path: root/00/ad1a794000262c6b84a478b4a02329316ab941

Return-Path: <eric@voskuil.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 73547899
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Tue, 28 Jun 2016 18:35:31 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-wm0-f44.google.com (mail-wm0-f44.google.com [74.125.82.44])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 343C32D4
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Tue, 28 Jun 2016 18:35:30 +0000 (UTC)
Received: by mail-wm0-f44.google.com with SMTP id r201so40334444wme.1
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Tue, 28 Jun 2016 11:35:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=voskuil-org.20150623.gappssmtp.com; s=20150623;
	h=mime-version:subject:from:in-reply-to:date:cc
	:content-transfer-encoding:message-id:references:to;
	bh=Ft9O8t8gE9MPHiosnS2uQBNMncPSOyPuJH9OKp1haUU=;
	b=DqeAEeSgnzEU2MHhWs9vW+OYSx7lALd3N0rSEMmM+eZ/whIv8gd2YVYciXBr9RGl2Z
	zYcRVapLWvAxd9/vxFJNwIjqsHoL/AcWPd/07+GFfT+tHuDKlygoq9rUw6/7kGKTIsNj
	Dq3Qphh/rzg0yazyTtei+NtYrLAwRchH9R2sTl3CRMOL/8Y5ddR/srZqV3k4ixdMrUN1
	FniZUjVFGHN8ijH+L+3Q/GQsjv3l80RVimIG2EgOFoUkhiouOvyeL64Glg712lz2Mwif
	FwMsKOBkrKLWc5bHuP1U8Xv+/QILA0IKB4O7DWoLx4dar1Sm6XTwBDpEV6DCdnORhXS6
	lK4A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
	:content-transfer-encoding:message-id:references:to;
	bh=Ft9O8t8gE9MPHiosnS2uQBNMncPSOyPuJH9OKp1haUU=;
	b=l6hjVqetpNpZ5+6e/hkgovQv4wFoTE1UVkzOklHubmlDpar8sKHbvxgVgZv063tpSx
	HK91pKRbS0n5W6DhXLkmwt3VmeOTUkpOgZbuCwGzuWGhRfUYCtAFRAN9NAB1Dp8tFsrk
	0FVrdXbjDIeZOoWI2o0z1NVp6MwAK3mug6zWhIYxW7CBJTp4+yoiFx3HQYxZs1DsX3DP
	fERuyA2W8KlB+O8QSmvepqF7gYua5yDE9WCBV13JK0RlyWsUCWmZewYcNeCEYZCgvplt
	3Fy6IKULaCzNw1UEZ6sEFfKP50gdiU1udwmm7d6V1NC4drvaS7Uc6R3zYXF6Mxxlu45u
	myAg==
X-Gm-Message-State: ALyK8tL6FfoDh/SxKM0tzHOfwvG/8kAMOxcgQoRXY2vCy5grnH/FbL7fYbyOqCRcpINCeg==
X-Received: by 10.28.66.204 with SMTP id k73mr16963801wmi.20.1467138928826;
	Tue, 28 Jun 2016 11:35:28 -0700 (PDT)
Received: from [10.114.7.71] ([41.33.219.254])
	by smtp.gmail.com with ESMTPSA id p191sm249290wme.7.2016.06.28.11.35.27
	(version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Tue, 28 Jun 2016 11:35:28 -0700 (PDT)
Content-Type: text/plain;
	charset=us-ascii
Mime-Version: 1.0 (1.0)
From: Eric Voskuil <eric@voskuil.org>
X-Mailer: iPhone Mail (13F69)
In-Reply-To: <20160628182202.GA5519@fedora-21-dvm>
Date: Tue, 28 Jun 2016 20:35:26 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <D40F9E9D-DB6C-4083-A9E8-C5EBC363DB30@voskuil.org>
References: <87h9cecad5.fsf@rustcorp.com.au>
	<1E86A00F-0609-4DBC-9543-94AE04CC13C9@voskuil.org>
	<577234A4.3030808@jonasschnelli.ch>
	<360EF9B8-A174-41CA-AFDD-2BC2C0B4DECB@voskuil.org>
	<20160628182202.GA5519@fedora-21-dvm>
To: Peter Todd <pete@petertodd.org>
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, MIME_QP_LONG_LINE,
	RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] BIP 151
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jun 2016 18:35:31 -0000

Hi Peter,

What in this BIP makes a MITM attack easier (or easy) to detect, or increase=
s the probability of one being detected?

e

> On Jun 28, 2016, at 8:22 PM, Peter Todd <pete@petertodd.org> wrote:
>=20
> On Tue, Jun 28, 2016 at 06:45:58PM +0200, Eric Voskuil via bitcoin-dev wro=
te:
>>> 1) Transaction censorship
>>> ISPs, WIFI provider or any other MITM, can holdback/censor unconfirmed
>>> transactions. Regardless if you are a miner or a validation/wallet node.=

>>>=20
>>> 2) Peer censorship
>>> MITM can remove or add entries from a "addr" message.
>>>=20
>>> 3) Fingerprinting
>>> ISPs or any other MITM can intercept/inject fingerprinting relevant
>>> messages like "mempool" to analyze the bitcoin network.
>>=20
>> Encryption alone cannot protect against a MITM attack in an anonymous and=
 permissionless network. This is accepted in the BIP (and your follow-up rep=
ly).
>=20
> Being able to easily detect MITM attacks is a _huge_ step forward that
> shouldn't be underestimated; even if 99% of users aren't in a position to
> detect the MITM you only need a small subset of users that do the necessar=
y
> checks to alert the wider community, who can then respond with stronger
> security measures. Those measures are likely to be more costly - authentic=
ated
> systems are significantly harder than not - so better to save your efforts=

> until the need for them is more obvious.
>=20
> Also the fact that an attack has a reasonable probability of detection is a=
 big
> disincentive for many types of attackers - note how one of the things reve=
aled
> in the Snowden leaks was the fact that the NSA generally tries quite hard t=
o
> avoid tipping off targets to the fact that they're being surveilled, with a=

> myriad of carefully scripted policies to control when and how exploits are=
 used
> against targets.
>=20
> --=20
> https://petertodd.org 'peter'[:-1]@petertodd.org