Re: Peter Todd calls dash snake oil.

Quote from: oaxaca on July 20, 2015, 08:13:33 PM

Quote from: generalizethis on July 20, 2015, 07:59:35 PM

I'm still waiting for you to refute this (I'm no Peter Todd, but it seems kind of a big security lapse and it can warm you up for when Todd shows up):

Quote from: generalizethis on July 20, 2015, 02:24:56 PM

Quote from: generalizethis on July 19, 2015, 09:40:29 PM

Quote from: illodin on July 19, 2015, 09:27:44 PM

Quote from: generalizethis on July 19, 2015, 09:15:31 PM

LOL. Here's the attack vector Evan created out of ignorance, stupidity or pure not giving a fuck.

The easiest attack is to buy masternodes and ddos attack competing nodes until you own the traffic. Evan claims it's financially implausible, but ignores that nodes are most profitable when there about a 1,000 masternodes (he has a ROI graphic on the dash BCT thread that underscores this). He also ignores that the attacker would be pulling incomes from these masternodes--given that most are held on corporate servers underlies that no one knows who owns them outside of the host and the owner. He also ignores how motivated an attacker may be, that he or another masternode operator might comply given the right circumstances (threat or lawful compliance) and how deep LE's pockets are--silly, dangerous, stupid.

If you trust that system knowing the flaws, you deserve whatever comes your way--except maybe being linked to pedophiles--can you show that link on your explorer?

DOS'ing masternodes doesn't reduce the anonymity set of the transactions or coins mixed before the DOS. If the masternode count drops 50% for example all of a sudden, mixing coins at that moment is not a good idea. It was already suggested a year ago or so that the wallet would take care of this and protect the user during the network downtime. It hasn't been implemented yet afaik, DASH must grow at least 100x at minimum before this (an appearance of such a motivated attacker) would become even a possibility.

DDOS is to control the majority of nodes, not to directly reduce the anonymity set--though by doing so while monitoring the nodes you posses would break anonymity--which was my point. Nice suggestion, but wouldn't an attacker take control of the nodes before any measures were taken, while it was cheapest, and while they could gain the most info for the longest time without raising any red flags? Also, you still have no measure in reality or in the works to stop an organization from using coercion or compliance to motivate a node operator to turn over data--this is even better since the whatevermine granted the first users such a large stash of coins and the masternodes are most likely concentrated in a few hands. But here's the big problem: masternodes are human controlled intermediaries that perform important functions. Whatever breaks dash's anonymity will happen because you trust this moronic system that is begging to be broken. You are playing a game of whack-a-mole and apparently no one in dashland has the theoretical capability to see it or the moral compass to speak up. Snake oil.

Your plan to break the anonymity of DASH is to:
Buy 1,000,000 DASH,
Set up 1,000 MasterNodes you control,
DDOS all of the other MasterNodes (2,800 or so in 38 countries), and
Profit!

where to start?

Start by rereading it. You missed some things, but I expect selective reading/hearing from dashers. Also, 95% of the nodes are in 5 countries (all allies) and on hosting services and there aren't 2,800 active nodes--last time i checked it was around 1,200. given pedos are mining dash (allegedly) it wouldn't be hard to imagine those countries working together to stop and prosecute by using subpoenas or coercion to hosting companies or the mn operators themselves.