Trinibits
|
|
August 10, 2014, 08:43:59 AM |
|
I found and solved a small leak in the packet routing. Probably most of you missed it too, I did. I was using the session's public and private keys to encrypt packets. I mean that's what there there for, so I didnt think it through enough.
The "problem" is that in order to not require the receiver to have to know who the packet is coming from (that would also be an info leak), I put in plain text the public key. I figured it is the key you are publishing as the one for people to use when encrypting to your "post office box". So not really a giant leak, but since it is in plain text, an attacker can relatively easily build up a database of IP address to public key mappings (assuming they are logging all the UDP packets on the Internet between all the privacyServers). Maybe this is harmless, but if I can close this leak I think it is better.
The answer is related to the problem of having the public key in plain text for the broadcast method. In this case, there is no IP address divulged, but everybody sees that such and such address is sending a packet to someone. Again, why leak this info.
I must have been tired when I coded the initial version as the answer is quite simple. All I have to do is generate a brand new one time keypair for each packet. Since I put the public key in plain text there is no need for anybody to keep track of them and it is perfect for one time use. Now with this simple change, both leaks are totally gone.
What the attacker sees is that some random public key is sending a packet to some IP address, which then might be rerouting it or processing it.
That was bugging me for a while. Dont you feel better now? I sure do!
James
I feel better everytime you write your techie stuff bruv lol
|
|
|
|
|
|
You get merit points when someone likes your post enough to give you some. And for every 2 merit points you receive, you can send 1 merit point to someone else!
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
pvnamk19
|
|
August 10, 2014, 08:45:08 AM |
|
Silly question: What does HODL stand for? (I first ran across it here & thought it a typo...) Hold On for Dear Life or Hold On for Dark Life (us?)
|
|
|
|
cryptillian
|
|
August 10, 2014, 08:58:55 AM |
|
waiting and waiting.. just as many of us wait for half life 3, you know its gonna be awesome but the waiting makes you hate it.
|
|
|
|
|
SumthngsWrong
|
|
August 10, 2014, 09:38:00 AM |
|
waiting and waiting.. just as many of us wait for half life 3, you know its gonna be awesome but the waiting makes you hate it.
Half Life- maaaan that takes me back. Except, well, fuck that Orange Box.
|
|
|
|
cryptillian
|
|
August 10, 2014, 09:58:23 AM |
|
waiting and waiting.. just as many of us wait for half life 3, you know its gonna be awesome but the waiting makes you hate it.
Half Life- maaaan that takes me back. Except, well, fuck that Orange Box. yes! i like you already !there is a hl2 engine remake of hl1 and free. just a tip until you might consider to stop your staking and sell out for some lousy btc's
|
|
|
|
bitkokos
|
|
August 10, 2014, 10:00:45 AM |
|
New logo reminds me of a local cafe
|
O_o
|
|
|
SumthngsWrong
|
|
August 10, 2014, 10:16:56 AM |
|
waiting and waiting.. just as many of us wait for half life 3, you know its gonna be awesome but the waiting makes you hate it.
Half Life- maaaan that takes me back. Except, well, fuck that Orange Box. yes! i like you already !there is a hl2 engine remake of hl1 and free. just a tip until you might consider to stop your staking and sell out for some lousy btc's i remember hearing about that, then life got in the way and I forgot. Dwnldng now. Thanks for the reminder- this will be cool.
|
|
|
|
alxx77
Member
Offline
Activity: 95
Merit: 10
|
|
August 10, 2014, 11:03:54 AM |
|
Ha ha, I was thinking about cashing out a half of coins when it reached 0.005 - could've made 10 BTC easy money I'm just banging my head because I didn't have many easily accessible BTC's few weeks ago when price was 0.0005... I would be drinking some nice champagne right now Anyway, I will stick to that plan
|
|
|
|
darylluke
|
|
August 10, 2014, 11:33:06 AM |
|
jl777 i love reading your posts but i dont understand any of it! keep up making me feel stupid. i do understand the market and yeah this is gonna be a wild ride. i would say hodl and maybe swingtrade 5$ a coin easely..
EDUCATE yourself, bro.(if he makes u feel stoopit) Otherwise, fuck the FUD. Pretty tricky if you are a fudster.... People here are NOT here for advice on swingtrades, but support this coin. Everything else is hot air. Blow it elsewhere slickster. ~darylluke.
|
|
|
|
snakey
Legendary
Offline
Activity: 1386
Merit: 1001
|
|
August 10, 2014, 11:37:32 AM |
|
Ha ha, I was thinking about cashing out a half of coins when it reached 0.005 - could've made 10 BTC easy money I'm just banging my head because I didn't have many easily accessible BTC's few weeks ago when price was 0.0005... I would be drinking some nice champagne right now Anyway, I will stick to that plan Dont worry man, you can cash out when its $100+ coin
|
|
|
|
paulthetafy
|
|
August 10, 2014, 11:46:40 AM |
|
This price manipulation is starting to piss me off. Every time I start to put up buy walls to support the price, I get dumped into and then all the buy walls underneath get pulled too causing the price to drop significantly. I now have a chunk of BTCD that is worth less than what I bought it for. I'm done trading it now. I'll hold for a month and stop being pushed around by the pump and dumpers.
|
|
|
|
Juicemixer
Member
Offline
Activity: 82
Merit: 10
|
|
August 10, 2014, 11:53:12 AM |
|
NXT coins are at decently low price compared to what they were last week. If you are planning on purchasing anon card assets then it's a great time to do it.
|
|
|
|
pvnamk19
|
|
August 10, 2014, 12:07:08 PM |
|
Hic, down to 0.002x?
|
|
|
|
mikesbmw
|
|
August 10, 2014, 12:25:52 PM |
|
Hic, down to 0.002x?
That is within possibilities yes and a far more sustainable level.
|
|
|
|
martinyin
|
|
August 10, 2014, 12:40:30 PM |
|
Hic, down to 0.002x?
yes, possible, so what? i will buy in definitely.
|
Am I spamming? Report me!
|
|
|
frohlocke
Newbie
Offline
Activity: 51
Merit: 0
|
|
August 10, 2014, 01:33:10 PM |
|
Be greedy when everybody is fearful, be fearful when everybody is greedy WB
|
|
|
|
frohlocke
Newbie
Offline
Activity: 51
Merit: 0
|
|
August 10, 2014, 01:41:47 PM |
|
Buyers strike. oversold. Latest quote far away from moving average.
|
|
|
|
oreoeater
Member
Offline
Activity: 113
Merit: 10
|
|
August 10, 2014, 01:44:35 PM |
|
Silly question: What does HODL stand for? (I first ran across it here & thought it a typo...) HODL means 'to hold' the misspelling is deliberate, implying a certain vigor in 'holding and not selling your coins' often used in face of perceived market ambivalence. In layman's terms: Don't sell your coins, they will increase in value even if the current market conditions make You think otherwise. Bitcoindark a prime example of a coin to hodl 😊 Hodl actually came from the old Bitcointalk thread https://bitcointalk.org/index.php?topic=375643.0. It was posted by someone who had a few too much too drink It stuck and we had al sorts of funny memes. I'm HODLING! haha embarassing moment but in my head I always referred it to Hodor in Game of Thrones
|
|
|
|
martinyin
|
|
August 10, 2014, 01:49:58 PM |
|
Be greedy when everybody is fearful, be fearful when everybody is greedy WB so currently, is everybody fearful or greedy?
|
Am I spamming? Report me!
|
|
|
|