Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1QpD6T-0000hY-4t for bitcoin-development@lists.sourceforge.net; Fri, 05 Aug 2011 05:37:49 +0000 Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com designates 74.125.83.47 as permitted sender) client-ip=74.125.83.47; envelope-from=witchspace81@gmail.com; helo=mail-gw0-f47.google.com; Received: from mail-gw0-f47.google.com ([74.125.83.47]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-MD5:128) (Exim 4.76) id 1QpD6S-000356-Gf for bitcoin-development@lists.sourceforge.net; Fri, 05 Aug 2011 05:37:49 +0000 Received: by gwb11 with SMTP id 11so591469gwb.34 for ; Thu, 04 Aug 2011 22:37:43 -0700 (PDT) MIME-Version: 1.0 Received: by 10.150.8.10 with SMTP id 10mr2681080ybh.60.1312522662987; Thu, 04 Aug 2011 22:37:42 -0700 (PDT) Received: by 10.150.52.5 with HTTP; Thu, 4 Aug 2011 22:37:42 -0700 (PDT) In-Reply-To: References: <201108041038.47396.luke@dashjr.org> Date: Fri, 5 Aug 2011 05:37:42 +0000 Message-ID: From: John Smith To: Gavin Andresen Content-Type: multipart/alternative; boundary=000e0cd2537c164a1404a9bb7f94 X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (witchspace81[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.1 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (witchspace81[at]gmail.com) 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1QpD6S-000356-Gf Cc: bitcoin-development@lists.sourceforge.net Subject: Re: [Bitcoin-development] Blitcoin? (Black Hat 2011) X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Aug 2011 05:37:49 -0000 --000e0cd2537c164a1404a9bb7f94 Content-Type: text/plain; charset=ISO-8859-1 On Fri, Aug 5, 2011 at 1:16 AM, Gavin Andresen wrote: > > ... so it is a de-anonymize-via IP address not de-anonymize-via Bitcoin > address. And might go partway to explaining why we're having trouble with > network connectivity... > Well it's good that the bitcoin network is seeing some security testing. So I understand that we have a combination of problems at the moment: 1) A DDoS possibility (if this is really the cause of the network connectivity problems) 2) An attacker can figure out which node first broadcasted a transaction, by connecting to the entire network or having everyone connect to his node(s) 3) The recipient re-broadcasts transactions (is Theymos right here?), allowing both the sender and recipient to be found Drawok's suggestion about using UDP packets with spoofed sender addresses is interesting, as UDP has another advantage; you can open up an "inbound" UDP port on almost any NAT router without any UPNP magic: just send out an UDP packet, the router will wait a certain time for answers (on a mapped port number) and relay these back. It also has some potential issues; the client needs special privileges to spoof sender addresses, and some ISPs might filter out packets with non-matching sender addriess (unsure how common this is). JS --000e0cd2537c164a1404a9bb7f94 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
On Fri, Aug 5, 2011 at 1:16 AM, Gavin Andres= en <gavinan= dresen@gmail.com> wrote:

... so it is a de-anonymize-via IP address not de-anonymize-via Bitcoin a= ddress. =A0And might go partway to explaining why we're having trouble = with network connectivity...

Well it's good that the bitcoin network is seeing= some security testing.

So I understand that we have a combination o= f problems at the moment:

1) A DDoS possibility=A0 (if this is reall= y the cause of the network connectivity problems)

2) An attacker can figure out which node first broadcasted a transactio= n, by connecting to the entire network or having everyone connect to his no= de(s)

3) The recipient re-broadcasts transactions (is Theymos right = here?), allowing both the sender and recipient to be found

Drawok's suggestion about using UDP packets with spoofed sender add= resses is interesting, as UDP has another advantage; you can open up an &qu= ot;inbound" UDP port on almost any NAT router without any UPNP magic: = just send out an UDP packet, the router will wait a certain time for answer= s (on a mapped port number) and relay these back.

It also has some potential issues; the client needs special privileges = to spoof sender addresses, and some ISPs might filter out packets with non-= matching sender addriess (unsure how common this is).

JS

--000e0cd2537c164a1404a9bb7f94--