Re: Two researchers from University College Dublin investigate the the 500K theft.
Thanks for your reply Fergalr. I give much respect to your well thought out comments and honesty regarding the extent of your capabilities and knowledge. I've been thinking about this subject a lot because it really stunned me that despite all the "highly technical" users claims that bitcoin was not anonymous, no one has solved any of the big thefts.
2) The IP layer work that Dan Kaminsky did - could that be put together with Bitcoin layer work like we did?
I asked him in his thread how much it would cost to put together a tool but it must have freaked him and the others in the thread out because the thread immediately died. https://bitcointalk.org/index.php?topic=34383.msg436871#msg436871. And DK hasn't posted since. That was not my intention at all
Anyway, you seem to be a smart and talented programmer enough to be able to replicate kaminsky's work for the conference and get a working tool going in a reasonable timeframe. And I get the feeling that unlike him, my direct and public approach will not be scary to you or kill this thread. It could be merged with your already existing tool like this (not sure if feasible):
a) run your address tracing and linking tool to find all the coins that were stored through the Mybitcoin portal. You can start with my address info here: https://bitcointalk.org/index.php?topic=34225.msg428519#msg428519. That should give you all their coins with current address locations. Also see if any forum user can be linked to it.
b) run the real-time ip monitoring tool targeting those addresses to harvest the ips + any other scrape-able info when the coins are moved
c) use your tools to see what they are doing with the coins. By now you should know what wallets are exchange wallets, so if they are cashing out through an exchange bingo fire up the subpoenas. If they are using dead drop or in-person cash-out then go back to dktool do geolocation on the IP, see what can be done... harder road but at least we know we're on it at that point.
But the key is b. Hmm thinking about how much it would cost. A database of every transaction made with IPs would be nice to start collecting, could be valuable in the future. Of course, with DK's you don't get very many IP addresses because some users are a few hops away from an inbound node
He wasn't too clear on that point in his slides and I was not at the conference.
Another potentially profitable use for your work: We do need a tool to keep pool operators honest. If the stolen block storage node and the pool general fund node can be linked, tool could monitor that. Right now it is very easy for them to sneak blocks, and we miners have to guess if they are doing it or not by comparing pool luck to expected luck. Vladimir's self defense for miners thread talks about this.
2) The IP layer work that Dan Kaminsky did - could that be put together with Bitcoin layer work like we did?
I asked him in his thread how much it would cost to put together a tool but it must have freaked him and the others in the thread out because the thread immediately died. https://bitcointalk.org/index.php?topic=34383.msg436871#msg436871. And DK hasn't posted since. That was not my intention at all
Anyway, you seem to be a smart and talented programmer enough to be able to replicate kaminsky's work for the conference and get a working tool going in a reasonable timeframe. And I get the feeling that unlike him, my direct and public approach will not be scary to you or kill this thread. It could be merged with your already existing tool like this (not sure if feasible):
a) run your address tracing and linking tool to find all the coins that were stored through the Mybitcoin portal. You can start with my address info here: https://bitcointalk.org/index.php?topic=34225.msg428519#msg428519. That should give you all their coins with current address locations. Also see if any forum user can be linked to it.
b) run the real-time ip monitoring tool targeting those addresses to harvest the ips + any other scrape-able info when the coins are moved
c) use your tools to see what they are doing with the coins. By now you should know what wallets are exchange wallets, so if they are cashing out through an exchange bingo fire up the subpoenas. If they are using dead drop or in-person cash-out then go back to dktool do geolocation on the IP, see what can be done... harder road but at least we know we're on it at that point.
But the key is b. Hmm thinking about how much it would cost. A database of every transaction made with IPs would be nice to start collecting, could be valuable in the future. Of course, with DK's you don't get very many IP addresses because some users are a few hops away from an inbound node
He wasn't too clear on that point in his slides and I was not at the conference.Another potentially profitable use for your work: We do need a tool to keep pool operators honest. If the stolen block storage node and the pool general fund node can be linked, tool could monitor that. Right now it is very easy for them to sneak blocks, and we miners have to guess if they are doing it or not by comparing pool luck to expected luck. Vladimir's self defense for miners thread talks about this.