Re: Bitcoin XT has code which downloads your IP address to facilitate blacklisting
@VirosaGITS
LOL
You can even add all the possible IPs to the list, then they will have all the same priority, and just during a DoS attack
Do you know that will happen when a dev will add other IP to this list? Someone will see it because ... it's an open source project!
Do you check every day what devs add to the Bitcoin Core?
Again, it isn't a black list, it is a "low priority list", that enable it self only IF there is a DoS attack.
LOL
You can even add all the possible IPs to the list, then they will have all the same priority, and just during a DoS attack
Do you know that will happen when a dev will add other IP to this list? Someone will see it because ... it's an open source project!
Do you check every day what devs add to the Bitcoin Core?
Again, it isn't a black list, it is a "low priority list", that enable it self only IF there is a DoS attack.
Actually, it fits the definition of a blacklist quite well, particularly if you consider why the list was compiled in the first place:
https://www.google.com/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=definition+blacklist
But this is just a silly semantic issue.
The larger issue is this: Why do people keep rationalizing a centralized solution to DDOS attacks? Compiling a centralized list introduces trust into an otherwise trustless system. That's downright foolish.
There is nothing wrong with deprioritizing IP addresses that are maliciously attacking you. Why don't we stick with that? Why can't a node determine when an IP address is spamming it, and deprioritize its access on that basis? Perhaps we can make it even easier for nodes to do that. What possible reason is there to justify using a [trusted] third party to compile a list of suspicious IP addresses that nodes will trust simply by virtue of running a node?
If there is a problem, use a decentralized solution. Nodes should be capable of identifying IP addresses that are attacking them without introducing third party trust.
Quote
Currently Tor exits are labelled as being lower priority than regular IP addresses, as jamming attacks via Tor have been observed
Perhaps if attacks are predominantly coming from Malaysia, we should begin deprioritizing Malaysian IP ranges. There are geo-IP services that we can trust as a third party to compile lists of such suspicious IP ranges, too.
All that some of us ask is that people stop supporting unnecessary centralized solutions. Just admit that there are better ways to approach DDOS attacks, so we can oppose this aspect of the XT implementation hand in hand and move onto the next issue of contention......