Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from <namanhd@gmail.com>) id 1WICXQ-0001zc-IM for bitcoin-development@lists.sourceforge.net; Tue, 25 Feb 2014 07:34:48 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.220.180 as permitted sender) client-ip=209.85.220.180; envelope-from=namanhd@gmail.com; helo=mail-vc0-f180.google.com; Received: from mail-vc0-f180.google.com ([209.85.220.180]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1WICXP-0002ZP-EP for bitcoin-development@lists.sourceforge.net; Tue, 25 Feb 2014 07:34:48 +0000 Received: by mail-vc0-f180.google.com with SMTP id ks9so6854884vcb.39 for <bitcoin-development@lists.sourceforge.net>; Mon, 24 Feb 2014 23:34:42 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.58.252.8 with SMTP id zo8mr35446vec.55.1393313681959; Mon, 24 Feb 2014 23:34:41 -0800 (PST) Received: by 10.221.49.8 with HTTP; Mon, 24 Feb 2014 23:34:41 -0800 (PST) In-Reply-To: <20140225044116.GA28050@savin> References: <20140225044116.GA28050@savin> Date: Tue, 25 Feb 2014 13:04:41 +0530 Message-ID: <CA+SxJWDKgv6W2N+FFod6sbBCeS8ScXqBUm_STdw0-m=kKTKkiw@mail.gmail.com> From: naman naman <namanhd@gmail.com> To: Peter Todd <pete@petertodd.org> Content-Type: multipart/alternative; boundary=047d7b6d8e6012f04004f3361f0b X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (namanhd[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1WICXP-0002ZP-EP Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net> Subject: Re: [Bitcoin-development] Fee drop X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: <bitcoin-development.lists.sourceforge.net> List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe> List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development> List-Post: <mailto:bitcoin-development@lists.sourceforge.net> List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help> List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe> X-List-Received-Date: Tue, 25 Feb 2014 07:34:48 -0000 --047d7b6d8e6012f04004f3361f0b Content-Type: text/plain; charset=ISO-8859-1 I quite agree with Peter, anything that can be exploited will be exploited, just like malleability was. On Tue, Feb 25, 2014 at 10:11 AM, Peter Todd <pete@petertodd.org> wrote: > So, just to be clear, we're adding, say, a memory limited mempool or > something prior to release so this fee drop doesn't open up an obvious > low-risk DDoS exploit.... right? As we all know, the network bandwidth > DoS attack mitigation strategy relies on transactions we accept to > mempools getting mined, and the clearance rate of the new low-fee > transactions is going to be pretty small; we've already had problems in > the past with mempool growth in periods of high demand. Equally it > should be obvious to people how you can create large groups of low-fee > transactions, and then cheaply double-spend them with higher fee > transactions to suck up network bandwidth - just like I raised for the > equally foolish double-spend propagation pull-req. > > Of course, there's also the problem that we're basically lying to people > about whether or not Bitcoin is a good medium for microtransactions. > It's not. Saying otherwise by releasing software that has known and > obvious DoS attack vulnerabilities that didn't exist in the previous > version is irresponsible on multiple levels. > > -- > 'peter'[:-1]@petertodd.org > 0000000000000000b28e2818c4d8019fb71e33ec2d223f5e09394a89caccf4e2 > > > ------------------------------------------------------------------------------ > Flow-based real-time traffic analytics software. Cisco certified tool. > Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer > Customize your own dashboards, set traffic alerts and generate reports. > Network behavioral analysis & security monitoring. All-in-one tool. > > http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > --047d7b6d8e6012f04004f3361f0b Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">I quite agree with Peter, anything that can be exploited w= ill be exploited, just like malleability was.</div><div class=3D"gmail_extr= a"><br><br><div class=3D"gmail_quote">On Tue, Feb 25, 2014 at 10:11 AM, Pet= er Todd <span dir=3D"ltr"><<a href=3D"mailto:pete@petertodd.org" target= =3D"_blank">pete@petertodd.org</a>></span> wrote:<br> <blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p= x #ccc solid;padding-left:1ex">So, just to be clear, we're adding, say,= a memory limited mempool or<br> something prior to release so this fee drop doesn't open up an obvious<= br> low-risk DDoS exploit.... right? As we all know, the network bandwidth<br> DoS attack mitigation strategy relies on transactions we accept to<br> mempools getting mined, and the clearance rate of the new low-fee<br> transactions is going to be pretty small; we've already had problems in= <br> the past with mempool growth in periods of high demand. Equally it<br> should be obvious to people how you can create large groups of low-fee<br> transactions, and then cheaply double-spend them with higher fee<br> transactions to suck up network bandwidth - just like I raised for the<br> equally foolish double-spend propagation pull-req.<br> <br> Of course, there's also the problem that we're basically lying to p= eople<br> about whether or not Bitcoin is a good medium for microtransactions.<br> It's not. Saying otherwise by releasing software that has known and<br> obvious DoS attack vulnerabilities that didn't exist in the previous<br= > version is irresponsible on multiple levels.<br> <span class=3D"HOEnZb"><font color=3D"#888888"><br> --<br> 'peter'[:-1]@<a href=3D"http://petertodd.org" target=3D"_blank">pet= ertodd.org</a><br> 0000000000000000b28e2818c4d8019fb71e33ec2d223f5e09394a89caccf4e2<br> </font></span><br>---------------------------------------------------------= ---------------------<br> Flow-based real-time traffic analytics software. Cisco certified tool.<br> Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer<br> Customize your own dashboards, set traffic alerts and generate reports.<br> Network behavioral analysis & security monitoring. All-in-one tool.<br> <a href=3D"http://pubads.g.doubleclick.net/gampad/clk?id=3D126839071&iu= =3D/4140/ostg.clktrk" target=3D"_blank">http://pubads.g.doubleclick.net/gam= pad/clk?id=3D126839071&iu=3D/4140/ostg.clktrk</a><br>__________________= _____________________________<br> Bitcoin-development mailing list<br> <a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo= pment@lists.sourceforge.net</a><br> <a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development= " target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment</a><br> <br></blockquote></div><br></div> --047d7b6d8e6012f04004f3361f0b--