1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <namanhd@gmail.com>) id 1WICXQ-0001zc-IM
for bitcoin-development@lists.sourceforge.net;
Tue, 25 Feb 2014 07:34:48 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.220.180 as permitted sender)
client-ip=209.85.220.180; envelope-from=namanhd@gmail.com;
helo=mail-vc0-f180.google.com;
Received: from mail-vc0-f180.google.com ([209.85.220.180])
by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1WICXP-0002ZP-EP
for bitcoin-development@lists.sourceforge.net;
Tue, 25 Feb 2014 07:34:48 +0000
Received: by mail-vc0-f180.google.com with SMTP id ks9so6854884vcb.39
for <bitcoin-development@lists.sourceforge.net>;
Mon, 24 Feb 2014 23:34:42 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.58.252.8 with SMTP id zo8mr35446vec.55.1393313681959; Mon,
24 Feb 2014 23:34:41 -0800 (PST)
Received: by 10.221.49.8 with HTTP; Mon, 24 Feb 2014 23:34:41 -0800 (PST)
In-Reply-To: <20140225044116.GA28050@savin>
References: <20140225044116.GA28050@savin>
Date: Tue, 25 Feb 2014 13:04:41 +0530
Message-ID: <CA+SxJWDKgv6W2N+FFod6sbBCeS8ScXqBUm_STdw0-m=kKTKkiw@mail.gmail.com>
From: naman naman <namanhd@gmail.com>
To: Peter Todd <pete@petertodd.org>
Content-Type: multipart/alternative; boundary=047d7b6d8e6012f04004f3361f0b
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(namanhd[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1WICXP-0002ZP-EP
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Fee drop
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 25 Feb 2014 07:34:48 -0000
--047d7b6d8e6012f04004f3361f0b
Content-Type: text/plain; charset=ISO-8859-1
I quite agree with Peter, anything that can be exploited will be exploited,
just like malleability was.
On Tue, Feb 25, 2014 at 10:11 AM, Peter Todd <pete@petertodd.org> wrote:
> So, just to be clear, we're adding, say, a memory limited mempool or
> something prior to release so this fee drop doesn't open up an obvious
> low-risk DDoS exploit.... right? As we all know, the network bandwidth
> DoS attack mitigation strategy relies on transactions we accept to
> mempools getting mined, and the clearance rate of the new low-fee
> transactions is going to be pretty small; we've already had problems in
> the past with mempool growth in periods of high demand. Equally it
> should be obvious to people how you can create large groups of low-fee
> transactions, and then cheaply double-spend them with higher fee
> transactions to suck up network bandwidth - just like I raised for the
> equally foolish double-spend propagation pull-req.
>
> Of course, there's also the problem that we're basically lying to people
> about whether or not Bitcoin is a good medium for microtransactions.
> It's not. Saying otherwise by releasing software that has known and
> obvious DoS attack vulnerabilities that didn't exist in the previous
> version is irresponsible on multiple levels.
>
> --
> 'peter'[:-1]@petertodd.org
> 0000000000000000b28e2818c4d8019fb71e33ec2d223f5e09394a89caccf4e2
>
>
> ------------------------------------------------------------------------------
> Flow-based real-time traffic analytics software. Cisco certified tool.
> Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer
> Customize your own dashboards, set traffic alerts and generate reports.
> Network behavioral analysis & security monitoring. All-in-one tool.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
--047d7b6d8e6012f04004f3361f0b
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">I quite agree with Peter, anything that can be exploited w=
ill be exploited, just like malleability was.</div><div class=3D"gmail_extr=
a"><br><br><div class=3D"gmail_quote">On Tue, Feb 25, 2014 at 10:11 AM, Pet=
er Todd <span dir=3D"ltr"><<a href=3D"mailto:pete@petertodd.org" target=
=3D"_blank">pete@petertodd.org</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">So, just to be clear, we're adding, say,=
a memory limited mempool or<br>
something prior to release so this fee drop doesn't open up an obvious<=
br>
low-risk DDoS exploit.... right? As we all know, the network bandwidth<br>
DoS attack mitigation strategy relies on transactions we accept to<br>
mempools getting mined, and the clearance rate of the new low-fee<br>
transactions is going to be pretty small; we've already had problems in=
<br>
the past with mempool growth in periods of high demand. Equally it<br>
should be obvious to people how you can create large groups of low-fee<br>
transactions, and then cheaply double-spend them with higher fee<br>
transactions to suck up network bandwidth - just like I raised for the<br>
equally foolish double-spend propagation pull-req.<br>
<br>
Of course, there's also the problem that we're basically lying to p=
eople<br>
about whether or not Bitcoin is a good medium for microtransactions.<br>
It's not. Saying otherwise by releasing software that has known and<br>
obvious DoS attack vulnerabilities that didn't exist in the previous<br=
>
version is irresponsible on multiple levels.<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
--<br>
'peter'[:-1]@<a href=3D"http://petertodd.org" target=3D"_blank">pet=
ertodd.org</a><br>
0000000000000000b28e2818c4d8019fb71e33ec2d223f5e09394a89caccf4e2<br>
</font></span><br>---------------------------------------------------------=
---------------------<br>
Flow-based real-time traffic analytics software. Cisco certified tool.<br>
Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer<br>
Customize your own dashboards, set traffic alerts and generate reports.<br>
Network behavioral analysis & security monitoring. All-in-one tool.<br>
<a href=3D"http://pubads.g.doubleclick.net/gampad/clk?id=3D126839071&iu=
=3D/4140/ostg.clktrk" target=3D"_blank">http://pubads.g.doubleclick.net/gam=
pad/clk?id=3D126839071&iu=3D/4140/ostg.clktrk</a><br>__________________=
_____________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo=
pment@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
<br></blockquote></div><br></div>
--047d7b6d8e6012f04004f3361f0b--
|