BTC Satoshi’s Vision Conference Live Stream |
- Satoshi’s Vision Conference Live Stream
- So in a timeframe of few years, Reddit is going to become a corporate shithole, going the way of Digg. Is it logical to start moving the community now, not waiting for their move ?
- Snowden on Bitcoin: Blasts Public Ledger and Core Developers
- Just realized I can now pay with Bitcoin Cash @ Newegg
- Emin Gun Sirer @ SV conference: Teechan > Lightning, a superior off-chain transaction layer
- The flippening has already happened in Tokyo: Tonight's BCH meetup turnout compared to BTC meetup turnout.
- Satoshi's Vision conference has begun!, live-streaming now
- Guardian (and similar publications), it's 2018, if you want more donation here's what you need to do....
- Joannes Vermorel is flipping destroying North Corea @ Satoshi's Vision Conference. Explaining quite logically and easily how Bitcoin (The Cash version obviously not BCore) could scale to 1TB block sizes if it wanted to.
- True Story!
- Blockstream = Creating Problems In Order To Solve Them
- The chatlog from #lightning-network discussing recent Lightning DDOS/vulnerability
- Joannes Vermorel’s roadmap to making 1TB block capable nodes. Also, he is hiring!
- Interesting watching (again) the technical discussion by Tom Harding regarding Zero-Confirmation Transactions. Bitcoin (Cash) with *always* low fees means one can send lots of transactions for testing, analysis and experimentation on real-world network...cheaply...
- Bitcoin Cash is already the killer application
- Get Bitcoin Cash In The Hands Of More People (Network Effects)
- Bitcoin Cash happened because we were forced into a corner. Here's the full story of Bitcoin censorships, harassments, cyberattacks, personal attacks against anyone who dares to scale Bitcoin into a global cash system.
- @Satshi's vision - does anyone have their eye on the 2020 Olympics??
- Satoshi Vision Conference was just began.
- A bitcoin miner is growing 'Cryptomatoes' using excess heat from his mining setup
- 0-conf transactions on BCH are safer for merchants than checks, credit cards.
- Currently moving at ~230km/hr toward a whole lot of Nakamoto consensus.
- Finally, someone from /r/bitcoin understands the purpose of bitcoin!
- I’m on a tech call(I’m an engineer) and they’re expecting speeds >10Gbps by 2020. This is awesome for the tech of BCH and the possibilities.
- Every fifth Lightning Network node fails after DDoS attack
| Satoshi’s Vision Conference Live Stream Posted: 22 Mar 2018 04:27 PM PDT
 | ||
| Posted: 22 Mar 2018 02:32 PM PDT How long before all non-censored/not-centrally-controlled Cryptocurrency subs will be either taken over by corporations or completely removed ? [link] [comments]  | ||
| Snowden on Bitcoin: Blasts Public Ledger and Core Developers Posted: 22 Mar 2018 03:46 PM PDT
 | ||
| Just realized I can now pay with Bitcoin Cash @ Newegg Posted: 22 Mar 2018 03:24 PM PDT That's all. Was planning to pay with BTC, but might as well save myself a few cents on bitpay's network fee and pay with BCH. Here's to P2P electronic cash! [link] [comments]  | ||
| Emin Gun Sirer @ SV conference: Teechan > Lightning, a superior off-chain transaction layer Posted: 22 Mar 2018 07:27 PM PDT Emin Gun Sirer's talk at the Satoshi Vision conference today, about scaling bitcoin, laid out a tech called Teechan which compared very favorably against Lightning. 68,000 transactions per second on a laptop, no need for watchtowers, no need to be online to receive funds, etc. Check the SV website for his speech, amazing stuff. How hilarious would it be to deploy Teechan on BCH as a superior transfer network to Lightning, an embarrass the Core partisans. It's available now as an off chain solution. [link] [comments]  | ||
| Posted: 22 Mar 2018 10:48 AM PDT
 | ||
| Satoshi's Vision conference has begun!, live-streaming now Posted: 22 Mar 2018 05:32 PM PDT
 | ||
| Posted: 22 Mar 2018 01:49 PM PDT
 | ||
| Posted: 22 Mar 2018 08:44 PM PDT
 | ||
| Posted: 22 Mar 2018 10:45 AM PDT
 | ||
| Blockstream = Creating Problems In Order To Solve Them Posted: 22 Mar 2018 08:28 PM PDT
 | ||
| The chatlog from #lightning-network discussing recent Lightning DDOS/vulnerability Posted: 22 Mar 2018 02:39 PM PDT bitPico [5:49 PM] If any LN testers see their connection slots full it's us. We will release the attack code when ready. The network needs better protection against DDoS's. (edited) Laolu Osuntokun [5:59 PM] ? or report to specific implementations @bitPico? like the early days of bitcoin, don't think many impls have even started to start to cover dos vectors busy working on safety in other aspects bitPico [6:00 PM] As it stands no implementation can handle connection exhaustion attacks by overflowing the underlying TCP stack. Laolu Osuntokun [6:00 PM] not sure if any limit inbound connections yet bitPico [6:02 PM] Doesn't matter; we use the TCP half-open attack. This occurs at the kernel. Laolu Osuntokun [6:02 PM] sure you'd still run into fd limits so that's not really impl specific bitPico [6:02 PM] Yes; we exhaust the FD's. (edited) Laolu Osuntokun [6:04 PM] you could do the same for any active bitcoin node today, nodes would need to set up network-level mitigations unless the impls were super low level enough to detect something like that so would really depend on their default kernel settings Matt Drollette [6:10 PM] bitPico [6:14 PM] Our Bitcoin implementation performs round-robin disconnects to induce network churn. This is one of the best methods to prevent most TCP attacks. Churn is needed in decentralized systems. It keeps them robust. Longstanding TCP connections are bad. *ie we disconnect N nodes every T mins. Laolu Osuntokun [6:18 PM] if it's half open, how are you detecting the TCP connections then @bitPico? well for LN the connections are typically long lived @mdrollette yeh, defenses are at the kernel lvl bitPico [6:21 PM] Round-robin disconnects free the kernel FD's. There is also App level half-connect Works like this Syn Ack But don't sent the Ack The connection is then half-open TCP connect scans work like this. TCP half-open scans are harder to detect. ɹɑd [6:33 PM] Is there a way to tell lnd to listen on ipv4 instead of ipv6? When I try Matt Drollette [6:34 PM] I think if you give it a specific IP instead of 0.0.0.0 it will only bind to that specific interface ɹɑd [6:34 PM] ok, trying that… bitPico [6:36 PM] Dual-stack OS will still open IPv6 Windows and Linux are VERY different TCP stacks. The behaviour is different. ɹɑd [6:38 PM] Nice, that worked. Thanks, @mdrollette bitPico [7:13 PM] How does LN protect from "dead end packets"? ie* onion wrapped but final destination doesn't exist. aka routing amplification attack kekalot [7:14 PM] :trumpet::skull: bitPico [7:16 PM] We will test it and perform a 100,000 route amplification. We are trying to make our test kit reusable as possible to work out the kinks. (edited) kekalot [7:16 PM] :trumpet::skull: bitPico [7:25 PM] Seeing bad OP-SEC on LN; don't name your node as the type of hardware. Those raspberry pi's will go down. kekalot [7:25 PM] :trumpet: :skull: camelCase [7:26 PM] :joy: bitPico [7:26 PM] ie* eclair.raspberry.pi Abhijeet singh [8:05 PM] joined #lightning-network. bitPico [8:48 PM] https://gist.github.com/anonymous/46f6513625579c5a920fe04b32103a03 Already running some custom attack vectors on LN nodes to see how they standup.
:+1: If you notice weird traffic it's us. bitPico [9:00 PM] We are most interested in our "route payload amplification" attack vector. This attack onion wraps payloads via hop by hop where the last hop is the first hop creating a self-denial of service where the LN nodes attack themselves after long route traversal. Exploiting the anonymous nature of onion routing allows no defense to the network. Anonymous routing in and of itself creates a situation where the network can get into an endless loop of self DDoS. Once we complete the entire message serialization routines and a deadline timer the TESTBED will run standalone continuously. Prob. only take another day to complete that. We are also making attack vectors as base classes so new ones can be easily created via overrides. *ie plugin-like attack vectors Russell O'Connor [9:22 PM] https://lists.linuxfoundation.org/pipermail/lightning-dev/2015-August/000135.html bitPico [9:26 PM] Yes; that idea and our attack vector(s) makes the entire network fall apart. We will prove this works. (edited) When nobody trusts nobody the network collapses. Low level attacks requiring no fees are easier however. (edited) There is nothing to prevent spoofing via replay of older packets. Because onion routing requires decryption (CPU Intensive) this can also be used to clog pathways with old payloads via CPU exhaustion. (edited) This is the real reason why ToR is so damn slow; it's constantly attacked. It has nothing to do with end users actions. Matt Drollette [9:34 PM] https://github.com/lightningnetwork/lnd/pull/761 GitHub Switch Persistence [ALL]: Forwarding Packages + Sphinx Replay Protection + Circuit Persistence by cfromknecht · Pull Request #761 · lightningnetwork/lnd This PR builds on #629, and integrates the changes with my more recent work on forwarding packages and batch-replay protection provided via pending changes to lightning-onion repo. Save one or two ... bitPico [9:40 PM] (#)761 doesn't impact our AV_03 It does however cause nodes to use more CPU and possibly go to disk per the notes. If LN nodes must go to disk this is bad. The slowest code pathways make the best AV's. bitPico [9:52 PM] CircuitKey's are allocated "on the heap". (edited) Underlying implementation would use malloc/realloc/free. Instead of RAII. This is asking for an overflow into unknown memory segments. We suggest stack only allocation. Memory on the stack is trivial to maintain; it has no holes; it can be mapped straight into the cache; it is attached on a per-thread basis. Memory in the heap is a heap of objects; it is more difficult to maintain; it can have holes. Laolu Osuntokun [9:59 PM] @bitPico cpu usage is super minimal, this isn't tor so we're not relaying like gigabytes unknown memory segments? golang is a memory safe language stuff goes on the stack, then escape analysis is used to decide what should go on the heap bitPico [10:00 PM] Heap allocation is more of a concern here. golang is not memory safe; it uses C underneath. Laolu Osuntokun [10:01 PM] uhh bitPico [10:01 PM] golang is not written in golang :slightly_smiling_face: Laolu Osuntokun [10:01 PM] yes it is... https://github.com/golang/go/blob/master/src/runtime/map.go GitHub golang/go go - The Go programming language bitPico [10:02 PM] That's like saying the C runtime is C and not ASM. The C runtime is ASM. Laolu Osuntokun [10:02 PM] go is written in go before go 1.4 (maybe 1.5) is was written in c but still, your "attack vector" isn't an implementation level issue, it's a network/kernel level DoS recycling, syn cookies, etc, would be needed not impl level defenses (edited) bitPico [10:07 PM] We know the answer but what does golang compile to? Laolu Osuntokun [10:07 PM] also replay htlc's will be rejected native? bitPico [10:08 PM] ASM Laolu Osuntokun [10:08 PM] yeh... bitPico [10:08 PM] So what we said is exactly true. Laolu Osuntokun [10:08 PM] no? bitPico [10:08 PM] It's as vulnerable as we stated. Laolu Osuntokun [10:08 PM]
bitPico [10:09 PM] It still allocates through OS heap memory and not onto the stack in your case here. Which means it has holes. Laolu Osuntokun [10:10 PM] aight, lemmie know when you exploit these issues in the golang runtime here's the code if you wanna study it: https://github.com/golang/go/ GitHub golang/go go - The Go programming language bitPico [10:11 PM] ASM is ASM. Heap is heap. Heap is bad in this case. Stack is wise. Same applies to C or C++. Avoid the heap at all costs. Laolu Osuntokun [10:12 PM] aye aye, capt stark [10:12 PM] replied to a thread: Seeing bad OP-SEC on LN; don't name your node as the type of hardware. Those raspberry pi's will go down. don't name your node at all.... bitPico [10:12 PM] https://www.cs.ru.nl/E.Poll/hacking/slides/hic4.pdf Laolu Osuntokun [10:13 PM] cool, i'll be waiting on those exploits in the go runtime, i'm sure many others will be excited as well bitPico [10:14 PM] Has nothing to do with go. It uses malloc underneath. Heap always uses malloc; go, c or c++ or java or whatever. Laolu Osuntokun [10:15 PM] sure, i think many of us know how memory management works bitPico [10:15 PM] http://security.cs.rpi.edu/courses/binexp-spring2015/lectures/17/10_lecture.pdf Security experts avoid heap allocation. This is common knowledge. Noticed somebody commented about performance of the PR. That is because of the use of heap allocation instead of stack. Laolu Osuntokun [10:17 PM] no, it's because of the disk I/O bitPico [10:18 PM] So LN nodes write data to disk in case of crash? As to not lose funds? That's what the PR says. Anyway golang uses libc; it is not compiled into pure ASM. (edited) Nevertheless we are not focusing on golang; LN in general and TCP/IP stacks. ɹɑd [10:22 PM] @bitPico write an exploit and get back with us. Until then it just sounds like concern trolling. bitPico [10:24 PM] Funny, we are exhausting LN TCP/IP Stacks as we type this… It's no good if we can overtake the TCP stack and run it out of FD's. We have 100's of connections to LN nodes and it;s automated using our hand built attack toolkit. When we increase this to 1000's then what? Matt Drollette [10:26 PM] Isn't that true of any TCP service though? Or are you saying there is something Lightning or Laolu Osuntokun [10:26 PM] it's true of any TCP service the defenses are on the kernel level bitPico [10:27 PM] You'd need to have LN code handle millions of connections to mitigate this. We know golang will crash if this happens. But so will C. Matt Drollette [10:29 PM] I'm beginning to wonder if @bitPico is actually performing a meta-attack on Lightning. A denial-of-service at the developer level with all this subtle trolling bitPico [10:29 PM] This first problem is LN keeps inbound connections alive. It does not handle and drop them like a webserver. This is the only reason webservers can scale. Apache uses a timeout of 3 seconds in most cases. Currently we are connected to 45 LN nodes with over 22K connections. One variable change on our end and the network will suffer. (edited) Matt Drollette [10:31 PM] but is that variable on the heap? bitPico [10:32 PM] On Linux consider forcing it to require 999999 FD's. AND do not keep-alive connections. The variable is an enum (an integer). Attack aggressiveness Matt Drollette [10:33 PM] I'm just joking with you :stuck_out_tongue: I look forward to the write-up on the attack bitPico [10:33 PM] Otherwise our code will keep LN nodes hung in TIME_WAIT. Anyway we are not trolling; we are BTC whales and LN must not fail. Otherwise our investment suffers. The only motivation behind this testing… As it stands LN nodes need L7 LB. Code will run overnight; sleep before we continue. Good job though on LN so far. bitPico [10:46 PM] uploaded and commented on this image: Screen Shot 2018-03-19 at 1.44.19 AM.png Fun stats: We've sucked 3.3 GB's of bandwidth per hour from LN nodes. This will continue while we sleep. Every 80 milliseconds there is 44 attacks being performed. bitPico [10:48 PM] :sleeping: kekalot [1:35 AM] Seems likely. They were also the one who claimed segwit 2x would continue after it was officially canceled. Matt Drollette I'm beginning to wonder if @bitPico is actually performing a meta-attack on Lightning. A denial-of-service at the developer level with all this subtle trolling Posted in #lightning-network Mar 18th bitcoinhunter [3:07 AM] So you put down the network @bitPico or just DDosing dev`s time ? kekalot [3:08 AM] technically youd need multiple people to be doing it to be considered DDoS this is just DoS Mike Rizzo [7:57 AM] joined #lightning-network. Alphonse Pace [8:31 AM] bitpico: are you bragging about attacking computer networks on here? Bear Shark [9:54 AM] That was the funnest 5 minutes of my life. Watching a guy go from bragging about attempting a DoS to deleting the account. aceat64 [9:56 AM] Reporting an attack vector is fine, releasing PoC code is fine, but actually DoSing a network is a crime, and to just go online and brag about it, wow The only way that could have been worse would be if they didn't use a pseudonym Bear Shark [9:58 AM] It's fine. He was probably sitting behind 3 tor exits and 10 VPNs (edited) chek2fire [10:09 AM] i see c-lightning is always at 80% cpu usage Russell O'Connor [10:12 AM] Did bitPico delete their own account themselves? kekalot [10:26 AM] @alp? Alphonse Pace [10:27 AM] I banned. zero tolerance for illegal shit. chek2fire [10:29 AM] and he says hitler is alive :stuck_out_tongue: chek2fire [10:43 AM] i dont know why but the new version of lightning-c has a huge cpu usage (edited) chek2fire [11:06 AM] is there possible not compatibility from lnd to c-lightning? i just connect bitrefil and they say that in their lnd node bitrefill payments works in my c-lightning is not working when i try to do a payment with their ln links i always get this "code" : 205, "message" : "Could not find a route", "data" : { "getroute_tries" : 2, "sendpay_tries" : 1 } } hkjn [12:00 PM] was that just-banned bitpico the same one as this one? https://lists.linuxfoundation.org/pipermail/bitcoin-segwit2x/2017-November/000689.html Russell O'Connor [12:02 PM] I believe they claimed to be. It's hard to know for sure I guess. Matt Drollette [12:03 PM] Lest we forget.
Laolu Osuntokun [1:48 PM] lmao
pebble [4:52 PM] joined #lightning-network. camelCase [10:28 PM] could be possible to run two lnd nodes in sync between them? i mean wallet-wise (edited) Justin Camarena [8:02 AM] Bitrefill getting DDos'd lol that bitpico tho Brandy Lee Camacho [8:21 AM] joined #lightning-network. chek2fire [8:53 AM] my c-lightning node has very high cpu usage is always at 80% in the same time bitcoin node is at 15-17% Gregory Sanders [8:58 AM] @chek2fire could be the gossip silliness that's being worked on, or bitPico :stuck_out_tongue: probably gossip inefficiency chek2fire [8:59 AM] maybe someone dos my node i dont know Laolu Osuntokun [11:46 AM] time to learn how to use iptables folks Sent from my Space Ship (edited) camelCase [11:50 AM] anyone knows if what i asked above is possible? like running two or more nodes that replicate the wallet so you avoid having your channels offline gonzobon [11:55 AM] https://twitter.com/alexbosworth/status/976158861722726405 Alex Bosworth ☇@alexbosworth Lightning nodes are getting DDOS'ed, rumor is that someone from the 2x effort known as "BitPico" has taken credit for this. The Lightning services I've deployed have been attacked from the start, with botnets, etc. Deploying in adversarial conditions, decentralization is hard. Twitter Mar 20th camelCase [11:56 AM] well... at least we know we wasn't trolling about that lol v33r [11:58 AM] https://twitter.com/alexbosworth/status/976158861722726405 gonzobon [11:59 AM] beat you to it @v33r_ :stuck_out_tongue: Tomislav Bradarić [12:23 PM] something something good for bitcoin but really, better to see how sturdy things are now than when lightning starts getting adopted more, like how the last rise in popularity was at the same time as blockchain spam gonzobon [12:28 PM] andreas put it in context as a good testing opp. Hiro Protagonist [1:04 PM] I so wanna get my old sysasmin-devops team together to start running lightning nodes under these conditions. Every website is attacked relentlessly by DoS, spoofing, etc. Defences exist but you need skills to figure out what to do. [link] [comments]  | ||
| Joannes Vermorel’s roadmap to making 1TB block capable nodes. Also, he is hiring! Posted: 22 Mar 2018 09:40 PM PDT | ||
| Posted: 22 Mar 2018 11:13 PM PDT ... and this causes a positive loop, a positive feedback cycle, where the cost to make enhancements to Bitcoin (Cash) are cheaper and cheaper. Imagine trying to do anything experimental on BCore Segwitcoin in January, where a simple test transaction guaranteed in next block would of been $40 :D Queue coreons right now who'll respond saying BTC BCore Segwitcoin fees are now 1 satoshi or whatever... now yes, that's because nobody is using BTC now, the ship is sinking. [link] [comments]  | ||
| Bitcoin Cash is already the killer application Posted: 22 Mar 2018 08:11 AM PDT
[link] [comments]  | ||
| Get Bitcoin Cash In The Hands Of More People (Network Effects) Posted: 22 Mar 2018 02:26 PM PDT After running an exchange for a short time now, I am observing something about other coins. Some altcoins have more users on LBCH than Bitcoin Cash users. For a site that is about Bitcoin Cash, I find this puzzling. This makes me think about a lot of things. You know what they say about learning stuff, learn the different strengths from others combine it and you become better than them all. One of the observations I made is that these altcoins have free airdrops to put their coins into the hands of more users. I am not saying we do free airdrops of BCH to people but one of the things I find is often underestimated and cannot be repeated enough is getting Bitcoin Cash in the hands of more people. If you have 10 BTC propaganda worker harassing 10 BCH users, the effect of the propaganda is more effective than if you have 10 BTC propaganda worker harassing 10000 BCH users. But when you have 10 million BCH users, those 10 BTC propaganda workers efforts will be really insignificant. And more importantly, each of those 10 million BCH users will be activist spreading the BCH movement and killing any anti-BCH misinformation. I know it has been said before, but I feel it is worth repeating that it is of top priority (in everyone's interests), in my opinion, to find ways to get Bitcoin Cash into the hands of more people. This is the reason why we add working for Bitcoin Cash in LocalBitcoinCash. It's a win-win-win situation. You put up what you want, you get what you want done, the worker gets paid, the Bitcoin Cash network benefits as a whole. Other work/gig sites charge 20% to 35% commission, LBCH doesn't charge anything. 100% of the awarded funds go directly to the workers. This might seem like a plug for the LBCH site but it's not. I don't make money from the site. In fact, if I had to depend on it, I probably be homeless by now. What I really care about is this opportunity to shape a new future, and it can only be done with more people, the more the merrier. I applaud all the unsung heroes in the ecosystem, working tirelessly to bring this new better future to humanity. I think it is these unsung heroes working quietly in the background that truly makes the world a better place. [link] [comments]  | ||
| Posted: 22 Mar 2018 05:50 AM PDT
 | ||
| @Satshi's vision - does anyone have their eye on the 2020 Olympics?? Posted: 22 Mar 2018 10:47 PM PDT Tokyo is the ripest city on the planet for viral BCH adoption and there's the added bonus of an influx of tourists coming in for the 2020 summer olympics. Is anybody on this?? I've put the idea out there for a weekly roaming BCH meetup that hit's a new bar every week provided they agree to take BCH 0-conf transactions. That would net a few hundred bars in Tokyo before a million people flood the city, plus it'd be good for camaraderie. And who doesn't like whisky and beers? Any other ideas to get the ball rolling a little faster? [link] [comments]  | ||
| Satoshi Vision Conference was just began. Posted: 22 Mar 2018 05:33 PM PDT
 | ||
| A bitcoin miner is growing 'Cryptomatoes' using excess heat from his mining setup Posted: 22 Mar 2018 12:44 PM PDT
 | ||
| 0-conf transactions on BCH are safer for merchants than checks, credit cards. Posted: 22 Mar 2018 05:56 AM PDT When a merchant accepts a check from a customer, do they wait days for it to clear before providing the good or service? When they accept credit cards, do they wait months to be sure the customer won't do a chargeback? 0-conf transactions on Bitcoin Cash (or a similar crypto where the blocks are guaranteed to never be full) are objectively safer, more reliable and faster to fully confirm than accepting either checks or credit cards. [link] [comments]  | ||
| Currently moving at ~230km/hr toward a whole lot of Nakamoto consensus. Posted: 22 Mar 2018 05:45 AM PDT
 | ||
| Finally, someone from /r/bitcoin understands the purpose of bitcoin! Posted: 22 Mar 2018 01:16 PM PDT
 | ||
| Posted: 22 Mar 2018 10:11 AM PDT | ||
| Every fifth Lightning Network node fails after DDoS attack Posted: 22 Mar 2018 09:20 AM PDT
 |
![[link]](https://i.imgur.com/Ds3YQFG.png){kind=link}
![[link]](https://i.redd.it/cc291lfvqcn01.jpg){kind=link}
![[link]](https://i.redd.it/6qz05e5pren01.jpg){kind=link}
![[link]](https://i.redd.it/a93bwtofhdn01.png){kind=link}
| You are subscribed to email updates from Bitcoin - The Internet of Money. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment