Re: [Bitcoin-development] Membership disabled due to bounces
I got ~500 uncaught bounce notifications, so it seems like something broke. On Jun 21, 2015, at 11:00 AM, Matt Whitlock wrote: > I too got this message and had to re-enable my membership on the list. > There's no reason why messages sent by the list to my address would be > bouncing. > > > On Sunday, 21 June 2015, at 9:06 am, Braun Brelin wrote: >> Hi all, >> >> I got a message saying that my membership in the list was disabled due to >> excessive bounces. As far as I can remember, I've only ever sent out one >> e-mail on the list (not including this one) and that was a few weeks ago. >> Has anyone else seen this problem? Could this be related in some way to >> the issues regarding source forge and the mail list hosting issue? >> >> Braun Brelin > > -- > ___ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Miners MiTM
Mutual CHAP could work. This is commonly done in PPP and iSCSI. The idea is simply that both sides authenticate. The server expects the client to provide a password, and the client expects the server to provide a (different) password. If you masquerade as the server, you won't be able to authenticate because every client has a different password they expect from the server, so they won't do work for you. MITM on the server can capture the exchange but CHAP protects against replay. https://en.wikipedia.org/wiki/Challenge-Handshake_Authentication_Protocol -Laszlo On Aug 8, 2014, at 6:21 PM, Jeff Garzik wrote: > gmaxwell noted on IRC that enabling TLS could be functionally, if not > literally, a DoS on the pool servers. Hence the thought towards a > more lightweight method that simply prevents client payout redirection > + server impersonation. > > > On Fri, Aug 8, 2014 at 5:53 AM, Mike Hearn wrote: >>> Certificate validation isn't needed unless the attacker can do a direct >>> MITM >>> at connection time, which is a lot harder to maintain than injecting a >>> client.reconnect. >> >> >> Surely the TCP connection will be reset once the route reconfiguration is >> completed, either by the MITM server or by the client TCP stack when it >> discovers the server doesn't know about the connection anymore? >> >> TLS without cert validation defeats the point, you can still be connected to >> a MITM at any point by anyone who can simply interrupt or corrupt the >> stream, forcing a reconnect. >> >> -- >> Want fast and easy access to all the code in your enterprise? Index and >> search up to 200,000 lines of code with a free copy of Black Duck >> Code Sight - the same software that powers the world's largest code >> search on Ohloh, the Black Duck Open Hub! Try it now. >> http://p.sf.net/sfu/bds >> ___ >> Bitcoin-development mailing list >> Bitcoin-development@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/bitcoin-development >> > > > > -- > Jeff Garzik > Bitcoin core developer and open source evangelist > BitPay, Inc. https://bitpay.com/ > > -- > Want fast and easy access to all the code in your enterprise? Index and > search up to 200,000 lines of code with a free copy of Black Duck > Code Sight - the same software that powers the world's largest code > search on Ohloh, the Black Duck Open Hub! Try it now. > http://p.sf.net/sfu/bds > ___ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] DNS seeds unstable
It looks like it might be firewalled, probably just need to fix the ACL in EC2. -Laszlo On May 16, 2014, at 4:34 PM, Andreas Schildbach wrote: > Apparently British Telecom also cannot speak to Peter Todd's server. > > That another very large ISP in Europe. > > > On 05/15/2014 01:50 PM, Andreas Schildbach wrote: >> I'm bringing this issue up again. The current Bitcoin DNS seed >> infrastructure is unstable. I assume this is because of we're using a >> custom DNS implementation which is not 100% compatible. There have been >> bugs in the past, like a case sensitive match for the domain name. >> >> Current state (seeds taken from bitcoinj): >> >> mainnet: >> >> seed.bitcoin.sipa.be OK >> dnsseed.bluematt.me OK >> dnsseed.bitcoin.dashjr.org SERVFAIL, tried multiple ISPs >> seed.bitcoinstats.comOK >> >> testnet: >> >> testnet-seed.bitcoin.petertodd.org SERVFAIL, just from Telefonica >> testnet-seed.bluematt.me OK (but only returns one node) >> >> Note: Telefonica is one of Europe's largest ISPs. >> >> I would try to improve DNS myself, but I'm not capable of writing C. My >> "fix" would be to reimplement everything in Java -- I doubt you guys >> would be happy with that. >> >> >> -- >> "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE >> Instantly run your Selenium tests across 300+ browser/OS combos. >> Get unparalleled scalability from the best Selenium testing platform >> available >> Simple to use. Nothing to install. Get started now for free." >> http://p.sf.net/sfu/SauceLabs >> > > > > -- > "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE > Instantly run your Selenium tests across 300+ browser/OS combos. > Get unparalleled scalability from the best Selenium testing platform available > Simple to use. Nothing to install. Get started now for free." > http://p.sf.net/sfu/SauceLabs > ___ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available Simple to use. Nothing to install. Get started now for free." http://p.sf.net/sfu/SauceLabs ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
I think a warning like this is inappropriate. There are many reasons to use an out of date operating system and high level applications like wallets need not concern themselves with the rest of the system. Maybe the wallet can scan your browser cache and tell you to stop visiting somesite.com too? It just sounds like some kind of behavior modification that's being discussed here.. not-so-subtly suggesting that users shell out money for a newer version of the operating system, just to use their bitcoin wallets in a 'blessed' configuration. This actually sounds very similar to what happens with Apple iPhones.. they somehow manage to 'invalidate' the charging cables and accessories with every major software version. One day an accessory is working fine, then after the update users get a behavior modification nag every time they use it, urging them to buy a new one. Along these same lines, might as well put a warning about the registry keys needing to be cleaned, and maybe a 'shock the money' banner[1]. You guys all know how it works with financial software - there are many organizations using decades old software (and hardware) because they know its shortcomings, they've taken care of them in a way that works them, and they don't want to start all over just for the sake of having the newest version. -Laszlo [1] http://www.buzzfeed.com/adobe/obnoxious-banner-ads-that-everyone-remembers On Apr 16, 2014, at 8:42 PM, Roy Badami wrote: > On Wed, Apr 16, 2014 at 05:20:41PM +0200, Pieter Wuille wrote: >> On Wed, Apr 16, 2014 at 5:12 PM, Kevin wrote: >>> I think we should get to the bottom of this. Should we assume that xp is >>> not secure enough? >> >> Yes. > > Do we need a similar warning for OS X 10.6? The EOL of that one is > *far* less well known than XP (because of Apple's failure to > communicate product lifecycles). > > roy > > >> >>> What is this warning? >> >> Windows XP is no longer maintained. Don't use such a system for >> protecting your money. >> >>> Who is issuing this warning? >> >> Microsoft: http://windows.microsoft.com/en-us/windows/end-support-help >> >> The suggestion here is to make Bitcoin Core detect when it's running >> on Windows XP, and warn the user (they are likely unaware of the >> risks). >> >> -- >> Pieter >> >> -- >> Learn Graph Databases - Download FREE O'Reilly Book >> "Graph Databases" is the definitive new guide to graph databases and their >> applications. Written by three acclaimed leaders in the field, >> this first edition is now available. Download your free book today! >> http://p.sf.net/sfu/NeoTech >> ___ >> Bitcoin-development mailing list >> Bitcoin-development@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/bitcoin-development >> > > -- > Learn Graph Databases - Download FREE O'Reilly Book > "Graph Databases" is the definitive new guide to graph databases and their > applications. Written by three acclaimed leaders in the field, > this first edition is now available. Download your free book today! > http://p.sf.net/sfu/NeoTech > ___ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Bitcoind-in-background mode for SPV wallets
On Apr 9, 2014, at 8:12 PM, slush wrote: > > These days IPv6 is slowly deploying to server environments, but maybe there's > some simple way how to bundle ipv6 tunnelling into bitcoind so any instance > will become ipv6-reachable automatically? > Teredo is available by default on Microsoft systems and it's actually very common to see Teredo addresses as peers in torrents - this should work for bitcoin too, though I'm not sure if an app needs to set special flags to gain access to it.. there are probably some security settings around it. In the US, AT&T/CenturyLink provide IPv6 by way of 6RD for DSL customers, Comcast has native IPv6 on residential (but not business) cable modems, and of course those who want to can always set up with a tunnel broker like Hurricane Electric - they even let you use your own IPv6 addresses. IPv6 is great, but having an application running its own tunnels would not be a good way to leverage it. Probably what's keeping a lot of them from being reachable is that most people just plug their CPE into a NAT router (without IPv6). Teredo can help here though. Putting an IPv6 checkbox in the settings with a link to an explanation might help with education and result in smarter operators who can make their nodes reachable. A built in checker would be even better - something like a checklist showing red/green for different aspects of reachability (v4/teredo/v6). -Laszlo -- Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Okay, time to bring up bitcoin/bitcoin
Maybe he has a fork on the real github.com and the link was a mistake. http://news.nurse.com/article/20121203/NY02/112030026#.Uzw5UVy2uw8 I think it's possible that 'Kevin' is for real and maybe he doesn't realize he linked to a phishing site, if it was an accident. If this is the same person, then he's blind, and maybe that's why he wrote 'U R L' instead of the usual 'URL', by using speech to text or some other assistive tech. It might be that he tried to fork github.com/bitcoin/bitcoin and just provided the wrong link. But regardless, stay away from the one with two Bs in it. Thanks, Laszlo On Apr 2, 2014, at 3:59 PM, Kevin wrote: > On 4/2/2014 11:45 AM, Ricardo Filipe wrote: >> Kevin, >> the thing is you gave us a bad link... what is the correct URL of your >> project? >> >> 2014-04-02 16:30 GMT+01:00 Kevin : >>> On 4/2/2014 11:13 AM, Laszlo Hanyecz wrote: >>>> Maybe this site serves up exploits selectively? I'm guessing most people >>>> are getting the 'domain for sale' but whoever is the target probably gets >>>> something special? >>>> >>>> On Apr 2, 2014, at 2:53 PM, Kevin wrote: >>>> >>>>> On 4/2/2014 9:08 AM, Jeff Garzik wrote: >>>>>> At first, this is a poor choice of URL. >>>>>> >>>>>> But it really looks like a phishing attempt that no one should visit. >>>>>> >>>>>> >>>>>> On Tue, Apr 1, 2014 at 4:00 PM, Kevin wrote: >>>>>>> I've sat on this for some time after starting this. I have forked this >>>>>>> from bitcoin core and am working on a secure tax "mode" for bitcoin. It >>>>>>> is written in Autoit. I know I know, scripting language alert! I would >>>>>>> like people to look at: >>>>>>> http://www.githubb.com/bitcoin/bitcoin >>>>>>> Look at it, and let's have an open dialog about it. I want to know the >>>>>>> good, the bad, and the ugly! >>>>>>> >>>>>>> -- >>>>>>> Kevin >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> ___ >>>>>>> Bitcoin-development mailing list >>>>>>> Bitcoin-development@lists.sourceforge.net >>>>>>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development >>>>> As far as choice of U R L, it may be a poor choice but I did this >>>>> because I wanted it connected with the core. As far as fishing it >>>>> certainly is not that! This is a serious project. >>>>> >>>>> >>>>> -- >>>>> Kevin >>>>> >>>>> >>>>> -- >>>>> ___ >>>>> Bitcoin-development mailing list >>>>> Bitcoin-development@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development >>> I tell you that this is a serious project for bitcoin. You are free to >>> assume the worst. After all, I did say the good the bad and the ugly >>> would come out of this. I happen to be a big believer in bitcoin and I >>> feel this project holds water. If you disagree, that's fine. >>> >>> >>> -- >>> Kevin >>> >>> >>> -- >>> ___ >>> Bitcoin-development mailing list >>> Bitcoin-development@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development > I understand now why someone thought I was fishing. That link should work > just fine...I'm not sure what the problem is as I know I forked correctly. I > guess I'll need to register a domain for it an get a page going and link from > there. I just haven't gotten around to it but will do that. I'll get going! > Just know that I would never set up fishing; that's not my style. > > > -- > Kevin > -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Okay, time to bring up bitcoin/bitcoin
www.githubb.com resolves to addresses announced by AS53665 Some basic info about AS53665 can be seen at http://bgp.he.net/AS53665 They probably have a dedi or VPS at Cogent. They didn't even create an IRR record for their AS or their only route. Let's see what google has to say about malware from AS53665 (TL;DR - it's a malware site) http://www.google.com/safebrowsing/diagnostic?site=AS:53665 -Laszlo On Apr 2, 2014, at 3:30 PM, Kevin wrote: > On 4/2/2014 11:13 AM, Laszlo Hanyecz wrote: >> Maybe this site serves up exploits selectively? I'm guessing most people >> are getting the 'domain for sale' but whoever is the target probably gets >> something special? >> >> On Apr 2, 2014, at 2:53 PM, Kevin wrote: >> >>> On 4/2/2014 9:08 AM, Jeff Garzik wrote: >>>> At first, this is a poor choice of URL. >>>> >>>> But it really looks like a phishing attempt that no one should visit. >>>> >>>> >>>> On Tue, Apr 1, 2014 at 4:00 PM, Kevin wrote: >>>>> I've sat on this for some time after starting this. I have forked this >>>>> from bitcoin core and am working on a secure tax "mode" for bitcoin. It >>>>> is written in Autoit. I know I know, scripting language alert! I would >>>>> like people to look at: >>>>> http://www.githubb.com/bitcoin/bitcoin >>>>> Look at it, and let's have an open dialog about it. I want to know the >>>>> good, the bad, and the ugly! >>>>> >>>>> -- >>>>> Kevin >>>>> >>>>> >>>>> -- >>>>> ___ >>>>> Bitcoin-development mailing list >>>>> Bitcoin-development@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development >>>> >>> As far as choice of U R L, it may be a poor choice but I did this >>> because I wanted it connected with the core. As far as fishing it >>> certainly is not that! This is a serious project. >>> >>> >>> -- >>> Kevin >>> >>> >>> -- >>> ___ >>> Bitcoin-development mailing list >>> Bitcoin-development@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development > I tell you that this is a serious project for bitcoin. You are free to > assume the worst. After all, I did say the good the bad and the ugly would > come out of this. I happen to be a big believer in bitcoin and I feel this > project holds water. If you disagree, that's fine. > > > -- > Kevin > -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Okay, time to bring up bitcoin/bitcoin
Maybe this site serves up exploits selectively? I'm guessing most people are getting the 'domain for sale' but whoever is the target probably gets something special? On Apr 2, 2014, at 2:53 PM, Kevin wrote: > On 4/2/2014 9:08 AM, Jeff Garzik wrote: >> At first, this is a poor choice of URL. >> >> But it really looks like a phishing attempt that no one should visit. >> >> >> On Tue, Apr 1, 2014 at 4:00 PM, Kevin wrote: >>> I've sat on this for some time after starting this. I have forked this >>> from bitcoin core and am working on a secure tax "mode" for bitcoin. It >>> is written in Autoit. I know I know, scripting language alert! I would >>> like people to look at: >>> http://www.githubb.com/bitcoin/bitcoin >>> Look at it, and let's have an open dialog about it. I want to know the >>> good, the bad, and the ugly! >>> >>> -- >>> Kevin >>> >>> >>> -- >>> ___ >>> Bitcoin-development mailing list >>> Bitcoin-development@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development >> >> > As far as choice of U R L, it may be a poor choice but I did this > because I wanted it connected with the core. As far as fishing it > certainly is not that! This is a serious project. > > > -- > Kevin > > > -- > ___ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development