Bitcoin security guarantee shattered

[killz2much]

Sorry for repost if there is already an existing one, first time I do this, and I couldn't find anything by looking it up at the time of posting.

 

Was posted yesterday here: http://arstechnica.com/security/2014/06/bitcoin-security-guarantee-shattered-by-anonymous-miner-with-51-network-power/

 

 

For the first time in Bitcoin's five-year history, a single entity has repeatedly provided more than half of the total computational power required to mine new digital coins, in some cases for sustained periods of time. It's an event that, if it persists, signals the end of the crypto currency's decentralized structure.

 

Researchers from Cornell University say that on multiple occasions, a single mining pool repeatedly contributed more than 51 percent of Bitcoin's total cryptographic hashing output for spans as long as 12 hours. The contributor was GHash, which bills itself as the "#1 Crypto & Bitcoin Mining Pool."

 

Read the post for alot more info, it would be pretty hard to explain on here, especially since I am not the most versed in bitcoin in the first place.

 

Personal note: I always pretty much assumed this was gonna happen eventually, being the first really mainstrain crypto currency. What do you expect will happen now? Do you think the big company's that early adopted it will switch to a different type of coin?

 

EDIT: Added another quote.

[Bloodyvalley]

How the hell does someone get 51% network power?

[Rorgash]

How the hell does someone get 51% network power?

bot nets installed on peoples computers

[Bloodyvalley]

bot nets installed on peoples computers

Yeah, but it would be detected...

[Rorgash]

Yeah, but it would be detected...

after a while, and only if those people actually are around the internet to find out about it.

[Bloodyvalley]

after a while, and only if those people actually are around the internet to find out about it.

No, I mean detected by a anti-virus

[Rorgash]

No, I mean detected by a anti-virus

of course not.

[Bloodyvalley]

of course not.

why not

[Rorgash]

why not

because it doesnt work like that and the person installed the bot themselves on their computer

[dalekphalm]

No, I mean detected by a anti-virus

It would only be detected if the anti-virus vendors had the opportunity to examine the botnet in detail and update their signatures. Obviously that hasn't happened yet. It likely will though in time.

 

And the ramifications of this are huge. Basically the idea behind decentralized network power was that no single entity (in this case, probably a very very large mining pool) had direct control over the bitcoin market. Now, with a single entity gaining over 51% network power, they gain the ability to manipulate the bitcoin market, including buying and selling value.

[FlakeyBanana]

51% attack would be detected in roughly 10 mins, also core devs of bitcoin have already said if this even comes close they will modify the bitcoin source so that pools will no longer function correctly.

[qwertywarrior]

bot nets installed on peoples computers

where did u bring that  from ?

 did u even check the link ?

"The contributor was GHash, which bills itself as the "#1 Crypto & Bitcoin Mining Pool."

[FlakeyBanana]

where did u bring that  from ?

 did u even check the link ?

"The contributor was GHash, which bills itself as the "#1 Crypto & Bitcoin Mining Pool."

#REKT

[dalekphalm]

because it doesnt work like that and the person installed the bot themselves on their computer

Hmmm what? Can you elaborate please? Anti-virus software does NOT rely on the user not installing viruses. If you went and found a virus/trojan/botnet/whatever that was detectable by their virus definitions, and then manually installed it yourself, it would still be detected.

 

Also, how do you know "the person" installed the botnet themselves? Also, who is "the person"? A botnet network is usually made up of thousands or millions of users. MOST of which have no idea they are even part of a botnet.

 

They could have hidden the botnet inside another piece of software, but then that's basically a trojan containing a botnet. Even in this case they still didn't "install it themselves".

[killz2much]

51% attack would be detected in roughly 10 mins, also core devs of bitcoin have already said if this even comes close they will modify the bitcoin source so that pools will no longer function correctly.

 

The article says that they sustained 51% of the network power for over 12 hours. Aswell as on sevral other occasions (But not for as long).

[FlakeyBanana]

The article says that they sustained 51% of the network power for over 12 hours. Aswell as on sevral other occasions (But not for as long).

i know but they haven't attempted to abuse that power (yet)

[Rorgash]

where did u bring that  from ?

 did u even check the link ?

"The contributor was GHash, which bills itself as the "#1 Crypto & Bitcoin Mining Pool."

 

its more fun saying hax0rs did it

[Lord_Kitty]

bot nets installed on peoples computers

No, it's more complicated than that.

People invest thousands into mining farms and they want the best return on investment. They point their miners towards the largest pool so as to have a lower difficulty variance and a guaranteed reward.

This goes on and on and the pool grows larger.

Edit: GHash also grew because it did not have any fees.

[wpirobotbuilder]

No, it's more complicated than that.

Good advice for a lot of discussions. Simple fits nicely into our mindsets, but it's rarely the whole truth.