Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 4B3B0B8B for ; Wed, 15 Jul 2015 18:25:19 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-ig0-f173.google.com (mail-ig0-f173.google.com [209.85.213.173]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id B3005277 for ; Wed, 15 Jul 2015 18:25:18 +0000 (UTC) Received: by igbij6 with SMTP id ij6so78243261igb.1 for ; Wed, 15 Jul 2015 11:25:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=2iGLsgE/YLlBHy03emv5s+sDvsPUKlwOPTf6WrLqep8=; b=dgRovIhw/XPm8CtowLCit3CRfOtk1PUSaotIWwB3LbRXIscl5lifaXHT3RqLuFzHIp NryyFzuk6HxOgkLpllrN5t2I3fECeJvTJoC10INyo7bu6JKRUVAyFH25vu6TJSy1yZNm XEKckWOht1joL1EvGjoww3R1iyL+mxufLRtAe8pbKV3trHNnUrGUpF74fGAaOtCFsryX 4XgNJ+9wPeF1tKEA/VkY0/Ocwj2RLQQ+1kP4EzuzMisS4KIlRc8fAlD4AsjAnNIGCI8Q dWW/vF6BgoBzXb+GcpH8TiFtXIC2ukspVuBmI2ldPhwA3SInvACVrMSimbIyu6dN00ge /ddQ== X-Gm-Message-State: ALoCoQlkr4b4yY5Ng0M7qRwTCCAAEgM/y7JfcUwyrJCV3eZJyv+kBFUJKIkdVf9+AmjEh5lhPaRJ MIME-Version: 1.0 X-Received: by 10.50.143.43 with SMTP id sb11mr18731894igb.69.1436984718061; Wed, 15 Jul 2015 11:25:18 -0700 (PDT) Received: by 10.107.176.208 with HTTP; Wed, 15 Jul 2015 11:25:17 -0700 (PDT) In-Reply-To: <55A68668.6@bitcoins.info> References: <24662b038abc45da7f3990e12a649b8a@airmail.cc> <55A66FA9.4010506@thinlink.com> <20150715151825.GB20029@savin.petertodd.org> <20150715155903.GC20029@savin.petertodd.org> <55A68668.6@bitcoins.info> Date: Wed, 15 Jul 2015 11:25:17 -0700 Message-ID: From: Matthieu Riou To: bitcoin-dev@lists.linuxfoundation.org Content-Type: multipart/alternative; boundary=001a1135e91aab1673051aee1368 X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,HTML_MESSAGE, RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] Significant losses by double-spending unconfirmed transactions X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jul 2015 18:25:19 -0000 --001a1135e91aab1673051aee1368 Content-Type: text/plain; charset=UTF-8 Hi, Thanks for the bug report Simon, "responsible" disclosure on public forums is always appreciated. We're working with ShapeShift to make sure we can protect them appropriately against this specific attack in the future. As "Me" and Adrian advised, I would also encourage you return the funds. Regarding Peter's accusations on Twitter/Reddit/listserve, we have no idea why we are his target. He has never met with our CEO, has no idea of our business model, nor our company objectives. All his comments about us are his speculations. I'm sure Peter knows what a Sybil attack actually is and making such claims on a public forum is completely unfounded and uncalled for. Stretching definitions beyond the point where they make sense is a common rhetoric and political tool, not necessarily appropriate in a professional or technical context. We offer useful services for many startups like ourselves. We are good actors in this space. As a startup we are also constrained by limited resources (we're funded but far from larger companies resources). Companies aren't built in a single day and we hope to do more to help decentralization in the future as well. We're trying to further the ecosystem with our small team, so the pot shots are puzzling. Thanks, Matthieu On Wed, Jul 15, 2015 at 9:12 AM, Milly Bitcoin via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > Below are 2 examples why a systematic risk analysis needs to be used. The > current situation is that you have developers making hyperbolic, demonizing > statements that users are "spammers" and engaged in Sybil "attacks." > Characterizing these activities as spam and Sybil attacks is not a > systematic analysis, it is closer to the process used at the Salem Witch > trials. > > If this process of demonetization is to take its natural course then these > statements are "developer attacks" from a developer system that lacks > proper incentives and is rife with conflicts of interest. > > Russ > > > ... they need to >> connect to a large % of nodes on the network; that right there is a >> sybil attack. It's an approach that uses up connection slots for the >> entire network and isn't scalable; if more than a few services were >> doing that the Bitcoin network would become significantly less reliable, >> at some point collapsing entirely. >> > > ... > > > Spammers out there are being very disrepectful of my fullnode resources > > > > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > --001a1135e91aab1673051aee1368 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hi,

Thanks for the bug report Sim= on, "responsible" disclosure on public forums is always appreciat= ed. We're working with ShapeShift to make sure we can protect them appr= opriately against this specific attack in the future. As "Me" and= Adrian advised, I would also encourage you return the funds.

Regarding Peter's accusations on Twitter/Reddit/listserve, we hav= e no idea why we are his target. He has never met with our CEO, has no idea= of our business model, nor our company objectives. All his comments about = us are his speculations. I'm sure Peter knows what a Sybil attack actua= lly is and making such claims on a public forum is completely unfounded and= uncalled for. Stretching definitions beyond the point where they make sens= e is a common rhetoric and political tool, not necessarily appropriate in a= professional or technical context.

We offer usefu= l services for many startups like ourselves. We are good actors in this spa= ce. As a startup we are also constrained by limited resources (we're fu= nded but far from larger companies resources). Companies aren't built i= n a single day and we hope to do more to help decentralization in the futur= e as well. We're trying to further the ecosystem with our small team, s= o the pot shots are puzzling.

Thanks,
Ma= tthieu

On Wed,= Jul 15, 2015 at 9:12 AM, Milly Bitcoin via bitcoin-dev &= lt;bitcoin-dev@lists.linuxfoundation.org> wrote:
Below are 2 examples why a systematic risk analysis n= eeds to be used. The current situation is that you have developers making h= yperbolic, demonizing statements that users are "spammers" and en= gaged in Sybil "attacks."=C2=A0 Characterizing these activities a= s spam and Sybil attacks is not a systematic analysis, it is closer to the = process used at the Salem Witch trials.

If this process of demonetization is to take its natural course then these = statements are "developer attacks" from a developer system that l= acks proper incentives and is rife with conflicts of interest.

Russ


... they need to
connect to a large % of nodes on the network; that right there is a
sybil attack. It's an approach that uses up connection slots for the entire network and isn't scalable; if more than a few services were
doing that the Bitcoin network would become significantly less reliable, at some point collapsing entirely.

...

> Spammers out there are being very disrepectful of my fullnode resource= s



_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev

--001a1135e91aab1673051aee1368--