Wonder who this solominer is? 88.6.216.9

[molecular]

I think the true solution is:

RALLY THE PRICE UP,
BRINGING IN MORE MINERS,
OR WE ARE DEAD.

put your money where your mouth is, man

[1714508448]

1714508448

[1714508448]

1714508448

[rjk]

True, my memory isn't the best at times. It should however be possible to require that all blocks include more than one transaction as per one of the BIP proposals however then we are starting to move into the kind of regulation territory that I believe could quickly become detrimental to the project as a whole (and if this isn't workable with the current code feel free to spank me, I might even enjoy it  ), so this needs handling with extreme care.

This has been discussed ad nausaeum prior in this thread. The short answer is, if we require more than 1 tx, what is to stop the miner from sending coins to himself, which creates enough tx to make the block valid? The answer is nothing will stop such blocks. Read a few earlier posts for detailed discussion of your exact proposal.

[P4man]

Preventing miners from using unethically-sourced compute power is a different problem.  I'm sure plenty of people will have a problem with it, but I don't see any way to solve it.  If you know a way to distinguish botnets (once they are properly supporting the blockchain) from ethical miners, let us know.

Preventing is undoable and probably not even desirable. unethically-sourced is pretty vague, and its a thin line between a bot net, a borrowed, or rented PC.

However I wonder if there is a way we could help identify the victims of a bitcoin botnet somehow.  It may not be "bitcoin's job", but I also see no reason why we would not want to help law enforcement and AV companies to identify and take down these botnets. It would be good for bitcoin, and for the victims of these botnets.

I know luke published a patch that logs the IP of the relaying node, so that could be used to home in on the proxy being used to relay these blocks. Thats not a bad idea, but will probably not do a whole lot, as he switches proxies every few weeks. And its just a relaying proxy anyway, and most likely not the C&C node. Perhaps someone can think of a way to take it a step further to positively identify the IP of the machine that actually mined the bloc by somehow including it in the blockchain? Or of the machine that created the getworks ?

Just thinking out loud here.

[Revalin]

Agreed on all points.

Logging IPs may not help (they may be on TOR, or communicating through their C&C network to only submit hashes from a few IPs), but if we want to try I don't think Luke's patch is the way to go.  We don't need the whole network logging everything.  We just need to get that one node to log, and there's no need to turn on global logging to accomplish this.  Coercing him by deploying a patch and hoping he applies it is a precedent that I don't think should be set in this case.

I'd say the best way to go about it is get in contact with the relay node's ISP and inform them of the situation - and be clear that this particular person isn't the network C&C, please don't take them offline.  Just have them give the owner of that machine a call and ask them to join this thread.

[DeathAndTaxes]

True, my memory isn't the best at times. It should however be possible to require that all blocks include more than one transaction as per one of the BIP proposals

Simply requiring 2+ tx per block is beyond useless.  Mystery could circumvent that in a day or less (or at least I could).

[DeathAndTaxes]

I'd say the best way to go about it is get in contact with the relay node's ISP and inform them of the situation - and be clear that this particular person isn't the network C&C, please don't take them offline.  Just have them give the owner of that machine a call and ask them to join this thread.

Botnets are designed to be self healing. Say the ISP does take the node offline or even less likely decided to call the owner and ask them to look at an anonymous forum.  Say that node is patched airtight.

When the botnet loses its gateway it simply elvates another node of (as some have estimated 1.8 mlllion) its nodes.  If that one goes down it elevates another one.  If Botnets were easy to defeat they wouldn't exist.  People talk about the cost this botnet is causing (<$1M in miner revenue and slightly longer tx times).... that is nothing.

Botnets cause BILLIONS of dollars a year in lost productivity.  Billions as in >1000x any potential damage being caused to Bitcoin.  It is in the entire global community interest to eradicate them yet they still exist.

[Bigpiggy01]

This has been discussed ad nausaeum prior in this thread. The short answer is, if we require more than 1 tx, what is to stop the miner from sending coins to himself, which creates enough tx to make the block valid? The answer is nothing will stop such blocks. Read a few earlier posts for detailed discussion of your exact proposal.

Simply requiring 2+ tx per block is beyond useless.  Mystery could circumvent that in a day or less (or at least I could).

Absolutely right, I had Homer Simpson moment while writing that 

[cunicula]

I think the true solution is:

RALLY THE PRICE UP,
BRINGING IN MORE MINERS,
OR WE ARE DEAD.

The corollary here is that if the price drops substantially then the system is likely to be fucked. Or alternatively, just halve the block reward a couple times. That will do the trick too. Or any combination of these two. Will be interesting to see what the new year brings us!

[Revalin]

Say the ISP does take the node offline ... When the botnet loses its gateway ...

Read more carefully:

... and be clear that this particular person isn't the network C&C, please don't take them offline.  ...

I agree that it's a longshot for the ISP to pass a message to their customer, but if Mystery keeps using new relays we may eventually get one that will work with us.

Of course, the end result is we just get a long list of IPs.  Tracking those down and notifying them is an uphill battle, and not worth my time, but if other people are up to it I'm happy to help get them a hit list.

[molecular]

I agree that it's a longshot for the ISP to pass a message to their customer, but if Mystery keeps using new relays we may eventually get one that will work with us.

Do you think the botnet operator will be sending the blocks from his home connection or some valuable C&C server he has? I'm not so sure about that. He's probably realying them through one of the bots he controls. Isn't it even possible the bots inject the blocks themselves?

[Dusty]

[...]

Because of this, there was an almost 2 hour gap where no transactions received any confirmations, due to the 1tx miner orphaning legit blocks with their chain.

EDIT/UPDATE:  My real problem with this is that it appears to be a deliberate orphaning of the chain.  173692 and 173693 were found roughly 20 minutes before 71.123.170.150's blocks showed up on the network.

Thank you very much for the re-explaination of the problem, much appreciated.
Is it possible to have the dump of those excluded blocks so to reply them for client development and verify the correctness of chain reorg?

I'm inclined to think that MM could do this "attack" only because no blocks were found in the whole network for around an hour, but I suppose this is statistically irrelevant, so I don't think this is a problem.

Also, I don't think that the date of the block is relevant too: the longest chain wins anyway, and a different time stamp would had no effect on the reorganisation of the chain, isn't?

[Revalin]

He's probably realying them through one of the bots he controls. Isn't it even possible the bots inject the blocks themselves?

Yes, I agree - the goal isn't to find the C&C (modern botnets are using decentralized C&C anyway), just to get a list of drones.  I personally think it's not worthwhile to hunt them down one at a time, but other people may be inclined.

[ribuck]

I personally think it's not worthwhile to hunt them down one at a time...

Is it even possible? The network only hears from a compromised machine when it finds a block, and that machine will probably never find another block. It never hears from the 999,999 compromised machines that are CPU-mining and haven't found a block, yet any of those silent machines might be the one that finds the next block.

[Revalin]

They still have to access the Bitcoin network to get the previous block so they can work on it.  I'm hoping they're getting it from the same node.  If it's being distributed through their C&C network, we lose.

[Nim]

Considering the rate of 1txn blocks, wasn't it statistically inevitable that this would happen? I'd say that only if it happens again and we do the math and find that it is happening at a rate that is extremely unlikely by chance should we consider this to be "enemy action".

[conspirosphere.tk]

Considering the rate of 1txn blocks, wasn't it statistically inevitable that this would happen? I'd say that only if it happens again and we do the math and find that it is happening at a rate that is extremely unlikely by chance should we consider this to be "enemy action".

[disclaimer201]

I think the true solution is:

RALLY THE PRICE UP,
BRINGING IN MORE MINERS,
OR WE ARE DEAD.

put your money where your mouth is, man

Another flaw here besides what would happen if the price crashes and many people stop mining: Drive the price up and MM has even more money at his disposal to extend his mining operation even faster (buy new fpgas, etc)! Considering falling subsidies for solar power, it could also be a solar park in Spain with an abundance of electricity.

In contrast to others I don't think ignoring it would be the best idea. Having read the Reuters article from today I'm wondering are we really so naive to think banking cartels are aware of Bitcoin and will continue to consider it too small to be a threat?

It could be an entity who is backed by a financial institution, government, or a billionaire who uses the system against itself. Reinvest revenues directly into more mining power until it passes the 51%. Then what? Game over? (Banking)-Terrorists win.

Edit: Fixed some typos.

[DeathAndTaxes]

I think the true solution is:

RALLY THE PRICE UP,
BRINGING IN MORE MINERS,
OR WE ARE DEAD.

put your money where your mouth is, man

Another flaw here besides what would happen if the price crashes and many people stop mining: Drive the price up and MM has even more money at its disposal to extend his mining operation even faster (buy new fpgas, etc)! Considering falling subsidies for solar power, it could also be a solar park in Spain with an abundance of electricity.

In contrast to others I don't think ignoring it would be the best idea. Having read the Reuters article from today I'm wonderung are we really so naive to think banking cartels are aware of Bitcoin and will continue to consider it too small to be a threat?

It could be an entity who is backed by a financial institution, government, or a billionaire who uses the system against itself. Reinvest revenues directly into more mining power until it passes the 51%. Then what? Game over? (Banking)-Terrorists win.

You can't kill ideas.  

Napster -> Limewire -> Bit torrent.  Torrents today are 1000x more popular than Napster was.  
Killing napster was a horribly short sighted move.  Regulating and controlling it would have had a higher ROI%.

Napster's critical flaw was the central server.  When Napster imploded the obvious target for future designs was .... no central server.

If something does 51% attack Bitcoin then the "next Bitcoin" will be 51% proof/resistant.  Proof of work can be enhanced by proof of stake or even more exotic concepts like proof of reputation.

You don't kill something that isn't revolutionary.  Someone trying to kill Bitcoin simply reinforces the concept that this is something that can change the world.  People tend not to abandon world changing concepts.

[disclaimer201]

I think the true solution is:

RALLY THE PRICE UP,
BRINGING IN MORE MINERS,
OR WE ARE DEAD.

put your money where your mouth is, man

Another flaw here besides what would happen if the price crashes and many people stop mining: Drive the price up and MM has even more money at its disposal to extend his mining operation even faster (buy new fpgas, etc)! Considering falling subsidies for solar power, it could also be a solar park in Spain with an abundance of electricity.

In contrast to others I don't think ignoring it would be the best idea. Having read the Reuters article from today I'm wonderung are we really so naive to think banking cartels are aware of Bitcoin and will continue to consider it too small to be a threat?

It could be an entity who is backed by a financial institution, government, or a billionaire who uses the system against itself. Reinvest revenues directly into more mining power until it passes the 51%. Then what? Game over? (Banking)-Terrorists win.

You can't kill ideas.  

Napster -> Limewire -> Bit torrent.  Torrents today are 1000x more popular than Napster was.  
Killing napster was a horribly short sighted move.  Regulating and controlling it would have had a higher ROI%.

Napster's critical flaw was the central server.  When Napster imploded the obvious target for future designs was .... no central server.

If something does 51% attack Bitcoin then the "next Bitcoin" will be 51% proof/resistant.  Proof of work can be enhanced by proof of stake or even more exotic concepts like proof of reputation.

You don't kill something that isn't revolutionary.  Someone trying to kill Bitcoin simply reinforces the concept that this is something that can change the world.  People tend not to abandon world changing concepts.

I'm not worried about the idea. I'm worried about Bitcoin. It won't help us if we have invested our money in BTC. You and me likely won't trust 'BTC2' if 'BTC' fails, or would we? Such a failure would kill most of the trust in such a currency for a very long time. Long enough for banks to come up with their own system. What is to stop banks from copying this type of transaction verification system anyway? It won't be democratic, but it will probably 'work'. Even worse, they already have the trust of most people since everybody needs to rely on them (who doesn't need a bank nowadays besides cellphone-banking Africans?). Last time I checked the news, they are also trusted by the world's governments in the sphere of trillion dollar bail-out packages. All I'm saying is we might not get a second chance. Bitcoin should better not fail. Even if banks can't kill it, I'm certain they will try hard to somehow corrupt it.

[DeathAndTaxes]

Banks don't need a blockchain.  The purpose of a blockchain is to provide consensus in an anonymous decentralized environment without any central authority.

Banks using a blockchain makes about as much sense as dictatorship holding annual elections with only 1 candidate on the ballot.