Cryptocurrency:

[Karl]

On Sat, Jun 6, 2020, 11:34 AM other.arkitech <other.arkitech at protonmail.com>
wrote:

>
>
>
> Sent with ProtonMail <https://protonmail.com> Secure Email.
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> On Saturday, June 6, 2020 3:24 PM, Karl <gmkarl at gmail.com> wrote:
>
> I missed some of your expressions.
>
> On Sat, Jun 6, 2020, 10:59 AM other.arkitech <
> other.arkitech at protonmail.com> wrote:
>
>>
>>
>>
>> what? any developer geting thousands of public IPv4 addresses by
>>>>>> modifying software?
>>>>>> Nop. That's not true.
>>>>>> (Or I haven't understood well what you say)
>>>>>>
>>>>>
>>>>> People go to places on the internet to download things.  Others can
>>>>> upload things to those places to download.  You can upload something that
>>>>> lies about what it is doing, and gives you use of the ip address of the
>>>>> downloader's computer when run.  Do you understand?
>>>>>
>>>>> It sounds like this is surprising to you?
>>>>>
>>>>>
>>>>> so you refer to computers running malware, that case is contemplated
>>>>> in the design as an 'evil node'
>>>>>
>>>>
>>>> it sounds like you haven't addressed a sybil attack from massively
>>>> distributed malware, which is fine nobody can cover everything.  not sure
>>>> where the design lives.
>>>>
>>>>
>>>> If the malware is distributed in a bigger scale than the honest
>>>> software, indeed, the evil network becomes the 'honest' one to the eyes of
>>>> the software, that's 51% attack.
>>>>
>>>> Provided a world distribution of people that can be evil/honest of
>>>> 80%-20%, the likeliness of an evil network overtaking the honest one is
>>>> lower than the opposite.
>>>>
>>>> The evil network wont work if many evil nodes run behind same IP, so
>>>> the malware must meet the same distribution enforcement applied to the
>>>> honest net. Nodes running malware must be geographically distributed, so
>>>> local marketplaces spreading malware have less chances to spread worldwide
>>>> in order to compromise the network.
>>>>
>>>
>>>
>>> I'm not sure you're hearing me when I say that one person is able to
>>> distribute malware to thousands (or more) of other people worldwide,
>>> producing a sybil attack from an individual.  Is this something you're able
>>> to repeat back to me?  It sounds like you have an expectation around
>>> handling this?
>>>
>>>
>>> i though i gave a fair response.
>>> i understand you say that many computers can be infected of malware by a
>>> single individual who is creating an attacking botnet.
>>> An I said such botnet must be bigger than the network to succeed.
>>>
>>> The security of USPS depends on the number of nodes, the bigger the best.
>>>
>>
>> Thanks.  It is actually reasonable to create a botnet that covers an
>> entire sector of the world (such as everybody running ubuntu 20 or windows
>> 10 or the latest iOS) by finding, developing, or observing an unpatched
>> exploit.  With more than one exploit a botnet developer could cover
>> multiple such sectors.  I imagine this would usually produce more ip
>> addresses than a specific network service like USPS uses.
>>
>> This concern is one of the ones USPS hasn't been acknowledging.
>>
>>
>> 51% attack is always a concern. My answer is to have a big honest network
>> that makes it very difficult for a botnet to coordinate the attack. the
>> attacking vector is a war on size.
>>
>
> Always a fan of assuming honesty, but it's good to have something to fall
> back on if honesty isn't upheld in some edge situation.  This is where
> cryptocurrency usually shines.
>
> Given it doesn't take financial resources to acquire IP addresses, USPS
> could struggle to use the usual cryptocurrency avenue of it being more
> profitable to support the network than attack it.
>
> But really hashpower is just plain much harder to acquire than ip
> addresses.  I'm not sure there are even any laws against botnets.
>
> The use of hashpower, difficulty, and an append-only log also lets users
> of cryptocurrencies detect attacks by observing metrics.
>
>>
>>
>> In bitcoin the homologous attacking vector is a war on hashing power.
>>
>> Even bitcoin has unaddressed security concerns.
>>
>> The use of scarce ip address alotment to make it less worthwhile to
>> perform some sybil attacks than to use other means to achieve an end is
>> also used by IPFS, last I looked.
>>
>>
>> Interesting, will look at it. Thanks
>>
>>
>>
>>>
>>>
>>> I also see no reason a malware marketplace would not spread worldwide.
>>>
>>>
>>> no technical reason, obviously it is flat internet.
>>> But people operate in cultures, I mean that a malware disguised say for
>>> instance inside a pirate copy of photoshop will only be spread across those
>>> who use photoshop who are not caring about malware, not all possible
>>> computers.
>>>
>> sorry missed this.  hope i addressed it suitably.
>
>>
>>>
>>> Really struggling to communicate here.  I understand you need to know
>>> your software is given a fair trial to actually run, is that correct?
>>>
>>>
>>> Sorry about that if that's my fault. I try to respond with what I think
>>> about the attack vector you describe.
>>>
>>> I am try to honestly persuade you guys to try USPS if you're really
>>> interested in it as a next-gen cryptocurrency system.
>>> My interest is to gain users that can explore every corner of it, in
>>> order to find gaps, failures, etc. Just helping me in its development.
>>>
>> Open source and utility are what I see as being needed.  I don't know
> this list well and am spamming it right now, but I see it as a list of
> developers, not users.
>
>
> I don't know it well either, most of the topics I see with activity do not
> point me in a dev-oriented direction. Mosty are user-level comments, also
> paper-level comments.
>


Let's review the list history at https://lists.cpunks.org/mailman/listinfo
a little to see what the mailing list is really about.  I've never looked
there before myself, and it's pretty gratifying to have this opportunity to
do so.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 9878 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20200606/ff2ca61b/attachment.txt>