AndyH
Posts: 6325
Joined: Fri Apr 23, 2010 3:43 pm
Location: San Antonio

Re: Cryptocoin?

Tue Feb 09, 2016 11:13 pm

knightmb wrote:I thought most had already moved away from bitcoin because of one of many issues or flaws in the system. Timekoin is probably the most popular one to move to since it is not based on bitcoin or some alt-coin clone.

Not likely that most in the community would jump to Timekoin at least because of their 'unlimited coin generation' - that's long-term inflation, and is contrary to one of the main reasons crypto was invented.
"The stupid become extinct."-Bill Mollison

2015 smart Electric Drive "The Bumblebee"
OpenEVSE Plus DIY

WetEV
Posts: 1760
Joined: Fri May 04, 2012 8:25 am
Delivery Date: 16 Feb 2014
Location: Near Seattle, WA

Re: Cryptocoin?

Wed Feb 10, 2016 10:11 am

AndyH wrote:The gaping hole in your 'analysis' is...


The gaping flaw in your analysis is confusion between ownership and control. You might have a document giving your ownership of a Bitcoin miner in China, but you don't have control over that Bitcoin miner.

Still don't understand? Suppose Xi Jinping wakes up tomorrow and is grumpy about some people who have just now became Enemies Of The State, and have a large balances of Bitcoin... What could he do? Think it through.


AndyH wrote:cryptoanarchist


I ran into these people back in the 1980's. Sorry, but I wasn't convinced then, and the story hasn't changed. XKCD had a great refutation of them a while back... I'll look for it.
WetEV
#49
Most everything around here is wet during the rainy season. And the rainy season is long.
2012 Leaf SL Red (Totaled)
2014 Leaf SL Red

WetEV
Posts: 1760
Joined: Fri May 04, 2012 8:25 am
Delivery Date: 16 Feb 2014
Location: Near Seattle, WA

Re: Cryptocoin?

Wed Feb 10, 2016 10:24 am

Not the one I was thinking of, but applies.

Image
WetEV
#49
Most everything around here is wet during the rainy season. And the rainy season is long.
2012 Leaf SL Red (Totaled)
2014 Leaf SL Red

AndyH
Posts: 6325
Joined: Fri Apr 23, 2010 3:43 pm
Location: San Antonio

Re: Cryptocoin?

Tue Feb 16, 2016 2:26 pm

WetEV wrote:
AndyH wrote:The gaping hole in your 'analysis' is...


The gaping flaw in your analysis is confusion between ownership and control. You might have a document giving your ownership of a Bitcoin miner in China, but you don't have control over that Bitcoin miner.

Sigh. This is horribly incorrect. Wet, it's pretty clear that you have a strong opinion, and you're welcome to it, but you really could benefit from some associated facts.

I have 100% total control over the machine, just as I have full control over the machine I have hosted in Missouri. I VPN to the box, log in, and I have complete control. I can reboot it, change pools, or shut it down. VPNs also get past the 'great firewall', which is more of a problem for distributed systems than any president or chairman.
"The stupid become extinct."-Bill Mollison

2015 smart Electric Drive "The Bumblebee"
OpenEVSE Plus DIY

AndyH
Posts: 6325
Joined: Fri Apr 23, 2010 3:43 pm
Location: San Antonio

Re: Cryptocoin?

Tue Feb 16, 2016 2:34 pm

WetEV wrote:Not the one I was thinking of, but applies.


I like xkcd but this doesn't actually apply to much of anything, except the weakness of social engineering. I actually don't know the vast majority of my passwords, so no amount of drugs or 'enhanced interrogation' can get them from me. Besides, one would need my fingerprints as well, so they'd better go easy on some of the 'wrench time'...
"The stupid become extinct."-Bill Mollison

2015 smart Electric Drive "The Bumblebee"
OpenEVSE Plus DIY

WetEV
Posts: 1760
Joined: Fri May 04, 2012 8:25 am
Delivery Date: 16 Feb 2014
Location: Near Seattle, WA

Re: Cryptocoin?

Wed Feb 17, 2016 8:23 pm

AndyH wrote:I have 100% total control over the machine, just as I have full control over the machine I have hosted in Missouri. I VPN to the box, log in, and I have complete control. I can reboot it, change pools, or shut it down. VPNs also get past the 'great firewall', which is more of a problem for distributed systems than any president or chairman.


Sigh.

I feel just as I did when my kid's computer got owned by some botnet from Romania over a decade ago. How did I know? I sniff packets on my local network to keep an eye out for stuff like this. Still do. Lots of packets out there that should have the evil bit set. But the kid didn't understand, or want to understand.

Naivety, especially when you know up front that the naive are going to put up an argument, isn't pleasant.

So how do we start? VPNs have, do and will in the future only get past the Great Firewall if and only if the Great Firewall allows them to get past. And even then, that doesn't mean they stay private. Know what a "man in the middle" attack is? Paid any attention to the bogus security certificate problem in China? And then the fun really starts. There are so many ways to control a computer you have physical access to... And the "owner" likely would not have a clue that you have done so. Still, you might actually have ownership today. Maybe. If so, only because the government spending the money for Golden Shield, of which the Great Firewall is just a small part, isn't interested in little you today.

100% total control? :lol: :lol: :lol: :lol: :roll: :lol:

Not.

The machine in Missouri isn't behind the Great Firewall, and security certificates are actually likely to be honest, rather than bogus, so a man in the middle is a much smaller worry. Secondly, you would have a path to legal action if any of this happened. So your odds in Missouri are better. Not 100% absolute, but fairly good.

In China, you don't have a path for legal action. If it happens in China, it is likely the government. You have zero leverage against the Chinese State.
WetEV
#49
Most everything around here is wet during the rainy season. And the rainy season is long.
2012 Leaf SL Red (Totaled)
2014 Leaf SL Red

AndyH
Posts: 6325
Joined: Fri Apr 23, 2010 3:43 pm
Location: San Antonio

Re: Cryptocoin?

Thu Feb 18, 2016 4:31 pm

WetEV wrote:
AndyH wrote:I have 100% total control over the machine, just as I have full control over the machine I have hosted in Missouri. I VPN to the box, log in, and I have complete control. I can reboot it, change pools, or shut it down. VPNs also get past the 'great firewall', which is more of a problem for distributed systems than any president or chairman.


Sigh.

I feel just as I did when my kid's computer got owned by some botnet from Romania over a decade ago. How did I know? I sniff packets on my local network to keep an eye out for stuff like this. Still do. Lots of packets out there that should have the evil bit set. But the kid didn't understand, or want to understand.

Naivety, especially when you know up front that the naive are going to put up an argument, isn't pleasant.

So how do we start? VPNs have, do and will in the future only get past the Great Firewall if and only if the Great Firewall allows them to get past. And even then, that doesn't mean they stay private. Know what a "man in the middle" attack is? Paid any attention to the bogus security certificate problem in China? And then the fun really starts. There are so many ways to control a computer you have physical access to... And the "owner" likely would not have a clue that you have done so. Still, you might actually have ownership today. Maybe. If so, only because the government spending the money for Golden Shield, of which the Great Firewall is just a small part, isn't interested in little you today.

100% total control? :lol: :lol: :lol: :lol: :roll: :lol:

Not.

The machine in Missouri isn't behind the Great Firewall, and security certificates are actually likely to be honest, rather than bogus, so a man in the middle is a much smaller worry. Secondly, you would have a path to legal action if any of this happened. So your odds in Missouri are better. Not 100% absolute, but fairly good.

In China, you don't have a path for legal action. If it happens in China, it is likely the government. You have zero leverage against the Chinese State.

Maybe some sources of security certificates in China are bad. Are you really trying to suggest that because some are that all are, and/or that any of the folks installing the VPNs are actually using bad Chinese certificates? Do you know how VPNs and TOR are actually encrypted? You might want to check that out.

Maybe you can tell me then, how someone could benefit from somehow hijacking mining machines controlled by Raspberry Pi micros running firewall software. A botnet - really? :lol: Let's see...there are bloody bazillions of PCs scattered all over the world using the same operating system with the same vulnerabilities on one hand, and there orders of magnitude fewer machines scattered around all using different tiny microcontrollers with different software and different vulnerabilities on the other hand. One of these is a worthwhile target, one is not. :lol: Hell, the easiest way for the Chinese government to access the machines is to leave their script kiddies at home and just walk into the warehouses and shut the machines off. The network will be just fine. The firewall could split the network into a 'china' and'rest of the world' section, but there are ways around that as well - and there are plenty of smart people watching for such an event, and the community ready to respond should that happen.

Your view of the firewall is not accurate, or accurate but useless, depending on one's goal. The entire point of VPNs and network structures like TOR is to get past such constructs. The only way any firewall can keep all traffic out is to lock down everything - and that seriously challenges the usefulness of a network, hmm? So yes, someone "could" pull the big internet disconnect switch in the sky, but they're unlikely to ever do so - and if things in the world get that bad we'll have plenty of more important things to worry about.

Yes, I can see you shaking your head already. Look at the Arab Spring protests and look at what happened when a country (say, Egypt, for example) actually DID disconnect an entire country from the internet. Not only did it not stop crypto transactions or Twitter, it expanded them - because the more the government tried to control information, the more vehemently the citizenry moved to get reliable information via dial-up, satellite, and cell phone connections that still existed. Anonymous sent connection into and phone numbers via FAX and cellphone. Check HAMRadioCoin - crypto via radio. Can't stop the signal, Mal.

As an aside, my final tour in the AF was spent running a lab that did penetration testing and cyber-defense on regular networks and SCADA systems. During the tour prior to that I was the the unit's sysadmin/netadmin for the multiple networks. I'm also on the code development team for a coin based on BTC. I'm not only well aware of what a man in the middle attack is, I've both performed them and have protected DoD networks from them. Removing traces of a botnet from my son's PC and sniffing packets? Yawn. I maintain about 2 dozen machines of various types running Windows and Linux, both local and remote servers. The LAST computers within my span of control I'm concerned about are any of my miners.
"The stupid become extinct."-Bill Mollison

2015 smart Electric Drive "The Bumblebee"
OpenEVSE Plus DIY

WetEV
Posts: 1760
Joined: Fri May 04, 2012 8:25 am
Delivery Date: 16 Feb 2014
Location: Near Seattle, WA

Re: Cryptocoin?

Fri Feb 19, 2016 7:32 am

AndyH wrote:Are you really trying to suggest that because some are that all are, and/or that any of the folks installing the VPNs are actually using bad Chinese certificates? Do you know how VPNs and TOR are actually encrypted? You might want to check that out.


Andy, go to China, and get a nonspecial VPN connection to outside the Great Firewall and tell us how you did it.

Special VPN connections are related to businesses that China wants, or are the "VPN" access that you can buy from street vendors in any major Chinese city.

The first might actually be private, corporate IT ranges from very good to clueless. The firewall allows them. The second almost surely isn't private. Do I need to spell out why?

There are no TOR nodes in China. Traffic between TOR nodes is very identifiable (but not decryptable), so can easily be blocked by the firewall. Connections from inside China to TOR nodes are mostly blocked, as they are also very identifiable (but not decryptable) , other than from a block of IP addresses which is a Chinese government organization (CERNET).

TOR is mostly blocked, meaning in the single digits per day or less (other than government business, thousands per day) as far as can be determined, and remember that China doesn't allow for computer access without identification. That means if a Chinese citizen used their computer to access TOR, would likely get a visit from State Security. Same for a internet cafe's computer. And the rest of Golden Shield still might mean everything done over TOR likely will be known by State Security. $5 wrench attack, no crypto needed.

AndyH wrote:Maybe you can tell me then, how someone could benefit from somehow hijacking mining machines controlled by Raspberry Pi micros running firewall software.


At today's price for Bitcoin, $6,406,052,752

AndyH wrote:Hell, the easiest way for the Chinese government to access the machines is to leave their script kiddies at home and just walk into the warehouses and shut the machines off.


Oooh, finally a clue! :D

Not to shut the machines off. Control over a majority of Bitcoin miners is control over Bitcoin. Why would the Chinese government throw that away by just shutting the machines down?
WetEV
#49
Most everything around here is wet during the rainy season. And the rainy season is long.
2012 Leaf SL Red (Totaled)
2014 Leaf SL Red

AndyH
Posts: 6325
Joined: Fri Apr 23, 2010 3:43 pm
Location: San Antonio

Re: Cryptocoin?

Wed Feb 24, 2016 10:59 pm

WetEV wrote:
AndyH wrote:Are you really trying to suggest that because some are that all are, and/or that any of the folks installing the VPNs are actually using bad Chinese certificates? Do you know how VPNs and TOR are actually encrypted? You might want to check that out.


Andy, go to China, and get a nonspecial VPN connection to outside the Great Firewall and tell us how you did it.

Special VPN connections are related to businesses that China wants, or are the "VPN" access that you can buy from street vendors in any major Chinese city.

The first might actually be private, corporate IT ranges from very good to clueless. The firewall allows them. The second almost surely isn't private. Do I need to spell out why?

There are no TOR nodes in China. Traffic between TOR nodes is very identifiable (but not decryptable), so can easily be blocked by the firewall. Connections from inside China to TOR nodes are mostly blocked, as they are also very identifiable (but not decryptable) , other than from a block of IP addresses which is a Chinese government organization (CERNET).

TOR is mostly blocked, meaning in the single digits per day or less (other than government business, thousands per day) as far as can be determined, and remember that China doesn't allow for computer access without identification. That means if a Chinese citizen used their computer to access TOR, would likely get a visit from State Security. Same for a internet cafe's computer. And the rest of Golden Shield still might mean everything done over TOR likely will be known by State Security. $5 wrench attack, no crypto needed.

AndyH wrote:Maybe you can tell me then, how someone could benefit from somehow hijacking mining machines controlled by Raspberry Pi micros running firewall software.


At today's price for Bitcoin, $6,406,052,752

DIdn't think so.

"...mostly blocked..." Right... "mostly pregnant". Tell me when China severs all TOR and the rest of the connections with the outside world and we can revisit this.
https://blog.torproject.org/blog/learning-more-about-gfws-active-probing-system

WetEV wrote:
AndyH wrote:Hell, the easiest way for the Chinese government to access the machines is to leave their script kiddies at home and just walk into the warehouses and shut the machines off.


Oooh, finally a clue! :D

Not to shut the machines off. Control over a majority of Bitcoin miners is control over Bitcoin. Why would the Chinese government throw that away by just shutting the machines down?


No Wet - the "majority" of mining machines are not in China, and the microcontrollers in these boxes are not capable of 'controlling' the network or the coin. If you are really interested in this, you might want to spend some quality time understanding how these things work. That these currencies were specifically developed so that NO single entity can take control of the currency or network is a really important part of this...

None of the VPNs between me and my miners - even in China - use anyone's commercial certificates. I trust the hosting company and the 4096 bit RSA link we have - and it's got nothing to do with the Chinese government or any commercial certificate vendor. In the event of a 'man in the middle' the snooper gets a bunch of double-encrypted packets. That doesn't give them control of anything.

Do you understand the significance of criticality and vulnerability in this context? Crypto currencies are legal in China and they have the world's largest trading industry. The government benefits from the many businesses active in the crypto space (note the bolded words above). If they were to even appear to try to 'take over' any currency there would be an immediate global backlash and all of the businesses operating within China would be running for the border - and many have said as much already.

If China blocked all P2P traffic (or all internet traffic) at their borders, it won't do squat to the BTC network - the rest of the miners will keep working and the network difficulty will drop to continue 10 minute block generation. All transactions will continue as they are now, and miners will receive the block reward for the blocks they find. If they are able to double-spend or reverse transactions, the people constantly looking for such activity activate the response system and we respond. If China severs the network, there will be an 'interior China' currency and an 'all others' network - and people will simply trade the two coins on an exchange just as we trade all the other coin pairs. And there will also be a response from the Chinese people that will make Tiananmen Square look like a picnic.

As I've said already - I used to do this stuff in a DoD realm. The last machines I'm concerned about are my miners. No. Just no.


"The stupid become extinct."-Bill Mollison

2015 smart Electric Drive "The Bumblebee"
OpenEVSE Plus DIY

palmermd
Posts: 2435
Joined: Fri Apr 23, 2010 3:19 pm
Delivery Date: 31 Mar 2011
Leaf Number: 1100011011
Location: Hermosa Beach, CA

Re: Cryptocoin?

Wed Nov 08, 2017 9:51 pm

Anyone see the price action on Bitcoin today. It was crazy volatile and high volume.
Michael

Leaf since 31 March 2011
Driving electric since 1996


First Bar Loss
Second Bar Loss
Third Bar Loss

Return to “Politics & Other Controversial Topics”