Re: AmericanPegasus initiates coverage on Sia. (Siacoin speculation topic)
An attacker cannot gain cost-efficiency by storing all the data, because the redundant pieces are encrypted with different keys, and the attacker is unable to figure out which pieces are not needed.
Sure he can. He can put all the pieces in the same data center where he can maximize his economies-of-scale, e.g. build own datacenter next to hydropower. Are you so ignorant to not realize that the actual cost of the harddisks is not only component of the cost of storage focused datacenter.
You've just shifted the centralization incentive to the Sybil attack.
And what is the point? We can already pay now for cloud storage on many providers (hosts). The point was that people could stand up nodes, but as you see a datacenter focused Sybil attack will always be more efficient and thus can burn more coins than nodes by those with less economies-of-scale.
Notwithstanding the above which is already sufficient to make your oxymoronic design for a decentralized file store attackable by centralization, additionally any public data can't be encrypted in a way that can hidden from the attacker. So the design is an unarguable failure for hosting public files such as downloadable music, internet web page files, etc..
Additionally it is probably possible to detect which redundant encrypted pieces (in the case of non-public data) are the same, by failing on a request for a piece and correlating with timing analysis and client IP to the request for the other piece. There is no way to prove that a failed request was not a network timeout, which is another problem I haven't yet dropped on you.
A sufficiently disruptive attacker can be displaced with a simple blacklisting.
So you attempt to solve decentralized file storage by making it centralized.
Also you can't identify who the attacker is! For as long as the attacker is successfully storing only one copy but charging for multiple hosts, this is not detectable. That is the entire point I made about why this is insoluble. Duh! You really need a citation? It is a simple logic.
No, there was no centralization invoked in any of the explanations I provided above. I'm not sure where you got that idea. The blacklisting happens at a per-renter level. If necessary (though unlikely), warnings can be sent out through the community that suggest a blacklisting strategy, but each person can make their own decision on whether it's needed or not. For the most part, blacklisting is performed behind the scenes based on data that the renter itself is witnessing, and the renter never automatically trusts information provided by other renters. I think it's unlikely that a community-wide notification would be necessary to stop a Sybil attack, but it is nonetheless something we have planned for.
Nonsense.
The renter's can't blacklist that which is performing correctly for them because they can't identify any attack. You failed to address my second paragraph as quoted.
The short-and-delete attack won't work unless the host has managed to actually collect a sufficient portion of the data (and to collect a sufficient volume of shorts). Getting enough data to drop files, especially high reliability files (>5x redundancy), would require both having low prices and burning more coins than the rest of the ecosystem combined. It's an economically difficult attack, and requires a huge amount of prep work. Buying that many coins and then burning them will cause a supply shock, which will drive the price up, and make the attacker's life even more difficult as the attacker will be buying the coins at a greater price than what anyone else was buying at.
Nonsense again. Your design encourages Sybil attacked centralization. The attacker will own all the copies, because the attacker is more profitable thus can expand his economies-of-scale in virtuous (for the attacker) self-reinforcing spiral towards total centralization and winner-take-all.
Btw, how much are you willing to pay me for this education and distraction from my own work?
You are doing this of your own free will, and if you feel it is a waste of your time you are under no obligation to continue. When the full technology is complete, we will probably hire someone like Peter Todd to perform the audit.
No need. I am killing your scam now.
Thanks for disrespecting me and saying that you need to hire Peter Todd, when I am here giving you an education now.