445600+ entries in 0.279s
mircea_popescu: so, pogo has on disk last block 5, bvlock
timestamp 1000
ascii_field: in order for it
to be rejected.
the chain on disk will have
to be no more
than a day behind
mircea_popescu: doesn't matter how old
that block is.
the block coming after it will be ~10 minutes later.
mircea_popescu: because when hitler block shows up,
the disk has a block it ends with
ascii_field: then genuine block appears. it now appears
to be 'from
the future'
ascii_field: next block is from hitler. it has
timestamp of... yesterday.
mircea_popescu: jurov 5 couldn't have been
that far off and be accepted from 4.
mircea_popescu: now,
this
theoretically is vulnerable. but practically, can you construct
the attack for me ?
jurov: because you mined block 5, with a bad
time, someone else mines 6 << and it will get dropped because pogo considers delta from 5 invalid
mircea_popescu: once it accepts a further block, it resets its clock
too.
mircea_popescu: suppose it's not empty. so, pogo
thinks
time = last block on disk
ascii_field: all
the malicious miner needs
to do is keep nudging withing
the allowed bounds
ascii_field: there is no 'bad
time', normally
there is 2hrs of 'play' in
the gears
ascii_field: all it sees is 'block was broadcast, has
timestamp
t, average it now'
mircea_popescu: because you mined block 5, with a bad
time, someone else mines 6 with a right
time, pogo is now on block 6.
mircea_popescu: this is a horribru example. so, miner has 10% of
the hash, 10% of
the bnlocks are badly
timed. what of it, pogo resets on
the remainder.
ascii_field: fine, example. malicious miner starts crapping out blocks with
timestamp more and more off in
the future
ascii_field: you are still open
to crafted, induced clock drift
ascii_field: even if you weasel out of
this one by hardcoding block hashes, etc
ascii_field: because
the box has no idea what year it actually is
ascii_field: mircea_popescu: if we lack a clock, we are wide open
to replay attack
ascii_field: realize,
time is specified as an invariant
mircea_popescu: again : if you have block x, from a year ago, when you get block x+1,
the styamp on block x+1 will be, 1year ago + 10 minutes
ascii_field: according
to
the
traditional bitcoin protocol.
mircea_popescu: the next block
to wahtever it has on disk is not going
to be
too much from
the future.
ascii_field: and any incoming block is invalid, because 'from
the future'
ascii_field: and if something on disk,
then perhaps it is 2009
mircea_popescu: but
the next block it gets wouldn't be more
than
two hours off.
ascii_field: for one
thing,
there may not be any blocks on disk
mircea_popescu: and setting
the
time
to "timestamp of
the last block it actually has on disk" is going
to what ?
ascii_field: because
these are
to be given
to folks who will not volunteer any meat commitment
mircea_popescu: and you don't like having
to start it by manual command because myeah.
ascii_field: this doesn't need any magic, it works on
trad kernel
ascii_field: mircea_popescu: yes,
though i've forgotten
the exact number. 500MHz i
think it was.
ascii_field: the idea, as i understood it, was
to let folks set up nodes without human committment
ascii_field: with
the scheme described, you don't even need an attack
danielpbarron: isn't
there supposed
to be a way
to send commands
to
the pogo? otherwise how is it useful
to me as a "full node" if I can't query it for blocks/transactions and relay new ones I have created for it?
mircea_popescu: held
together by
the superficial
tension of hemorhagic diarhea
ascii_field: i am not sure how
this improves on anything
mircea_popescu: nevertyheless,
that is a marked improvement over
the current situation
mircea_popescu: it is held
together by
the superficial
tension of frog entails.
ascii_field: whole point was 'here let me fuck you and plug
this box into your router'
ascii_field: congrats, now pogo behaves like
the clock on my stove
mircea_popescu: you
take it down and start it over with new magic
touch
ascii_field: howabout at 4am on a sunday when
the mains flickers ?
mircea_popescu: from
there on, iut carries on by simply syncing its clock
to last accepted block.
mircea_popescu: this, you have
to do. like it or not we dunno how
to abstract it away.
mircea_popescu: so, when you start
the pogo, you provide it with
the human
touch, divine spark, politica
time.
assbot: Drone fires burgers at
the homeless in charity viral video gone wrong - Americas - World -
The Independent ... (
http://bit.ly/1HdQJcW )
mircea_popescu: oh, openssl put out a bug ? best make sure
the fucking calculator pulls it in.
mircea_popescu: ascii_field i know i'm fed up with random shit depending on random shit, but it's not mere stupidity. it's just
them
trying
to make sure shit permeates everywhere.
ascii_field: everyone who ever made fun of rms deserves
to be fed a litre of 'toe jam' now.
ascii_field: at
this point, any unixlike box with a graphical display may as well be running winblowz
trinque: nowhere clearer
than
the recent 1m+ lines-changed linux release
ascii_field: .... and how much shitgnomism is rolled into
the 'updated' version of 10,001 proggies
that will install.
trinque: I've half considered
trying
to stop using
the web so much, aside from maybe syncing certain sites
to a local box.
ascii_field: and
that's ~after~ resolving
the circular dependencies
ascii_field: trinque: and guess what, rebuilding all
the deps of
that
thing would
take a month+ on my box
trinque: now
that
the de-dockerization is complete, I may have it announce its current balance along with newly uploaded deeds
trinque: should be good for a while
though
trinque: and if it gets low, feel free
to
throw some bitdust in
the
tank
trinque: it will switch
to
the next
trinque: ascii_field: did you see
the awesome glsa on icu yesterday?
shinohai: Hmm missed
that. Interesting concept
trinque: except
that C++ itself foils any attempt
trinque: I cannot see how
this
tool does not exist
ascii_field: trinque:
the 'dot' file, does it contain something like a logical flow graph ?