|
Flashman
|
 |
November 18, 2014, 03:28:40 PM |
|
Way ahead of you dude, I just used my mind powers to put an impregnable hypnotic block on you doing this, so we're all good now.
(As long as we're allowed fictional devices to say any shit can happen)
|
TL;DR See Spot run. Run Spot run. .... .... Freelance interweb comedian, for teh lulz >>> 1MqAAR4XkJWfDt367hVTv5SstPZ54Fwse6
Bitcoin Custodian: Keeping BTC away from weak heads since Feb '13, adopter of homeless bitcoins. |
|
|
|
|
|
The network tries to produce one block per 10 minutes. It does this by automatically adjusting how difficult it is to produce blocks.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
|
turvarya
|
|
November 18, 2014, 03:38:19 PM |
|
If someone cracked the hash algorithm, or found a cheaper way to compute it, they'd make a lot of money, difficulty would go to the moon, but the rate of Bitcoin creation would not increase. Just like when ASICs came in.
Think way beyond that... if you can. For lack of a better example: my gripe is that this is a bit like Windows 98 security: You can set a login password and it gets encrypted satisfactorily... but to bypass the login password, you simply needed to press ESC at the right time. So, you think, if you press the right buttons, you don't need to sign a transaction with your private key? That exactly shows, that you have no idea what you are talking about. Not at all. "For lack of a better example" <- Did you see that, what did you think it means? Almost like "pressing the right buttons" - I can transact using your wallet because I stole your private key the moment you generated it, so I can sign any transaction with your key. (The NSA is my side project)... I'm still accumulating keys. (And metadata on others, which is almost as good as the real thing, consdering the amount of computing power I commad...) How many keys do you think I have, by now? See... you have no clue. I also have backdoors installed at all the major exchanges and wallet services and I'm best friends with their cold wallet keyholders and know all about their routine, protocols and families... Oh, I almost forgot, I also have a backdoor in everyone running a client or server compiled from the github code, ready to fire it up when they send their next packet to another node... (LOL that code has been in there since v4, and nobody has spotted it yet) Also, I have a virtually unlimited budget, and have just been doing this "for fun"... you know, just in case you tried something funny, just because "Uncle Bob" told me to keep an eye on you. So I'm keeping my finger on the trigger. If I press ENTER, everyone who co-operated with me gets filthy rich... and Bitcoin dies. (But if I do it now, something else will just take its place... just...have...to...wait..a...little...longer.... then nobody will trust crypto ever again. Yes! Like communism.) You still have a chance to stop me... You have nothing, no numbers, nothing, except a poor excuse: "Hey man, SHA256 is really good. Look it up. We're safe." ...Do you know how many people I talked to? Do you know how many keys I have? Do you know how much of the network I control? Do you know my endgame? Do you want to see what a hostile takeover of the world's biggest crypto currency looks like, before you believe that it's possible? Being able to "attack" a system because you have a password/private key and really attacking it, are 2 complete separate things. If you are too stupid to understand that, than I can not help you. Your scenarios are based on "I have infiltrated everything. I have even magically infiltrated you air-gap machines". If you could really do that, why bother with bitcoins? Just get access to all nuclear silos and threaten to bomb everyone. |
|
|
|
dagelf (OP)
Newbie
 Offline
Activity: 47
Merit: 0
|
|
November 19, 2014, 07:26:37 AM |
|
Being able to "attack" a system because you have a password/private key and really attacking it, are 2 complete separate things. If you are too stupid to understand that, than I can not help you.
Your scenarios are based on "I have infiltrated everything. I have even magically infiltrated you air-gap machines". If you could really do that, why bother with bitcoins? Just get access to all nuclear silos and threaten to bomb everyone.
So are you saying that it is impossible to combine 2 or more attack strategies in a giant onslaught? You do raise a valid premise: Will a global currency system have any practical use in a post apocalyptic global scenario? Eg. global economic collapse, global police state, global nuclear winter, world wide killer virus outbreak, giant asteroid impact, sentient computers, etc...? Perhaps not. But if it would, then the question is simple: What can we do now, to maximize its utility both today and at such a point in the future? |
|
|
|
|
|
turvarya
|
|
November 19, 2014, 07:38:45 AM |
|
Being able to "attack" a system because you have a password/private key and really attacking it, are 2 complete separate things. If you are too stupid to understand that, than I can not help you.
Your scenarios are based on "I have infiltrated everything. I have even magically infiltrated you air-gap machines". If you could really do that, why bother with bitcoins? Just get access to all nuclear silos and threaten to bomb everyone.
So are you saying that it is impossible to combine 2 or more attack strategies in a giant onslaught? You do raise a valid premise: Will a global currency system have any practical use in a post apocalyptic global scenario? Eg. global economic collapse, global police state, global nuclear winter, world wide killer virus outbreak, giant asteroid impact, sentient computers, etc...? Perhaps not. But if it would, then the question is simple: What can we do now, to maximize its utility both today and at such a point in the future? I say, if you can get access to all private keys, by individually hacking every machine on the world, than you don't need a 51% attack or anything else. You already control the network. But that doesn't have anything to do, with a weakness of the Bitcoin Network. Getting your twitter password stolen from your trojan infestested PC is also not a weakness of Twitter. |
|
|
|
dagelf (OP)
Newbie
Offline
Activity: 47
Merit: 0
|
|
November 19, 2014, 07:46:21 AM |
|
I say, if you can get access to all private keys, by individually hacking every machine on the world, than you don't need a 51% attack or anything else. You already control the network.
But that doesn't have anything to do, with a weakness of the Bitcoin Network. Getting your twitter password stolen from your trojan infestested PC is also not a weakness of Twitter.
Correct. But if Twitter could guard against that, it would benefit from it. So what I'm saying is that because of how Bitcoin works, it would be even easier for Bitcoin to guard against non-Bitcoin problems, than for Twitter - because Bitcoin can get those protections built into it much easier due to the nature of its community. My gripe is with knowing that people have thought of this, a lot, but to day very few have published any of their research. Many have gone on to create alternate cryptocurrencies, rather than waste their time discussing their ideals with the Bitcoin community. Bitcoin has a lot going for it... So, if you come across something addressing this, or someone, motivate them to spend time on it, to study it, and to publish their research or insights where the community can have easy access to it... |
|
|
|
|
|
turvarya
|
|
November 19, 2014, 07:50:58 AM |
|
I say, if you can get access to all private keys, by individually hacking every machine on the world, than you don't need a 51% attack or anything else. You already control the network.
But that doesn't have anything to do, with a weakness of the Bitcoin Network. Getting your twitter password stolen from your trojan infestested PC is also not a weakness of Twitter.
Correct. But if Twitter could guard against that, it would benefit from it. So what I'm saying is that because of how Bitcoin works, it would be even easier for Bitcoin to guard against non-Bitcoin problems, than for Twitter - because Bitcoin can get those protections built into it much easier due to the nature of its community. My gripe is with knowing that people have thought of this, a lot, but to day very few have published any of their research. Many have gone on to create alternate cryptocurrencies, rather than waste their time discussing their ideals with the Bitcoin community. Bitcoin has a lot going for it... So, if you come across something addressing this, or someone, motivate them to spend time on it, to study it, and to publish their research or insights where the community can have easy access to it... So, you want a secure system where nobody needs any kind of password/private key? Good luck with that. There are already tons of projects out there do create private keys far away from the internet. |
|
|
|
dagelf (OP)
Newbie
Offline
Activity: 47
Merit: 0
|
|
November 19, 2014, 08:05:06 AM |
|
So, you want a secure system where nobody needs any kind of password/private key? Good luck with that.
There are already tons of projects out there do create private keys far away from the internet.
That would help somewhat. So are you collecting statistics or metrics on how many keys were generated in this way? I know I'm not. And I know somebody is, and that that information is both powerful and useful. So what I'm saying is that it would probably be a good idea to make that information part of the protocol. What do you think? Can you think of any other such information that might be useful? |
|
|
|
|
|
turvarya
|
|
November 19, 2014, 08:10:15 AM |
|
So, you want a secure system where nobody needs any kind of password/private key? Good luck with that.
There are already tons of projects out there do create private keys far away from the internet.
That would help somewhat. So are you collecting statistics or metrics on how many keys were generated in this way? I know I'm not. And I know somebody is, and that that information is both powerful and useful. So what I'm saying is that it would probably be a good idea to make that information part of the protocol. What do you think? Can you think of any other such information that might be useful? There is no way, to know, how a private key was generated. That is just not possible. Unless we are using your favorite tool: magic. |
|
|
|
dagelf (OP)
Newbie
Offline
Activity: 47
Merit: 0
|
|
November 19, 2014, 08:21:44 AM |
|
There is no way, to know, how a private key was generated. That is just not possible. Unless we are using your favorite tool: magic.
First, a quote on magic: "Any sufficiently advanced technology is indistinguishable from magic." So, let's start with what we know: - The number of freely and easily available software packages that will generate a key for you - The number of times that a download on those were recorded - The release dates of these - The number of hardware devices that will do the same - The approximate number sales - The release dates of these - The number of total unique bitcoin addresses that had been seen transacting by each of the dates above From that, I think we can establish a lower and an upper bound... and make a real good guess so as to the vulnerability of each wallet - from which we can guage the level of threat to the network. Which is, in my opinion, better than that bad guy in "The Matrix"'s favourite tool: Ignorance. And this is just measuring one metric: Key sources. |
|
|
|
|
|
turvarya
|
|
November 19, 2014, 08:30:10 AM |
|
There is no way, to know, how a private key was generated. That is just not possible. Unless we are using your favorite tool: magic.
First, a quote on magic: "Any sufficiently advanced technology is indistinguishable from magic." So, let's start with what we know: - The number of freely and easily available software packages that will generate a key for you - The release dates of these - The number of hardware devices that will do the same - The release dates of these - The number of total unique bitcoin addresses at each of the dates above From that, I think we can establish a lower and an upper bound... and make a real good guess so as to the vulnerability of each wallet. Which is, in my opinion, better than that bad guy in "The Matrix"'s favourite tool: Ignorance. So, how do you calculate the amount of private keys from people who role dices to make them. How do you count the people who let their cat run over their keyboard to generate it? There are a lot of possibilities to create private keys, without even software. Your last point is just stupid: Used Bitcoin addresses and generated private keys are just not the same thing. So, yes you can collect some data, and make a guess, but it wouldn't be a good one. |
|
|
|
dagelf (OP)
Newbie
Offline
Activity: 47
Merit: 0
|
|
November 22, 2014, 06:05:34 AM |
|
So, how do you calculate the amount of private keys from people who role dices to make them. How do you count the people who let their cat run over their keyboard to generate it? There are a lot of possibilities to create private keys, without even software.
Your last point is just stupid: Used Bitcoin addresses and generated private keys are just not the same thing.
So, yes you can collect some data, and make a guess, but it wouldn't be a good one.
What are you on about? What part of: IF YOU DID IT ON YOUR PC IT IS PROBABLY COMPROMISED don't you understand?! |
|
|
|
|
dagelf (OP)
Newbie
Offline
Activity: 47
Merit: 0
|
|
November 22, 2014, 06:10:38 AM |
|
Just keep in mind that Bitcoin having almost a 6 billion dollar market cap, which peaked at over 10 billion last year is incentive enough for black hats to test all security weaknesses of the Bitcoin infrastructure. Bitcoin is constantly being tested and attacked because of this.
This is a very valid point... I have not sifted through the developer lists at fear of getting sucked in and never coming back out. Instead I'm just looking to see what vital statistics I can find. It seems the door is still wide open for someone to publish some more, and stake a claim... It also makes my point more valid: It's a lucrative target and information about its possible exploitations should be out in the open. I'm saying: let's calculate the lower and upper bounds of the potential cost for all the possible large-scale attacks, even if they are side-channel attacks, social engineering attacks, etc. Perhaps calculating and/or tracking those metrics will reveal more insight into its price fluctuations... |
|
|
|
|
|
turvarya
|
|
November 22, 2014, 12:34:32 PM |
|
So, how do you calculate the amount of private keys from people who role dices to make them. How do you count the people who let their cat run over their keyboard to generate it? There are a lot of possibilities to create private keys, without even software.
Your last point is just stupid: Used Bitcoin addresses and generated private keys are just not the same thing.
So, yes you can collect some data, and make a guess, but it wouldn't be a good one.
What are you on about? What part of: IF YOU DID IT ON YOUR PC IT IS PROBABLY COMPROMISED don't you understand?! If it is a PC that was never connected to the internet, it is not. Unless you want to use magic again, which is unfair. Furthermore, I just wanted to show, that you can not really predict how private keys are generated. You can't even predict, when a private key/public address was generated, since I can generate one today and use it in 10 years and you wouldn't know. |
|
|
|
|
hhanh00
|
|
November 22, 2014, 06:10:02 PM |
|
1. The software is compromised. Worst case scenario, every node runs software that has an intentional backdoor. For example, it accepts a special signature which by passes ECDSA verification. Any coin can be transferred by using the backdoor.
Result: The blockchain is bogus - it will have to be reverted once the backdoor is detected. Massive disruption. I don't see how to undo the damages. Will have to refund a lot of people I guess.
How likely? The code is open source but not too many people review it. More over, the vast majority of the network is running the reference client in some version. So if the change was well hidden, it could happen. Similar to shellshock or heartbleed, etc.
2. Crypto is broken secretly. Like when the allies broke Enigma but never disclosed it. Very hard because several unrelated crypto algorithms are involved. They would have to be all broken for this to work (SHA, RIPEMD, ECDSA).
Result: Can steal anyone's coin but unlike 1. it cannot be easily proven. You become instantly rich.
How likely? Much much harder than 1.
3. A hidden hardware circuit transmits everything to a hidden organization.
Result: They can steal your keys because at one point or another the key has to be in memory of a computer.
How likely? Even if it's done, the sheer amount of data would make this quite impracticable. Considering how long it takes to take down terrorist cells with all the intelligence resources put to it, I doubt that anyone is capable of sifting through that much data.
One could reduce the difficulty by targeting PC Windows XP or what not, but then savvy users should be able to avoid this threat.
|
|
|
|
|
turvarya
|
|
November 22, 2014, 06:39:01 PM |
|
1. The software is compromised. Worst case scenario, every node runs software that has an intentional backdoor. For example, it accepts a special signature which by passes ECDSA verification. Any coin can be transferred by using the backdoor.
Result: The blockchain is bogus - it will have to be reverted once the backdoor is detected. Massive disruption. I don't see how to undo the damages. Will have to refund a lot of people I guess.
How likely? The code is open source but not too many people review it. More over, the vast majority of the network is running the reference client in some version. So if the change was well hidden, it could happen. Similar to shellshock or heartbleed, etc.
2. Crypto is broken secretly. Like when the allies broke Enigma but never disclosed it. Very hard because several unrelated crypto algorithms are involved. They would have to be all broken for this to work (SHA, RIPEMD, ECDSA).
Result: Can steal anyone's coin but unlike 1. it cannot be easily proven. You become instantly rich.
How likely? Much much harder than 1.
3. A hidden hardware circuit transmits everything to a hidden organization.
Result: They can steal your keys because at one point or another the key has to be in memory of a computer.
How likely? Even if it's done, the sheer amount of data would make this quite impracticable. Considering how long it takes to take down terrorist cells with all the intelligence resources put to it, I doubt that anyone is capable of sifting through that much data.
One could reduce the difficulty by targeting PC Windows XP or what not, but then savvy users should be able to avoid this threat.
ad 1. That is not how Bitcoin/cryptography works. You can't sign transaction with some kind of master key ad 2. On a mathematical level cryptography is safe, unless it is a conspiracy that involves all mathematics and they just lied to us for decades. ad 3. For offline signing you would need some secret wireless transmitter, that does send the key. That would be some real hard core conspiracy. |
|
|
|
|
Flashman
|
|
November 22, 2014, 08:59:08 PM |
|
*hyperventilate* *hyperventilate* *hyperventilate*
Can't you see he's right, if someone today rebuilt Bletchley Park's codebreaking machine Colossus out of modern parts it would be a complete and unmitigated disaster, they'd be able to break 4 character brainwallets in mere months!
|
TL;DR See Spot run. Run Spot run. .... .... Freelance interweb comedian, for teh lulz >>> 1MqAAR4XkJWfDt367hVTv5SstPZ54Fwse6
Bitcoin Custodian: Keeping BTC away from weak heads since Feb '13, adopter of homeless bitcoins. |
|
|
|
hhanh00
|
|
November 23, 2014, 05:46:51 AM |
|
ad 1.
That is not how Bitcoin/cryptography works. You can't sign transaction with some kind of master key
I'm not talking about a crypto backdoor here but a backdoor in the implementation. For instance, in CheckSig (interpreter.cpp), if (vchSig.empty())
return true;
Of course, this one is super obvious and won't fool anyone but let's say that something similar has been slipped in voluntarily or not. If enough of the network is running the same code base (and the reference client dominates at the moment), one could create a big fork. On the other hand, this part of the code is very sensitive and lots of people have looked at it. It would have to be quite subtle. Once they use the backdoor, it will be noticed and patched very quickly. The coins should return to their real owner then. ad 2.
On a mathematical level cryptography is safe, unless it is a conspiracy that involves all mathematics and they just lied to us for decades.
Not all mathematicians would have to be involved. Again, the Enigma machine is an interesting historical precedent. Besides, it's enough to have an evil genius who cracks it. It's unlikely to happen because when the community gets close to a solution, the method is deemed unsafe and replaced like SHA-256 replaced SHA-1. You would have to crack various cryptography functions too. ad 3.
For offline signing you would need some secret wireless transmitter, that does send the key. That would be some real hard core conspiracy.
It's not a secret wireless transmitter but cleverly leveraging the hardware you already possess. Systems get more and more integrated to reduce cost. You end up with beefy configurations when in the past you would have to buy parts by parts. At then end, your machine could have wifi on chip. Also, they are not completely off if power is provided. It's possible to have something running in low power mode, though I agree it's difficult. The upside is that if they steal your coins this way, no one is going to believe you. |
|
|
|
|
Flashman
|
|
November 23, 2014, 02:29:18 PM |
|
Enigma machine was not so much a mathematically sound encryption device, as a devious mechanical obfuscater.
|
TL;DR See Spot run. Run Spot run. .... .... Freelance interweb comedian, for teh lulz >>> 1MqAAR4XkJWfDt367hVTv5SstPZ54Fwse6
Bitcoin Custodian: Keeping BTC away from weak heads since Feb '13, adopter of homeless bitcoins. |
|
|
dagelf (OP)
Newbie
Offline
Activity: 47
Merit: 0
|
|
November 24, 2014, 10:05:40 AM |
|
If it is a PC that was never connected to the internet, it is not. Unless you want to use magic again, which is unfair.
Show me a PC like that, and I'll show you a unicorn! |
|
|
|
|
|
turvarya
|
|
November 24, 2014, 10:13:22 AM |
|
If it is a PC that was never connected to the internet, it is not. Unless you want to use magic again, which is unfair.
Show me a PC like that, and I'll show you a unicorn! and here is also a picture of a unicorn  |
|
|
|
|
