Bitcoin Attacks that Might be a problem - Discussion

Welcome to this discussion thread. Feel free to ask questions or discuss things related to this section.

Hi everyone,

I have a question regarding Sybil attacks. @ivan, you mentioned in your video at 1:30 that someone could surround a node. But can someone choose which node they are connecting with? If so, can a node choose how many neighboring nodes it connects to?

Thanks in advance for the additional info!

1 Like

Hi again,
I wanted to bump my previous question and I also have an additional question:
For Segmentation, you mentioned that whenever that segmentation/barrier goes down, the group that was cut-off will have their blockchain replaced by the outside blockchain.

That being said, we’ve learned in your other courses that “the longest chain wins”. So what happens in a case where a small group of nodes happens to mine blocks at a slightly faster rate than the outside chain? In the case of Segmentation, if the group that’s cut off from the internet maintains a chain that’s slightly longer (due to decreased difficulty and some luck), why would this chain not replace the outside “global” chain?

Edit: The 51% attack video addressed my question above by explaining that you’d need 30-51% of the hashpower to be able to create a longer chain. This makes sense given that network difficulty adjusts every 2016 block (or 2 weeks). By the time it adjusts to this new “fake chain”, the global chain will be much longer and too difficult to catch up to. Even if mining difficulty decreases within this “fake chain” it would only adjust to so that blocks are solved within ~10 minutes on average, so it would never really have the opportunity to catch up to the main chain’s length. Is this the correct response?

Thanks for your insight!

Hi,
Depends on the Bitcoin daemon sw we are talking about.
Include ‘connect’ and ‘maxconnections’ options to config file or to daemon cli options can be used to control the things you are asking for.
Play with other bitcoin options at: https://jlopp.github.io/bitcoin-core-config-generator/

# Connect only to the specified node(s); can be set multiple times.
connect=123.4.5.1
connect=123.4.5.2
connect=123.4.5.3
connect=123.4.5.4
connect=123.4.5.5`
# Maintain at most N connections to peers.
maxconnections=5
1 Like

Hi,
to say “the longest chain wins” is a simplification, “the chain with more work wins” is more like the true statement.

3 Likes

I would expect to find some chapter about generating Bitcoin address and ‘man-in-middle’ attack, or lower or hacked deterministic ‘random-seed’ used in the past at paper-wallet and other online web wallets risks, like example shown in this article: https://www.finder.com.au/did-you-use-walletgenerator-net-you-should-change-your-keys
This hack was fixed meanwhile, but nevertheless it is important to students of this lessons to know that this Bitcoin attack was in place for sometime until someone noticed and warned the ‘public’ about this vulnerability hacked at that ‘legit’ website …

2 Likes

Hi @ivan,
In terms of the ‘Packet Sniffing’ section and the suggestion to use TOR browser to protect from snoopers potentially mapping your IP address to your bitcoin address(es). Wouldn’t a VPN service (that didn’t keep activity logs and with a kill switch to prevent leakage) be equally as good at protecting against such IP to bitcoin address mapping?

Or is there some difference that I’m not seeing?

Hello sir, by using a TOR network, you will add an extra layer of security from snoopers, also if add to that a VPN, you will get another extra layer (so now you have 2 layers of security).

The TOR network will use the network to send your packets through a tunneling system of nodes on that network, also the VPN will add an extra layer since it will “hide” your real address.

Hope this gives you a clear view of the subject, keep learning! :slight_smile:
If you have any doubt, please let us know so we can help you!

Carlos Z.

3 Likes

Carlos, you’re amazing. The way you’re explaining things , makes it very easy to understand. You have a lot of knowledge in this field.

Thank you
Best regards

1 Like

My concern, which I will ask about after having watch this video series, is regarding the power that one country is developing where they are buying mining farms from Russia to Texas as well as being the manufacture of the world’s most efficient and profitable mining equipment. Is there a backdoor to the equipment? This question is regardless of who made the equipment. Maybe I’m just drinking the cool-aide but I really believe that Bitcoin, other digital assets and protocol will change who has the balance of power in this world. It isn’t that expensive for a country to be buying power now, so to position themselves for a later date. Many are quick to say…its too expensive to take 51% and fight off all the other miners, but my question is: what would be gained from taking control? I mean gains not just financially but ruling power as well. I just feel this honest and concerning question is too easily brushed off as if the need to keep everyone confident in crypto and to stay invested is more important that looking and discussing this potentially devastating change in the new ecosystem.

1 Like

I agree @scottbonge - just started this course, & wonder the same things.

This “new Emperor” called Blockchain-cryptocurrency-Bitcoin"
is just so AWESOMELY Mesmerizing & Distracting, eh?

… but wait – could it be that sometimes the Emperor really has no clothes?

… yeah, we’ll see …

2 Likes

Hi, community,
I have a question about the packet sniffing. I don’t quite understand why is it a threat when an attacker is able to map your IP address and your Bitcoin address??

The attacker could mirror your network and sent package on your name, get personal data from your network traffic (hard skills but possible), packet sniffing is in few words “try to read data that is being sent in and outside your network”, like passwords, emails, off course there could be encrypted, but what if the hacker already have a strategy to un-encrypt those packets? … Is a risk to have someone tracking what you do in your own network.

If you have any more questions, please let us know so we can help you! :slight_smile:

Carlos Z.

1 Like