Bitcoin Forum
December 06, 2016, 06:06:24 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3]  All
  Print  
Author Topic: Is the Bitcoin Community Under Attack?  (Read 3701 times)
bittenbob
Hero Member
*****
Offline Offline

Activity: 560


View Profile
January 18, 2012, 05:32:47 AM
 #41

I haven't googled anything and am going completely by memory. I rarely ever use wikipedia and especially not for technical matters. If you want to fake a handshake you will need to spoof IP and mac addresses. I am afraid it is you who doesn't know WTF you are talking about.

By the way Theymos, this thread is getting out of control and has nothing to do with the OP so feel free to lock it.
Then maybe you should start using Google. First off, just to get past the TCP handshake you need to be able to capture the response. As for the SSL handshake, you need the site's private key, otherwise all you'll get back is gibberish. And without knowing what that gibberish decrypts to, you can't send a response that will make any sense to the client. Since you are apparently good at cracking private keys, why don't you just start taking bitcoins?

Edit: I think my SSL is actually backward, and it's the client that sends their encryption key using the site's pubic key to encrypt it. But, that's just semantics.

This is all irrelevant to the OP once again. It would be possible to fake if someone got the cert from MTGox. They were hacked in the past and stolen certs is part of how the Stuxnet virus worked. I haven't hacked in a while and have no intention to do so any time soon. Stealing Bitcoins is a lot harder than MTIM for MTGox API and if someone could do it, it would have been done by now. I am not a thief either so even if I could I wouldn't out of morality.

It would be nice if MTGox put out a statement directly saying what happened when the API was cycling between 6 and 7 then disappeared. It would also put any speculation to rest.

I was worried while that was happening that the site was being hacked in some way and was shitting my pants about the relatively small amount of money and bitcoins i have on there. I still have them on there if that tells you something.
1481047584
Hero Member
*
Offline Offline

Posts: 1481047584

View Profile Personal Message (Offline)

Ignore
1481047584
Reply with quote  #2

1481047584
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481047584
Hero Member
*
Offline Offline

Posts: 1481047584

View Profile Personal Message (Offline)

Ignore
1481047584
Reply with quote  #2

1481047584
Report to moderator
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
January 18, 2012, 05:39:36 AM
 #42



Can anyone say... Certificate Revocation Lists (CRLs)! Hardware-based token storage! Fingerprints! Dedicated SSL appliances!
This is fun, I can go on all day. Grin

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
kjj
Legendary
*
Offline Offline

Activity: 1302



View Profile
January 18, 2012, 06:49:23 AM
 #43

MtGox's HTTPS will prevent any MITM attack unless the attacker compromises a CA or something.

Just curious theymos, what is your take on what was going on with all the charts when it was cycling in a loop between 6 and 7? After about 25 minutes those cycles were erased and the market sat at 6 until orders that were placed during the swings on the charts were executed.  Anything is possible and I have never seen anything like what happened today.

I will tell you exactly what happened today.  Ready?

Actually, gox just uses a queue with timestamps.  Their order matcher can fall behind during busy times.

When the queue is busy, everyone sees huge price swings and they try to place orders, but their orders are going to the queue, not the market.  The swings you are seeing right now on mtgoxlive.com are at least several minutes old already, possibly much older, and everyone frantically clicking their trade buttons and the bots scrambling to make sense of things are just making it worse.

I gave a much longer answer to (more or less) this same question several months ago.  Feel free to dig it out of my post history.  And, just to repeat myself:

It must be hell to be alive today with no clue about how anything at all really works.

p2pcoin: a USB/CD/PXE p2pool miner - 1N8ZXx2cuMzqBYSK72X4DAy1UdDbZQNPLf - todo
I routinely ignore posters with paid advertising in their sigs.  You should too.
bittenbob
Hero Member
*****
Offline Offline

Activity: 560


View Profile
January 18, 2012, 06:54:52 AM
 #44

MtGox's HTTPS will prevent any MITM attack unless the attacker compromises a CA or something.

Just curious theymos, what is your take on what was going on with all the charts when it was cycling in a loop between 6 and 7? After about 25 minutes those cycles were erased and the market sat at 6 until orders that were placed during the swings on the charts were executed.  Anything is possible and I have never seen anything like what happened today.

I will tell you exactly what happened today.  Ready?

Actually, gox just uses a queue with timestamps.  Their order matcher can fall behind during busy times.

When the queue is busy, everyone sees huge price swings and they try to place orders, but their orders are going to the queue, not the market.  The swings you are seeing right now on mtgoxlive.com are at least several minutes old already, possibly much older, and everyone frantically clicking their trade buttons and the bots scrambling to make sense of things are just making it worse.

I gave a much longer answer to (more or less) this same question several months ago.  Feel free to dig it out of my post history.  And, just to repeat myself:

It must be hell to be alive today with no clue about how anything at all really works.

Those swings were not real since they did not show up on the chart after. There was something that happened and it wasnt that. If it was simply that they were old the lines from the back and forth would be there. They disappeared as soon as trading became active again.
luv2drnkbr
Hero Member
*****
Offline Offline

Activity: 771



View Profile
January 18, 2012, 12:05:04 PM
 #45

@Eveofwar
Heh, everyone has a panic threshold.

Not too long ago I was at work. Not having enough work to do I checked bitcoinwatch. It showed a ridiculously low number of blocks/hour, something like 2.1
This got me thinking: wtf, better check the forums. Needless to say, the forums were down.
When I realized that MtGox was also down a red light went off and I immediately sent an alarming message to Gavin himself, describing the situation Smiley
Heck, when you're not at home you can't just take your time and research the situation carefully.

Why would you bother Gavin?  He surely would find out himself anyway.  He's done so much, don't pester the poor man!

BadBear
v2.0
Administrator
Legendary
*
Offline Offline

Activity: 1652



View Profile WWW
January 18, 2012, 12:46:57 PM
 #46

SSL is not the be all and end all. Handshakes can be captured and faked quite easily. Spoofing mac addresses is also very easy.


1Kz25jm6pjNTaz8bFezEYUeBYfEtpjuKRG | PGP: B5797C4F

Tired of annoying signature ads? Ad block for signatures
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
January 18, 2012, 01:44:48 PM
 #47

Can anyone say... Certificate Revocation Lists (CRLs)! Hardware-based token storage! Fingerprints! Dedicated SSL appliances!
This is fun, I can go on all day. Grin

Yeah which is why I asked how one could easily MITM a https site.  I guess it was too subtle.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
January 18, 2012, 05:58:29 PM
 #48

SSL is not the be all and end all. Handshakes can be captured and faked quite easily. Spoofing mac addresses is also very easy.



LOL!
bittenbob
Hero Member
*****
Offline Offline

Activity: 560


View Profile
January 18, 2012, 08:53:22 PM
 #49

Can anyone say... Certificate Revocation Lists (CRLs)! Hardware-based token storage! Fingerprints! Dedicated SSL appliances!
This is fun, I can go on all day. Grin

Yeah which is why I asked how one could easily MITM a https site.  I guess it was too subtle.

CRL's would only work if they knew it had been hijacked. Kind of like how a 0day exploit will usually only work once since it will be found and patched after it has been used.
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!