On Sat, Jun 6, 2020, 9:48 AM other.arkitech <other.arkitech@protonmail.com> wrote:



Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Saturday, June 6, 2020 1:28 PM, Karl <gmkarl@gmail.com> wrote:



On Sat, Jun 6, 2020, 8:14 AM other.arkitech <other.arkitech@protonmail.com> wrote:



Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Saturday, June 6, 2020 12:00 PM, Karl <gmkarl@gmail.com> wrote:


On Sat, Jun 6, 2020, 7:49 AM other.arkitech <other.arkitech@protonmail.com> wrote:



Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Saturday, June 6, 2020 11:38 AM, Karl <gmkarl@gmail.com> wrote:



On Sat, Jun 6, 2020, 7:18 AM other.arkitech <other.arkitech@protonmail.com> wrote:



Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Saturday, June 6, 2020 10:17 AM, Karl <gmkarl@gmail.com> wrote:



On Fri, Jun 5, 2020, 7:29 PM other.arkitech <other.arkitech@protonmail.com> wrote:
> so your system doesn't have a bloated chain, which is nice. The 'consensus' is handled by voting...based one IP address one vote. But how robust is relying on IP addresses at the end of the day?
>

IPv4 provides unique features no other protocol has. address space is saturated (scarce) and addresses are not cheap. It is a a nice tool for Sybil control

OA, when you say this people start disregarding what you say because it is false.

Any software developer can get thousands of IP addresses by altering a piece of pirated software to include something new of their own design and sharing it in a venue where it hasn't been shared on before.  There are many many other ways and people _think_ of them, _use_ them, are _observed_ using them, and things spread and grow.

what? any developer geting thousands of public IPv4 addresses by modifying software?
Nop. That's not true.
(Or I haven't understood well what you say)

People go to places on the internet to download things.  Others can upload things to those places to download.  You can upload something that lies about what it is doing, and gives you use of the ip address of the downloader's computer when run.  Do you understand?

It sounds like this is surprising to you?

so you refer to computers running malware, that case is contemplated in the design as an 'evil node'

it sounds like you haven't addressed a sybil attack from massively distributed malware, which is fine nobody can cover everything.  not sure where the design lives.

If the malware is distributed in a bigger scale than the honest software, indeed, the evil network becomes the 'honest' one to the eyes of the software, that's 51% attack.

Provided a world distribution of people that can be evil/honest of 80%-20%, the likeliness of an evil network overtaking the honest one is lower than the opposite.

The evil network wont work if many evil nodes run behind same IP, so the malware must meet the same distribution enforcement applied to the honest net. Nodes running malware must be geographically distributed, so local marketplaces spreading malware have less chances to spread worldwide in order to compromise the network.


I'm not sure you're hearing me when I say that one person is able to distribute malware to thousands (or more) of other people worldwide, producing a sybil attack from an individual.  Is this something you're able to repeat back to me?  It sounds like you have an expectation around handling this?

i though i gave a fair response.
i understand you say that many computers can be infected of malware by a single individual who is creating an attacking botnet.
An I said such botnet must be bigger than the network to succeed.

The security of USPS depends on the number of nodes, the bigger the best.

Thanks.  It is actually reasonable to create a botnet that covers an entire sector of the world (such as everybody running ubuntu 20 or windows 10 or the latest iOS) by finding, developing, or observing an unpatched exploit.  With more than one exploit a botnet developer could cover multiple such sectors.  I imagine this would usually produce more ip addresses than a specific network service like USPS uses.

This concern is one of the ones USPS hasn't been acknowledging.

Even bitcoin has unaddressed security concerns.

The use of scarce ip address alotment to make it less worthwhile to perform some sybil attacks than to use other means to achieve an end is also used by IPFS, last I looked.



I also see no reason a malware marketplace would not spread worldwide.

no technical reason, obviously it is flat internet.
But people operate in cultures, I mean that a malware disguised say for instance inside a pirate copy of photoshop will only be spread across those who use photoshop who are not caring about malware, not all possible computers.

Really struggling to communicate here.  I understand you need to know your software is given a fair trial to actually run, is that correct?


Sorry about that if that's my fault. I try to respond with what I think about the attack vector you describe.

I am try to honestly persuade you guys to try USPS if you're really interested in it as a next-gen cryptocurrency system.
My interest is to gain users that can explore every corner of it, in order to find gaps, failures, etc. Just helping me in its development.