unaffiliated/grubles) has joined #monero-dev
[14:21] * PestoQuinty has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[14:24] * safas has quit (Ping timeout: 246 seconds)
[14:29] * Tom_Cruise (~Tom@107-206-162-128.lightspeed.irvnca.sbcglobal.net) has joined #monero-dev
[14:30] * uzer111 has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[14:32] * MoneroChat has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[14:34] * Tom_Cruise has quit (Ping timeout: 264 seconds)
[14:36] * InfoFront (32f702cd@gateway/web/cgi-irc/kiwiirc.com/ip.50.247.2.205) has joined #monero-dev
[14:37] * lucasjones has quit (Remote host closed the connection)
[14:39] * MoneroChat (42831398@gateway/web/cgi-irc/kiwiirc.com/ip.66.131.19.152) has joined #monero-dev
[14:42] * etc (45fb29b7@gateway/web/freenode/ip.69.251.41.183) has joined #monero-dev
[14:43] <smooth> rfreeman_w yes thats what we have to do
[14:44] <rfreeman_w> is that expected result  of  fork/etc?    cryptonote_protocol_handler.inl:353 [73.46.4.206:54603 INC]sent wrong NOTIFY_RESPONSE_GET_OBJECTS: block with id=3a8a2b3a29b50fc86ff73dd087ea43c6f0d6b8f936c849194d5c84c737903966 wasn't requested, dropping connection
[14:44] <smooth> rfreeman_w i dont know ask fluffypony
[14:45] <fluffypony> rfreeman_w: the expected result is the fork
[14:45] <fluffypony> I would imagine
[14:45] <rfreeman_w> okey
[14:49] <kinglark> i think it's ok now
[14:51] <rfreeman_w> Researched BBL: it seems they do the loop to sizeof(size_t) * 8  so it will also crash, just on bigger transactions numbers
[14:52] <rfreeman_w> a friend will prepare a text to reply about BBL being (not)immune on forum, in fact this work fixes mistake in seemingly all CN coin
[14:52] <tewinget> it's...just why?  it's such a simple operation.
[14:53] <tewinget> it's literally bitshifting one way from 1 while you bitshift the other way from count...
[14:54] <rfreeman_w> who needs math or CS classes when you can just duur the hurr C code.  Though personally I half-suspects malice.  But who knows
[14:54] <hegemoOn> 2014-Sep-04 15:51:34.069230 [P2P8]ERROR /home/netmonk/bm/bitmonero/src/cryptonote_core/tx_pool.cpp:108 Transaction with id= <c9cb35206f78b8e2c326630d69159cc117d4307fe7ab108af3147bb456983212> used already spent key images
[14:55] <kinglark> my pool has synd of http://monerochain.info/
[14:55] <kinglark> it looks ok now
[14:56] * Guest343 has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[14:57] * deliberately_unc has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[14:57] * dasdasdasd has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[15:00] <Gekz> time to port the codebase to Rust I reckon Tongue
[15:01] <fluffypony> nah
[15:01] <Quanttek> ^
[15:01] <fluffypony> JavaScript
[15:02] <Quanttek> PHP is the best
[15:02] <jwinterm> why not fortran? do they have boost for fortran?
[15:02] <hegemoOn> well i would think about ocaml
[15:02] <fluffypony> Quanttek: you know that Timekoin is actually written in PHP...
[15:02] <fluffypony> and I'm not even joking
[15:02] <Quanttek> oh wow
[15:02] <Quanttek> http://bjorn.tipling.com/if-programming-languages-were-weapons
[15:02] <Quanttek> I like the php one
[15:04] <fluffypony> https://github.com/knightmb/timekoin/tree/master/server/v3.51
[15:04] * pen has quit (Ping timeout: 260 seconds)
[15:06] <Quanttek> I have a friend, who loves php 'because you can use it everywhere and wordpress is written in it, which I always use as foundation'
[15:06] * Kushedout (~Kushedout@adsl-69-231-114-69.dsl.irvnca.pacbell.net) has joined #monero-dev
[15:08] <Gekz> Quanttek: fucking hell
[15:08] * dnaleor_ (~creveroel@ptr-212-224-214-4.dyn.mobistar.be) has joined #monero-dev
[15:08] <kinglark> 2014-09-04 22:05:20 [pool] (Thread 2) New block to mine at height 202652 w/ difficulty of 1220524081
[15:09] <fluffypony> you're on a fork
[15:09] <jwinterm> so is there going to be a mandatory update pronto? some explanation of what happened beyond commit messages?
[15:09] <othe> of course jwinterm
[15:09] <Quanttek> kinglark: you have to delete the blockchain and then bootstrap from op
[15:10] * xn2 (~xnbya@ec2-54-76-136-90.eu-west-1.compute.amazonaws.com) has joined #monero-dev
[15:10] <Quanttek> kinglark: current pools, I know about, who use the current version are coolmining, cryptograben, cryptonotepool.og.uk, *.fr and hashinvest
[15:10] * [tymat] (tymat@pris.im) has joined #monero-dev
[15:10] <jwinterm> the corrupted block was accepted because of a memory overflow exploit? does that mean that all clients that accepted the block suffered from the same exploit?
[15:10] <Gekz> Quanttek: just finished that post
[15:10] <Gekz> I actually laughed
[15:10] <jwinterm> cool othe
[15:10] <Gekz> it's really funny
[15:10] <jwinterm> I will be patient
[15:12] <smooth> jwinterm they got different hash results because they were reading from uninitizliaed memory
[15:12] <smooth> jwinterm yes there will be an update very soon
[15:13] <jwinterm> so it's not something that could be exploited to do bad things to someone's computer beyond the monero client, I guess is what I'm curious about?
[15:13] * iourzzz has quit (Ping timeout: 246 seconds)
[15:13] <jwinterm> luckily I haven't synced my client(s) in about 30 days Smiley
[15:13] <hegemoOn> well it seems its not a classical buffer overflow
[15:13] <hegemoOn> but a basic bug on bit arithmetic
[15:14] <hegemoOn> you believe you test a certain value
[15:14] <hegemoOn> but you test another value Smiley
[15:14] <hegemoOn> so if your condition is <16 and in reality you compute <17
[15:14] <hegemoOn> there is a little space
[15:15] <hegemoOn> for 16 to be valid
[15:15] * tf2honeybadger (~kevin@unaffiliated/tf2honeybadger) has joined #monero-dev
[15:15] <hegemoOn> it seems: 14:22:11     rfreeman_w |     for (i = 1; i < sizeof(size_t); i <<= 1) {      cnt |= cnt >> i;   }       cnt &= ~(cnt >> 1);
[15:15] <kinglark> my wallet ver is 0.8.8.3
[15:16] <hegemoOn> the error is here, and the shift is not behaving as coder expected
[15:16] <hegemoOn> kinglark: its not a matter of wallet
[15:16] * tacotime (~ttttttttt@198.52.200.63) has joined #monero-dev
[15:16] <fluffypony> kinglark: shut your daemon down, delete your blockchain, download the bootstrap from us, start it up again
[15:16] <rfreeman_w> hegemoOn, I fixed the bug
[15:17] * grubles has quit (*.net *.split)
[15:17] * tymat has quit (*.net *.split)
[15:17] * heyyou has quit (*.net *.split)
[15:17] * TheNat has quit (*.net *.split)
[15:17] * Kushed has quit (*.net *.split)
[15:17] * dnaleor has quit (*.net *.split)
[15:17] * osensei has quit (*.net *.split)
[15:17] * beavisboy has quit (*.net *.split)
[15:17] * AJIekceu4_ has quit (*.net *.split)
[15:17] * xnbya has quit (*.net *.split)
[15:17] * sandor111 has quit (*.net *.split)
[15:17] <hegemoOn> fluffypony: problems he has +17 monerod to manage Smiley
[15:17] <rfreeman_w> hegemoOn, there was a bug in way they calculate which parts of data need to be hashed and part ended up not hashed
[15:17] <smooth> hegemoOn the shift is fine, it just doesn't looop enough times
[15:17] <hegemoOn> rfreeman_w: yeah so its not a buffer overflow Smiley
[15:17] <smooth> it was counting bytes it sould count bits
[15:17] <hegemoOn> or integer overflow
[15:17] <hegemoOn> Smiley
[15:17] * billotronic (62dc12ca@gateway/web/freenode/ip.98.220.18.202) has joined #monero-dev
[15:17] <smooth> well, its not buffer ovverflow but it does access uninitialized memory later in the function
[15:18] <hegemoOn> its just a wrong test
[15:18] <hegemoOn> no unitary test performed !  Smiley
[15:18] <nuke1989> what miners should do? i stopped mining for now. But should i continue and if yes which pools are okay?
[15:18] <smooth> everything should be fine from here
[15:18] <Gekz> rfreeman_w: patch?
[15:18] <hegemoOn> who signed the QA ?
[15:18] <fluffypony> hegemoOn: lol
[15:18] <fluffypony> QA
[15:18] <fluffypony> good one
[15:19] <smooth> im sure they do QA the exploits to make sure they work
[15:19] <hegemoOn> yeah i can have some humor Smiley
[15:19] * mikezackles (~mikezackl@ec2-23-20-38-155.compute-1.amazonaws.com) has joined #monero-dev
[15:19] <hegemoOn> nuke1989: swithc to my pool
[15:19] <hegemoOn> im on the right side of the blockchain
[15:19] <hegemoOn> http://monero.coolmining.club
[15:19] <hegemoOn> the risk is that you will mine on a pool on the wrong side of the blockchain
[15:20] <hegemoOn> and never get reward
[15:20] <nuke1989> hegemoOn, okay
[15:21] <rfreeman_w> Gekz, https://github.com/rfree2monero/bitmonero/commit/b417abfb7a297d09f1bbb6de29030f8de9952ac8  that is my fix look at date, cryptonote was later Smiley   Will release nicer patch soon
[15:21] <Gekz> I saw that one.
[15:21] <Gekz> looking for the clean one.
[15:21] <Gekz> Tongue
[15:21] * Guest78271 has quit (Quit: leaving)
[15:23] * AJIekceu4_ (~AJIekceu4@91-203-170-146.broadband.sbor.net) has joined #monero-dev
[15:23] * TheNat (~bartek-de@84-10-39-162.static.chello.pl) has joined #monero-dev
[15:26] * EsteNuno (~EsteNuno@223.205.172.143) has joined #monero-dev
[15:27] * etc has quit (Quit: Page closed)
[15:27] * EsteNuno_ has quit (Ping timeout: 255 seconds)
[15:27] * sandor111 (uid42202@gateway/web/irccloud.com/x-ygkvlfwjjthorbkl) has joined #monero-dev
[15:27] * sandor111 has quit (Client Quit)
[15:27] * sandor111 (uid42202@gateway/web/irccloud.com/x-tbnhijsrcbhvctgf) has joined #monero-dev
[15:27] * osensei (~sensei@190.246.100.165) has joined #monero-dev
[15:28] * villabacho (~kvirc@bg-3.or.uni-bonn.de) has joined #monero-dev
[15:28] <hegemoOn> nuke1989: i dont see you Smiley
[15:29] * yo (2ebd2702@gateway/web/cgi-irc/kiwiirc.com/ip.46.189.39.2) has joined #monero-dev
[15:29] * yo is now known as Guest31350
xulescu
Sr. Member
****
Offline Offline

Activity: 263
Merit: 250


View Profile
September 04, 2014, 03:05:49 PM
 #12778


ot: interesting how quick people are starting to worship the blockchain, viewed as an untouchable entity from above. i tought this tech was made to
give us, the people, the power back to decide
. what sense does it make if we don't use this power but replacing the authority enslavement by an
blockchain enslavement?


The bolded part is indeed part of what the whole point is. The part which is also italicized is not precisely true. The tech is made to PREVENT arbitrary "us, the people" from deciding. That's why there is a consensus protocol.

interesting and i thought i can decide by which client i am running on my box and therefore which chain i am supporting. isn't this what you would call a free decision?

You raise a valid point. However, you make the free decision to accept or not the blockchain as absolute. If most people do, then consensus is achieved. You are free to limit your freedom when you decide which client you are running. The network works best when most people agree with the blockchain as a superior truth. In a sense, it is a mutual-relinquishment of freedom: if I accept that the blockchain is absolute (including over me), and you accept the same thing, and the blockchain is immutable, then we can trade with no trust. This is the Byzantine Generals problem. I don't trust anyone to make choices in my name. So I decide it is better if nobody, not even I, can.

It is not too dissimilar to a hypothetical of leaving your weapons in the lobby when you enter the council chamber. You are not free to carry them, but nobody else is. Everyone is free to decide whether they accept this arrangement or not.
sleepdog
Full Member
***
Offline Offline

Activity: 183
Merit: 100


View Profile
September 04, 2014, 03:10:56 PM
 #12779

Any sign of a Win 64 blockchain download?

Just re-did mine from the one in the 1st post and it ended up on the wrong fork...
rpietila
Donator
Legendary
*
Offline Offline

Activity: 1722
Merit: 1036



View Profile
September 04, 2014, 03:14:17 PM
 #12780

Oh well price will obviously fall. Price will obviously come back. The time frame that this will happen is unclear. One things is sure. Panic sellers and panic buyers will lose...

I believe that MP and the XMR markets on Poloniex have operated continuously with no substantive price movement.  The moonshot may resume uninterrupted.

Mintpal price is about 0.00415 now, HitBTC was frozen at 0.00380 after some had dumped on low volume (2,500 XMR) at the last moment.

All I ask is that the most reputable and highest-volume exchange, Poloniex, would:
- announce the resumption of trading at least 1 hour in advance;
- allow traders to enter orders during this time;
- arrange a market-clearing procedure at the moment when the trading starts, so that the existing bids and asks that coincide, would be matched with each other at the midprice that clears all of them, to not favor sellers or buyers.

HIM TVA Dragon, AOK-GM, Emperor of the Earth, Creator of the World, King of Crypto Kingdom, Lord of Malla, AOD-GEN, SA-GEN5, Ministry of Plenty (Join NOW!), Professor of Economics and Theology, Ph.D, AM, Chairman, Treasurer, Founder, CEO, 3*MG-2, 82*OHK, NKP, WTF, FFF, etc(x3)
Pages: « 1 ... 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 [639] 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 ... 2127 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!