Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1VAL0D-0001II-CW for bitcoin-development@lists.sourceforge.net; Fri, 16 Aug 2013 14:27:45 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.192.169 as permitted sender) client-ip=209.85.192.169; envelope-from=wtogami@gmail.com; helo=mail-pd0-f169.google.com; Received: from mail-pd0-f169.google.com ([209.85.192.169]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1VAL09-0000EU-Hx for bitcoin-development@lists.sourceforge.net; Fri, 16 Aug 2013 14:27:45 +0000 Received: by mail-pd0-f169.google.com with SMTP id r10so2331665pdi.14 for ; Fri, 16 Aug 2013 07:27:35 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.68.178.35 with SMTP id cv3mr1879641pbc.160.1376663255661; Fri, 16 Aug 2013 07:27:35 -0700 (PDT) Received: by 10.66.72.225 with HTTP; Fri, 16 Aug 2013 07:27:35 -0700 (PDT) In-Reply-To: <20130816141536.GD16201@petertodd.org> References: <20130816140116.GB16201@petertodd.org> <20130816141536.GD16201@petertodd.org> Date: Fri, 16 Aug 2013 04:27:35 -1000 Message-ID: From: "Warren Togami Jr." To: Bitcoin Dev Content-Type: multipart/alternative; boundary=047d7b86f60054442904e411649e X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (wtogami[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [209.85.192.169 listed in list.dnswl.org] 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1VAL09-0000EU-Hx Subject: Re: [Bitcoin-development] Gavin's post-0.9 TODO list... X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Aug 2013 14:27:45 -0000 --047d7b86f60054442904e411649e Content-Type: text/plain; charset=UTF-8 bitcoinj-0.10 release notes: - We now require Bloom-capable (0.8+) peers by default and will disconnect from older nodes. This avoids accidental bandwidth saturation on mobile devices. Given the user-security concern that Peter brings up, reconsideration of this new default behavior in SPV clients may be warranted. On Fri, Aug 16, 2013 at 4:15 AM, Peter Todd wrote: > On Fri, Aug 16, 2013 at 10:01:16AM -0400, Peter Todd wrote: > > Doing this also makes it more difficult to sybil the network - for > > instance right now you can create "SPV honeypots" that allow incoming > > connections only from SPV nodes, thus attracting a disproportionate % of > > the total SPV population given a relatively small number of nodes. You > > can then use that to harm SPV nodes by, for instance, making a % of > > transactions be dropped deterministicly, either by the bloom matching > > code, or when sent. Users unlucky enough to be surrounded by sybil nodes > > will have their transactions mysteriously fail to arrive in their > > wallets, or have their transactions mysteriously never confirm. Given > > how few full nodes there are, it probably won't take very many honeypots > > to pull off this attack, especially if you combine it with a > > simultaneous max connections or bloom io attack to degrade the capacity > > of honest nodes. > > Oh, here's an even better way to do the "tx drop" attack: when you drop > a transaction, make a fake one that pays the same scriptPubKeys with the > same amount, and send it to the SPV peer instead. They'll see the > transaction go through and show up in their wallet, but it'll look like > it got stuck and never confirmed. They'll soon wind up with a wallet > full of useless transactions, effectively locking them out of their > money. > > Here's another question for you Mike: So does bitcoinj have any > protections against peers flooding you with useless garbage? It'd be > easy to rack up a user's data bill for instance by just creating junk > unconfirmed transactions matching the bloom filter. > > -- > 'peter'[:-1]@petertodd.org > 0000000000000018dcf5bcc3f018a05517ba1c479b432ba422015d4506496e55 > > > ------------------------------------------------------------------------------ > Get 100% visibility into Java/.NET code with AppDynamics Lite! > It's a free troubleshooting tool designed for production. > Get down to code-level detail for bottlenecks, with <2% overhead. > Download for free and get started troubleshooting in minutes. > http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > --047d7b86f60054442904e411649e Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
bitcoinj-0.10 release notes:
  • We now require Bl= oom-capable (0.8+) peers by default and will disconnect from older nodes. T= his avoids accidental bandwidth saturation on mobile devices.
Given the user-security concern = that Peter brings up, reconsideration of this new default behavior in SPV c= lients may be warranted.



On Fri, Aug 16, 2013 at 4:15 AM, Peter T= odd <pete@petertodd.org> wrote:
On Fri, Aug 16, 2013 at 10:01:16AM -0400, Peter Todd wrot= e:
> Doing this also makes it more difficult to sybil the network - for
> instance right now you can create "SPV honeypots" that allow= incoming
> connections only from SPV nodes, thus attracting a disproportionate % = of
> the total SPV population given a relatively small number of nodes. You=
> can then use that to harm SPV nodes by, for instance, making a % of > transactions be dropped deterministicly, either by the bloom matching<= br> > code, or when sent. Users unlucky enough to be surrounded by sybil nod= es
> will have their transactions mysteriously fail to arrive in their
> wallets, or have their transactions mysteriously never confirm. Given<= br> > how few full nodes there are, it probably won't take very many hon= eypots
> to pull off this attack, especially if you combine it with a
> simultaneous max connections or bloom io attack to degrade the capacit= y
> of honest nodes.

Oh, here's an even better way to do the "tx drop" attac= k: when you drop
a transaction, make a fake one that pays the same scriptPubKeys with the same amount, and send it to the SPV peer instead. They'll see the
transaction go through and show up in their wallet, but it'll look like=
it got stuck and never confirmed. They'll soon wind up with a wallet full of useless transactions, effectively locking them out of their
money.

Here's another question for you Mike: So does bitcoinj have any
protections against peers flooding you with useless garbage? It'd be easy to rack up a user's data bill for instance by just creating junk unconfirmed transactions matching the bloom filter.

--
'peter'[:-1]@pet= ertodd.org
0000000000000018dcf5bcc3f018a05517ba1c479b432ba422015d4506496e55

-----------------------------------------------------------= -------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead.
Download for free and get started troubleshooting in minutes.
http://pubads.g.doubleclick.net/gam= pad/clk?id=3D48897031&iu=3D/4140/ostg.clktrk
___________________= ____________________________
Bitcoin-development mailing list
Bitcoin-develo= pment@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment


--047d7b86f60054442904e411649e--