Bitcoin Forum
November 11, 2024, 05:20:02 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Poll
Question: Will you support Gavin's new block size limit hard fork of 8MB by January 1, 2016 then doubling every 2 years?
1.  yes
2.  no

Pages: « 1 ... 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 [293] 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 ... 1557 »
  Print  
Author Topic: Gold collapsing. Bitcoin UP.  (Read 2032243 times)
notme
Legendary
*
Offline Offline

Activity: 1904
Merit: 1002


View Profile
October 15, 2013, 03:12:21 PM
 #5841

If there are no catastrophic events, the "Internet kill switch" will be a moot issue within three years. There may still be the potential for continental separation, but methods exist for communication even at transoceanic distances without relying on cables or satellites. With geographically diversified mining resources, Bitcoin will be effectively unbreakable at that point.

That is when Bitcoin will start truly eroding gold's position as a monetary asset, after fiat currencies have been proven bettered by crypto.

Now you have brought up an interesting problem: can someone(e.g., superpowerful alphabet agencies) actually manage to exert control on the whole network by manipulating what's being sent through the cables? Maybe when we get all super-rich with bitcoins we need to construct our own submarine fiber systems, secured by quantum cryptography which is resistant to both sabotage and quantum computing.

Well that's the thing. He's talking about radio waves.

Not sure how manipulable those are.

You still have limited range and routers/repeaters.  That's where the network is vulnerable to manipulation.

https://www.bitcoin.org/bitcoin.pdf
While no idea is perfect, some ideas are useful.
vokain
Legendary
*
Offline Offline

Activity: 1834
Merit: 1019



View Profile WWW
October 15, 2013, 03:59:27 PM
 #5842

lasers + satellites  Smiley
cypherdoc (OP)
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
October 15, 2013, 04:10:00 PM
 #5843

If there are no catastrophic events, the "Internet kill switch" will be a moot issue within three years. There may still be the potential for continental separation, but methods exist for communication even at transoceanic distances without relying on cables or satellites. With geographically diversified mining resources, Bitcoin will be effectively unbreakable at that point.

That is when Bitcoin will start truly eroding gold's position as a monetary asset, after fiat currencies have been proven bettered by crypto.

Now you have brought up an interesting problem: can someone(e.g., superpowerful alphabet agencies) actually manage to exert control on the whole network by manipulating what's being sent through the cables? Maybe when we get all super-rich with bitcoins we need to construct our own submarine fiber systems, secured by quantum cryptography which is resistant to both sabotage and quantum computing.

Well that's the thing. He's talking about radio waves.

Not sure how manipulable those are.

You still have limited range and routers/repeaters.  That's where the network is vulnerable to manipulation.

i guess the thinking goes that if and when the entire internet is down, the gubmint will have it's hands full trying to bring it back up, let alone trying to take meshnets down.
thezerg
Legendary
*
Offline Offline

Activity: 1246
Merit: 1010


View Profile
October 15, 2013, 04:15:04 PM
 #5844

lasers + satellites  Smiley

To the moon.  And here I would have linked an article about the experimental 100+mB laser link to the LADEE satellite but the site is down because of the USG partial shutdown.  Its amazing how these government computers require constant human intervention whereas my servers run for weeks, even a whole year, without any intervention.  I have visions of uniformed employees running in man sized gerbil exercisers powering these devices...
cypherdoc (OP)
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
October 15, 2013, 04:37:21 PM
 #5845

lasers + satellites  Smiley

To the moon.  And here I would have linked an article about the experimental 100+mB laser link to the LADEE satellite but the site is down because of the USG partial shutdown.  Its amazing how these government computers require constant human intervention whereas my servers run for weeks, even a whole year, without any intervention.  I have visions of uniformed employees running in man sized gerbil exercisers powering these devices...

zerg, thanx for keeping us updated.

how hard would it be to graph the results?  we must be close to an all time high?
notme
Legendary
*
Offline Offline

Activity: 1904
Merit: 1002


View Profile
October 15, 2013, 04:58:25 PM
 #5846

If there are no catastrophic events, the "Internet kill switch" will be a moot issue within three years. There may still be the potential for continental separation, but methods exist for communication even at transoceanic distances without relying on cables or satellites. With geographically diversified mining resources, Bitcoin will be effectively unbreakable at that point.

That is when Bitcoin will start truly eroding gold's position as a monetary asset, after fiat currencies have been proven bettered by crypto.

Now you have brought up an interesting problem: can someone(e.g., superpowerful alphabet agencies) actually manage to exert control on the whole network by manipulating what's being sent through the cables? Maybe when we get all super-rich with bitcoins we need to construct our own submarine fiber systems, secured by quantum cryptography which is resistant to both sabotage and quantum computing.

Well that's the thing. He's talking about radio waves.

Not sure how manipulable those are.

You still have limited range and routers/repeaters.  That's where the network is vulnerable to manipulation.

i guess the thinking goes that if and when the entire internet is down, the gubmint will have it's hands full trying to bring it back up, let alone trying to take meshnets down.

I agree there.  It would be good if bitcoin natively used secure sockets and random ports.  It isn't very susuceptible to manipulating packet contents, but at some point we may want it to be harder to identify bitcoin traffic.

https://www.bitcoin.org/bitcoin.pdf
While no idea is perfect, some ideas are useful.
cypherdoc (OP)
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
October 15, 2013, 05:16:12 PM
 #5847

If there are no catastrophic events, the "Internet kill switch" will be a moot issue within three years. There may still be the potential for continental separation, but methods exist for communication even at transoceanic distances without relying on cables or satellites. With geographically diversified mining resources, Bitcoin will be effectively unbreakable at that point.

That is when Bitcoin will start truly eroding gold's position as a monetary asset, after fiat currencies have been proven bettered by crypto.

Now you have brought up an interesting problem: can someone(e.g., superpowerful alphabet agencies) actually manage to exert control on the whole network by manipulating what's being sent through the cables? Maybe when we get all super-rich with bitcoins we need to construct our own submarine fiber systems, secured by quantum cryptography which is resistant to both sabotage and quantum computing.

Well that's the thing. He's talking about radio waves.

Not sure how manipulable those are.

You still have limited range and routers/repeaters.  That's where the network is vulnerable to manipulation.

i guess the thinking goes that if and when the entire internet is down, the gubmint will have it's hands full trying to bring it back up, let alone trying to take meshnets down.

I agree there.  It would be good if bitcoin natively used secure sockets and random ports.  It isn't very susuceptible to manipulating packet contents, but at some point we may want it to be harder to identify bitcoin traffic.

let me ask your opinion and that of the other tech experts here on something runeks said over in Reddit.

that by putting one's wallet inside a VM, it becomes much more secure, if not impossible for a gubmint entering your pc via the VM to get out of it and access your IP address thru the native OS and connected router.  is this accurate?  and does it depend on whether one's network adapter uses NAT or bridged?

i have been assuming this is the case since day 1.
Adrian-x
Legendary
*
Offline Offline

Activity: 1372
Merit: 1000



View Profile
October 15, 2013, 05:23:17 PM
 #5848

Thinking about it from a user perspective (I'm no programmer) it looks like a VM is way more secure if you always run the VM HD of a removable drive.  You will also have to be more careful to backup more often.

Thank me in Bits 12MwnzxtprG2mHm3rKdgi7NmJKCypsMMQw
justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1013



View Profile
October 15, 2013, 05:24:47 PM
 #5849

that by putting one's wallet inside a VM, it becomes much more secure, if not impossible for a gubmint entering your pc via the VM to get out of it and access your IP address thru the native OS and connected router.  is this accurate?
If you know exactly what you're doing when you set up the virtualized environment and make no mistakes, and if there are no zero-day exploits in your host OS virtualization software, and if whatever method you use to allow the guest OS to talk to the network at large is perfectly anonymous and private, then maybe that's true.
cypherdoc (OP)
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
October 15, 2013, 05:42:56 PM
 #5850

that by putting one's wallet inside a VM, it becomes much more secure, if not impossible for a gubmint entering your pc via the VM to get out of it and access your IP address thru the native OS and connected router.  is this accurate?
If you know exactly what you're doing when you set up the virtualized environment and make no mistakes, and if there are no zero-day exploits in your host OS virtualization software, and if whatever method you use to allow the guest OS to talk to the network at large is perfectly anonymous and private, then maybe that's true.


i know you know what you're talking about so please give us recommendations.  like the NAT vs bridged?  what about Shared Folders?  a no no?  what do you think about VMWare Fusion?
thezerg
Legendary
*
Offline Offline

Activity: 1246
Merit: 1010


View Profile
October 15, 2013, 05:49:56 PM
 #5851

with a wallet in a VM, two attack vectors exist:

First, through the host computer into the file that backs the file system of the guest.  At this point I would guess that this attack is unlikely in a security through obscurity sense -- because the attacker would have difficulty determining which VM hosted your wallet, have difficulty either downloading the 50GB backing file or parsing the guest file system on the host.  But if the attacker KNEW you had bitcoins, as opposed to a drive-by that just grabs whatever presents itself, it would be much more likely.  A successful attack through the host essentially requires human agent interaction, as opposed to the automated process of searching for a wallet.dat file...

Second, into the VM directly.  It is assumed that you are running your wallet in the VM to isolate it.  So the attack surface is much smaller than the host, hopefully uses a less popular OS (AKA Linux), and is reduced functionality both in the programs you are running and the ports that are open.  Don't be surfing random bitcoin info (with a little "present") sites in a browser inside your guest computer!!!

WRT your question:

If an attacker is in your VM, it would very easy to figure out your IP address.  Just send a UDP packet somewhere.  Your home gateway is not set up to filter outgoing packets, but it will rewrite the "from" IP address during NAT traversal.  Better to stop people from getting in in the first place (see above).  But if you were a programmer, you could for example, modify the virtualbox or xen networking layer to only route through TOR.  But justus is correct, this would be susceptible to an attack through the rather large host/guest interface layer.  If you are really that paranoid, better to route all traffic through a single home-brew router that pushes everything (it lets through) into TOR and have router's setup and control be inaccessible except through console.

your other question: any technology capable of traversing the NAT between your home or office network and the rest of the internet is inherently capable of traversing the NAT between the host and guest.

PPS: doing your normal banking on a similarly isolated linux VM is also a pretty good idea... and it has the added bonus that a typical laptop thief won't check your browser history inside the VM for your bank info.



cypherdoc (OP)
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
October 15, 2013, 06:02:23 PM
 #5852

 A successful attack through the host essentially requires human agent interaction, as opposed to the automated process of searching for a wallet.dat file...


i assume an automated attack coming from the host for a wallet.dat would turn up nothing even with the VM open?

an even simpler question, encryption doesn't help an open VM, correct?
thezerg
Legendary
*
Offline Offline

Activity: 1246
Merit: 1010


View Profile
October 15, 2013, 06:14:06 PM
 #5853

 A successful attack through the host essentially requires human agent interaction, as opposed to the automated process of searching for a wallet.dat file...


i assume an automated attack coming from the host for a wallet.dat would turn up nothing even with the VM open?

an even simpler question, encryption doesn't help an open VM, correct?

In theory the agent on the host could have code that understands the linux file system and accesses it directly through the VM's disk image file which is on the host.  But in practice this isn't going to happen today.  Because that ability (accessing Linux file systems in windows) would be pretty valuable as a real product...

miscreanity
Legendary
*
Offline Offline

Activity: 1316
Merit: 1005


View Profile
October 15, 2013, 06:30:15 PM
 #5854

Qubes OS may be of interest.
manfred
Legendary
*
Offline Offline

Activity: 966
Merit: 1001


Energy is Wealth


View Profile
October 15, 2013, 06:32:48 PM
 #5855

do
{
         cout<<"Gold down.  Bitcoin UP";
}
while (bitcoin < Googol);


justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1013



View Profile
October 15, 2013, 06:40:48 PM
 #5856

i know you know what you're talking about so please give us recommendations.
I know enough to doubt my own ability to pull it off, although I do attempt to use virtualization to sandbox all my network-facing applications.

I have a workstation which I turned into a VM host system.

Instead of using a dedicated router, I plug my cable modem directly into this system, but the host doesn't talk to the modem directly. I run a Linux system in a VM which serves as the router/firewall.

That VM directs traffic onto a virtual DMZ network, where the other VMs which run services like Tor, I2P, Freenet, Bitcoind, and an OpenVPN client are able to send and receive packets directly over the ISP connection.

Behind the OpenVPN client is another virtual network where the VMs which are public-facing but which I do not want to see my ISP-provided IP address run (like Bitmessage). One of these VMs is also an internal firewall that allows the physical lan to access the internet via the VPN.

I've also got dedicated virtual networks for Tor and I2P communication.

I do ingress and egress packet filtering at the VM level and at the host level using iptables and ebtables.

In spite of all that, I'm not convinced that it's possible for me to fully contain the damage a compromised VM could cause.
notme
Legendary
*
Offline Offline

Activity: 1904
Merit: 1002


View Profile
October 15, 2013, 06:46:32 PM
 #5857

i know you know what you're talking about so please give us recommendations.
I know enough to doubt my own ability to pull it off, although I do attempt to use virtualization to sandbox all my network-facing applications.

I have a workstation which I turned into a VM host system.

Instead of using a dedicated router, I plug my cable modem directly into this system, but the host doesn't talk to the modem directly. I run a Linux system in a VM which serves as the router/firewall.

That VM directs traffic onto a virtual DMZ network, where the other VMs which run services like Tor, I2P, Freenet, Bitcoind, and an OpenVPN client are able to send and receive packets directly over the ISP connection.

Behind the OpenVPN client is another virtual network where the VMs which are public-facing but which I do not want to see my ISP-provided IP address run (like Bitmessage). One of these VMs is also an internal firewall that allows the physical lan to access the internet via the VPN.

I've also got dedicated virtual networks for Tor and I2P communication.

I do ingress and egress packet filtering at the VM level and at the host level using iptables and ebtables.

In spite of all that, I'm not convinced that it's possible for me to fully contain the damage a compromised VM could cause.

This should be a fairly thorough setup, as long as the host remains uncompromised.

A successful attack through the host essentially requires human agent interaction, as opposed to the automated process of searching for a wallet.dat file...


i assume an automated attack coming from the host for a wallet.dat would turn up nothing even with the VM open?

an even simpler question, encryption doesn't help an open VM, correct?

In theory the agent on the host could have code that understands the linux file system and accesses it directly through the VM's disk image file which is on the host.  But in practice this isn't going to happen today.  Because that ability (accessing Linux file systems in windows) would be pretty valuable as a real product...



It would be trivial to mount a VM disk image and scan it for wallet.dat's.  Also, if the VM is running, it is possible for code on the host system to read passwords from the VM's memory.

VM's are never protected from the host.

https://www.bitcoin.org/bitcoin.pdf
While no idea is perfect, some ideas are useful.
justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1013



View Profile
October 15, 2013, 06:50:29 PM
 #5858

This should be a fairly thorough setup, as long as the host remains uncompromised.
I assume that zero day exploits exist for every OS kernel, so that's always a possibility.
cypherdoc (OP)
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
October 15, 2013, 06:50:41 PM
 #5859

so am i, or am i not, obscuring a BTC transaction's IP address when running a wallet from a VM?
justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1013



View Profile
October 15, 2013, 06:52:11 PM
 #5860

so am i, or am i not, obscuring a BTC transaction's IP address when running a wallet from a VM?
When you spend bitcoins in your setup, via what path do those transactions make it to the rest of the network?
Pages: « 1 ... 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 [293] 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 ... 1557 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!