Bitcoin Forum
December 08, 2016, 08:24:58 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: New IRC bootstrapping using random channels.  (Read 4900 times)
Gareth Nelson
Hero Member
*****
Offline Offline

Activity: 722


View Profile
May 22, 2011, 06:24:18 PM
 #21

IRC isn't a sustainable discovery protocol anyway. It has lots of problems beyond startup time.
+1

I think the final straw is that it sets of botnet detectors for some ISPs. The last thing we want is for bitcoin to be classified as botnet Smiley


True. My ISP just blocked something yesterday, no connections  Sad

I setup Tor last night just so I could proxy Bitcoin through it so it could connect.

Bitcoin needs to NOT use IRC, IMHO. It's too prone to being taken down by ISPs. I don't know what to tell you guys, but I do know that it's unfortunate that my ISP did what they did.

On the bright side, I found out about the wonders of Tor yesterday and am proudly running a relay  Cheesy

What is it about IRC that makes it look like a botnet? I happily run an IRCD and an IRC client without issue, so what's the criteria for being botnet-like?
1481228698
Hero Member
*
Offline Offline

Posts: 1481228698

View Profile Personal Message (Offline)

Ignore
1481228698
Reply with quote  #2

1481228698
Report to moderator
1481228698
Hero Member
*
Offline Offline

Posts: 1481228698

View Profile Personal Message (Offline)

Ignore
1481228698
Reply with quote  #2

1481228698
Report to moderator
Be very wary of relying on JavaScript for security on sites such as blockchain.info and brainwallet.org. The site can change the JavaScript at any time unless you take unusual precautions, and browsers are not generally known for their airtight security.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481228698
Hero Member
*
Offline Offline

Posts: 1481228698

View Profile Personal Message (Offline)

Ignore
1481228698
Reply with quote  #2

1481228698
Report to moderator
1bitc0inplz
Member
**
Offline Offline

Activity: 112


View Profile
May 22, 2011, 06:26:56 PM
 #22


What is it about IRC that makes it look like a botnet? I happily run an IRCD and an IRC client without issue, so what's the criteria for being botnet-like?

From what I understand, it's not so much the ports and what not, but the type of transmissions and their frequency. Apparently some (all?) botnets use IRC for communications, so the ISPs have gotten to where they look for frequent and seemingly autonomous transmissions across IRC.

At least that is my understand.

Mine @ http://pool.bitp.it - No fees, virtually 0 stales, what's not to love!
Chat with us @ #bitp.it on irc.freenode.net
Learn more about our pool @ http://forum.bitcoin.org/index.php?topic=12181.0
CD-RW
Jr. Member
*
Offline Offline

Activity: 57


View Profile
May 22, 2011, 09:12:03 PM
 #23

Hmm, so the -dnsseed is already implemented in 0.3.12-beta and could be fully utilized any moment?
I say go, then.
laszlo
Full Member
***
Offline Offline

Activity: 199


View Profile
May 22, 2011, 10:01:32 PM
 #24

Just so everyone understands..

* LFnet IRC network is primarily used for bitcoin - a few others and I maintain it and we're all bitcoin users. 

* I am a regular bitcoin contributor.  I'm also the guy that bought the 10,000 bitcoin pizza in case anyone is wondering.  I'm a moderator on this forum, I maintain the Mac OS build and I wrote the original GPU miner (http://heliacal.net/~solar/bitcoin/opencl-v2-svn-95-2010-06-30.patch)  - I hope that's enough credentials to prove to anyone that I'm not some BOFH IRC admin Smiley

* We will make sure the #bitcoinXX channels are not 'taken over' or anything like that.

* The IRC servers have been configured to limit the number of records returned when a client joins #bitcoin and issues a WHO request.  This greatly reduced the bandwidth and memory requirements.

* We use and monitor IRC and will keep an eye on the #bitcoinXX channels.  The channel modes will be locked to a reasonable normal setting like #bitcoin is today.

I would like to add an option/preference to disable IRC in the client.  It should be on by default, since that's the whole point, to bootstrap new users, but then the user should be able to switch it off.  There will still be plenty of people who leave it on to provide booting to others, but not everyone needs to do that; especially if you don't have the inbound port open.

I also think that alternative bootstrap methods are a good idea, but it should be possible to switch it all off once you're connected to the network.

Thanks,
Laszlo

BC: 157fRrqAKrDyGHr1Bx3yDxeMv8Rh45aUet
Matt Corallo
Hero Member
*****
expert
Offline Offline

Activity: 751


View Profile
May 22, 2011, 10:14:39 PM
 #25

I would like to add an option/preference to disable IRC in the client.  It should be on by default, since that's the whole point, to bootstrap new users, but then the user should be able to switch it off.  There will still be plenty of people who leave it on to provide booting to others, but not everyone needs to do that; especially if you don't have the inbound port open.
-noirc...done

I also think that alternative bootstrap methods are a good idea, but it should be possible to switch it all off once you're connected to the network.
That already pretty much happens, bitcoin prefers nodes it has previously connected to, so as long as it has made a decent number of connections in the past it shouldn't bother with nodes from bootstrap sources.  Plus keep in mind bootstrap sources are just lists of IPs, which is really no different from what you get via peer exchange. 

Bitcoin Ubuntu PPA maintainer - donate to me personally: 1JBMattRztKDF2KRS3vhjJXA7h47NEsn2c
http://bitcoinrelaynetwork.org maintainer
PGP ID: 07DF 3E57 A548 CCFB 7530  7091 89BB B866 3E2E65CE
Gareth Nelson
Hero Member
*****
Offline Offline

Activity: 722


View Profile
May 22, 2011, 10:31:14 PM
 #26

Just so everyone understands..

* LFnet IRC network is primarily used for bitcoin - a few others and I maintain it and we're all bitcoin users. 

* I am a regular bitcoin contributor.  I'm also the guy that bought the 10,000 bitcoin pizza in case anyone is wondering.  I'm a moderator on this forum, I maintain the Mac OS build and I wrote the original GPU miner (http://heliacal.net/~solar/bitcoin/opencl-v2-svn-95-2010-06-30.patch)  - I hope that's enough credentials to prove to anyone that I'm not some BOFH IRC admin Smiley

* We will make sure the #bitcoinXX channels are not 'taken over' or anything like that.

* The IRC servers have been configured to limit the number of records returned when a client joins #bitcoin and issues a WHO request.  This greatly reduced the bandwidth and memory requirements.

* We use and monitor IRC and will keep an eye on the #bitcoinXX channels.  The channel modes will be locked to a reasonable normal setting like #bitcoin is today.

I would like to add an option/preference to disable IRC in the client.  It should be on by default, since that's the whole point, to bootstrap new users, but then the user should be able to switch it off.  There will still be plenty of people who leave it on to provide booting to others, but not everyone needs to do that; especially if you don't have the inbound port open.

I also think that alternative bootstrap methods are a good idea, but it should be possible to switch it all off once you're connected to the network.

Thanks,
Laszlo


Couldn't you in theory hijack almost the entire network?
I'm not claiming that you would of course, but i'm wary of that ability being available to any one entity - what if, for example, someone sniffed your connection and got /oper access?
theymos
Administrator
Legendary
*
expert
Offline Offline

Activity: 2506


View Profile
May 22, 2011, 10:52:32 PM
 #27

IRC could only be used to "hijack" totally new users, though maybe IRC could break things by returning millions of bogus addresses and filling up addr.dat. Does Bitcoin defend against this?

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
laszlo
Full Member
***
Offline Offline

Activity: 199


View Profile
May 22, 2011, 10:53:10 PM
 #28

Quote
Couldn't you in theory hijack almost the entire network?


No, it wouldn't make much difference if the IRC network was compromised.

It is just used to get a list of hostnames to try to connect to, but you only need to connect to one real node in order to be able to receive the majority block chain.  It is just one of many methods used to find other nodes - the address messages broadcast on the bitcoin network are the primary means, and once you've been connected to the network the client keeps a local cache of the addresses it has seen.  The ones it sees on IRC are just added to the list.


BC: 157fRrqAKrDyGHr1Bx3yDxeMv8Rh45aUet
Gareth Nelson
Hero Member
*****
Offline Offline

Activity: 722


View Profile
May 22, 2011, 10:54:17 PM
 #29

I don't think it would be possible to "hijack" anything, though maybe IRC could break things by returning millions of bogus addresses and filling up addr.dat. Does Bitcoin defend against this?

It would be simple - just add a bunch of peers you control and use them to poison the network - you could even be evil by sending your poison peers only to certain users to avoid everyone else noticing. Send one user 30 poison peers and they see 30 connections and think everything is normal.
Gareth Nelson
Hero Member
*****
Offline Offline

Activity: 722


View Profile
May 22, 2011, 10:55:13 PM
 #30

Quote
Couldn't you in theory hijack almost the entire network?


No, it wouldn't make much difference if the IRC network was compromised.

It is just used to get a list of hostnames to try to connect to, but you only need to connect to one real node in order to be able to receive the majority block chain.  It is just one of many methods used to find other nodes - the address messages broadcast on the bitcoin network are the primary means, and once you've been connected to the network the client keeps a local cache of the addresses it has seen.  The ones it sees on IRC are just added to the list.



You'd still be able to hijack new users
MacRohard
Member
**
Offline Offline

Activity: 103


View Profile
May 22, 2011, 11:16:06 PM
 #31

Quote
Couldn't you in theory hijack almost the entire network?


No, it wouldn't make much difference if the IRC network was compromised.

It is just used to get a list of hostnames to try to connect to, but you only need to connect to one real node in order to be able to receive the majority block chain.  It is just one of many methods used to find other nodes - the address messages broadcast on the bitcoin network are the primary means, and once you've been connected to the network the client keeps a local cache of the addresses it has seen.  The ones it sees on IRC are just added to the list.



You'd still be able to hijack new users

That would be true of any bootstrapping mechanism you can think of. At least with IRC it's somewhat transparent in that people can log in and see what's going on.. I don't really see any way around this though..

Also, users would probably notice that they weren't on the 'real' bitcoin network since they wouldn't be receiving any payments made to them or be able to send payments and also if they ever connect to a single real node by any of the bootstrapping mechanisms then they'd 'break out' of the illusion.
MacRohard
Member
**
Offline Offline

Activity: 103


View Profile
May 22, 2011, 11:24:52 PM
 #32

Infact, there's really very little motivation to 'hijack' a new user.. all you can really do is prevent them from communicating with other bitcoin users.. you can't steal their money or intercept their transactions.. all you could do it stop them from connecting to the network.. which they would probably notice and be able to work around. I guess you could force them to work on your block chain, but since mining is now disabled in the main client anyway that is no-longer true either.
Gareth Nelson
Hero Member
*****
Offline Offline

Activity: 722


View Profile
May 22, 2011, 11:25:10 PM
 #33

Quote
Couldn't you in theory hijack almost the entire network?


No, it wouldn't make much difference if the IRC network was compromised.

It is just used to get a list of hostnames to try to connect to, but you only need to connect to one real node in order to be able to receive the majority block chain.  It is just one of many methods used to find other nodes - the address messages broadcast on the bitcoin network are the primary means, and once you've been connected to the network the client keeps a local cache of the addresses it has seen.  The ones it sees on IRC are just added to the list.



You'd still be able to hijack new users

That would be true of any bootstrapping mechanism you can think of. At least with IRC it's somewhat transparent in that people can log in and see what's going on.. I don't really see any way around this though..

Also, users would probably notice that they weren't on the 'real' bitcoin network since they wouldn't be receiving any payments made to them or be able to send payments and also if they ever connect to a single real node by any of the bootstrapping mechanisms then they'd 'break out' of the illusion.


Connecting to a real node by what other mechanism?
This is why multiple mechanisms are a good thing Smiley
WakiMiko
Jr. Member
*
Offline Offline

Activity: 59



View Profile
May 23, 2011, 05:48:24 PM
 #34

what about the proposal to use bittorrent trackers to find other peers?

see http://forum.bitcoin.org/index.php?topic=84.msg119872#msg119872

clients can also specify the port they listen on

1APeJ2DiUNdsNizn47MBeAwbjaugEgg4Zn
Mike Hearn
Legendary
*
expert
Offline Offline

Activity: 1526


View Profile
May 23, 2011, 06:23:55 PM
 #35

Thanks laszlo, I didn't realize LFnet was so customized for Bitcoin.
CD-RW
Jr. Member
*
Offline Offline

Activity: 57


View Profile
May 23, 2011, 07:08:43 PM
 #36

* We use and monitor IRC and will keep an eye on the #bitcoinXX channels.  The channel modes will be locked to a reasonable normal setting like #bitcoin is today.
Hmm. Needs more +m on #bitcoinXX channel, also do 'auto +m' on #bitcoinTEST. Not sure if it is possible but auto de-OP on #bitcoinXX join would also be nice.

// CD-RW
xf2_org
Member
**
Offline Offline

Activity: 70


View Profile
May 23, 2011, 08:45:32 PM
 #37

what about the proposal to use bittorrent trackers to find other peers?

see http://forum.bitcoin.org/index.php?topic=84.msg119872#msg119872

Bittorrent trackers require a DNS lookup... at which point you might as well just use -dnsseed

Quote
clients can also specify the port they listen on

IRC is just for bootstrapping.  Once you get at least one valid node, you connect and exchange peer addresses.  The bitcoin peer exchange includes listen port.

CD-RW
Jr. Member
*
Offline Offline

Activity: 57


View Profile
May 26, 2011, 10:23:21 AM
 #38

Yeah, DNSSeed will work fine I guess.
just_someguy
Full Member
***
Offline Offline

Activity: 125


View Profile
May 26, 2011, 10:48:31 AM
 #39

DNS is a step forward in speed but also a step back in functionality.
Encoded in the IRC nicks is the port the peer is listening on. The DNS peer lookup has no way to do that the moment.
This means DNS discovery can only use the standard port which makes blocking peer bootstrapping much easier.
Not a big issue right now but it does need to be addressed at some point.
Pieter Wuille
Legendary
*
qt
Offline Offline

Activity: 1036


View Profile WWW
May 26, 2011, 11:06:44 AM
 #40

DNS does not completely replace IRC, as its database can only be updated by the maintainer, not by everyone.

However, nodes also pass known addresses (including port, even with IPv6 support) to eachother. So DNS bootstrapping is just bootstrapping, finding *some* node, that knows other accessible nodes.

aka sipa, core dev team

Tips and donations: 1KwDYMJMS4xq3ZEWYfdBRwYG2fHwhZsipa
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!