1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
|
Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194]
helo=mx.sourceforge.net)
by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <peter@coinlab.com>) id 1UFTUC-00034x-W7
for bitcoin-development@lists.sourceforge.net;
Tue, 12 Mar 2013 17:59:41 +0000
Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of coinlab.com
designates 209.85.216.54 as permitted sender)
client-ip=209.85.216.54; envelope-from=peter@coinlab.com;
helo=mail-qa0-f54.google.com;
Received: from mail-qa0-f54.google.com ([209.85.216.54])
by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1UFTU7-0005zf-Vf
for bitcoin-development@lists.sourceforge.net;
Tue, 12 Mar 2013 17:59:40 +0000
Received: by mail-qa0-f54.google.com with SMTP id hg5so158529qab.20
for <bitcoin-development@lists.sourceforge.net>;
Tue, 12 Mar 2013 10:59:30 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=20120113;
h=x-received:mime-version:in-reply-to:references:from:date:message-id
:subject:to:cc:content-type:x-gm-message-state;
bh=nqJ6md9TfwI32JfAvPHoo9rsWDMYnM+ioYeFZTLSvWU=;
b=PDcP3BwNlk4sFUq6u8ktlNNLzKj7eWdsGCefXkdlV7iMzsQqkGoUFkwUP/t7D5o86D
93PPhlJPO78Yhz8DGQzqJxuW+WTtind3fkndgX1X0LZiH/wLoqEgZjSwiq3fT9ep8L3n
+5Ug97C3TEIP2/lNWCTr3GJego9pMHUHQuDBQSLjDSYm58MYZCgOPH4D5qSEdRWlEPEE
ZlyramiEuseWMZ1BbvIQWJtO2JP0li0QdA+QlTVff9r2xYNLp1R5cx8MhujL/wapixsC
HR5C8J4W4op8LnsRE9NRVx+RoR09LStRveELC35UJRtT90SVgA0lSi+SlIgajVRMKNaa
H7cw==
X-Received: by 10.224.189.10 with SMTP id dc10mr23566187qab.55.1363109741389;
Tue, 12 Mar 2013 10:35:41 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.49.104.138 with HTTP; Tue, 12 Mar 2013 10:35:21 -0700 (PDT)
In-Reply-To: <CALf2ePwae8Y0KxYqcZxEk_KZjUcQN=jaAp=QWa20QeZtJU7UAA@mail.gmail.com>
References: <513ED35A.8080203@gmail.com> <201303121210.34515.luke@dashjr.org>
<CALf2ePwae8Y0KxYqcZxEk_KZjUcQN=jaAp=QWa20QeZtJU7UAA@mail.gmail.com>
From: Peter Vessenes <peter@coinlab.com>
Date: Tue, 12 Mar 2013 10:35:21 -0700
Message-ID: <CAMGNxUu-beLK4ZWqQrmoSfk9RgxTTJ3D9wmphPPGyFxQiE9uXg@mail.gmail.com>
To: Alan Reiner <etotheipi@gmail.com>
Content-Type: multipart/alternative; boundary=20cf30334667ed1ac404d7bdb735
X-Gm-Message-State: ALoCoQmMNr8d8ILFfCW/COGag0yQ/nslDE7JXMRUZLh2wD978CYhPRIiK8qv5ZxM5XfCTB8FqHct
X-Spam-Score: -0.5 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
X-Headers-End: 1UFTU7-0005zf-Vf
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Some PR preparation
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2013 17:59:41 -0000
--20cf30334667ed1ac404d7bdb735
Content-Type: text/plain; charset=ISO-8859-1
Can some enterprising soul determine if there were any double-spend
attempts?
I'm assuming no, and if that's the case, we should talk about that publicly.
Either way, I think it's generally another test well done by everyone;
people pitched in on PR, tech, communication, yay Bitcoin!
On Tue, Mar 12, 2013 at 9:55 AM, Alan Reiner <etotheipi@gmail.com> wrote:
> On Tue, Mar 12, 2013 at 8:10 AM, Luke-Jr <luke@dashjr.org> wrote:
>
>>
>>
>> I think we should be careful not to downplay the reality either.
>> For a number of hours, transactions could have received up to N
>> confirmations
>> and then still been reversed. While we could contact the bigger payment
>> processors, I saw people still trying to buy/sell on OTC, whom could have
>> been
>> scammed even by taking standard precautions.
>>
>>
> I don't want to misrepresent what happened, but how much of that was
> really a risk? The block was rejected, but the transactions were not. Any
> valid transactions to hit the network would get added to everyone's memory
> pool and mined in both chains. Thus all nodes would still reject
> double-spend attempts. As far as I understood it, you would've had to have
> majority mining power on one of the chains (and both had non-negligible
> computing power on them), so double-spending still required an exceptional
> amount of resources -- just not the normal 50% that is normally needed.
> Perhaps... 10%? But how many people can even have 10%? In addition to
> that, a victim needs to be found that hasn't seen the alert, is willing to
> execute a large transaction, and is on the wrong side of the chain.
>
> Is this incorrect? Yes, there was less resources needed to execute an
> attack -- but it still required a very powerful attacker, way outside the
> scope of "regular users."
>
>
>
> ------------------------------------------------------------------------------
> Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
> Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
> endpoint security space. For insight on selecting the right partner to
> tackle endpoint security challenges, access the full report.
> http://p.sf.net/sfu/symantec-dev2dev
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
--
------------------------------
[image: CoinLab Logo]PETER VESSENES
CEO
*peter@coinlab.com * / 206.486.6856 / SKYPE: vessenes
811 FIRST AVENUE / SUITE 480 / SEATTLE, WA 98104
--20cf30334667ed1ac404d7bdb735
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Can some enterprising soul determine if there were any dou=
ble-spend attempts?<div><br></div><div>I'm assuming no, and if that'=
;s the case, we should talk about that publicly.</div><div><br></div><div s=
tyle>
Either way, I think it's generally another test well done by everyone; =
people pitched in on PR, tech, communication, yay Bitcoin!=A0</div><div sty=
le><br></div></div><div class=3D"gmail_extra"><br><br><div class=3D"gmail_q=
uote">
On Tue, Mar 12, 2013 at 9:55 AM, Alan Reiner <span dir=3D"ltr"><<a href=
=3D"mailto:etotheipi@gmail.com" target=3D"_blank">etotheipi@gmail.com</a>&g=
t;</span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0=
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote"><div=
class=3D"im">On Tue, Mar 12, 2013 at 8:10 AM, Luke-Jr <span dir=3D"ltr">&l=
t;<a href=3D"mailto:luke@dashjr.org" target=3D"_blank">luke@dashjr.org</a>&=
gt;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin-top:0px;margin-right:0px;=
margin-bottom:0px;margin-left:0.8ex;border-left-width:1px;border-left-color=
:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div><br>
<br>
</div>I think we should be careful not to downplay the reality either.<br>
For a number of hours, transactions could have received up to N confirmatio=
ns<br>
and then still been reversed. While we could contact the bigger payment<br>
processors, I saw people still trying to buy/sell on OTC, whom could have b=
een<br>
scammed even by taking standard precautions.<br><br></blockquote><div><br><=
/div></div>I don't want to misrepresent what happened, but how much of =
that was really a risk? =A0The block was rejected, but the transactions wer=
e not. =A0Any valid transactions to hit the network would get added to ever=
yone's memory pool and mined in both chains. =A0Thus all nodes would st=
ill reject double-spend attempts. =A0As far as I understood it, you would&#=
39;ve had to have majority mining power on one of the chains (and both had =
non-negligible computing power on them), so double-spending still required =
an exceptional amount of resources -- just not the normal 50% that is norma=
lly needed. =A0Perhaps... 10%? =A0 But how many people can even have 10%? =
=A0In addition to that, a victim needs to be found that hasn't seen the=
alert, is willing to execute a large transaction, and is on the wrong side=
of the chain.</div>
<div class=3D"gmail_quote"><br></div><div class=3D"gmail_quote">Is this inc=
orrect? =A0Yes, there was less resources needed to execute an attack -- but=
it still required a very powerful attacker, way outside the scope of "=
;regular users."<br>
<div>=A0</div></div></div></div>
<br>-----------------------------------------------------------------------=
-------<br>
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester<br>
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" =
in the<br>
endpoint security space. For insight on selecting the right partner to<br>
tackle endpoint security challenges, access the full report.<br>
<a href=3D"http://p.sf.net/sfu/symantec-dev2dev" target=3D"_blank">http://p=
.sf.net/sfu/symantec-dev2dev</a><br>_______________________________________=
________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo=
pment@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
<br></blockquote></div><br><br clear=3D"all"><div><br></div>-- <br><hr styl=
e=3D"font-family:Times;font-size:medium;border-right-width:0px;border-botto=
m-width:0px;border-left-width:0px;border-top-style:solid;border-top-color:r=
gb(204,204,204);margin:10px 0px">
<p style=3D"font-size:medium;font-family:Helvetica,sans-serif;line-height:1=
em"><span style=3D"color:rgb(50,90,135);text-transform:uppercase"><img src=
=3D"http://coinlab.com/static/images/email_logo.jpg" align=3D"right" alt=3D=
"CoinLab Logo" width=3D"130">PETER=A0<span style=3D"font-weight:bold">VESSE=
NES=A0</span><br>
<span style=3D"color:rgb(96,58,23);font-size:0.8em">CEO</span></span></p><p=
style=3D"font-size:medium;font-family:Helvetica,sans-serif;line-height:1em=
"><span style=3D"color:rgb(96,58,23);font-size:0.9em"><strong><a href=3D"ma=
ilto:peter@coinlab.com" style=3D"text-decoration:none;color:rgb(96,58,23)" =
target=3D"_blank">peter@coinlab.com</a>=A0</strong>=A0/=A0=A0206.486.6856 =
=A0/=A0<span style=3D"font-size:0.7em;text-transform:uppercase">SKYPE:</spa=
n>=A0vessenes=A0</span><br>
<span style=3D"color:rgb(96,58,23);font-size:0.7em;text-transform:uppercase=
">811 FIRST AVENUE =A0/=A0 SUITE 480 =A0/=A0 SEATTLE, WA 98104</span></p>
</div>
--20cf30334667ed1ac404d7bdb735--
|
