136 entries in 0.654s
mircea_popescu: but the idea being that
sybil attacks succeed when and only when the nodes are too agreefull.
BingoBoingo: Well, if you try to build a whole chain of Simplified Payment Verification... Probably going to get
Sybil attacked to hell
moriarty: mircea_popescu, i've done a
sybil on localbitcoins though :) just so i don't get pinned down as the guy with shitloads of bitcoin
mircea_popescu: but this also happens to be the definition of a
sybil vulnerability.
mircea_popescu: kolinko if you have a process to go from 1 party to two, then you have a
sybil problem. and to have 15 you necessarily must have had that process.
kolinko: what I meant is - if you have a system of 15 parties, each one of them signing messages with their own gpg keys, that can be quite secure against the
sybil attack. the attacker would have to steal keys of 8 independent parties.
mircea_popescu: anyway,
sybil attacks are specifically not a problem in anon systems. if you go for a romp in a gay cinema, to be fucked by a random man, it makes no difference to you who fucks you, so you can't be
sybil'd by definition.
mircea_popescu: and the arsed problem is not something to brush aside. the better your
sybil protection, the more expensive their pointless expense.
mircea_popescu: you are wrong in the first.
sybil attacks are a problem on all systems that rely on identity to any degree.
kolinko: well,
sybil attack is really only a problem in systems that rely on anonymous parties
mircea_popescu:
sybil attacks, and why would they be arsed to care about your needs.
TheNewDeal: There once was a bot named gribble. With humans, he would not quibble. If he had but one weakness/ it sure wasn't meekness/ but reputation attacks from
Sybil mircea_popescu: which is a degenerate form taken by
sybil attack in the degenerate wot that escrow is
mircea_popescu: <HeySteve> I'm still stuck on this
Sybil thing :) if you identify a puppet troupe, is there a mechanism to neutralise it beyond information-sharing? << no, by definition.
HeySteve: I'm still stuck on this
Sybil thing :) if you identify a puppet troupe, is there a mechanism to neutralise it beyond information-sharing?
HeySteve: hey fluffypony and mircea_popescu, been considering the
Sybil problem
mircea_popescu: because the cost is not a discouragement to the
sybil, if it has a way to turn a profit
fluffypony: incentivised ratings also opens the incentives themselves to
Sybil attacks, no?
fluffypony: have there been any identified
Sybil attacks on the WoT?
fluffypony: mircea_popescu: wrt making
Sybil attacks harder, isn't there/couldn't there be a GPG-like system that uses a common private key for a single owner, but also hash some sort of easily identifiable GUID as part of the pubkey/signature to indicate which machine it is on? that way an attacker's work becomes slightly more complex, as they need to not only create profiles but have a fresh VM/install/whatever for them
☟︎ artifexd: I have not. A
sybil attack is something that I thought I understood.
amidvidy: The author also wrote kademlia, this is his effort to design a DHT that is resistant to
Sybil attacks