Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XFYBa-0004Rs-8T for bitcoin-development@lists.sourceforge.net; Fri, 08 Aug 2014 00:37:34 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.213.174 as permitted sender) client-ip=209.85.213.174; envelope-from=chrisjfranko@gmail.com; helo=mail-ig0-f174.google.com; Received: from mail-ig0-f174.google.com ([209.85.213.174]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1XFYBY-0007Sn-VY for bitcoin-development@lists.sourceforge.net; Fri, 08 Aug 2014 00:37:34 +0000 Received: by mail-ig0-f174.google.com with SMTP id c1so251253igq.7 for ; Thu, 07 Aug 2014 17:37:27 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.42.114.130 with SMTP id g2mr8349558icq.46.1407458247673; Thu, 07 Aug 2014 17:37:27 -0700 (PDT) Received: by 10.42.210.138 with HTTP; Thu, 7 Aug 2014 17:37:27 -0700 (PDT) In-Reply-To: References: <201408072345.45363.luke@dashjr.org> Date: Thu, 7 Aug 2014 20:37:27 -0400 Message-ID: From: Christopher Franko Cc: "bitcoin-development@lists.sourceforge.net" Content-Type: multipart/alternative; boundary=20cf303bf576e38c43050013686e X-Spam-Score: 2.3 (++) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 1.7 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist [URIs: dashjr.org] -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (chrisjfranko[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.2 MISSING_HEADERS Missing To: header 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1XFYBY-0007Sn-VY Subject: Re: [Bitcoin-development] Miners MiTM X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Aug 2014 00:37:34 -0000 --20cf303bf576e38c43050013686e Content-Type: text/plain; charset=UTF-8 What exactly makes bitcoin less of a target than a "scamcoin" which I suspect means anything that != bitcoin? On 7 August 2014 20:29, slush wrote: > AFAIK the only protection is SSL + certificate validation on client side. > However certificate revocation and updates in miners are pain in the ass, > that's why majority of pools (mine including) don't want to play with > that... > > slush > > > On Fri, Aug 8, 2014 at 1:45 AM, Luke Dashjr wrote: > >> On Thursday, August 07, 2014 11:02:21 PM Pedro Worcel wrote: >> > Hi there, >> > >> > I was wondering if you guys have come across this article: >> > >> > http://www.wired.com/2014/08/isp-bitcoin-theft/ >> > >> > The TL;DR is that somebody is abusing the BGP protocol to be in a >> position >> > where they can intercept the miner traffic. The concerning point is that >> > they seem to be having some degree of success in their endeavour and >> > earning profits from it. >> > >> > I do not understand the impact of this (I don't know much about BGP, the >> > mining protocol nor anything else, really), but I thought it might be >> worth >> > putting it up here. >> >> This is old news; both BFGMiner and Eloipool were hardened against it a >> long >> time ago (although no Bitcoin pools have deployed it so far). I'm not >> aware of >> any actual case of it being used against Bitcoin, though - the target has >> always been scamcoins. >> >> >> ------------------------------------------------------------------------------ >> Infragistics Professional >> Build stunning WinForms apps today! >> Reboot your WinForms applications with our WinForms controls. >> Build a bridge from your legacy apps to the future. >> >> http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk >> _______________________________________________ >> Bitcoin-development mailing list >> Bitcoin-development@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/bitcoin-development >> > > > > ------------------------------------------------------------------------------ > Want fast and easy access to all the code in your enterprise? Index and > search up to 200,000 lines of code with a free copy of Black Duck > Code Sight - the same software that powers the world's largest code > search on Ohloh, the Black Duck Open Hub! Try it now. > http://p.sf.net/sfu/bds > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > --20cf303bf576e38c43050013686e Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
What exactly makes bitcoin less of a target than a "s= camcoin" which I suspect means anything that !=3D bitcoin?


On 7 August 2014 20= :29, slush <slush@centrum.cz> wrote:
AFAIK the only protection i= s SSL + certificate validation on client side. However certificate revocati= on and updates in miners are pain in the ass, that's why majority of po= ols (mine including) don't want to play with that...

slush


On= Fri, Aug 8, 2014 at 1:45 AM, Luke Dashjr <luke@dashjr.org> wr= ote:
On Thursday, August 07, 2014 11:02= :21 PM Pedro Worcel wrote:
> Hi there,
>
> I was wondering if you guys have come across this article:
>
> http://www.wired.com/2014/08/isp-bitcoin-theft/
>
> The TL;DR is that somebody is abusing the BGP protocol to be in a posi= tion
> where they can intercept the miner traffic. The concerning point is th= at
> they seem to be having some degree of success in their endeavour and > earning profits from it.
>
> I do not understand the impact of this (I don't know much about BG= P, the
> mining protocol nor anything else, really), but I thought it might be = worth
> putting it up here.

This is old news; both BFGMiner and Eloipool were hardened agai= nst it a long
time ago (although no Bitcoin pools have deployed it so far). I'm not a= ware of
any actual case of it being used against Bitcoin, though - the target has always been scamcoins.

---------------------------------------------------------------------------= ---
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gam= pad/clk?id=3D153845071&iu=3D/4140/ostg.clktrk
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment


-----------------------------------------------------------= -------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/b= ds
_______________________________________________
Bitcoin-development mailing list
Bitcoin-develo= pment@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment


--20cf303bf576e38c43050013686e--