Gold collapsing. Bitcoin UP.

[Dragonkiller]

Litecoin getting destroyed.

[cypherdoc]

back in March i penned an update to my subs stating that this last downturn would serve to flush out most, if not all, the altscams.  it's necessary as this is a zero sum game and Bitcoin is being held back by the wasted flows of fiat to these unviable alternatives.  the fact that the oldest and biggest alt platform, Ripple, is going down is an even stronger argument that this trend is going to continue.

we'll see how far this will go.

[cypherdoc]

actually, i really mean this.

i don't think the gold/silver bimetallism historical example, as it relates to Litecoin, really applies today.  back then, the means for physical metals to transmit themselves seamlessly over wide geographical regions was severely hampered and the supplies of these metals were short.  hence, silver needed to supplement gold in certain regions as it's similar properties were close enough to that of gold's to make them viable alternatives.

contrast with what we have with Bitcoin.  an infinitely divisible supply (if necessary) for all our needs, instant and seamless transmission worldwide that can touch anyone with a cellphone, and a programmable nature that if and when a new market driven feature is advanced that is in significant demand, it can and will be grafted onto the main Bitcoin protocol.

we only need one.

[cypherdoc]

[cypherdoc]

Code:

// START_DEFINITION
/**
 * Fingerprint Tor authoritative directories enacting the directory protocol.
 */
fingerprint('anonymizer/tor/node/authority') = $tor_authority
  and ($tor_directory or preappid(/anonymizer\/tor\/directory/));
// END_DEFINITION

// START_DEFINITION
/*
Global Variable for Tor foreign directory servers. Searching for potential Tor
clients connecting to the Tor foreign directory servers on ports 80 and 443.
*/

$tor_foreign_directory_ip = ip('193.23.244.244' or '194.109.206.212' or
'86.59.21.38' or '213.115.239.118' or '212.112.245.170') and port ('80' or
'443');
// END_DEFINITION

// START_DEFINITION
/*
this variable contains the 3 Tor directory servers hosted in FVEY countries.
Please do not update this variable with non-FVEY IPs. These are held in a
separate variable called $tor_foreign_directory_ip. Goal is to find potential
Tor clients connecting to the Tor directory servers.
*/
$tor_fvey_directory_ip = ip('128.31.0.39' or '216.224.124.114' or
'208.83.223.34') and port ('80' or '443');
// END_DEFINITION


// START_DEFINITION
requires grammar version 5
/**
 * Identify clients accessing Tor bridge information.
 */
fingerprint('anonymizer/tor/bridge/tls') =
ssl_x509_subject('bridges.torproject.org') or
ssl_dns_name('bridges.torproject.org');

/**
 * Database Tor bridge information extracted from confirmation emails.
 */
fingerprint('anonymizer/tor/bridge/email') =
email_address('bridges@torproject.org')
  and email_body('https://bridges.torproject.org/' : c++
  extractors: {{
    bridges[] = /bridge\s([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}):?([0-9]{2,4}?[^0-9])/;
  }}
  init: {{
    xks::undefine_name("anonymizer/tor/torbridges/emailconfirmation");
  }}
  main: {{
    static const std::string SCHEMA_OLD = "tor_bridges";
    static const std::string SCHEMA_NEW = "tor_routers";
    static const std::string FLAGS = "Bridge";
    if (bridges) {
      for (size_t i=0; i < bridges.size(); ++i) {
        std::string address = bridges[i][0] + ":" + bridges[i][1];
        DB[SCHEMA_OLD]["tor_bridge"] = address;
        DB.apply();
        DB[SCHEMA_NEW]["tor_ip"] = bridges[i][0];
        DB[SCHEMA_NEW]["tor_port_or"] = bridges[i][1];
        DB[SCHEMA_NEW]["tor_flags"] = FLAGS;
        DB.apply();
      }
      xks::fire_fingerprint("anonymizer/tor/directory/bridge");
    }
    return true;
  }});
// END_DEFINITION


// START_DEFINITION
/*
The fingerprint identifies sessions visiting the Tor Project website from
non-fvey countries.
*/
fingerprint('anonymizer/tor/torpoject_visit')=http_host('www.torproject.org')
and not(xff_cc('US' OR 'GB' OR 'CA' OR 'AU' OR 'NZ'));
// END_DEFINITION


// START_DEFINITION
/*
These variables define terms and websites relating to the TAILs (The Amnesic
Incognito Live System) software program, a comsec mechanism advocated by
extremists on extremist forums.
*/

$TAILS_terms=word('tails' or 'Amnesiac Incognito Live System') and word('linux'
or ' USB ' or ' CD ' or 'secure desktop' or ' IRC ' or 'truecrypt' or ' tor ');
$TAILS_websites=('tails.boum.org/') or ('linuxjournal.com/content/linux*');
// END_DEFINITION

// START_DEFINITION
/*
This fingerprint identifies users searching for the TAILs (The Amnesic
Incognito Live System) software program, viewing documents relating to TAILs,
or viewing websites that detail TAILs.
*/
fingerprint('ct_mo/TAILS')=
fingerprint('documents/comsec/tails_doc') or web_search($TAILS_terms) or
url($TAILS_websites) or html_title($TAILS_websites);
// END_DEFINITION


// START_DEFINITION
requires grammar version 5
/**
 * Aggregate Tor hidden service addresses seen in raw traffic.
 */
mapreduce::plugin('anonymizer/tor/plugin/onion') =
  immediate_keyword(/(?:([a-z]+):\/\/){0,1}([a-z2-7]{16})\.onion(?::(\d+)){0,1}/c : c++
    includes: {{
      #include <boost/lexical_cast.hpp>
    }}
    proto: {{
      message onion_t {
        required string address = 1;
        optional string scheme = 2;
        optional string port = 3;
      }
    }}
    mapper<onion_t>: {{
      static const std::string prefix = "anonymizer/tor/hiddenservice/address/";

      onion_t onion;
      size_t matches = cur_args()->matches.size();
      for (size_t pos=0; pos < matches; ++pos) {
        const std::string &value = match(pos);
        if (value.size() == 16)
          onion.set_address(value);
        else if(!onion.has_scheme())
          onion.set_scheme(value);
        else
          onion.set_port(value);
      }

      if (!onion.has_address())
        return false;

      MAPPER.map(onion.address(), onion);
      xks::fire_fingerprint(prefix + onion.address());
      return true;
    }}
    reducer<onion_t>: {{
      for (values_t::const_iterator iter = VALUES.begin();
          iter != VALUES.end();
          ++iter) {
        DB["tor_onion_survey"]["onion_address"] = iter->address() + ".onion";
        if (iter->has_scheme())
          DB["tor_onion_survey"]["onion_scheme"] = iter->scheme();
        if (iter->has_port())
          DB["tor_onion_survey"]["onion_port"] = iter->port();
        DB["tor_onion_survey"]["onion_count"] = boost::lexical_cast<std::string>(TOTAL_VALUE_COUNT);
        DB.apply();
        DB.clear();
      }
      return true;
    }});

/**
 * Placeholder fingerprint for Tor hidden service addresses.
 * Real fingerpritns will be fired by the plugins
 *   'anonymizer/tor/plugin/onion/*'
 */
fingerprint('anonymizer/tor/hiddenservice/address') = nil;
// END_DEFINITION


// START_DEFINITION
appid('anonymizer/mailer/mixminion', 3.0, viewer=$ascii_viewer) =
        http_host('mixminion') or
        ip('128.31.0.34');
// END_DEFINITION

[kodtycoon]

actually, i really mean this.

i don't think the gold/silver bimetallism historical example, as it relates to Litecoin, really applies today.  back then, the means for physical metals to transmit themselves seamlessly over wide geographical regions was severely hampered and the supplies of these metals were short.  hence, silver needed to supplement gold in certain regions as it's similar properties were close enough to that of gold's to make them viable alternatives.

contrast with what we have with Bitcoin.  an infinitely divisible supply (if necessary) for all our needs, instant and seamless transmission worldwide that can touch anyone with a cellphone, and a programmable nature that if and when a new market driven feature is advanced that is in significant demand, it can and will be grafted onto the main Bitcoin protocol.

we only need one.

theres a lot of in demand features but nothing has ever been grafted onto the bitcoin protocol?

[kodtycoon]

back in March i penned an update to my subs stating that this last downturn would serve to flush out most, if not all, the altscams.  it's necessary as this is a zero sum game and Bitcoin is being held back by the wasted flows of fiat to these unviable alternatives.  the fact that the oldest and biggest alt platform, Ripple, is going down is an even stronger argument that this trend is going to continue.

we'll see how far this will go.

what about the likes of nxt or soon to be nem? they are far superior platforms nem being more so. what makes then "unviable" in your opinion?

[cypherdoc]

back in March i penned an update to my subs stating that this last downturn would serve to flush out most, if not all, the altscams.  it's necessary as this is a zero sum game and Bitcoin is being held back by the wasted flows of fiat to these unviable alternatives.  the fact that the oldest and biggest alt platform, Ripple, is going down is an even stronger argument that this trend is going to continue.

we'll see how far this will go.

what about the likes of nxt or soon to be nem? they are far superior platforms nem being more so. what makes then "unviable" in your opinion?

the POS initial distribution is deemed unfair by the market and the fact that mining favors those same creators will discourage new players from entering.

[kodtycoon]

back in March i penned an update to my subs stating that this last downturn would serve to flush out most, if not all, the altscams.  it's necessary as this is a zero sum game and Bitcoin is being held back by the wasted flows of fiat to these unviable alternatives.  the fact that the oldest and biggest alt platform, Ripple, is going down is an even stronger argument that this trend is going to continue.

we'll see how far this will go.

what about the likes of nxt or soon to be nem? they are far superior platforms nem being more so. what makes then "unviable" in your opinion?

the POS initial distribution is deemed unfair by the market and the fact that mining favors those same creators will discourage new players from entering.

nem has 3000 original stake holders and a new proof importance algo which means that the nodes that are more important to the network "mine/forge" more than those with simply more coins. which fixes the hoarding issues inherent in nxt. 3000 stake holders will get equal amounts, there was not an ipo, its was a "pay a fee, join the movement" sort of thing. so even the ipo does no favor those with better finances. also the stake holder list went through weeks of taint analysis and auditing to remove sock puppets.

edit: i think the market deems nem fair seeing as it was trading at 2k dollars per stake, pre alpha. i say "was" because the dollar value has fallen as btc and nxt fell. nem has stayed perfectly stable in term of nxt<>nemstake (stakes are traded on nxt AE @ 25-30k nxt per stake)

[Peter R]

what about the likes of nxt or soon to be nem? they are far superior platforms nem being more so. what makes then "unviable" in your opinion?

There is no known solution to the "nothing-at-stake" problem (also known as the "history-rewrite" problem) that all proof-of-stake (PoS) distributed consensus mechanisms suffer from.  This has been debated ad nauseum since the original thread on July 11, 2011: https://bitcointalk.org/index.php?topic=27787.0.  Current PoS coins get around this problem, for example, by having the developers sign blocks as valid (Peercoin) or by introducing regular blockchain checkpoints into the code (Nxt).  In other words, these PoS coins are not decentralized.

Even ignoring the nothing-at-stake problem, "dubious" is probably a better adjective than "superior" to describe these platforms.

[kodtycoon]

what about the likes of nxt or soon to be nem? they are far superior platforms nem being more so. what makes then "unviable" in your opinion?

There is no known solution to the "nothing-at-stake" problem (also known as the "history-rewrite" problem) that all proof-of-stake (PoS) distributed consensus mechanisms suffer from.  This has been debated ad nauseum since the original thread on July 11, 2011: https://bitcointalk.org/index.php?topic=27787.0.  Current PoS coins get around this problem, for example, by having the developers sign blocks as valid (Peercoin) or by introducing regular blockchain checkpoints into the code (Nxt).  In other words, these PoS coins are not decentralized.

Even ignoring the nothing-at-stake problem, "dubious" is probably a better adjective than "superior" to describe these platforms.

theres a bounty equal to the market cap of nxt. if it was doable. do you not think it would have been done?

https://nxtforum.org/general-discussion/bounty-for-successful-nothing-at-stake-attack/?topicseen

also.

https://nxtforum.org/general/how-does-nxt-fix-the-nothing-at-stake-problem/

[Peter R]

theres a bounty equal to the market cap of nxt. if it was doable. do you not think it would have been done?

...Current PoS coins get around this problem, for example, by having the developers sign blocks as valid (Peercoin) or by introducing regular blockchain checkpoints into the code (Nxt).  In other words, these PoS coins are not decentralized…

[NewLiberty]

I found it interesting to read the comments of the ghash owner who said that pulling a  double spend is actually quite difficult from an  internal technical stand point.

I  wonder what he was talking about?  

He means that he almost didn't get away with it the last few times. 

[rpietila]

nem has 3000 original stake holders and a new proof importance algo which means that the nodes that are more important to the network "mine/forge" more than those with simply more coins. which fixes the hoarding issues inherent in nxt. 3000 stake holders will get equal amounts, there was not an ipo, its was a "pay a fee, join the movement" sort of thing. so even the ipo does no favor those with better finances. also the stake holder list went through weeks of taint analysis and auditing to remove sock puppets.

All of this you could have avoided by just using a mechanism that requires you to pay the market value for any stake, such as a PoW..

[cypherdoc]

I found it interesting to read the comments of the ghash owner who said that pulling a  double spend is actually quite difficult from an  internal technical stand point.

I  wonder what he was talking about?  

He means that he almost didn't get away with it the last few times.  

Seriously though, can you explain to me the mechanics of an attack scenario that is technically and economically viable, repeatable, undetectable  and puts cash into his bank account as a result?

[NewLiberty]

The way the percentage is measured is more or less, after the fact.
Its done by looking at who solved the blocks.  You are proposing a way of measuring the hash power that went into that solve other than just estimating based on time and averages, numbers of have shes submitted, etc.

I thought it was measured  by who relayed the block?

Yes, precisely right.
Point being, it doesn't account for hash power that went into the solving (and ultimately the relay) or the amount of hashing in the pool, or any of that.  It is measured after the fact.
Thus preventing pools with "too high hash rate" is not even easily determinable.

Also there is what I think of as the "Tusken Raider" attack that GHash.io/CEX/Bitfury is currently doing to hide the amount of hash power in different pools.

[cypherdoc]

The way the percentage is measured is more or less, after the fact.
Its done by looking at who solved the blocks.  You are proposing a way of measuring the hash power that went into that solve other than just estimating based on time and averages, numbers of have shes submitted, etc.

I thought it was measured  by who relayed the block?

Yes, precisely right.
Point being, it doesn't account for hash power that went into the solving (and ultimately the relay) or the amount of hashing in the pool, or any of that.  It is measured after the fact.
Thus preventing pools with "too high hash rate" is not even easily determinable.

Also there is what I think of as the "Tusken Raider" attack that GHash.io/CEX/Bitfury is currently doing to hide the amount of hash power in different pools.

But then it's also possible that the threat is overestimated by that same logic.

Also, I've followed the story behind Bitfury because of his phenomenal success and rise to fame from his garage in Russia. Also because I hash with his units. If there was one rags to riches bitcoin success that wouldn't jeopardize his multi million dollar success story for a  cup of coffee double spend attack it would be him. Also, it looks like he will be selling shares  on Wall Street soon.

[NewLiberty]

I found it interesting to read the comments of the ghash owner who said that pulling a  double spend is actually quite difficult from an  internal technical stand point.

I  wonder what he was talking about?  

He means that he almost didn't get away with it the last few times.  

Seriously though, can you explain to me the mechanics of an attack scenario that is technically and economically viable, repeatable, undetectable  and puts cash into his bank account as a result?

There are many. Here is a simple one:
Lets pretend that there exists some bitcoin gambling sites where you send bitcoin as the mechanism of betting with immediate results knowable.
If a losing bet somehow never made it into the block chain, but the winning ones did might that be profitable?
If these are hidden within a large amount of betting, but just often enough to skew the odds in your favor so you have both house edge and betting control, all of the assets of such a gambling site could be siphoned out over time repeately.  Since the transaction record is the block chain itself for this site, and the individual bets are not preserved for some privacy sensitive reason, you get a scenario such as the one you requested.

More complex scenarios would also include being discovered, (rogue employee found a way around internal safeguards?) which then creates a confidence attack on the price.  But you knew ahead of time so you have a short position in place.  As well as buying lots of cheap LTC ahead of this and holding it as the backup currency with better mining diversity so as folks shift to that for security, you get to sell into the demand.
Managing the news cycle so as to create the right panic responses is also a piece of the game.

It is a small advantage in the security field to be blessed with an evil mind, and cursed with deep ethics.  The world appears broken to us, everywhere we look, but we don't step through the cracks, as they all lead to condemnation of ourselves, and one can never escape one's self.  

[NewLiberty]

The way the percentage is measured is more or less, after the fact.
Its done by looking at who solved the blocks.  You are proposing a way of measuring the hash power that went into that solve other than just estimating based on time and averages, numbers of have shes submitted, etc.

I thought it was measured  by who relayed the block?

Yes, precisely right.
Point being, it doesn't account for hash power that went into the solving (and ultimately the relay) or the amount of hashing in the pool, or any of that.  It is measured after the fact.
Thus preventing pools with "too high hash rate" is not even easily determinable.

Also there is what I think of as the "Tusken Raider" attack that GHash.io/CEX/Bitfury is currently doing to hide the amount of hash power in different pools.

But then it's also possible that the threat is overestimated by that same logic.

Also, I've followed the story behind Bitfury because of his phenomenal success and rise to fame from his garage in Russia. Also because I hash with his units. If there was one rags to riches bitcoin success that wouldn't jeopardize his multi million dollar success story for a  cup of coffee double spend attack it would be him. Also, it looks like he will be selling shares  on Wall Street soon.

Even if 100% righteous, one may still fall to coercion.

Of it it is merely money that motivates.  There are larger sums available, and at stake, than the market cap of bitcoin.
The centralization itself is the problem... Doesn't even matter if rags to riches guys are perfectly honest.  They are vulnerable if they love their kids, or parents, or anyone even themselves more than Bitcoin's integrity.

Installing centralized banking control over a population has been done with wars and assassinations and all manor of wickedness.  A Double spending attack is comparatively benign.

I'm not saying that any of this is going to happen, or not even that there are folks that think bitcoin isn't good for them and might want to see it fail, or that if there were such folks, that they might have vast resources and the capability to execute complicated plans.
But since you asked....  yes it exists as an existential risk to bitcoin.  Maybe you give it a pValue of .01 or less.  
Even so, if it were in play... all the pieces are in the right places for it.

[cypherdoc]

I found it interesting to read the comments of the ghash owner who said that pulling a  double spend is actually quite difficult from an  internal technical stand point.

I  wonder what he was talking about?  

He means that he almost didn't get away with it the last few times.  

Seriously though, can you explain to me the mechanics of an attack scenario that is technically and economically viable, repeatable, undetectable  and puts cash into his bank account as a result?

There are many. Here is a simple one:
Lets pretend that there exists some bitcoin gambling sites where you send bitcoin as the mechanism of betting with immediate results knowable.
If a losing bet somehow never made it into the block chain, but the winning ones did might that be profitable?
If these are hidden within a large amount of betting, but just often enough to skew the odds in your favor so you have both house edge and betting control, all of the assets of such a gambling site could be siphoned out over time repeately.  Since the transaction record is the block chain itself for this site, and the individual bets are not preserved for some privacy sensitive reason, you get a scenario such as the one you requested.

More complex scenarios would also include being discovered, (rogue employee found a way around internal safeguards?) which then creates a confidence attack on the price.  But you knew ahead of time so you have a short position in place.  As well as buying lots of cheap LTC ahead of this and holding it as the backup currency with better mining diversity so as folks shift to that for security, you get to sell into the demand.
Managing the news cycle so as to create the right panic responses is also a piece of the game.

It is a small advantage in the security field to be blessed with an evil mind, and cursed with deep ethics.  The world appears broken to us, everywhere we look, but we don't step through the cracks, as they all lead to condemnation of ourselves, and one can never escape one's self.  

Ghash already did that one.  the amount was small,  the double spend was detected by the community, the rogue employee was caught, and they've never done it again. Remember 51% means they lose blocks 49% of the time. How do they repeatably build a 2-3 block lead,  orphan off the double spend block, withdraw the stolen bitcoin from the exchange, without being detected?